Friday, April 20, 2012

Who's Buying CISPA and Selling Us Out?

Congress is currently considering CISPA – the Cyber Intelligence Sharing & Protection Act – a bill that purports to protect the United States from “cyber threats” but would in fact create a gaping loophole in all existing privacy laws. If CISPA passes, companies could vacuum up huge swaths of data on everyday Internet users and share it with the government without a court order. I oppose CISPA, and I’m calling on Congress to reject any legislation that:
  • Uses dangerously vague language to define the breadth of data that can be shared with the government.
  • Hands the reins of America’s cybersecurity defenses to the NSA, an agency with no transparency and little accountability.
  • Allows data shared with the government to be used for purposes unrelated to cybersecurity.
Join me in opposing this bill by posting this statement on your own page and using this online form to send a letter to Congress against CISPA.

For those who haven't yet read my previous column, here's a brief analysis from CNET. Others can skip ahead to Who's Selling Us Out?
CISPA's primary function is to remove legal barriers that might keep Internet companies from giving all your communication and information to the government. It allows "cyber entities" (such as Internet service providers, social networks like Facebook and cell phone companies like AT&T) to circumvent Internet privacy laws when they're pressured by Homeland Security to hand over or shut down -- well, almost anything of yours online that the government wants, no warrant needed.

Critics like the the Electronic Frontier Foundation and the Center for Democracy & Technology say CISPA's crazily vague wording makes it possible for the US government to take extreme measures against sites like The Pirate Bay and Wikileaks, and could extend to sites that publish Wikileaks-like information such as Guardian UK or The New York Times.

They're not that far off the mark with the Wikileaks association, given that Rep. Mike Rogers (R-MI), the bill's sponsor, appears to be out for blood with Manning. CISPA was drafted just after Rogers said an execution should be considered for Manning. The bill has been in revisions for nearly one and a half years now.

Similar to SOPA, CISPA guts citizens' online privacy protections but even more, it allows the US government to use Internet companies to access, intercept or stop the digital communications and online activity of any person - "for cybersecurity purposes."

Like SOPA, the bill tries to lump IP theft (and the threat of intellectual property theft) into the definitions of criminal cybersecurity protection.
Who's Selling Us Out?

Straight from the horse's mouth: Here's a list of corporate supporters of CISPA, courtesy of the U.S. House of Representatives Permanent Select Committee on Intelligence. Note this isn't all the corporate supporters, just those foolish enough to actually write a formal letter supporting the legislation. The list includes AT&T, Boeing, Facebook, IBM, Intel, Lockheed Martin, Microsoft, Symantec, the US Chamber of Commerce, and Verizon, among others.

Imagine how much fun the programmers at Facebook (social media), Microsoft (operating systems) and Symantec (anti-virus) will have if this becomes law. It may be time to get serious about Linux or buy a Mac, assuming Apple doesn't quickly fall from the liberty tree.

Digital Trends has gone even farther, deconstructing organizations such as the Business Roundtable and The Financial Services Roundtable to present a comprehensive list of over 800 companies that have directly or indirectly voiced their support for this legislation. They also point out that over three million businesses are members of the US Chamber of Commerce. Although it's unlikely that all three million support this legislation, they should be aware of what's being done in their name by an organization they actively support.

The troops on the other side of the line in the sand read like a Who's Who of civil liberty organizations: the Electronic Frontier Foundation, the American Civil Liberties Union, the Center for Democracy and Technology, The Constitution Project, Demand Progress, Engine Advocacy, Fight for the Future, Free Press, Reporters Without Borders, Techdirt, and TechFreedom, among others.

The White House has sort of come down in the anti-CISPA column, with a statement by National Security Council spokeswoman Caitlin Hayden that points out the civil liberties risk while complaining that the bill fails to protect critical national infrastructure.
Following a briefing with lawmakers and high-ranking security officials late Tuesday, the White House implicitly criticized the controversial Cyber Intelligence Sharing and Protection Act (CISPA), insinuating that the House cybersecurity bill fails to adequately protect critical national infrastructure, such as electrical grids and water supplies, and could threaten individual privacy and civil liberties.

CISPA would allow companies and the federal government to more easily share “cyber threat intelligence” with each other. But according to National Security Council spokeswoman Caitlin Hayden, the sharing of information is not enough to combat potential cyberattacks. Moreover, Hayden said that any cybersecurity legislation must also include “robust” protections for civil liberties, something a multitude of rights advocates say CISPA does not do.

“The nation’s critical infrastructure cyber vulnerabilities will not be addressed by information sharing alone,” Hayden told The Hill in a statement.

“Also, while information sharing legislation is an essential component of comprehensive legislation to address critical infrastructure risks, information sharing provisions must include robust safeguards to preserve the privacy and civil liberties of our citizens. Legislation without new authorities to address our nation’s critical infrastructure vulnerabilities, or legislation that would sacrifice the privacy of our citizens in the name of security, will not meet our nation’s urgent needs.”
Stop Cyber Spying Week

The Electronic Frontier Foundation has issued a call to action with Stop Cyber Spying Week. The goal of Stop Cyber Spying Week is simple: get Congress to back off of any cybersnooping legislation that sacrifices the civil liberties of Internet users. Here’s what you can do to help:
  1. Join the Twitter campaign – because Congress is vacuuming up Too Much Information.
  2. Send an email to Congress.
  3. Publish a statement opposing CISPA.
  4. Make your opposition to CISPA heard.
Details on each of the four steps, as well as links to help with those four tasks, are included at the link. Please get involved.

...and that's all I have to say about that. For now.


  1. As an agorist and a constituent of Mr. Rogers district(neighborhood), I was appalled when I read your article. I just got off the phone with his office after voicing my disgust.

    1. That's precisely the sort of reaction that I write to read about. Thanks for posting.

    2. No problem, this is exactly the sort of blog I've been looking for. I've been reading a lot of your past material over the last couple of days and it's fantastic. One recommendation for a topic you should cover: Bitcoin