Worse than SOPA? CISPA to censor Web in name of cybersecurity
RT | April 4, 2012
As congressmen in Washington consider how to handle the ongoing issue of cyberattacks, some legislators have lent their support to a new act that, if passed, would let the government pry into the personal correspondence of anyone of their choosing.
H.R. 3523, a piece of legislation dubbed the Cyber Intelligence Sharing and Protection Act (or CISPA for short), has been created under the guise of being a necessary implement in America’s war against cyberattacks. But the vague verbiage contained within the pages of the paper could allow Congress to circumvent existing exemptions to online privacy laws and essentially monitor, censor and stop any online communication that it considers disruptive to the government or private parties. Critics have already come after CISPA for the capabilities that it will give to seemingly any federal entity that claims it is threatened by online interactions, but unlike the Stop Online Privacy Act and the Protect IP Acts that were discarded on the Capitol Building floor after incredibly successful online campaigns to crush them, widespread recognition of what the latest would-be law will do has yet to surface to the same degree.
Kendall Burman of the Center for Democracy and Technology tells RT that Congress is currently considering a number of cybersecurity bills that could eventually be voted into law, but for the group that largely advocates an open Internet, she warns that provisions within CISPA are reason to worry over what the realities could be if it ends up on the desk of President Barack Obama. So far CISPA has been introduced, referred and reported by the House Permanent Select Committee on Intelligence and expects to go before a vote in the first half of Congress within the coming weeks.
“We have a number of concerns with something like this bill that creates sort of a vast hole in the privacy law to allow government to receive these kinds of information,” explains Burman, who acknowledges that the bill, as written, allows the US government to involve itself into any online correspondence, current exemptions notwithstanding, if it believes there is reason to suspect cyber crime. As with other authoritarian attempts at censorship that have come through Congress in recent times, of course, the wording within the CISPA allows for the government to interpret the law in such a number of degrees that any online communication or interaction could be suspect and thus unknowingly monitored.
In a press release penned last month by the CDT, the group warned then that CISPA allows Internet Service Providers to “funnel private communications and related information back to the government without adequate privacy protections and controls.
The bill does not specify which agencies ISPs could disclose customer data to, but the structure and incentives in the bill raise a very real possibility that the National Security Agency or the DOD’s Cybercommand would be the primary recipient,” reads the warning.
The Electronic Frontier Foundation, another online advocacy group, has also sharply condemned CISPA for what it means for the future of the Internet. “It effectively creates a ‘cybersecurity’’ exemption to all existing laws,” explains the EFF, who add in a statement of their own that “There are almost no restrictions on what can be collected and how it can be used, provided a company can claim it was motivated by ‘cybersecurity purposes.’”
What does that mean? Both the EFF and CDT say an awfully lot. Some of the biggest corporations in the country, including service providers such as Google, Facebook, Twitter or AT&T, could copy confidential information and send them off to the Pentagon if pressured, as long as the government believes they have reason to suspect wrongdoing. In a summation of their own, the Congressional Research Service, a nonpartisan arm of the Library of Congress, explains that “efforts to degrade, disrupt or destroy” either “a system or network of a government or private entity” is reason enough for Washington to reach in and read any online communiqué of their choice.
The authors of CISPA say the bill has been made “To provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities,” but not before noting that the legislation could be used “and for other purposes,” as well — which, of course, are not defined.