Thread: CISPA: A guide to the 'Big Brother' cyber security bill

By The Week's Editorial Staff | 5 hrs ago

Civil libertarians and open-web advocates are up in arms about a far-reaching bill coming up for a big vote in the House. Here's why


An unprecedented internet-driven public outcry sank the Stop Online Piracy Act (SOPA) in January, and now privacy advocates and web-freedom activists are trying to stop another House bill targeting the internet: The Cyber Intelligence Sharing and Protection Act (CISPA). They don't have much time. The bill, which quixotic presidential candidate Rep. Ron Paul (R-Texas) calls "Big Brother writ large," is scheduled for a vote on May 27, and it has at least 113 cosponsors. What is CISPA, why don't critics like it, and what are the odds it will pass? Here's what you need to know:

What does CISPA do?
The bill is designed to make it easier for the government and private companies to share information that might thwart cyber attacks by everyone from hacker groups like Anonymous to secret-pilfering nations. Companies and the government already can, and do, share some private information about individual web users, but they face the risk of lawsuits. CISPA would allow companies to freely share "cyber threat information" without consequence. The idea is that if everyone can freely pool information about cyber threats, they'll be easier to stop.

Why is that controversial?
The problem stems largely from one word: "Notwithstanding," says Declan McCullagh at CNET News. By including the caveat that any web-related service provider may share "cyber threat information with any other entity," including the military and National Security Agency, "notwithstanding any other provision of law," CISPA's backers want the bill to "trump all existing federal and state civil and criminal laws. It would render irrelevant wiretap laws, web companies' privacy policies, educational record laws, medical privacy laws, and more." It's "a classic example of over-legislation," says DJ Pangburn at Death and Taxes.

But isn't cyber-security a real concern?
Yes, but "encouraging private industry to funnel information to the government poses its own set of problems," says the Los Angeles Times in an editorial. The bill can be tweaked, but its troubling premise is that it transforms email providers, Facebook, and broadband services "from service providers to surveillance agencies." Clueless legislators must start "talking to actual cyber security and tech experts," not to mention civil libertarians, says Erik Kain at Forbes. In the meantime, with bills like CISPA "we risk giving far too much away, once again, in our quest for an ever-elusive sense of security."

Who backs CISPA, and who doesn't?
Unlike SOPA, several large tech companies are on board with CISPA, including Facebook, Google, Microsoft, and IBM. Other prominent backers include the U.S. Chamber of Commerce, AT&T, and defense contractors. On the other side, the ACLU, Electronic Frontier Foundation, Free Market Coalition, Anonymous, Sunlight Foundation, a group of 18 House Democrats, and the Republican Liberty Caucus are among the odd collection of groups trying to kill the bill. The Obama administration opposes the bill as written. The bill's author, Rep. Mike Rogers (R-Mich), says he's "open to change this bill right up until it comes to the House floor."

What are CISPA's chances in Congress?
Since the list of congressional supporters is growing, not shrinking as in the SOPA affair, Rogers says there is "a strong chance that the bill will be passed" this week. Even Ron Paul appears ready to support it with the inclusion of some privacy safeguards. Its prospects are less clear in the Senate, which has a competing bill, the Cybersecurity Act of 2012, which has more protections. Finally, it has to be signed by the leery president. Although Obama advisers say the bill is flawed, Obama hasn't threatened to veto it.

http://news.yahoo.com/cispa-guide-bi...123100463.html

"Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves." -William Pitt, 1783

Obama Opposes CISPA, But Will Sign It Anyway
Get ready for another NDAA-style bait and switch
Paul Joseph Watson Wednesday, April 25, 2012

President Barack Obama simply “can’t wait” to bypass Congress and use executive privilege to advance his political agenda, but even though his administration has expressed its opposition to the draconian CISPA bill, don’t hold your breath for a veto.

Earlier this week the New York Times reported on how Obama had personally invented the slogan “We Can’t Wait” to characterize his intention to “aggressively use executive power to govern in the face of Congressional obstructionism.”

