Zombie law: CISPA cyber bill resurrected from the dead
RT,
13
February, 2013
The
two US lawmakers responsible for last year’s failed cybersecurity
bill known as CISPA are reintroducing the act, and renewed interest
from Washington means it might have a fighting chance this time at
being signed into law.
Less
than ten months after the Cyber Intelligence Sharing and Protection
Act stalled on Capitol Hill after being overwhelmingly approved in
the House of Representatives, the architects of bill that’s been
called “Worse than SOPA” are once more pitching their effort to
politicians.
If
approved, CISPA could reshape the way American businesses interact
with the federal government by setting up a system for private sector
entities to share cyberthreat information with any agency
administered by Uncle Sam, a notion being called a national security
necessity by an increasing number of figures in Washington. Critics
of the act condemn the bill’s vague verbiage, though, and less than
one year ago orchestrated an online opposition movement with hopes of
snuffing CISPA for good. But while the bill — the brainchild of
Rep. Mike Rogers (R-Mich.) and Sen. Dutch Ruppersberger (D-Calif.) —
failed to garner the support needed within Washington to make it
become a law last year, urging from both Congress and the
commander-in-chief — and coupled with a new slew of alleged cyber
intrusions — could help CISPA be added to the books in no time.
CISPA,
a bill “to
provide for the sharing of certain cyber threat intelligence and
cyber threat information between the intelligence community and
cybersecurity entities,” was
approved by the House by a 248-168 vote last April, but ended in
political purgatory after lawmakers in the Senate failed to see
eye-to-eye with their congressional counterparts. Even had CISPA made
it that far, though, aides for US President Barack Obama insisted
problems with the bill would make it the subject of an
executive veto.
During just a few short months, however, the White House has rallied
support for cybersecurity legislation, and just this week Pres. Obama
signed an executive order to establish the framework needed to
protect the country’s critical and wired infrastructure in lieu of
Congress’ inability to do so on their own part, whether through
CISPA or by other means. Pres. Obama announced the order during his
State of the Union address Tuesday evening, and added a plea to the
politicians in his audience to work towards a Legislative Branch
solution.
“Earlier
today, I signed a new executive order that will strengthen our cyber
defenses by increasing information sharing, and developing standards
to protect our national security, our jobs and our privacy. Now,
Congress must act as well, by passing legislation to give our
government a greater capacity to secure our networks and deter
attacks,”Pres.
Obama said.
An
executive order from Pres. Obama isn’t exactly a rare occurrence,
and a laundry list of directives signed in the wake of last year’s
Sandy Hook massacre aimed to establish gun reform was faced with
furious opposition on the Hill. Either way, though, the orders he’s
made from the Oval Office have led some lawmakers to suggest that the
commander-in-chief is bypassing both
Congress and the Constitution.
“Obama's
increasing reliance on executive orders to push policy and skirt
congressional deliberation is worrisome,”Sen.
Ted Cruz (R-Texas) tweeted this
week.
But
in a joint statement issued by the officers of Rep. Rogers and Sen.
Ruppersberger on the day of the annual address, the CISPA co-authors
said they were “pleased” with
the president’s remarks and agreed that “our
biggest barriers to bolster our cyber defenses can be fixed only with
legislation.” CISPA,
said the lawmakers, will “help
US companies better protect themselves and the privacy and civil
liberties of their customers” from
international hackers per the president’s request.
“This
is clearly not a theoretical threat – the recent spike in
advanced cyberattacks against the banks and newspapers makes that
crystal clear: American businesses are under siege,” Rep.
Rogers said. He added that American companies need to have their
networks better protected because, as he explains in
an op-ed published
last week in The Detroit News, “thousands
of highly-trained computer engineers wake up” every
morning in China with the mission to “Steal
American intellectual property that the Chinese can in turn use to
compete against us in the international market.”
“It
is time to stop admiring this problem and deal with it
immediately,” Rogers
added this week. “Congress
urgently needs to pass our cyber threat information sharing bill to
protect our national security, our economy and US jobs.”
To
CISPA’s critics, though, one very important item isn’t taken into
consideration when it comes to offering protection. Opponents of the
bill insist that approving CISPA could have damning repercussions for
personal privacy and would put off-the-record conversations online
and in the hands of any government investigator who can call that
data relevant to a case. For that reason, it’s been opposed by the
Electronic Frontier Foundation, the American Civil Liberties Union,
the Center for Democracy and Technology and others. Even Mozilla,
a leading Silicon Valley software maker, strayed from the pack last
year and said, “While
we wholeheartedly support a more secure Internet, CISPA has a broad
and alarming reach that goes far beyond Internet security,”
“The
bill infringes on our privacy,” Mozilla’s
privacy and public policy official said in a statement to Forbes last
year.
Even
still, others say the overly vague language of the bill itself could
lead to broad interpretation.
Speaking
to RT when
CISPA was last up for vote in April 2012, Demand Progress
co-founder Aaron
Swartz said
the act has “all
the censorship problems” of
other cyber legislation that’s been proposed in under the Obama
administration such as SOPA and
PIPA — the Stop Online Piracy Act and Protect IP Act, respectively
— but warned that CISPA is “incredibly
broad and dangerous” since “it
also goes much further and allows them to spy on people using the
Internet, to get their personal data and e-mails.” All,
of course, in the name of cybersecurity. But as Congress is still
only in its infancy in terms of understanding computers, that
ill-defined term can allow for Washington to interpret CISPA in a
variety of ways.
“CISPA
is essentially an Internet monitoring bill that permits both the
federal government and private companies to view your private online
communications with no judicial oversight, provided, of course, that
they do so in the name of cyber security,” former
presidential hopeful and congeressman Ron
Paul said
on the campaign trail last year.
Since
CISPA was first introduced in November 2011, it’s undergone a
handful of revisions and has received a number of amendments. But
while those changes have been touted as the installation of privacy
safeguards for the public by some, others say some of CISPA’s edits
have made it an even worse act. One amendment, approved in April’s
House vote, was celebrate by some CISPA supporters because it refined
the government’s use of shared cyber threat information under the
bill to five specifics purposes: cybersecurity; investigation and
prosecution of cybersecurity crimes; protection of individuals from
the danger of death or physical injury; protection of minors from
physical or psychological harm; and protection of the national
security of the United States. When that amendment made it to
TechDirt.com blogger Leigh Beadon last year, she
said it
was “absolutely
terrible” because,
instead of limiting the government’s power, it really only expanded
the scope of “cybersecurity” in terms of what the feds can and
can’t do with private data.
“Basically
it says the Fourth Amendment does not apply online, at all,” Beadon
wrote.
“Basically this means CISPA can no longer be called a cybersecurity
bill at all. The government would be able to search information it
collects under CISPA for the purposes of investigating American
citizens with complete immunity from all privacy protections as long
as they can claim someone committed a ‘cybersecurity crime.’”
During
Pres. Obama’s Tuesday evening address, members of the international
hacktivist movement Anonymous launched an
unsuccessful cyber battle against the White House in protest of the
administration’s relentless war on the Internet. “We
reject the State of the Union. We reject the authority of the
President to sign arbitrary orders and bring irresponsible and
damaging controls to the Internet,” read
a statement made by the group that morning, which included a call to
arms for Anons to disrupt that evening’s SOTU broadcast.
Now
with CISPA about to be formally reintroduced, they face one more
cyber hurdle. If they want to fight back, though, this time they’ll
likely face an uphill battle unheard of since last year’s protests.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.