Congress gets Orwellian with privacy-sapping CISPA
By
    Screen shot of North by Northwestern site.
    What if our site looked like this? Screenshot from northbynorthwestern.com

    Government agencies are tracking your every move. From words you speak to the home you live in, nothing (and no one) is safe from the state’s all-seeing eye. Step out of line and the hard-swinging gavel of questionable justice could crush you in its wake.

    That’s the plot to George Orwell’s 1984, but reality may soon look eerily similar in the form of H.R. 3523, The Cyber Intelligence Sharing and Protection Act. CISPA – which passed the House 248-168 on April 26– is headed to the Senate for consideration, but what does that even mean?

    What will CISPA do? 

    As the text currently stands, CISPA seeks to achieve several ends:

    • Identify and obtain cyber threat information, defined very vaguely in the text as information that must directly lead to some kind of shortcoming in the system/network of an online entity.
    • Share information about threats between federal entities – like the Department of Homeland Security – and private firms, like companies with government contracts and select individuals with security clearance, chosen at the Director of National Intelligence’s discretion.
    • Provide immunity to all of these groups from being sued.

    Simply put, this will give the Department of Homeland Security blanket authority to pursue individuals based on information secretly gathered on the Internet. However, it will mean more than that. The guidelines for who receives access to this information (and for what duration) are unclear. Moreover, anyone given access also has absolute immunity in court regardless of the charge.

    The Obama Administration issued a statement intent on vetoing CISPA in its current form, citing that the legislation does not safeguard privacy enough. Even the administration is uncomfortable with the near free reign federal officials and private firms will be given by CISPA. Given its track record on privacy, that is less than comforting.

    What does this mean for me?  

    Ideally, nothing. However, the vague wording used in the bill makes it unbelievably sinister. Representative Jared Polis (D-Co.) debated that CISPA would, “waive every single privacy law ever enacted in the name of cybersecurity” by permitting government officials to actively spy on the American people. Though that is a bit of an exaggeration, the sentiment remains: Your information could be shared between government and private entities in the name of cybersecurity. Tumblr, email, Facebook – there would be no privacy setting to hide behind.

    And there’s no telling what will be done with the information gathered.  Without a clear set of actions available in the bill, it is entirely at the government’s discretion. If there were a breach of conduct that harmed you because of that information, there would be no way to seek reparations because of the blanket immunity CISPA grants.

    It is a chilling parallel to 1984: No privacy and no way to fight back against the government, regardless of whatever action manifests against you.

    Is this the new SOPA/PIPA?

    Not really. CISPA is not just SOPA with a new name: There is no clear provision in the bill for “voluntarily blocking access” to websites containing pirated/illegal material such as in SOPA, but the wording is still vague enough to be troubling. It also does not leave the burden of regulation to the website itself (more on that later). Also, CISPA does not enjoy the support of the Motion Picture Association of America or any other entertainment organization. However, that hasn’t hindered the bill’s progress.

    Who does/doesn’t support CISPA? Why?

    Organizations championing CISPA include the Internet Security Alliance and United States Chamber of Commerce. Those are just names, though.

    Telecommunications and IT heavyweights like AT&T, Verizon, IBM, Intel, Symantec, Facebook, Microsoft and Oracle Corporation (the company NU uses for CAESAR) have also pledged their support.

    Among these groups, Facebook sticks out. Not only is it the singular social media site among them, but it also vocally opposed SOPA and PIPA. However, the networking giant has come under fire before for lax regulating, especially about underage users. By siding with CISPA, this removes that weight from Facebook’s shoulders, especially with the company’s initial public offering on the horizon. That’s not speculation, either: Joel Kaplan, vice president of the company’s US Public Policy department, said as much in an April 13 statement.

    Oddly, SOPA dissenters like Google and Wikipedia have yet to officially side for or against the legislation, which could really affect the legislation’s momentum.

    In the other corner, Reddit, the Electronic Frontier Foundation (which also opposed SOPA and PIPA), Center for Democracy and Technology, American Civil Liberties Union, Reporters Without Borders and Mozilla have actively opposed CISPA in its current form, claiming that it infringes on civil liberties with little to no public oversight.

    The EFF has termed CISPA a “surveillance bill” because of the vague wording used: There is no clear timeline for how long data can be kept, nor is there a narrow definition of what a “cyber threat” is or what efforts will be taken against perceived threats. 

    Similarly, Tim Berners-Lee, the man credited for inventing the World Wide Web, opposes the legislation. The Guardian quoted him as saying, “[It] is threatening the rights of people in America, and effectively rights everywhere, because what happens in America tends to affect people all over the world. Even though the Sopa and Pipa acts were stopped by huge public outcry, it’s staggering how quickly the US government has come back with a new, different, threat to the rights of its citizens.”

    What’s next? 

    Having passed the House, CISPA will move next to the Democrat-controlled Senate where it will either be struck down or amended. In the meantime, CISPA will continue to gain support and dissent. Until then, watch out for the Thought Police.

    Comments

    blog comments powered by Disqus
    Please read our Comment Policy.