Even worse than SOPA: New CISPA cybersecurity bill will censor the Web
An onrush of condemnation and criticism kept the SOPA and PIPA acts from passing earlier this year, but US lawmakers have already authored another authoritarian bill that could give them free reign to creep the Web in the name of cybersecurity.
As congressmen in Washington consider how to handle the ongoing issue of cyberattacks, some legislators have lent their support to a new act that, if passed, would let the government pry into the personal correspondence of anyone of their choosing.
H.R. 3523, a piece of legislation dubbed the Cyber Intelligence Sharing and Protection Act (or CISPA for short), has been created under the guise of being a necessary implement in America’s war against cyberattacks. But the vague verbiage contained within the pages of the paper could allow Congress to circumvent existing exemptions to online privacy laws and essentially monitor, censor and stop any online communication that it considers disruptive to the government or private parties. Critics have already come after CISPA for the capabilities that it will give to seemingly any federal entity that claims it is threatened by online interactions, but unlike the Stop Online Privacy Act and the Protect IP Acts that were discarded on the Capitol Building floor after incredibly successful online campaigns to crush them, widespread recognition of what the latest would-be law will do has yet to surface to the same degree.
Kendall Burman of the Center for Democracy and Technology tells RT that Congress is currently considering a number of cybersecurity bills that could eventually be voted into law, but for the group that largely advocates an open Internet, she warns that provisions within CISPA are reason to worry over what the realities could be if it ends up on the desk of President Barack Obama. So far CISPA has been introduced, referred and reported by the House Permanent Select Committee on Intelligence and expects to go before a vote in the first half of Congress within the coming weeks.
“We have a number of concerns with something like this bill that creates sort of a vast hole in the privacy law to allow government to receive these kinds of information,” explains Burman, who acknowledges that the bill, as written, allows the US government to involve itself into any online correspondence, current exemptions notwithstanding, if it believes there is reason to suspect cyber crime. As with other authoritarian attempts at censorship that have come through Congress in recent times, of course, the wording within the CISPA allows for the government to interpret the law in such a number of degrees that any online communication or interaction could be suspect and thus unknowingly monitored.
In a press release penned last month by the CDT, the group warned then that CISPA allows Internet Service Providers to “funnel private communications and related information back to the government without adequate privacy protections and controls.
The bill does not specify which agencies ISPs could disclose customer data to, but the structure and incentives in the bill raise a very real possibility that the National Security Agency or the DOD’s Cybercommand would be the primary recipient,” reads the warning.
The Electronic Frontier Foundation, another online advocacy group, has also sharply condemned CISPA for what it means for the future of the Internet. “It effectively creates a ‘cybersecurity’’ exemption to all existing laws,” explains the EFF, who add in a statement of their own that “There are almost no restrictions on what can be collected and how it can be used, provided a company can claim it was motivated by ‘cybersecurity purposes.’”
What does that mean? Both the EFF and CDT say an awfully lot. Some of the biggest corporations in the country, including service providers such as Google, Facebook, Twitter or AT&T, could copy confidential information and send them off to the Pentagon if pressured, as long as the government believes they have reason to suspect wrongdoing. In a summation of their own, the Congressional Research Service, a nonpartisan arm of the Library of Congress, explains that “efforts to degrade, disrupt or destroy” either “a system or network of a government or private entity” is reason enough for Washington to reach in and read any online communiqué of their choice.
The authors of CISPA say the bill has been made “To provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities,” but not before noting that the legislation could be used “and for other purposes,” as well — which, of course, are not defined.
“Cyber security, when done right and done narrowly, could benefit everyone,” Burman tells RT. “But it needs to be done in an incremental way with an arrow approach, and the heavy hand that lawmakers are taking with these current bills . . . it brings real serious concerns.”
So far CISPA has garnered support from over 100 representatives in the House who are favoring this cybersecurity legislation without taking into considerations what it could do to the everyday user of the Internet. And while the backlash created by opponents of SOPA and PIPA has not materialized to the same degree yet, Burman warns Congress that it could be only a matter of time before concerned Americans step up to have their say.
“One of the lessons we learned in the reaction to SOPA and PIPA is that when Congress tries to legislate on things that are going to affect Internet users’ experience, the Internet users are going to pay attention,” says Burman. H.R. 3523, she cautions, “Definitely could affect in a very serious way the internet experience.” Luckily, adds Burman, “People are starting to notice.” Given the speed that the latest censorship bill could sneak through Congress, however, anyone concerned over the future of the Internet should be on the lookout for CISPA as it continues to be considered on Capitol Hill.