:)Mnar
Frederick Reese
UPDATE 4/18: The House has approved the Cyber Intelligence Sharing and Protection Act (CISPA) in a largely party-line vote, 227 to 192, and the legislation is now headed to the Senate, where the Democrats filibustered the 2012 version of the bill in the previous session. The House has moved to reject all amendments to the cyber-information sharing bill offered by Rep. C.A. “Dutch” Ruppersberger to appease the White House, assuring that the bill will likely be vetoed should it pass the Senate.
CISPA passed the House bipartisanly last year, suggesting that support for this bill has collapsed.
In a statement issued Tuesday, senior advisors to President Obama has indicated that they will advise the president to reject the Cyber Intelligence Sharing and Protection Act (CISPA), which is stated to “allow elements of the intelligence community to share cyber threat intelligence to private-sector entities and utilities and to encourage the sharing of such intelligence … consistent with the need to protect the national security of the United States….”
“The Administration recognizes and appreciates that the House Permanent Select Committee on Intelligence (HPSCI) adopted several amendments to H.R. 624 in an effort to incorporate the Administration’s important substantive concerns. However, the Administration still seeks additional improvements and if the bill, as currently crafted, were presented to the President, his senior advisors would recommend that he veto the bill,” the statement, issued by the Executive Office of the President’s Office of Management and Budget (OMB), reads in part.
The bill passed the House Intelligence Committee last Wednesday by a vote of 18 to 2. The House is scheduled to consider the legislation on the floor this week. The bill originally was considered during the previous session, but the session ended without legislators agreeing on any iteration of the bill. The White House indicated that a veto was likely for the bill then, as well.
What is CISPA?
CISPA, an amendment to the National Security Act of 1947, would permit sharing of Internet traffic information between the federal government and various technology and telecommunication companies.
The bill, in effect, would classify cyber threat intelligence as “information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from either ‘efforts to degrade, disrupt, or destroy such system or network’; or ‘theft or misappropriation of private or government information, intellectual property, or personally identifiable information.'” The availability of such intelligence to the government would facilitate the prosecution of intellectual property thefts, copyright violations, network intrusions and “unauthorized access” issues.
In support of CISPA
More than 800 private companies and public organizations have lobbied for the passage of this bill or have came forward in public support of it. Facebook wrote in a letter to Rep. Dutch Ruppersberger (D-Md.), “Effective security requires private and public sector cooperation, and successful cooperation necessitates information sharing. Your legislation removes burdensome rules that currently can inhibit protection of the cyber ecosystem, and helps provide a more established structure for sharing within the cyber community while still respecting the privacy rights and expectations of our users.”
Verizon said in a press release, “Coordination and information-sharing are now accepted — and expected — practices in preventing crimes that seek to damage critical infrastructure, such as communications networks. This legislation enables private sector entities to defend their and their customers’ networks, allows them to share cyber-threat data with others in the private sector and the U.S. Government, and improves our nation’s ability to identify and mitigate cyber threats before they can do damage.” Symantec, in its letter of support, echoes the need of zero liability for sharing information: “In order for information sharing to be effective, information must be shared in a timely manner, with the right people or organizations, and with the understanding that so long as an entity shares information in good faith, it will not be faced with legal liability.”
AT&T, Boeing, Edison Electric, IBM, Intel, Lockheed Martin, Microsoft, the National Cable & Telecommunications Association, Oracle and the U.S. Chamber of Commerce have all filed public calls of support for CISPA.
In opposition to CISPA
However, the calls in opposition to CISPA have been just as loud as the calls for it. Besides the White House’s opposition, Aaron Swartz, the co-founder of Reddit.com, called CISPA “incredibly broad and dangerous” in an interview with Russia Today (RT) last year. Swartz committed suicide earlier this year in response to a federal charge relating to the alleged break-in to the Massachusetts Institute of Technology’s (MIT) computer network with the purpose of downloading journals from the online repository JSTOR. RT has called CISPA “worse than SOPA (Stop Online Piracy Act).”
Former Rep. Ron Paul (R-Texas) called CISPA “Big Brother writ large.” The American Civil Liberties Union stated: “The Cyber Intelligence Sharing and Protection Act would create a cybersecurity exception to all privacy laws and allow companies to share the private and personal data they hold on their American customers with the government for cybersecurity purposes … Beyond the potential for massive data collection authorization, the bill would provide no meaningful oversight of, or accountability for, the use of these new information-sharing authorities.”
In a letter to their colleagues, Reps. Anna Eshoo (D-Calif.), Rush Holt (D-N.J.), Janice Schakowsky (D-Ill.) and Adam Schiff (D-Calif.) have said that CISPA “unacceptably and unnecessarily compromises the privacy interests of Americans online.”
Demand Progress stated that “The Cyber Intelligence Sharing and Protection Act, or CISPA, would obliterate any semblance of online privacy in the United States.” Reporters Without Borders has echoed this sentiment: “Reporters Without Borders is deeply concerned with the Cyber Intelligence Sharing and Protection Act of 2011 (CISPA), the cyber security bill now before the U.S. Congress. In the name of the war on cyber crime, it would allow the government and private companies to deploy draconian measures to monitor, even censor, the Web. It might even be used to close down sites that publish classified files or information.”
Mozilla, the creator of the Firefox browser, has stated, “While we wholeheartedly support a more secure Internet, CISPA has a broad and alarming reach that goes far beyond Internet security.”
In response to the White House’s objection to the bill, bill sponsors Ruppersberger and Rep. Mike Rogers (R-Mich.) have introduced a package of amendments that “address nearly every single one of the criticisms leveled by the Administration, particularly those regarding privacy and civil liberties of Americans…Congress must lead on this critical issue and we hope the White House will join us,” Ruppersberger and Rogers said.