However, Obama ‘s penchant for defying Congress seems to lose its steam when there’s a bill to be passed that will strip Americans of what’s left of their fourth amendment rights. The Cyber Intelligence Sharing and Protection Act (CISPA) orders ISPs to share Internet data of users with government “notwithstanding any other provision of law.”

The bill “gives companies a free pass to monitor and collect communications and share that data with the government and other companies, so long as they do so for ‘cybersecurity purposes,’” the Electronic Frontier Foundation (EFF) has noted. “Just invoking ‘cybersecurity threats’ is enough to grant companies immunity from nearly all civil and criminal liability, effectively creating an exemption from all existing law.”

Yesterday senior State Department official Alec Ross publicly announced that the Obama administration opposed CISPA, but refused to entertain the notion of the bill being vetoed. “The Obama administration opposes Cispa,” he told the Guardian. “The president has called for comprehensive cybersecurity legislation. There is absolutely a need for comprehensive cybersecurity legislation. [But] part of what has been communicated to congressional committees is that we want legislation to come with necessary protections for individuals.”

Ross’ words carry absolutely no meaning whatsoever. History tells us that Obama’s opposition to CISPA is nothing more than political grandstanding and that he will sign the bill without haste once it lands on his desk.

Cast your minds back to the National Defense Authorization Act and specifically the provision that allows indefinite detention of Americans without trial.
At every step throughout the process, the Obama administration threatened to veto the bill unless the ‘kidnapping’ provisions were removed from the text, lulling civil libertarians on the left into a false sense of security. However, Obama signed the legislation into law on New Year’s Eve when Americans were out partying, a sneak attack that caught everyone by surprise.

Despite a toothless signing statement in which Obama promised not to use the ‘indefinite detention’ provision against American citizens, it subsequently emerged that it was the administration itself which specifically demanded the provision be applied to American citizens. According to its co-author Rep. Mike Rogers, CISPA already has enough votes to pass the House on Friday and despite an onslaught of new amendments, some of which actually make the bill worse for privacy, will head to the Senate for approval before awaiting the President’s signature.

Given what we learned from Obama’s NDAA bait -and-switch, the President probably “can’t wait” to sign CISPA into law, formally empowering the federal government to use the Internet as one giant world wide wiretap in the name of cybersecurity.

Full Articles at: infowars.com

CISPA cybersecurity bill gets veto threat from Obama
By Olivier Knox ~ White House Correspondent

The White House came out strongly Wednesday against a bipartisan but controversial House bill designed to protect the country's infrastructure from cyberattack, warning that President Barack Obama would veto if it passes in its current form over civil liberties concerns and other worries.

"The Administration strongly opposes H.R. 3523, the Cyber Intelligence Sharing and Protection Act, in its current form," Obama's Office of Management and Budget said in a statement. "If H.R. 3523 were presented to the President, his senior advisors would recommend that he veto the bill."

OMB said that the administration was "committed to increasing public-private sharing of information about cybersecurity threats" but said the process "must be conducted in a manner that preserves Americans' privacy, data confidentiality, and civil liberties and recognizes the civilian nature of cyberspace."

Morever, it said, the legislation "fails to provide authorities to ensure that the nation's core critical infrastructure is protected while repealing important provisions of electronic surveillance law without instituting corresponding privacy, confidentiality, and civil liberties safeguards." OMB specifically cautioned that, in its current form, the measure fails to set up "requirements for both industry and the government to minimize and protect personally identifiable information."

"Citizens have a right to know that corporations will be held legally accountable for failing to safeguard personal information adequately," OMB said, adding that the legislation "would inappropriately shield companies from any suits where a company's actions are based on cyber threat information identified, obtained, or shared under this bill, regardless of whether that action otherwise violated federal criminal law or results in damage or loss of life."

The bill's chief authors--House Intelligence Committee Chairman Mike Rogers and the panel's top Democrat, Rep. C.A. Dutch Ruppersberger--unveiled a raft of amendments on Tuesday aimed at defusing the privacy concerns.

The two lawmakers issued a joint statement Wednesday saying that "the basis for the administration's view is mostly based on the lack of critical infrastructure regulation, something outside of our jurisdiction."

