Saturday, April 14, 2012

Get ready for the next big Internet freedom fight: CISPA #p2 #tcot

Add CISPA to the list.
Judging by the Twitter feed of the House Intelligence Committee this week, free and open Internet advocates have another fight on our hands. Right on the heels of the SOPA debacle comes the Cyber Intelligence Sharing and Protection Act (CISPA), a bill that many are calling worse than SOPA. Here's some quick background from the Electronic Frontier Foundation, which warns we're seeing another overly broadly written bill that "could have dire consequences for our Internet ecology."
The [bill] allows companies or the government free rein to bypass existing laws in order to monitor communications, filter content, or potentially even shut down access to online services for "cybersecurity purposes." Companies are encouraged to share data with the government and with one another, and the government can share data in return. The idea is to facilitate detection of and defense against a serious cyber threat, but the definitions in the bill go well beyond that.[...]

Under the proposed legislation, a company that protects itself or other companies against "cybersecurity threats" can "use cybersecurity systems to identify and obtain cyber threat information to protect the rights and property" of the company under threat. But because "us[ing] cybersecurity systems" is incredibly vague, it could be interpreted to mean monitoring email, filtering content, or even blocking access to sites. A company acting on a "cybersecurity threat" would be able to bypass all existing laws, including laws prohibiting telcos from routinely monitoring communications, so long as it acted in "good faith."

The broad language around what constitutes a cybersecurity threat leaves the door wide open for abuse. For example, the bill defines "cyber threat intelligence" and "cybersecurity purpose" to include "theft or misappropriation of private or government information, intellectual property, or personally identifiable information."

"Cybersecurity" actually isn't defined in the bill. By leaving that term completely open, it can and does include intellectual property, or as EFF says, "a little piece of SOPA wrapped up in a bill that's supposedly designed to facilitate detection of and defense against cybersecurity threats." We've got another bill that would give ISPs the power to monitor the communications of their customers for intellectual property infringement. Not for threats to take down wide swaths of the Internet. Not for threats to hack into the Pentagon's weapons systems servers. But threats to violation someone's copyright. That's the broad definition of "cybersecurity."

SOPA attacked the First Amendment, CISPA attacks the Fourth, according to the experts.

"It's a completely different issue [than SOPA]," says Jim Dempsey, vice president for public policy at the Center for Democracy and Technology. "This is about government monitoring. [SOPA] is about the First amendment, [CISPA] is about the Fourth, but they both take a legitimate problem and try to tackle it with an overbroad solution."
So here we go again, having a Congress with a poor grasp on technology and how the Internet works trying to regulate it with a sledgehammer, while giving the intelligence community—and private businesses—essentially free rein to delve into any citizen's everyday Internet activity. The PATRIOT Act already gives the government that power. Should  private companies be in on the act, too?

The House is expected to take up a vote on this bill the week of April 23, so back to your Internet freedom battle stations, and watch this space.



rest at http://www.google.com/reader/view/?hl=en&tab=my#stream/user%2F16917392540631171723%2Flabel%2Fblog%20materials

No comments:

Post a Comment