Joel Kaplan, Facebook's vice president of U.S. public policy, wrote in a blog post last week that the company has "no intention" of sharing "sensitive personal information with the government in the name of protecting cybersecurity," explaining why the company is supporting CISPA but did not support SOPA, which would have required such sharing.
The question for privacy advocates is whether or not Facebook can be trusted.
"A company's promise that it will not abuse its authority to disclose user information is not legal protection for the public," said Evelyn Castillo-Bach, the founder of the private social networks Umenow.com and Collegiate Nation. "Facebook in particular is not well positioned to make any promises regarding its role in protecting privacy. Let's not forget that this is the same company with a long history of playing fast and loose with people's privacy settings, including allowing third-party apps and games to extract personal information and photos without consent."
The Cyber Intelligence Sharing and Protection Act of 2011 is a bigger, badder version of the Stop Online Piracy Act that was defeated earlier this year. One of the biggest differences this time around, however, is that some of the big tech companies that threatened to go dark if SOPA moved forward are jumping to support CISPA.
Privacy Advocates Want Clearer Rules
On Monday, ReadWriteWeb's Dan Rowinski wrote about everything you need to know about CISPA, but for our purposes, the biggest difference is that the tech companies would voluntarily share information with the government. The government also promises to warn tech companies about pending cyber attacks, which is the obvious incentive for companies like Facebook to support it.
"Facebook's main gripe with SOPA - that it stifled innovation and openness on the internet and forced companies like itself to provide the government with more access to private data of users - is apparently not an issue with CISPA," said Kate Brodock, Executive Director of Digital & Social Media at Syracuse University. "With no requirements to share data with the government, they are able to suggest that they will maintain their standards of safeguarding and protecting private data."
The problem is that the language of the bill is vague and leaves lots of issues unresolved or ill-defined. Castillo-Bach says she believes smaller social networks and social networks that put a premium on user privacy - such as the ones she runs - may be particularly vulnerable under certain interpretations of CISPA.
"CISPA would erode existing legal protections and leave the door wide open for the government to obligate companies to hand over sensitive personal information without a subpoena or warrant, with no rights accorded to the individual to sue the company for wrongfully targeting them for interception, and no right to know that one has been intercepted," she said. "This would undermine, if not altogether destroy, the ability of new startups with privacy-focused brands to exist or compete with the giant social networks, or other tech companies - that are ad-based, use tracking as a core feature of their business model, and don't have a strong commitment to genuine privacy protection, anonymity or total control of one's personal data and communication."
Don't Brace For the Big Fight
The anti-SOPA backlash was so strong that the bill, and its Senate counterpart, the Protect IP Act, were withdrawn in January. But with big tech - and big money - supporting CISPA, the opposition has more of a grassroots feel to it.
Sopatrack, which monitored contributions and positions of lawmakers on SOPA and PIPA, has been reconfigured to track CISPA positions and related campaign contributions. A new feature also tracks the percentage of time individual lawmakers vote "with the money."
According to Sopatrack, groups supporting CISPA have donated $31.6 million to lawmakers, as opposed to $2.4 million from groups opposing CISPA. On average, Congress votes "with the money" 73% of the time.
Images courtesy of Shutterstock.