EFF Reaffirms Why CISPA Is So BadBy: Zach Walton - April 18, 2012
I think we can all agree that CISPA is pretty rotten. It’s just another attempt at ramming Internet regulation ala SOPA through the gates to give a limited few an advantage while the online civil liberties of everybody else suffers. While I don’t need to tell you why it’s so bad, the people in Congress need to know.
The Electronic Frontier Foundation recently attached their names to two coalition letters that explain in great detail why CISPA is just so bad. The two letters address two different parts of the proposed legislation that are both equally miserable.
The first letter details the privacy concerns that many people have in regards to CISPA. I don’t think you need to be reminded, but it bears repeating why CISPA is such an affront to our privacy online. The letter reads:
CISPA creates an exception to all privacy laws to permit companies to share our information with each other and with the government in the name of cybersecurity. Although a carefully-crafted information sharing program that strictly limits the information to be shared and includes robust privacy safeguards could be an effective approach to cybersecurity, CISPA lacks such protections for individual rights. CISPA’s ‘information sharing’ regime allows the transfer of vast amounts of data, including sensitive information like internet use history or the content of emails, to any agency in the government including military and intelligence agencies like the National Security Agency or the Department of Defense Cyber Command. Once in government hands, this information can be used for any nonregulatory purpose so long as one significant purpose is for cybersecurity or to protect national security. These are not meaningful use restrictions: “national security” use is one of the problems, and the White House recognized this immense problem by precluding such use in its own cybersecurity proposal. While the bill requires the Director of National Intelligence Inspector General to issue annual reports on the government’s use of information shared with it under the bill, such reports would only be provided to congressional intelligence committees, and IG reports are no substitute for meaningful use restrictions and they will do nothing to dissuade companies from misusing personal information shared under this broad new program.
The letter is signed by the usual suspects fighting for online freedoms including the American Library Association, Consumer Watchdog and the National Whistleblower Center among others.
The other letter covers the less talked about portion of the bill. The fact that CISPA reduces government and corporate accountability by allowing both groups to share private information without alerting citizens that it’s being shared. The letter reads:
In the interest of encouraging private companies to share cybersecurity threat information, the bill unwisely and unnecessarily cuts off all public access to cyber threat information before the public and Congress have the chance to understand the types of information that are withheld under the bill. Much of the sensitive information private companies are likely to share with the government is already protected from disclosure under the FOIA. Other information that may be shared could be critical for the public to ensure its safety. The public needs access to some information to be able to assess whether the government is adequately combating cybersecurity threats and, when necessary, hold officials accountable.
Any effort to expand of the authority of the federal government to withhold information from the public should begin with careful consideration, including public hearings, by the House Oversight and Government Reform Committee, which has jurisdiction over FOIA. That Committee has the expertise needed to ensure that FOIA-related provisions promote transparency and public accountability while allowing the government to withhold only that information which truly requires protection.
There is a lot of overlap between these two letters as many of the same organizations joined the undersigned. Some of the new ones though include the American Society of News Editors, the Bill of Rights Defense Committee and the Entertainment Consumers Association.
While a lot of this is old news by now to the Internet minded folks among us, it hasn’t gotten as much coverage as SOPA and PIPA. I almost fear that unless another blackout happens that people just aren’t going to care. That’s why letters like this are so important. They may be addressed to representatives, but they should be read by all so they can make an informed decision.
If these letters have awoken the Internet crusader inside of you, check out the EFF’s #CongressTMI hashtag campaign. It’s a fun way to express your concerns to your representatives with a bit of humor and satire.