Skip to main content

stopcispa



CISPA is back. Take action and contact your representatives at this Electronic Frontier Foundation action page.  Support the #StopCISPA and #CISPABlackout hashtags on Twitter.  Use the social media links at the top of this page to "like" and "tweet" this to spread the word.





Lawmakers Cite Boston Bombing, WikiLeaks "Hacking" as Reasons to Pass CISPA

But yesterday, when the House was debating the contentious bill, CISPA advocates didn’t seem to be paying attention to any of those issues. Rep. Mike McCaul, R-Texas, cited the Boston bombings while arguing for CISPA to be adopted. “In the case of Boston, they were real bombs,” McCaul said, adding that we also need to arm ourselves against “digital bombs. These bombs are on their way.” Similarly apocalyptic statements were made by Rep. Candice Miller, R-Mich., who made no mention of Boston, though argued that CISPA was needed to stop hackers in countries like Iran and North Korea from crippling American infrastructure and causing the destruction of American jobs. Rep. Dan Maffei, D-N.Y., even used the debate to take aim at WikiLeaks, bizarrely claiming CISPA was needed to stop the whistleblowing website from pursuing efforts to “hack into our nation’s power grid.”

In the aftermath of tragic events or amid heightened global tensions, it’s hardly unusual for lawmakers to make emotive appeals in pursuit of new national security powers. Public opinion in the aftermath of a distressing terror attack in particular can sway citizens in favor of handing the authorities more intrusive surveillance powers, as occurred in most Western democracies in the aftermath of 9/11 (the Patriot Act being just one example). In the case of CISPA, however, it is tenuous in the extreme to draw sweeping links between cyberattacks and pressure-cooker bombs tearing through a Boston street, or cyberattacks and WikiLeaks, or cyberattacks and whatever else is agitating U.S. lawmakers on a given day. Exploiting every perceived threat to counter a push for greater CISPA privacy protections is brazenly cynical—and, I’d argue, ultimately doomed to fail.

CISPA Passes House, Obama Veto Threat Likely Untrue Making Senate Key Battleground

Despite public statements to the contrary,  there are considerable doubts if President Obama would veto this bill. Obama made similar promises regarding NDAA which he broke when he signed the bill and made it law. If anything his veto threat is likely a smoke screen to slow down activists and help the bill advance.

President Barack Obama signed the National Defense Authorization Act of 2013 on Wednesday, despite his own threat to veto it over prohibitions on closing the Guantanamo Bay prison camp.
Security Experts: CISPA Not Needed, Would Do More Harm than Good
In their letter to lawmakers, the group of Internet engineers, security experts and academics said that passing CISPA would be a major mistake.

“We appreciate your interest in making our networks more secure, but passing legislation that suffers from the problems above would be a grave mistake for privacy and civil liberties, and will not be a step forward in making us safer,” they wrote.

But most of the web giants like Google and Facebook which opposed SOPA are now supporting CISPA.

Why? Probably because SOPA would have held them responsible for their users’ actions, while CISPA won’t make the web giants responsible.   In other words, they don’t have skin in the game this time around.

CISPA Moves To the House Floor, Still Deeply Flawed

Such a shift would be a sea change in cybersecurity policy and a threat to civil liberties.
[...]
Militarizing Cybersecurity and Putting It Behind the Intelligence Curtain. The federal government’s cybersecurity program for the private sector (other than defense contractors) has always been in civilian, not military hands. This is important because civilian control means more transparency and accountability. This builds trust, public acceptance and industry participation. Last year, the lead Senate cybersecurity bill (the “Lieberman bill”) would have clearly affirmed civilian control. The Administration endorsed the Senate bill as did the intelligence community. CISPA is the outlier on this issue: It declines to affirm civilian control and would thereby allow power and leadership to shift to the National Security Agency.

[...]

Military vs. Civilian Control. Instead of giving the lead to the Department of Homeland Security, a civilian agency charged with cybersecurity responsibilities for the private sector, CISPA marginalizes DHS. In fact, at mark-up the bill got worse on this issue. Under an amendment the Committee adopted, the Director of National Intelligence – not the Secretary of DHS – sets the information sharing rules for federal agencies throughout the government, and any civil liberties protections they might include. This affirms the shift of control of the cyber security program toward intelligence and military control, and away from the more transparent and accountable DHS.
[...]
Though the Intelligence Committee made improvements to CISPA, CDT opposes the legislation because it would shift control of the government’s cybersecurity program for private companies from civilian to military control, thus diminishing program transparency and accountability. The bill also fails to require companies to take reasonable steps to strip out irrelevant personally identifiable information before they share cyber threat information, pre-empts all law with uncertain results, and invites reckless and negligent cybersecurity decisions that could damage others’ networks.

