The EFF’s Handy Cybersecurity FAQ Answers Many QuestionsBy: Chris Richardson - April 16, 2012
Considering the tumultuous atmosphere surrounding the concepts of cybersecurity and Internet regulation, all in the name of CISPA, the Electronic Frontier Foundation has released a FAQ discussing the privacy threat such pieces of legislation contain. After a quick glance at the document, it’s clear that if the government gets its way and CISPA passes as is, Internet privacy will be something we look back on, wondering how it got away from us so easily.
Aside from the intellectual property portions of CISPA, which now has an amendment attached to it, there are other privacy issues to be aware of, something the EFF’s FAQ discusses at length. It should be noted the EFF is at odds with much of what CISPA stands for, including the bill’s premise:
The bill purports to allow companies and the federal government to share information to prevent or defend from cyberattacks. However, the bill expressly authorizes monitoring of our private communications, and is written so broadly that it allows companies to hand over large swaths of personal information to the government with no judicial oversight—effectively creating a “cybersecurity” loophole in all existing privacy laws.
As you can see, the EFF’s initial position has nothing to do with overreaching methods of piracy prevention. They’re just as concerned with the privacy implications CISPA poses. One area of focus has to do with privacy surrounding emails, a right CISPA threatens:
Under CISPA, can a private company read my emails?
Yes. Under CISPA, any company can “use cybersecurity systems to identify and obtain cyber threat information to protect the rights and property” of the company. This phrase is being interpreted to mean monitoring your communications—including the contents of email or private messages on Facebook… Right now, well-established laws, like the Wiretap Act and the Electronic Communications Privacy Act, prevent companies from routinely monitoring your private communications… CISPA destroys these protections by declaring that any provision in CISPA is effective “notwithstanding any other law” and by creating a broad immunity for companies against both civil and criminal liability. This means companies can bypass all existing laws, as long as they claim a vague “cybersecurity” purpose.
How does that strike you? Hopefully, the fact that, by invoking CISPA, your private email and your social media accounts can be monitored by non-law enforcement officials is a scary one.
Furthermore, that, alone should be enough to oppose the bill, but the EFF continues with these personal communication warnings:
Under CISPA, can a company hand my communications over to the government without a warrant?
Yes. After collecting your communications, companies can then voluntarily hand them over to the government with no warrant or judicial oversight whatsoever as long is the communications have what the companies interpret to be “cyber threat information” in them. Once the government has your communications, they can read them too.
With that in mind, how does Facebook’s (among others) support for this bill strike you? Are you ready to boycott Zuckerberg’s omnipresent creation? Under the stipulations of CISPA, Facebook can hand over your messages and other account information without a warrant. If that doesn’t strike a little fear, or at least, give you pause about Facebook’s support of CISPA, I’m not sure anything will.
As for the intellectual property protections CISPA provided, a recent amendment implies some progress has been made on that particular front, but it’s not completely dead, either:
In response to the overwhelming protest from the Internet community that this bill would become a backdoor for SOPA 2, the bill authors have proposed an amendment that rids the bill of any reference to “intellectual property…” But it is important to remember that this proposed amendment is just that: proposed. The House has not voted it into the bill yet, so they still must follow through and remove it completely.
With intellectual property protections being potentially removed from CISPA, now the focus is on the potential invasions of privacy the bill represents. With that in mind, the EFF suggests you take the following steps, provided you’re a CISPA opponent:
What can I do to stop this bill?
It’s vital that concerned Internet users tell Congress to stop this bill. Use EFF’s action center to send an email to your Congress member urging them to oppose this bill.
Does the potential removal of “intellectual property” literature change your postion on the bill or is the threat to privacy CISPA potentially represents enough for you to maintain your opposition?