Online advocates, fresh off their victory against the Stop Online Piracy Act, are now gearing up to oppose CISPA because of the disastrous effect the bill could have for private information on the internet. The bill’s opponents argue that it goes too far in the name of cybersecurity, endangering citizens’ personal online information by giving the government access to anything from users’ private emails to their browsing history.
As the fight in the Senate begins, here is everything you need to know about CISPA:
CISPA’s broad language will likely give the government access to anyone’s personal information with few privacy protections: CISPA allows the government access to any “information pertaining directly to a vulnerability of, or threat to, a system or network of a government or private entity.” There is little indication of what this information could include, and what it means to be ‘pertinent’ to cyber security. Without boundaries, any internet user’s personal, private information would likely be fair game for the government.
It supersedes all other provisions of the law protecting privacy: As the bill is currently written, CISPA would apply “notwithstanding any other provision of law.” In other words, privacy restrictions currently in place would not apply to CISPA. As a result, companies could disclose more personal information about users than necessary. Ars Technica writes, “if a company decides that your private emails, your browsing history, your health care records, or any other information would be helpful in dealing with a ‘cyber threat,’ the company can ignore laws that would otherwise limit its disclosure.”
The bill completely exempts itself from the Freedom of Information Act.
CISPA gives companies blanket immunity from future lawsuits
Recent revisions don’t go nearly far enough: In an attempt to specify how the government can use the information they collect, the House passed an amendment saying the data can only be used for: “1) cybersecurity; 2) investigation and prosecution of cybersecurity crimes; 3) protection of individuals from the danger of death or physical injury; 4) protection of minors from physical or psychological harm; and 5) protection of the national security of the United States.” This new version still “suffers from most of the same problems that plagued the original version,” writes Timothy Lee. Because terms like “cybersecurity” are so vague, the bill’s language could encompass almost anything.
Citizens have to trust that companies like Facebook won’t share your personal information.
Companies can already inform the government and each other about incoming cybersecurity threats.
The internet is fighting back: The same online activists who fought hard against SOPA are now engaged in the battle over CISPA. Over 770,000 people have signed a petition by the online organizing group Avaaz that asks Congress to defeat the bill. Reddit, the news-sharing internet community that helped lead the fight against SOPA, is organizing again around CISPA.
Most Republicans support CISPA, while most Democrats oppose it: The House passed CISPA on April 26 on a mostly-party-line vote, 248-168. Among congressmen that voted, 88 percent of Republicans supported the bill while 77 percent of Democrats opposed it.
President Obama threatened to veto it: Recognizing the threat to civil liberties that CISPA poses, President Obama announced this week that he “strongly opposes” the bill and has threatened to veto if it comes to his desk. Obama singled out the provisions that allow for blanket legal immunity and do not enough to safeguard citizens’ private information.