"If you thought the Stop Online Piracy Act (a.k.a. SOPA) was scary, wait until you get a load of this. It’s called the Cyber Intelligence Sharing and Protection Act, or CISPA. Unlike SOPA, which would have empowered private companies to take preemptive action against sites merely suspected of copyright infringement, this new bill takes it a step further.
In a purported effort “[t]o provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities, and for other purposes,” CISPA threatens to take the targets of failed bills SOPA and PIPA and, instead of bypassing due process as would have been the case under that pair of bills, allow them to be labeled as threats to national security. That is, instead of having a site that allegedly infringes on another’s copyright protections shut down without filing so much as a court complaint, this bill would allow the clandestine intelligence apparatus of the U.S. to turn its traditionally external gaze inward.
This is done by the amendment that CISPA would make to the National Security Act of 1947 by—and this is according to the Congressional Research Service’s official summary of the bill—“add[ing] provisions concerning cyber threat intelligence and information sharing.”
The primary term of concern is “cyber threat intelligence” and its disconcertingly broad meaning. Borrowing again from the CRS’s official summary, the following explanation is given regarding CISPA’s definition of this term (emphasis added):
Defines “cyber threat intelligence” as information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from: (1) efforts to degrade, disrupt, or destroy such system or network; or (2) theft or misappropriation of private or government information, intellectual property, or personally identifiable information.
From SOPA To CISPA
Quite predictably, the provisions emphasized above are of particular concern to those of us interested in maintaining a clear legal protection of personal privacy. By establishing a basis for a relationship between the National Security Agency (NSA) and private entities, the act would leave the door open for the type of due process violations that led Internet activists to organize the historic SOPA Blackout Day protest just a few months ago. What makes this piece of legislation particularly ominous, however, is the fact that it allows all of this information gathering and sharing to be done covertly.The use of such sweeping language to define the bill’s key terms leaves the lion’s share of CISPA’s power to the discretion of an agency so secretive that even Congress has a difficult time getting answers without being blocked by a state secrets claim. As such, a potential interpretation of the bill could not only bring the entire globe within the purview of NSA surveillance—subjecting any and all personal online communications or activity to potential monitoring—but, according to Raw Story senior editor Stephen Webster, could also lead to “NSA wiretapping [of] publications like The New York Times, The Guardian and Wikileaks in the likely event that they obtain classified, secret or otherwise inconvenient information on governments or corporations.”
Webster goes on to inform us that companies including AT&T, Microsoft, Facebook, Intel, and others have already publicly expressed their support for CISPA. Meanwhile, despite being originally introduced all the way back in November, CISPA still hasn’t quite entered the public discourse, which serves to explain the current lack of public outrage to a bill the poses to make SOPA and PIPA pale in comparison."
No comments:
Post a Comment