CISPA, the New Enemy of the Internet

VigilantCitizen

A few months ago, the proposal of an anti-piracy bill by the name of SOPA caused a great deal of controversy and protest due to the fact that it allowed the snooping of web users while opening the door to the censorship of the internet. 

The proposal of this law caused companies and internet giants such as AOL, Facebook and Google to openly oppose the bill – some even went as far as making their sites “go dark” for a day as a form of protest. The bill was eventually shelved and internet users rejoiced. But it was a very temporary victory.  

A new law is set to make the internet a highly monitored place.

Were the anti-SOPA companies genuinely concerned about your privacy? Not really. SOPA simply went against their best interests as it placed the burden of internet surveillance on them.

Now, a new bill by the name of CISPA will be proposed this week and its unprecise wording will make legal all kinds of abuse against privacy and free speech. Is there outrage from internet giants or are there corporate websites going black? Not at all. In fact, several companies such as Facebook, Microsoft, Oracle, IBM, Intel, AT&T, Verizon openly support the bill.

“Whereas SOPA and PIPA were bad for many companies that do business on the Internet, and burdened them with the unholy task of policing the Web (or facing repercussions if they didn’t), this bill makes life easier for them; it removes regulations and the risk of getting sued for handing over our information to The Law. Not to mention doing what the bill says it’s going to do: protecting them from cyber threats.”
- Digital Trends, CISPA is not the new SOPA: Here’s why

With the support of big businesses, CISPA is receiving a lot less negative publicity and has a lot more chances to be adopted. It has been recently reported that the Obama administration is against CISPA – but that might not be enough to get it cancelled. Also, with elections coming soon, appearing to be against this controversial law while still having it adopted might be a simple political strategy.

Since companies are backing the law, it is up to the people to get their voices heard. Although different than SOPA, CISPA has all of the main components to turn the internet into a cyber-police-state. Here’s a good article describing CISPA.

As CISPA Nears A Vote, Can The Controversial Cyber-Security Legislation Be Stopped?

As controversial cyber security legislation nears a vote in the House this week, civil liberties groups and some politicians are lining up against the bill.

Critics of the Cyber Intelligence Sharing and Protection Act (CISPA) have likened it to previous bills, such as the Stop Online Piracy Act (SOPA) that was defeated in Congress earlier this year.

(You can read the full pdf text of CISPA here.)

Now, opposition to CISPA is growing more widespread with each passing day as more and more internet groups join forces to push back against what is seen as a serious threat to domestic privacy laws.

The Daily Kos has set up its own action against CISPA, and numerous groups such as the Electronic Frontier Foundation (EFF) have been at the forefront of the effort to halt what they see as a serious threat to American civil liberties.

The ACLU has described the bill as an even more pernicious SOPA, noting that the legislation “would give the government, including military spy agencies, unprecedented powers to snoop through people’s personal information — medical records, private emails, financial information — all without a warrant, proper oversight or limits.”

Meanwhile reddit, the site largely responsible for the groundswell of cyber-grassroots opposition to SOPA, has been overrun with discussions about this latest threat to online privacy.

The critics have a point, writes Timothy B. Lee (not to be confused with Tim Berners-Lee) at Ars Technica.

“CISPA is a solution in search of a problem. And it threatens to undermine important privacy protections.”

Politicians Come Out Against CISPA

Now, even the Obama Administration has come out against the bill, siding again with the forces of the internet against lawmakers.

“The Obama administration opposes Cispa,” Alec Ross, a senior adviser for innovation to Hillary Clinton, told the Guardian. “The president has called for comprehensive cybersecurity legislation. There is absolutely a need for comprehensive cybersecurity legislation.

“[But] part of what has been communicated to congressional committees is that we want legislation to come with necessary protections for individuals.”

Ross did not comment on whether Obama would veto the bill.

Presidential hopeful and staunch libertarian Ron Paul has come out against the legislation as well.

“CISPA permits both the federal government and private companies to view your private online communications without judicial oversight provided that they do so of course in the name of cybersecurity,” said the Texas Republican.

“Simply put, CISPA encourages some of our most successful internet companies to act as government spies, sowing distrust of social media and chilling communications in one segment of the world economy where Americans still lead.”

Critics of CISPA point out that the lawmakers responsible for bills that tinker with the internet rarely understand the technical side of the equation, whereas critics of this and earlier bills have a much stronger grasp not merely on the civil liberties aspects but on the way such bills could harm the internet itself.

The man many credit for “inventing” the internet, Tim Berners-Lee, has also come out against the bill, noting how quickly these sorts of bills resurface in Congress.

