With the public’s attention focused on the tragedy in Boston, lawmakers have been quick to shuffle together the most invasive bill since the PATRIOT Act to quietly pass through the House. It is the offspring of SOPA and PIPA, and should receive just as much negative attention. CISPA, or Cyber Intelligence Sharing and Protection Act H.R. 624, gives the government the opportunity to undermine any online privacy one might have. The vote is slated for today.
CISPA is operating under the mask of cybersecurity. The idea is that it will provide private companies and the government a framework to exchange information about cyberattacks. The exchange is voluntary on behalf of the private company. If you don’t think that sounds too bad, the specifics of this bill is where it really hurts. CISPA allows sharing of personally identifying information, which means that even if the code is unrelated to a cyberattack, private companies can still share your identity and actions with the government. Once the government, namely the military and the NSA, gets that information, they can hold it and use it for up to five years. If your private information is misused, there is little to no recourse unless the action is provably “willful” or “intentional.” Bitcoin users, beware.
What makes CISPA even worse is that it strips consumers of their pre-existing contracts with these private companies. There is no responsibility to these contracts should the sharing of that information be related to a cyberattack, which is wholly under-defined in the CISPA legislation. Furthermore, it would permit companies to preemptively “hack” someone they considered to be a threat, directly violating the Fourth Amendment. In this instance, CISPA’s policy makers are sacrificing the rule of law for a slight increase in security. It’s not worth it.
There is hope, however, and from a most unexpected source.
While CISPA may pass the House of Representatives today, Obama openly declared that he will use his veto power to combat the bill. “Citizens have a right to know that corporations will be held accountable – and not granted immunity – for failing to safeguard personal information adequately,” the administration’s statement reads. “Moreover, the administration is confident that such measures can be crafted in a way that is not overly onerous or cost prohibitive on the businesses sending the information.” The statement also argued that “newly authorized information sharing for cybersecurity purposes from the private sector to the government should enter the government through a civilian agency, the Department of Homeland Security (DHS).”
Okay, so the DHS would not be my top pick for sharing information with the government. In fact, given DHS’s long history of unsuccessful crime fighting, I would be skeptical of their efficacy, and certainly want them as far away as possible from my private information. However, if the Obama administration needs this excuse to block CISPA, sounds good to me. Veto away, sir!
Should CISPA inspire you to want to keep your online information private, I recommend calling your representative right now. Also, EFF and TechFreedom have done a lot of very good work protecting your rights online; these advocacy groups should receive more libertarian endorsement and acknowledgement. Let’s hope that CISPA does not pass. If it does, welcome Big Brother! Nothing to see here.