"We would also draw the White House's attention to the substantial package of privacy and civil liberties improvement announced yesterday which will be added to the bill on the floor," they said, stressing that key lawmakers guiding the measure to a vote in the House "have agreed to a package of amendments that address nearly every single one of the criticisms leveled by the administration, particularly those regarding privacy and civil liberties of Americans. Congress must lead on this critical issue and we hope the White House will join us."

http://news.yahoo.com/blogs/ticket/o...212250696.html

comments

Just like he threatened to veto the NDAA. Democrats and Republicans are both liars. Make no mistake about it. The government wants to police and censor you on the internet. They know the Internet is the last vestige of Free Speech in America. They will not stop until your free speech has been stripped from you fully. Don't be Sheep Anymore.

http://www.bigbigforums.com/news-inf...ensorship.html


CISPA passes House despite privacy concerns
3:07 PM 04/18/2013

The House passed the controversial Cyber Sharing and Intelligence Protection Act (CISPA) Thursday by a 288 to 127 vote, ignoring the alarms of civil liberties groups as it sent it on to the Senate for consideration.

The bill — sponsored by House Permanent Select Intelligence Committee Chairman Mike Rogers and Ranking Member Dutch Ruppersberger — is intended to allow for private companies to share cyberthreat information with the federal government.

Supporters have argued that the bill allows for private sector information to be shared with the federal government on a voluntary basis.

Rogers applauded the passage of the bill and his colleagues for their ability “to look past the distortions and fear mongering about this bill, and see it for what it really is — a very narrow and focused authority to share cybersecurity threat information to keep America safe.”

While national security professionals, legislators and even President Obama have demanded comprehensive cybersecurity legislation, their efforts have been met by substantial resistance from privacy activists and civil liberties groups that argue that legislative language so far has been too broad.

Groups from both the right and the left — including the ACLU, Electronic Frontier Foundation, Fight for the Future, TechFreedom and Competitive Enterprise Institute — have argued that concessions made by CISPA’s supporters have not been enough to alleviate concerns that the bill violates privacy rights or the freedom of contract.

Michigan Republican Rep. Justin Amash has been openly railing against the bill for not only threatening Fourth Amendment privacy rights, but also because the bill bans companies from guaranteeing to protect their customer’s privacy.

The House Rules Committee rejected an amendment sponsored by Amash during discussion of the bill on Tuesday that would protect the freedom of contract, which maintains that private citizens and corporations can enter into contracts without government restrictions.


Read more: http://dailycaller.com/2013/04/18/ci...#ixzz2QwyGjVxZ

Electronic sharing bill CISPA would violate rule of law, critics argue
12:16 PM 04/18/2013

A controversial cybersecurity bill in the House has critics worried that it would give technology companies facing cyberthreats the ability to share too much private information about their customers.

The Cyber Sharing and Intelligence Protection Act (CISPA), which was sponsored by House Permanent Select Committee on Intelligence Chairman Mike Rogers and Ranking Member Dutch Ruppersberger, seeks to authorize private companies and the Director of National Intelligence to share information about online threats.

Civil liberties advocates and security experts say the bill does not go far enough to protect Americans’ privacy.

“The bill establishes an information-sharing regime under which private sector entities may, but are not required to, share information with the government about efforts to gain unauthorized access to their computer systems,” former Dick Cheney chief of staff David Addington wrote this week. And while Addington believes the bill could help deal with the lingering treat of foreign powers stealing secrets from American computers, he thinks the bill needs to be fixed to address privacy concerns.

Addington says one section of the bill “actually affirmatively authorizes the government to make use of firearms sales records, tax return records, and medical records shared under the legislation” so long as it abides by rules set by the attorney general, homeland security director and national intelligence director.

The White House has already issued a veto threat should the bill reach President Obama’s desk, citing privacy and civil liberties concerns.

Ryan Radia, associate director of technology studies at Competitive Enterprise Institute, told The Daily Caller that the goal of CIPSA is to give companies broad legal immunity when sharing information, echoing a concern he and Berin Szoka, president of the tech policy think tank TechFreedom, have had about the bill for over a year.

“We’re worried about companies sharing information they think has to do with a cyberthreat, but they make a mistake,” Radia told The Daily Caller.

