Author and journalist Katie Pavlich talks to Glenn Reynolds about the Fast and Furious firearms scandal that resulted in the murder of a Border Patrol agent. Pavlich’s research shows that the ATF put guns in the hands of criminals, but never planned to track these weapons. Was the Obama Administration using Fast and Furious to undermine the Second Amendment?
The U.S. House of Representatives passed the Cyber Information and Security Protection Act late Thursday despite concerns over user privacy, the specter of SOPA/PIPA, and a veto threat from the Obama administration. The idea behind CISPA is to empower the government and corporations to work together to better protect American infrastructure from foreign attacks. But many civil liberties groups say the bill is too broad and threatens user privacy.
The Center for Democracy and Technology said it is “disappointed that CISPA passed the House in such flawed form.” And the Electronic Frontier Foundation condemned the vote, saying it “would allow companies to bypass all existing privacy law to spy on communications and pass sensitive user data to the government.”
There’s little doubt that online security is a serious issue for large corporations. Recent reports of online security breaches have involved such high-profile targets as Google, security firm RSA, Verisign, and credit card processing company Global Payments. But whether CISPA is the right legislation to tackle those concerns is hotly debated.
So what is CISPA? Should you be concerned about this legislation? Here’s what you need to know.
What Does CISPA Do? (view infographic (NCTP post))
CISPA allows the government to share classified information about security threats with select American companies. These corporations can then use that information to better protect their infrastructure such as computer networks containing intellectual property and trade secrets. The bill also allows corporations to share information relating to cyber security with the authorities and protects those companies against privacy lawsuits. Critics say an Internet Service Provider would be free to share a customer’s private communications such as e-mail and instant messages without a court order if the information related to a cyber security concern.
CISPA allows this information to be used not only to protect against cyber attacks, but also to protect individuals from bodily harm, protect children from sexual exploitation, and for general American national security.
CISPA would shield companies from privacy-related lawsuits brought by customers. And corporations could share information relating to cyber security with each other without fear of the government bringing an antitrust suit against them.
Created by: Paralegal
SOPA and PIPA were about intellectual property, and allowed courts to remove DNS listings for any website hosting pirated content. CISPA is meanwhile about security, and makes it possible for companies to share user information with the U.S. government (and vice versa) if the parties believe it is needed for the greater cyber security good.
As with many bills, CISPA has room for abuse. It “means a company like Google, Facebook, Twitter, or AT&T could intercept your emails and text messages, send copies to one another and to the government, and modify those communications or prevent them from reaching their destination if it fits into their plan to stop ‘cybersecurity’ threats,” an EFF spokesperson said in a statement. “Worst of all, the stated definition of ‘cybersecurity purpose’ is so broad that it leaves the door open to censor any speech that a company believes would ‘degrade the network.’”
That’s the main point, but CISPA also includes portions about protecting intellectual property, reminding many of SOPA and PIPA. If an IP thief is considered a threat to cyber security, then his website, or where he posted the content, could technically be blocked by CISPA. If a government agency believed you were planning a cyber attack, and were discussing it on Facebook, it could ask the social networking giant for every piece of information about you.
Facebook could, of course, say no. That’s important to emphasize. The bill would not force Facebook to hand over all the data it normally does when it legally has to (Here’s what Facebook sends the cops in response to a subpoena).
“Parts of the proposed legislation specifically state that cybersecurity purpose includes protecting against the ‘theft or misappropriation of private or government information’ including ‘intellectual property,’” an EFF spokesperson said in a statement. “Such sweeping language would give companies and the government new powers to monitor and censor communications for copyright infringement. It could also be a powerful weapon to use against whistleblower websites like WikiLeaks.”
CISPA currently has over 100 co-sponsors in Congress and 28 corporate supporters (full list), one of which is Facebook. I asked Facebook for a statement regarding its support, but the company declined to comment on this article. Instead, a spokesperson pointed me to Facebook’s letter about the bill (PDF).
READ THE 11 PAGE BILL (pdf)
Additional reading for the curious: The Coming Age of Internetocracy: “Internetocracy is a new political movement whose mission is to empower each citizen to directly table and decide legislation by enabling them through social networking, personal broadcasting, and other internet technologies.”
(NC TEA Party is not endorsing this movement.)