Forget SOPA, You Should Be Worried About This Cybersecurity Bill

from the this-is-not-good dept

However, the bill goes much further, permitting ISPs to funnel private communications and related information back to the government without adequate privacy protections and controls. The bill does not specify which agencies ISPs could disclose customer data to, but the structure and incentives in the bill raise a very real possibility that the National Security Agency or the DOD’s Cybercommand would be the primary recipient.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

While most folks are looking elsewhere, it appears that Congress is trying to see if it can sneak an absolutely awful "cybersecurity" bill through Congress. We've discussed how there's been some fighting on the Senate side concerning which cybersecurity bill to support, but there's a similar battle going on in the House, and it appears that the Rogers-Ruppersberger bill, known as CISPA (for Cyber Intelligence Sharing and Protection Act) or HR 3523 is winning out, with a planned attempt to move it through Congress later this month. The bill is-- and yet has somehow already gained over 100 sponsors . In an attempt to pretend that this isn't a "SOPA-like" problem, the supporters of this bill are highlighting the fact that Facebook, Microsoft and TechAmerica are supporting this bill.However, this is a terrible bill for a variety of reasons. Even if we accept the mantra that new cybersecurity laws are needed (despite a near total lack of evidence to support this -- and, no, fearmongering about planes falling from the sky doesn't count), this bill has serious problems. As CDT warned when this bill first came out, it's way too broad and overreaching:If it's confusing to keep track of these different cybersecurity bills, the ACLU has put together a handy dandy (scary) chart (pdf) comparing them all. And what comes through loud and clear is that the Rogers-Ruppersberger CISPA bill will allow for much greater information sharing of companies sending private communication data to the government -- including the NSA, who has been trying very, very hard to get this data , not for cybersecurity reasons, but to spy on people. CISPA has broad definitions, very few limits on who can get the data, almost no limitations on how the government can use the data (i.e. they can use it to monitor, not just for cybersecurity reasons) and (of course) no real oversight at all for how the data is (ab)used.CDT has put together a reasonable list of 8 things that should be done if politicians don't want to turn cybersecurity into a new SOPA, but so far, Congress is ignoring nearly all of them. Similarly, EFF is asking people to speak out against CISPA , noting that it basically creates. If the government wants your data, it just needs to claim that it got it for "cybersecurity purposes" and then it can do pretty much whatever it wants.and it looks like it's going to pass

Filed Under: cispa, cybersecurity, monitoring, privacy, rogers-ruppersberger, sopa