The two are worried that the bill violates the rule of law by providing companies blanket immunity against “any provision of the law” when sharing private customer information with the federal government.

The House Rules Committee rejected an amendment sponsored by Michigan Republican Congressman Justin Amash during discussion of the bill on Tuesday that would protect the freedom of contract, which maintains that private citizens and corporations can enter into contracts without government restrictions.

“They think companies will share less because their contracts will bind them, but I think that’s absurd,” said Radia, speaking of CISPA’s sponsors.

A vote on the bill is expected Thursday.


Read more: http://dailycaller.com/2013/04/18/el...#ixzz2QwyyqdN8

As many of you have heard, while the Nation was watching the Lock-down of Boston, C.I.S.P.A was passed. As with every recent "crisis", the government used the opportunity to quietly pass a bill that violates the Law. C.I.S.P.A. very clearly violates the 1st Amendment.

C.I.S.P.A. , which is the "Cyber Intelligence Sharing and Protection Act". (Notice how they included the word "Protection", which is always a keyword in legislation that strips citizens of their liberties).

So what does this mean?

Companies can no longer be held liable for sharing your personal information with the government.

Your search history, reading material, news sources, can all be monitored by the government.

Your internet history and e-mails can be accessed and viewed by the government (for your protection, of course) without a warrant or probable cause.

We keep calling this "Freedom", so I can only assume that the definition of the word has changed since 1776.

CISPA means that any information shared online that is deemed a cyber threat--which you can imagine, with the government involved, can be highly subjective in nature--can be shared openly with government, security agencies and private companies.

Worse yet, you will have no legal recourse, even if you didn't do anything wrong.

4th Amendment Is Attacked During Boston Mayhem
Posted on April 21 2013



No freedom, no debate. In the midst of chaos of the Boston Marathon bomber and the explosions in Texas, on Thursday, Americans moved closer to losing more 4th amendment rights when the House of Representatives passed the Cyber Intelligence Sharing and Protection Act (CISPA). This came after Republican Mike Rogers (MI) held closed-door meetings with his Intelligence Committee and disallowed debate on an amendment that would have required a warrant for the government to spy on you.

CISPA now moves to the Senate.

The 4th Amendment protects you from unreasonable search and seizure; but CISPA ends that protection online. It allows the government to access confidential customer data from online service providers, without a warrant and without evidence of criminal wrongdoing. Rep. Jared Polis (D-CO) warned that the language allows the government to “go on fishing expeditions for electronic devices,” for instance at “gun shows,” or “football games”—wherever a great amount of people are gathering.

Michigan Republican Justin Amash tried to get an amendment passed ensuring that privacy policies and terms of companies would remain valid and enforceable, but was denied.

Interestingly enough, Mike Rogers, the man responsible for holding CISPA meetings in secret and fighting so hard for its passage, has a big conflict of interest.

Mike’s wife Kristi worked for a security defense contractor that would have benefitted from this legislation; and now, she’s managing director at a big lobbying firm that focuses on “executive level problem solving in the defense and homeland security sectors.”

So, our privacy, our rights, our 4th Amendment, was sold out in favor of big State Department contracts.

The Internet is a goldmine of information, and every day we are changing the way we live and interact with one another based on technological innovations and creative uses for social media. But this goldmine is about to become the government’s treasure chest. CISPA means that any information shared online that is deemed a cyber threat–which you can imagine, with the government involved, can be highly subjective in nature–can be shared openly with government, security agencies and private companies. Worse yet, you will have no legal recourse, even if you didn't do anything wrong.

Nobody “owns” the Internet, but CISPA almost guarantees the U.S. government will hold dominion over it. Every website you visit, every piece of personal data you enter, and every action you take online will soon become the property of the Feds.

No one denies the fact that if you’re going to be a part of the Internet; you need to know how to keep your site safe from hackers and attackers. But very few think it’s a good idea to bundle up all kinds of data on American citizens and hand it over with a bow on top to any government or security agency that asks for it.

ACLU legislative counsel Michelle Richardson warned, “As we’ve seen repeatedly, once the government gets expansive national security authorities, there’s no going back.”

