What if all of your online communication could be monitored and shared without a warrant? That’s what’s at stake if the latest version of CISPA, the controversial Cyber Intelligence Sharing and Protection Act, is approved by Congress.
After CISPA was shot down in 2012, a revised bill has been introduced that would let private companies and the government monitor Americans under the auspices of sharing intelligence about cyber threats. The intentions behind the bill may be noble, but the bill’s language is packed with privacy problems and vague notions that give the government big loopholes through which to watch what people say and do online.
(See also Obama, Cybersecurity And The Return Of CISPA)
In the wake of a spate of hacking attacks and talks between House Intelligence Committee Chairman (and CISPA co-author) Mike Rogers (R-Mich.) and the White House, the bill is seeing forward movement. Talks are centering on whether or not companies will be allowed to share peoples’ identities with the government. Those results, plus an upcoming special cybersecurity hearing by the House Committee on Homeland Security, will likely influence the bill, which is expected to make its way back to the House in April.
For or against, the lines in the sand are being drawn. Supporters include a slew of technology companies and interest groups. Dissenters comprise an equally deep set of advocacy organizations and Web heavyweights.
Here’s a quick breakdown of who is on which side:.
- AT&T:Interprets the bill as promoting “private sector innovation, and protects fundamental American values.”
- Facebook: Supports enhancing “the ability of companies like Facebook to address cyber threats” and feels the bill would not make the company share any more of its own data than is currently required.
- Comcast: “Preventing, detecting, deterring, and responding to cybersecurity threats are therefore fundamental requirements for our continued business success,” David L. Cohen, the company’s executive vice president wrote on February 13.
- IBM: CISPA “would greatly improve the government and private sector’s ability to mitigate cyber threats by enabling better information sharing,” Christopher Padilla, vice president, IBM Governmental Programs, wrote on February 13.
- Intel: Combating online threats requires “cooperative efforts of government and NGO stakeholders working together to improve cybersecurity in a way that promotes innovation and protects citizens’ privacy and civil liberties,” said Peter M. Cleveland, the company’s director of global policy.
- Time Warner Cable: The telecom giant supports the bill because it wants to protect its 15 million plus customers and feels CISPA enables a “shared responsibility born in partnership by the public and private sectors.”
- Verizon: Echoing other support sentiments, the company is pushing for the bill to bridge the private-public sectors and be able to share data to “secure private networks” and protect customers.
- Oracle: Supported last year’s version of the bill, stating that CISPA would remove the legal obstacles inherent in sharing data with the government.
- Symantec: Defending information sharing, the company wrote in 2012 that this tactic is “not an end goal, but rather a situational tool to provide awareness.”
- Microsoft: Previously vocal in its support that the bill would “eliminate barriers and disincentives that currently prevent effective information sharing to guard against cyber attacks.” Since then, Microsoft has clarified its position to say that it would move to “ensure the final legislation helps to tackle the real threat of cybercrime while protecting consumer privacy.”
- Google: The Mountain View company tried to steer away from taking a public stand, but last year, lawmakers in Washington alluded to having Google’s support.
Other notable supporters include the U.S. Chamber of Commerce, USTelecom, the Broadband Association, Edison Electric Institute, Financial Joint Trades, Financial Services Roundtable, Internet Security Alliance, Juniper Networks, National Cable & Telecommunications Association and TechAmerica.
- American Civil Liberties Union: “The bill would create a loophole in all existing privacy laws, allowing companies to share Internet users’ data with the National Security Agency, part of the Department of Defense, and the biggest spy agency in the world—without any legal oversight,” the ACLU warned in 2012. With the new version still failing to addressing these concerns, the organization is asking supporters to sign its petition calling for the President to veto the bill.
- Electronic Frontier Foundation: When CISPA was reintroduced in February 2013, the EFF joined the ACLU and Fight for the Future in combat. The Internet advocacy group is vehemently against the bill for a slew of reasons, including that it gives companies the right to monitor users and share that data with the government without a warrant. Transparency and accountability are also undefined by the bill, which creates a “broad immunity from legal liability for monitoring, acquiring, or sharing” communication and overriding “privacy laws like the Wiretap Act and the Stored Communications Act.
- Center For Democracy And Technology: The Center’s serious concerns include an “unlimited definition of the information that can be shared with government agencies notwithstanding privacy and other laws,” which the CDT says will likely “shift control of government cybersecurity efforts from civilian agencies to the military.”
- Cato Institute: The public policy institute raises issues of hype and misinformation related to cybercrime causing a skewed perception of the problem. “Among dozens of surveys, from security vendors, industry analysts and government agencies, we have not found one that appears free of this upward bias.”
- Fight For The Future: The non-profit has setup a site to inform and protest the bill, calling CISPA “the end of meaningful privacy for anyone with personal data on U.S. based services.”
- Free Press: The media reform group acknowledges the need for protection, but warns> “CISPA could lead all too easily to governmental and corporate violations of our privacy and attacks on our right to speak freely via the Internet.”
- Mozilla: In a 2012 interview with Forbes, Mozilla’s privacy and public policy office called the language of the bill broad and alarming and said it “infringes against our privacy.”
- Cheezburger Inc.: Chief Executive Ben Huh told ProPublica in 2012 that CISPA is “SOPA’s cousin who works for the CIA.”
- Reddit: Although previously undecided, on Friday at SXSW, Reddit founder Alexis Ohanian called his local congressman to protest CISPA. He says he won’t invest in Facebook because of the company’s support.
- The White House:Last year, the President voiced his strong opposition to the bill, saying it failed to bridge the gap between privacy concerns and limiting sharing of personal information. “Citizens have a right to know that corporations will be held legally accountable for failing to safeguard personal information adequately. The government, rather than establishing a new antitrust exemption under this bill, should ensure that information is not shared for anti-competitive purposes.” However, with Obama’s new cybersecurity mandate and renewed talks and pressure from the House Intelligence Committee, that position could change.
Other individuals and organizations opposed to CISPA include Tim Berners-Lee, Bruce Schneier, Ron Paul, Demand Progress, Entertainment Consumers Association, Free Market Coalition, Reporters Without Borders, Access Now, Sunlight Foundation and the American Library Association.
One major online player missing-in-action stance wise is Twitter. While the microblogging platform is a hotbed of activism and campaigns for both sides, the company itself has not taken a public stand.
Tell us in comments: Where do you stand?