Trading privacy for security: on CISPA

On one hand, Congressional grillings of tech executives whose companies are found to have violated users’ privacy rights are practically commonplace. On the other hand, CISPA, the controversial bill scheduled for a House of Representatives vote Friday, calls for greater cooperation between government and companies in sharing data — including personally identifiable information of Internet users and classified government information — in the name of cybersecurity.

The Cyber Intelligence Sharing and Protection Act (PDF) is a bipartisan effort with reportedly 113 legislative co-sponsors whose aim is to fight online threats such as hackers, malware and cyberwar by having governments and companies share data without pesky obstacles such as court orders or other legal protections. For better or worse, technology has already allowed for the unprecedented collection of private citizens’ data. CISPA would take it a step further and allow easier access to all that information.

CISPA’s main sponsor, Rep. Mike Rogers, R-MI, and chairman of the House Intelligence Committee, told Talking Points Memo Monday that “we’ve had an open and transparent dialogue with everyone who has chosen to engage with us”; he has made changes to the bill; and he is confident it will pass.

Unlike the also-controversial SOPA (Stop Internet Piracy Act) and PIPA (Protect IP Act) copyright legislation, CISPA — whose critics have compared it to SOPA — also has the backing of many in the tech industry. Facebook, Intel, Oracle, Symantec and Microsoft have submitted letters of support, as has TechNet, which has many Silicon Valley tech companies as members, including Google. Google, a vocal opponent of SOPA, was reported to be “supportive” of CISPA. But a Google spokeswoman told GMSV in an email Monday: “We think this is an important issue and we’re watching the process closely but we haven’t taken a formal position on any specific legislation.”

CISPA is opposed by groups such as the Electronic Frontier Foundation, the ACLU and the Republican Liberty Caucus, among many others. Some of their arguments: The bill is too broad, and leaves the definition of things such as “cybersecurity” open to interpretation. It is unnecessary, because companies such as Facebook and Twitter already cooperate with the government when compelled to do so by a court order. Most importantly, the bill states that the government-business cooperation would occur “notwithstanding any other provision of law.” What this means, says the EFF on its Web page dedicated to fighting the bill, is “any existing legal protections of user privacy will be usurped by CISPA.” And to top it all off, the bill would not allow users to sue over any misuse of their data that results from all the sharing going on.

The Obama administration has also voiced its opposition to the bill, although it recently dispatched Homeland Security Secretary Janet Napolitano to Silicon Valley to promote tech partnerships with the government on cybersecurity issues. Alec Ross, a senior adviser for innovation to Secretary of State Hillary Clinton, told the Guardian that although the administration has called for “comprehensive cybersecurity legislation… we want legislation to come with necessary protections for individuals.”


Tags: , , , , , ,


Share this Post

  • ToNYC

    Government will fix it until it breaks. Ask Sean Egan and the Egan Jones Ratings Agency.

  • See the PBS mini-series “The Last Enemy”. This illustrates the issues quite well.

  • Scot MacInnes

    This is another agregious example of government over-reaching. They want to watch/monitor everything it citizens are doing. Seems to me, this is one of this issues that the original founding fathers crafted the constitution to guard against