President Obama says he will veto CISPA if it comes out of the Senate, but that is what he said about the National Defense Authorization Act just before he signed it. We cannot rely on him, as he has been extremely supportive of CISPA provisions in the past.

http://www.conservative-daily.com/20...boston-mayhem/

What's wrong with CISPA?
(in as few words as possible)

As it's written, CISPA won't protect us from cyber threats, but it will violate our 4th Amendment right ...to privacy:

1. It lets the government spy on you without a warrant. (read more)

2. It makes it so you can’t even find out about it after the fact. (read more)

3. It makes it so companies can’t be sued when they do illegal things with your data. (read more)

4. It allows corporations to cyber-attack each other and individuals outside of the law. (read more)

5. It makes every privacy policy on the web a moot point, and violates the 4th amendment. (read more)

6. When we say that your information can be shared with "The Government" it's not hyperbole. Federal Agencies from the Fish & Wildlife Service to Amtrak to the NSA could access your data. (read more)

READ MORE: http://cms.fightforthefuture.org/cispa/

If You Care About Your Privacy Care About CISPA
Tess VandenDolder Apr 23rd at 10:09 am

While the media was consumed with the hunt for the Boston bombers, and politicos busy talking immigration, the House of Representatives passed the Cyber Intelligence Sharing and Protection Act or CISPA. The bill is in response to recent threats from Chinese hackers, and would essentially allow a free flow of information between private companies and the federal government. For example, the provision would allow the government to notify Facebook should they notice any threat of hackers, and similarly Facebook could share information with the government if they notice any strange activity on their site.

When stated in layman's terms, the bill seems pretty straight forward, however the legislative language itself is ambiguous and potentially dangerous. A liability clause essentially requires private companies to hand over private information in certain situations, where as the sharing of government information with the private sector is entirely voluntary. Furthermore, national security measures require the government to anonymize any information they share with third parties, whereas private companies do not have this protection.

CISPA has managed to largely stay out of the news due to the fact that a number of major corporations and tech firms are actually in support of the bill. Compared with SOPA, a bill that was thrown out last year that would have given the government the power to pull any "dangerous" website offline, CISPA is more directly targeted toward hackers, something that companies lose millions of dollars to every year. Corporations such as AT&T, Comcast, and IBM all list themselves in support of the bill.

On the flip side, hacktivist organization Anonymous, who organized the internet blackout to protest SOPA last year, is attempting to do it again. However, the only groups that feel seriously threatened by CISPA are libertarians and other privacy rights organizations. The social sharing site Reddit has already begun blacking out some comments in protest of the bill, and the Facebook Libertarian page will be blacked out in solidarity. Larger sites however, such as Google and Wikipedia, have respectfully declined being a part of the Anonymous organized protest.

I would wager that this bill will sneak through the Senate and be silently vetoed by President Obama. However I doubt the measure will die there. The corporate interests are too large, and these multi-million dollar companies have too much at stake when it comes to internet hacking that a rejection of CISPA would go directly against their better interests. Unfortunately, the biggest losers here are us, the casual consumer and daily internet user, who probably keeps more private and sensitive information in cyberspace than in their basement filing cabinets.

The law requires the government to acquire a search warrant to come into your home and investigate your computer history. With CISPA, that pesky legal middleman in eliminated and the government can go straight to Google or Bank of America to acquire your online emails or bank statements. And that should frighten you.

http://inthecapital.streetwise.co/20...ate-interests/

George Takei : Many of you don't know about this, but your private emails and messages stored by your ISP were at recent risk of being HANDED OVER to the government and other companies, without you having any say. A propsed law called CISPA would allow the searching and sharing of your personal data with the government AND other companies. It also requires companies to turn over user records to officials under certain scenarios including "outside hacker threats." Sounds eerily like Orwell's "1984" to me. The bill as drafted sailed through the House, but under pressure from consumer and privacy groups and the threat of a presidential veto, CISPA stalled, for now, in the Senate. But it may seek to rise again, like some kind of zombie, as the Senate fashions its own version. I intend to lend my voice to help ensure it stays quite dead.