Pro-privacy community rallies for CISPA reboot

    1 of 1 2 of 1

      The Cyber Intelligence Sharing and Protection Act (CISPA) passed the U.S. House of Representatives last week, after a last-minute amendment that some have argued will allow for even broader application of the bill. It is now awaiting a vote in the Senate, though the Senators don’t seem to be in any hurry to get to it. In fact, the ACLU is claiming that the Senate will almost certainly kill the bill. But that doesn’t mean we can rest easy; CISPA has been resurrected in the past.

      And its supporters are gearing up for a fight. Despite strong opposition these policymakers are ready to exploit national tragedies and other hard-hitting news stories to justify these invasive and poorly thought-out bills that, as Techdirt argues, “severely undermine Internet freedom and threaten the Internet's role as a place of political and creative expression”.

      Why should we be worried about CISPA?

      CISPA—which on the surface is meant to allow for voluntary information sharing between private companies and the government in the event of a cyber attack—is a surveillance bill that is dangerously lacking in transparency and oversight.

      It allows private companies to get around various laws that were designed to protect user information; allows corporations to ‘hack back’ against vaguely defined ‘perceived threats’ (regardless of the potential negative repercussions on Internet users); and as the ACLU argues, it basically nullifies every privacy policy online, despite the fact that industry leaders themselves have said that the sharing of ‘private information’ is not necessary for cybersecurity. As Fight for the Future have explained, this would turn websites into government spies.

      And what, exactly, is meant by ‘private information’? Well, it’s incredibly broad. According to the EFF, this could allow "your communications service providers to share your emails and text messages with the government, or your cloud storage company could share your stored files."

      Concerning new developments

      In an attempt to placate privacy advocates, the bill's sponsors, Reps. Mike Rogers and Dutch Ruppersberger, introduced an amendment that would require the government to anonymize any data that is turned over to a private company. Unfortunately, however, private companies are not required to do the same.

      The White House vetoed a previous version of CISPA last year, citing the lack of protection for individuals’ privacy. Similar problems in the latest version of the bill have prompted the White House to threaten a veto this time around as well. However a presidential veto shouldn’t give us too much confidence, as reports this week suggest the Obama administration may already have a secret CISPA-like spying program underway.

      How would Canadians be affected?

      This isn’t just an issue for the U.S.—CISPA has global implications, especially for Canadians. Canada’s online spying bill was likely tabled to keep in step with what’s happening in the States, and Bill C-12 can be seen as Canada’s version of CISPA. In addition, the ‘Perimeter Security’ deal between Canada and the U.S. may mean that Canada will have to meet whatever U.S. cybersecurity (read: online spying) regime is ultimately adopted.

      So if CISPA passes the U.S. Senate, we might expect to see Canada’s own spying bill resurrected, and our private information shared with authorities across the border.

      Next steps for the pro-privacy community

      A previous version of CISPA passed the House, but was stopped in the Senate. Now that the latest version has reached the Senate, the pro-privacy community needs to keep up the pressure and make sure CISPA is killed again.

      We’ve been working hard to voice loud opposition to this spying bill alongside other members of the international Internet freedom community like the EFF, Fight for the Future, the Centre for Democracy and Technology, Demand Progress and the ACLU. And it looks like it’s working. But we can’t let up yet; the ACLU has suggested that, if CISPA doesn’t pass, the issues will probably be divided up and drafted into new bills, meaning we need to watch out for “CISPA-lite” in the future.