[FSFTN] What Everyone Needs to Know About CISPA!!!

[Shanu]

Yet another monstrous law in the line...

http://readersupportednews.org/opinion2/304-justice/11187-what-everyone-needs-to-know-about-cispa

What Everyone Needs to Know About CISPA
By Annie-Rose Strasser, Scott Keyes, ThinkProgress
29 April 12


Congress is on the cusp of passing a new bill that could threaten any
internet user's civil liberties. The Cyber Intelligence Sharing and
Protection Act, a digital equivalent of allowing the government to
fight perceived threats by monitoring which books citizens check out
from the library, passed the House yesterday and will now be taken up
by the Senate.

Online advocates, fresh off their victory against the Stop Online
Piracy Act, are now gearing up to oppose CISPA because of the
disastrous effect the bill could have for private information on the
internet. The bill's opponents argue that it goes too far in the name
of cybersecurity, endangering citizens' personal online information by
giving the government access to anything from users' private emails to
their browsing history.

As the fight in the Senate begins, here is everything you need to know
about CISPA:

CISPA's broad language will likely give the government access to
anyone's personal information with few privacy protections: CISPA
allows the government access to any "information pertaining directly
to a vulnerability of, or threat to, a system or network of a
government or private entity." There is little indication of what this
information could include, and what it means to be ‘pertinent' to
cyber security. Without boundaries, any internet user's personal,
private information would likely be fair game for the government.

It supersedes all other provisions of the law protecting privacy: As
the bill is currently written, CISPA would apply "notwithstanding any
other provision of law." In other words, privacy restrictions
currently in place would not apply to CISPA. As a result, companies
could disclose more personal information about users than necessary.
Ars Technica writes, "if a company decides that your private emails,
your browsing history, your health care records, or any other
information would be helpful in dealing with a ‘cyber threat,' the
company can ignore laws that would otherwise limit its disclosure."

The bill completely exempts itself from the Freedom of Information
Act: Citizens and journalists have access to most things the
government does via the Freedom of Information Act (FOIA), a key tool
for increasing transparency. However, CISPA completely exempts itself
from FOIA requests. The Sunlight Foundation blasted CISPA for
"entirely" dismissing FOIA's "fundamental safeguard for public
oversight of government's activities."

CISPA gives companies blanket immunity from future lawsuits: One of
the most egregious aspects of CISPA is that it gives blanket legal
immunity to any company that shares its customers' private
information. In other words, if Microsoft were to share your browsing
history with the government despite your posing no security threat,
you would be barred from filing a lawsuit against them. Without any
legal recourse for citizens to take against corporate bad behavior,
companies will be far more inclined to share private information.

Recent revisions don't go nearly far enough: In an attempt to specify
how the government can use the information they collect, the House
passed an amendment saying the data can only be used for: "1)
cybersecurity; 2) investigation and prosecution of cybersecurity
crimes; 3) protection of individuals from the danger of death or
physical injury; 4) protection of minors from physical or
psychological harm; and 5) protection of the national security of the
United States." This new version still "suffers from most of the same
problems that plagued the original version," writes Timothy Lee.
Because terms like "cybersecurity" are so vague, the bill's language
could encompass almost anything.

Citizens have to trust that companies like Facebook won't share your
personal information: CISPA does not force companies share private
user information with the government. That being said, Ars Technica
makes the point that "the government has a variety of carrots and
sticks it can use to induce private firms to share information it
wants." For instance, many companies receive federal contracts or
subsidies and would be hesitant to deny any request from the
government that might jeopardize future business. Companies may not be
legally required to turn over information, but they "may not be in a
position to say no."

Companies can already inform the government and each other about
incoming cybersecurity threats: While proponents of CISPA claim it's
needed to allow agencies and companies to share information about
incoming cybersecurity threats, opponents of the bill point out that
"network administrators and security researchers at private firms have
shared threat information with one another for decades."

The internet is fighting back: The same online activists who fought
hard against SOPA are now engaged in the battle over CISPA. Over
770,000 people have signed a petition by the online organizing group
Avaaz that asks Congress to defeat the bill. Reddit, the news-sharing
internet community that helped lead the fight against SOPA, is
organizing again around CISPA.

Most Republicans support CISPA, while most Democrats oppose it: The
House passed CISPA on April 26 on a mostly-party-line vote, 248-168.
Among congressmen that voted, 88 percent of Republicans supported the
bill while 77 percent of Democrats opposed it.

President Obama threatened to veto it: Recognizing the threat to civil
liberties that CISPA poses, President Obama announced this week that
he "strongly opposes" the bill and has threatened to veto if it comes
to his desk. Obama singled out the provisions that allow for blanket
legal immunity and do not enough to safeguard citizens' private
information.



-- 
Thank you,

Shanu S Sukoor
---------------------------------------------
Please do not send me Microsoft Office/Apple iWork documents. Send
OpenDocument instead!