Coalition Letter in Opposition to CISPA

April 15, 2013
Dear Representative:

Earlier this year, many of our organizations wrote to state our opposition to H.R. 624, the Cyber Intelligence Sharing and Protection Act of 2013 (CISPA). We write today to xpress our continued opposition to this bill following its markup by the House Permanent Select Committee on Intelligence (HPSCI). Although some amendments were adopted in markup to improve the bill’s privacy safeguards, these amendments were woefully inadequate to cure the civil liberties threats posed by this bill. In particular, we remain gravely concerned that despite the amendments, this bill will allow companies that hold very sensitive and personal information to liberally share it with the government, including with military agencies.

CISPA creates an exception to all privacy laws to permit companies to share our information with each other and with the government in the name of cybersecurity. Although a carefully-crafted information sharing program that strictly limits the information to be shared and includes robust privacy safeguards could be an effective approach to cybersecurity, CISPA lacks such protections for individual rights. CISPA’s information sharing regime allows the transfer of vast amounts of data, including sensitive information like internet records or the content of emails, to any agency in the government including military and intelligence agencies like the National Security Agency or the Department of Defense Cyber Command.

Developments over the last year make CISPA’s approach even more questionable than before. First, the President recently signed Executive Order 13636, which will increase information sharing from the government to the private sector. Information sharing in this direction is often cited as a substantial justification for CISPA and will proceed without legislation. Second, the cybersecurity legislation the Senate considered last year, S. 3414, included privacy protections for information sharing that are entirely absent from CISPA, and the Obama administration, including the intelligence ommunity, has confirmed that those protections would not inhibit cybersecurity programs. These included provisions to ensure that private companies send cyber threat information only to civilian agencies, and a requirement that companies make “reasonable efforts” to remove personal information that is unrelated to the cyber threat when sharing data with the government. Finally, witnesses at a hearing before the House Permanent Select Committee on Intelligence confirmed earlier this year that companies can strip out personally identifiably information that is not necessary to address cyber threats, and CISPA omits any requirement that reasonable efforts be undertaken to do so.

We continue to oppose CISPA and encourage you to vote ‘no.’

Sincerely,
Access
Advocacy for Principled Action in Government
American Arab Anti-Discrimination Committee
American Association of Law Libraries
American Civil Liberties Union
American Library Association

Note that Pelosi says "in its current form".

Nadler is good on a lot of issues. Notice how he hedges on CISPA by saying it "needs to be improved".  So based on these statements by Democrats, the veto threat is almost certainly not a full opposition to CISPA, but more like NDAA, pressure to tweak it.




EMAIL TO A FRIEND X
Your Email has been sent.
You must add at least one tag to this diary before publishing it.

Add keywords that describe this diary. Separate multiple keywords with commas.
Tagging tips - Search For Tags - Browse For Tags

?

More Tagging tips:

A tag is a way to search for this diary. If someone is searching for "Barack Obama," is this a diary they'd be trying to find?

Use a person's full name, without any title. Senator Obama may become President Obama, and Michelle Obama might run for office.

If your diary covers an election or elected official, use election tags, which are generally the state abbreviation followed by the office. CA-01 is the first district House seat. CA-Sen covers both senate races. NY-GOV covers the New York governor's race.

Tags do not compound: that is, "education reform" is a completely different tag from "education". A tag like "reform" alone is probably not meaningful.

Consider if one or more of these tags fits your diary: Civil Rights, Community, Congress, Culture, Economy, Education, Elections, Energy, Environment, Health Care, International, Labor, Law, Media, Meta, National Security, Science, Transportation, or White House. If your diary is specific to a state, consider adding the state (California, Texas, etc). Keep in mind, though, that there are many wonderful and important diaries that don't fit in any of these tags. Don't worry if yours doesn't.

You can add a private note to this diary when hotlisting it:
Are you sure you want to remove this diary from your hotlist?
Are you sure you want to remove your recommendation? You can only recommend a diary once, so you will not be able to re-recommend it afterwards.
Rescue this diary, and add a note:
Are you sure you want to remove this diary from Rescue?
Choose where to republish this diary. The diary will be added to the queue for that group. Publish it from the queue to make it appear.

You must be a member of a group to use this feature.

Add a quick update to your diary without changing the diary itself:
Are you sure you want to remove this diary?
(The diary will be removed from the site and returned to your drafts for further editing.)
(The diary will be removed.)
Are you sure you want to save these changes to the published diary?

Comment Preferences

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site