The Cyber Intelligence Sharing And Protection Act (CISPA), otherwise known as the bigger, and nastier brother to both the SOPA and PIPA acts that got loudly smacked down after the Internet realized just how dangerous and ill-thought out they were.
The reaction to both SOPA and PIPA was swift and pronounced, but that only happened in what amounted to the last moments before Congress was set to vote. In contrast CISPA looks, by all accounts, to be facing smooth sailing as it heads towards a vote in both houses of Congress.
So why no real visible outrage, why no threats of shutting down popular websites in protest, why no letters to Congress from the founders of the Web that it endangers, why no calls from the big web and tech companies against it?
First we have to understand what exactly CISPA is all about, or at least a short form explanation.
In contrast to SOPA and PIPA which was primarily about so-called protection of intellectual property and copyright the proponents of CISPA are using the all encompassing, and fear-mongering, concept of cyberterrorism - sort of like the Patriot Act for the Internet.
The idea is that the government would be able to get any and all private information from companies like Facebook, Twitter, or any company that might have information about you without having to go through the courts – it would be open-ended sharing without any need of your consent or knowledge.
What makes this even more questionable, and dangerous, is that the classification of what would constitute a cybersecurity issue is totally subjective and dependent on the people making the decision. There are now guidelines, and none expected, as to what constitute as a threat to our cybersecurity and the only oversight is a ‘summary’ that will be presented to Congress once a year.
Additionally any sharing under the auspices of CISPA supersedes any privacy laws – local, state, or federal – so in effect any request for personal information under the guise of it being a CISPA related request means there are no such things as privacy laws.
In other words due process gets thrown out the window and there is nothing you can do about it.
Timothy Karr recently had a good post at Huffington Post on this where he broke down the four dangers facing us, and the Internet, from CISPA:
- CISPA would allow companies and the government to bypass privacy protections and spy on your email traffic, comb through your text messages, filter your online content and even block access to popular websites.
- CISPA would permit companies to give the government your Facebook data, Twitter history and cellphone contacts. It would also allow the government to search your email using the vaguest of justifications — and without any real legal oversight.
- CISPA contains sweeping language that could be used as a blunt weapon to silence whistleblower websites like WikiLeaks and the news organizations that publish their revelations.
- CISPA would have a chilling effect on our ability to speak freely online by stoking fears that the National Security Agency — the same agency that has conducted “warrantless wiretapping” online for years — could come knocking.
So if there was all this corporate rage over SOPA and PIPA why aren’t we seeing the same type of reaction when it comes to CISPA?
The short answer to this is because it doesn’t really change the way that they do business with the government and law enforcement agencies already, and contrary to what you would think companies like Facebook and Microsoft support CISPA.
It is important to realize that unless any requests for a person’s private information comes are part of a CISPA cybersecurity request companies aren’t ‘forced’ to share that information; but under CISPA when they do share that information they can no longer face any legal actions from anyone.
The other thing that should be noted here is that the government already has the power to request private information under existing laws but the companies that provide that information are still liable under the law – CISPA removes that problem.
With CISPA everything you do online, from email to blog posts, to Facebook status updates and picture posting, to Twitter status update, can be handed over to the government without your ISP, Facebook, Twitter having to notify you that there was even a request or what was handed over. In effect everything you do on the web can end up in the hands of the government and law enforcement just because they claimed the right to it under CISPA and you will never know it was done.
As Josh Levy wrote at Huffington Post:
The bill would have a chilling effect on free speech — creating an environment in which we refrain from posting on Facebook, conducting Web searches, sending emails, writing blog posts or communicating online for fear that the National Security Agency — the same agency that’s conducted online “warrantless wiretapping” for years — could come knocking.
If this bill passes, authorities won’t have to worry about pesky privacy laws getting in the way the next time they want to grab your Facebook history or search through your email. All they’ll need is the vague sense that the information relates to a “cyber threat” – a poorly defined concept in the bill. And you’ll never know they shared that information.
Eric Limer at Geekosystem put it this way
And what if you’re a site that doesn’t have a bunch of user information that the government is likely to want, or aren’t too keen on giving away info unless you are legally forced to? CISPA isn’t going to hurt you, exactly. I mean, it might hurt you, the owner of a site, as an individual, but it isn’t going to impede your site’s business. At worst, it’s free insurance against something that probably won’t happen, but might. Not much to get fired up about, is there? Supporting SOPA was a bad business move for online businesses. Supporting CISPA is a good one, or at least one that doesn’t matter. For now.
So in effect there is little or no incentive for companies like Facebook, Twitter, or big tech companies like Microsoft to be concerned or to hop on any bandwagon against it – it just doesn’t hurt their bottom line or change things that they are already doing under existing laws.
So basically – we’re screwed?
Not necessarily. There are organizations like: EFF, Avaaz.org, Free PRess Action Fund, ACLU, Access, CDT, and the American Library Association who are already trying to organize against CISPA but the fact is that we are getting close to the wire on this one.
However it is also important to remember that both SOPA and PIPA were at this point before all hell broke loose and really it all boiled down to the actions of an unexpected, at the time, force known collectively as the Reddit community.
As someone who followed both SOPA and PIPA, as well as ACTA before them, I honestly didn’t hold out much hope that either of those legislation’s, and treaty in the case of ACTA, could be stopped. Then suddenly we started hearing a rumbling of concern coming out of the Reddit community, a rumbling that got louder and louder, to the point that the voices couldn’t be ignored.
It was around this point that organizations like Wikipedia, services like Facebook and Twitter, and several big name tech companies started to get involved. Now as I would like to be optimistic about this point and that they became involved because they believed the legislation was wrong the reality is that those voices coming out of Reddit, as well as from the founding fathers of the Web, forced them pick a side which they did based purely on economic reasons.
I hold out little hope that CISPA will be stopped as its predecessors were but if it is to be fought against it isn’t going to be because companies changed their minds, since there is no incentive for them to at this point. No, if there is going to be a successful fight against CISPA it once again is going to have to come from the grassroots. It’s going to have to be the loud and vocal opposition from those very people who helped create our online world. It is going to have to be the people on Reddit, and other services like that, who are going to have to once more rally the troops, bring sanity to an insane law.
It is going to have to be you and me doing more than clicking on some Like button on Facebook. Reddit may have helped us win one battle but this is a war of power over the Internet and this means we need to get involved, to be knowledgeable, to become an active participant by any means available to us.
Don’t waste time clicking some Like button if that is going to be the extent of your involvement, because it means squat, add your voice to Reddit, ask serious questions of companies like Facebook and Microsoft.
As an added bonus if you want to keep track of what is happening with things like CISPA, and other ways that the government is doing everything it can to control the web I strongly suggest you follow David Seaman on Google+ – he is a prime example of someone trying to do something, which is keeping you and I informed.
This is far from over folks and it’s time once again to take a stand.
