Friday, May 11, 2012

Left Side of the Aisle #56 - Part 4

Update on CISPA

I mentioned this very briefly last week, just a sentence or two at the end of the show: CISPA, the Cyber Intelligence Sharing and Protection Act, a bill that threatens - quite literally - to make online privacy a thing of the past, with everything we say, do, write, or read online subject to being shared with any government agency, has passed the House of Representatives with bipartisan support and has moved to the Senate.

As I mentioned when I first discussed this bill a few weeks ago, it is supposedly about protecting network security and would allow the NSA to share data with ISP's and telecommunication corporations, who also could share data with each other. As Rep. Dutch Ruppersberger said, it would allow them to share "formulas, Xs and Os, the virus code." (I think we can assume that instead of "Xs and Os" he meant "ones and zeros." It's nice to know bill's co-sponsor is so familiar with the technology about which he wants to write laws.)

That sharing, however, is the problem: The bill contains no real limits on what could be shared. It allows companies to share information "pertaining to the protection of" a system or network, a definition that positively invites the broadest possible interpretation. It also contains a "cybersecurity exception" which overrides every single law about privacy protection.

So a real source of concern was that once info was obtained for "cybersecurity" purposes, there were no restrictions on how else it could be used. To put it in more legalistic language, it allowed the government to use the data obtained under the bill for any non-regulatory purpose as long as it has one cybersecurity or national security purpose. So by claiming a cybersecurity purpose, corporations and government agents could do an end run around every privacy protection, quite possibly including the Fourth amendment.

Perhaps - repeat, perhaps - in response to that, just before the final vote an amendment was passed supposedly to limit what information gathered under the act could be used for. The bill originally referred to "cybersecurity" and "national security" purposes. The amendment added three more: investigation and prosecution of cybersecurity crime (such as network disruption and hacking), protection of individuals, and protection of children. Adding those three specifics was supposed to head off the open-ended nature of the authority, but whether this made the bill better or worse is up for debate. As one writer at Tech Dirt said, it "closed a loophole but opened a door."

It takes away some of the language that allows overreach of the bill, but then explicitly endorses the exact things people were worried the government would do with that language—as in, start using the data to investigate and build cases against American citizens without regard for the laws that would normally protect their privacy.

Obama had promised to veto the bill if it reached his desk "in its present form" because of its lack of privacy protections, but that was before the last-minute amendments. No word yet on if the changes were enough to give him enough wiggle room to sign it.

Right now, though, the focus is on the Senate, where two things are happening: One, for the moment anyway it looks like the House-passed version of CISPA may be going nowhere. That's because the White House and the Senate Democratic leadership have endorsed an alternative bill from Sens. Joe Lyingman and Susan "I'm outta here" Collins which has tougher privacy protections and would authorize the Department for the Protection of the Fatherland to set mandatory security standards for critical infrastructure, which CISPA does not address.

However, the very idea of government-set standards produces a Pavlovian response in the right wing, which is of course against the alternative. They call it "big government overreach" - as if the wholesale destruction of online privacy under CISPA is not.

The point is, right now the Dems do not have the 60 votes needed to break a GOPper filibuster and they know it. Democratic aides say the leadership is in talks with "multiple members" to adjust the language of the bill to make it palatable enough to enough GOPpers to get it passed. But as the veep of a technology company trade association said, with the election just a few months away, "the clock is ticking" and the longer this goes on, the harder it will be to get anything passed.

To which I can only say "Hooray for gridlock."

Sources:
http://www.cinemablend.com/games/ACTA-Gets-Killed-Score-Partial-Win-Internet-42194.html
http://www.latimes.com/news/politics/la-pn-cispa-hit-with-veto-threat-prior-to-friday-vote-in-the-house-20120426,0,2584558.story?track=rss
http://www.washingtonpost.com/business/technology/cispa-whos-for-it-whos-against-it-and-how-it-could-affect-you/2012/04/27/gIQA5ur0lT_story.html
http://www.techdirt.com/articles/20120427/08375418687/did-cispa-actually-get-better-before-passing-not-really.shtml
http://www.techdirt.com/articles/20120426/14505718671/insanity-cispa-just-got-way-worse-then-passed-rushed-vote.shtml
http://thehill.com/blogs/hillicon-valley/technology/225607-senate-dems-revamping-cybersecurity-bill-

No comments:

 
// I Support The Occupy Movement : banner and script by @jeffcouturer / jeffcouturier.com (v1.2) document.write('
I support the OCCUPY movement
');function occupySwap(whichState){if(whichState==1){document.getElementById('occupyimg').src="https://sites.google.com/site/occupybanners/home/isupportoccupy-right-blue.png"}else{document.getElementById('occupyimg').src="https://sites.google.com/site/occupybanners/home/isupportoccupy-right-red.png"}} document.write('');