CISPA “is threatening the rights of people in America, and effectively rights everywhere, because what happens in America tends to affect people all over the world. Even though the SOPA and PIPA acts were stopped by huge public outcry, it’s staggering how quickly the US government has come back with a new, different, threat to the rights of its citizens,” Lee told The Guardian.

So what is CISPA, and what does it do?

Basically CISPA bypasses various laws that have been put in place to protect privacy. The legislation allows companies and government agencies to share “cyber threat information” with other private companies or the government “notwithstanding any other provision of law.”

Such broad strokes are always worrisome, especially given how fast and loose the term “threat” has become in recent years. What sort of private information could be used to prevent a cyber threat?

The Center for Democracy and Technology list four broad areas for concern:

• CISPA has a very broad, almost unlimited definition of the information that can be shared with government agencies and it supersedes all other privacy laws.
• CISPA is likely to lead to expansion of the government’s role in the monitoring of private communications.
• CISPA is likely to shift control of government cybersecurity efforts from civilian agencies to the military.
• Once the information is shared with the government, it wouldn’t have to be used for cybersecurity, but could instead be used for other purposes.

One imagines that almost anything could potentially be helpful in preventing a cyber attack. Emails, health records, online purchases. The language in the bill is so broad and leaves so much room to maneuver, that the sharing of private information could be excused or overlooked for almost any reason.

The truly perplexing thing about the bill is that a great deal of information is already routinely shared by companies and the government. The only difference between this information sharing and information sharing under CISPA is that there are currently safeguards in place to prevent abuse. CISPA strips those safeguards away in the name of cyber security.

But Is It SOPA?

Not quite, argues Ars Technica’s Tim Lee. “A better analogy is the 2008 FISA Amendment Act, which granted major telecommunications incumbents retroactive immunity for their participation in warrantless wiretapping and eliminated judicial oversight for a broad category of government surveillance.”

CISPA simply loosens already weak protections of privacy and does so with few, if any, restraints and little oversight. In other words, it’s just another piece of the security-state puzzle we’ve been cobbling together since 9/11 which already includes domestic surveillance, the possible detention of US citizens by the military, and numerous other assaults on individual liberty and privacy.

With SOPA, the “threat” was online piracy. With CISPA, the “threat” is much more vague. Does internet piracy itself constitute a cyber threat?

“And whereas SOPA pitted Silicon Valley against Hollywood, CISPA seems to have the support of many technology and Web-based companies, including Facebook, Microsoft, Symantec and IBM,” writes Forbes cyber-security guru Andy Greenberg.

While SOPA raised first amendment concerns, CISPA raises concerns about privacy. Still, privacy and free speech are not exactly mutually exclusive. Loss of privacy threatens free speech, and the loss of free speech is inevitably a loss of privacy.

The only silver lining at this point is that whereas the FAA passed during a time of political crisis, the anti-censorship forces and internet groups in opposition this time around are much better organized. The stunning defeat of SOPA and PIPA earlier this year illustrate just how far these groups, and the social media tools they wield, have come in a short span of time.

The Man Leading The CISPA Charge

The architect of the Cyber Intelligence Sharing and Protection Act is Michigan Rep. Mike Rogers, a Republican, along with his Democratic co-sponsor Rep. C.A. “Dutch” Ruppersberger of Maryland.

Despite the growing opposition to the bill, Rogers remains confident of its passage.

“I feel pretty confident that we’ll close out the bill,” Rogers told Talking Points Memo. “There is a strong chance that the bill will be passed [by the House this] week.”

While Rogers is stubbornly pursuing the bill in the face of White House opposition and the rising tide of anti-CISPA voices across the internet, he does say he’s willing to make changes.

“We’re open to change this bill right up until it comes to the House floor based on external input,” he told TPM.

What sort of changes remains unclear, but critics of CISPA should take this as a sign that mounting pressure could still have an affect on the bill, possibly leading to revised and more constrained language. Even so, the legislation does little to counter actual cyber threats, while opening the floodgates to all sorts of privacy concerns.

Time is running out for opponents of the bill.

Debate in the House will begin this Thursday, and a vote is scheduled for Friday. There are alternatives to the Rogers bill, such as a bill proposed by Rep. Dan Lungren (R-CA), that are less invasive and present a more careful, balanced, and targeted approach to cyber threats.

Cyber security is a legitimate government issue, but until the government starts talking to actual cyber security and tech experts, and takes the concerns of civil liberties groups seriously, we risk giving far too much away, once again, in our quest for an ever-elusive sense of security.

- Source: Forbes