When I think of the new Cyber Intelligence Sharing and Protection Act (CISPA) bill that passed the House Intelligence Committee I think of the scene from the film “Enemy of the State” where Congressman Phillip Hammersley (played by the late Jason Robards) says:
“Telecommunications Security and Privacy Act. Invasion of privacy is more like it. – You read the Post? ‘This bill is not the first step towards the surveillance society. It is the surveillance society.'”
Where the “Telecommunications Security and Privacy Act” is a cinematic construct, CISPA is not. The CISPA bill, which will is expected to be argued in the next couple of days, allows for more collaboration between the Pentagon and private companies who manage tons of customer data. This means that if this bill is signed into law, the federal government can go to a private company like Google and ask them for information over recent cyberattacks that Google may have fended off. This information could help the government shore up its own security and be prepared for future attacks.
Of course, CISPA covers more than just this type of cybersecurity. The government can knock on a private company’s door if it is investigating and prosecuting cybersecurity crimes, protecting others from danger of death or bodily harm, if it is protecting minors from exploitation from child pornography or similar risks such as human trafficking or kidnapping or if there is a threat to national security. You can read the text of the CISPA bill here (PDF).
Yes, this is extremely broad.
Other Issues with CISPA
The American Civil Liberties Union (ACLU) also looks at the issue of whether or not personally identifiable information (PII) should be included as part of this cyberattack intelligence. Many securities experts say PII should not need to be transmitted but Congress members are trying to include it. The ACLU is also questioning the attempt to immunize private companies from sharing this data.
Anonymous is calling for a one-day Internet blackout on Monday, April 22, 2013 to raise awareness of CISPA and to send a message to private companies that are supporting CISPA.
There is a STOP CISPA petition on Change.org which already has over 160,000 signatures.
Will you be joining the blackout on April 22?