latest updates from easySERVICE™
Described as “misguided” and “fatally flawed” by the two largest US privacy groups, the Cyber Intelligence Sharing and Protection Act (CISPA) threatens the online privacy of ordinary US residents more so than any other Bill since Congress amended the Foreign Intelligence Surveillance Act in 2008.
In just one week, both the Homeland Security Secretary Janet Napolitano and Defense Secretary Leon Panetta warned that U.S. critical national infrastructure—including water, electricity, and gas networks—were vulnerable to hackers and the U.S. could be hit by a “cyber-9/11”.
Napolitano even urged Congress to pass legislation governing areas of cyber-security so that the U.S. government could share information with the private sector, which may help prevent cyber-attacks on infrastructure critical to U.S. national security.
This, as you might expect, caused an uproar among the online community who believed that private companies could effectively hand over data—such as cell phone records, email records, and even Facebook and Twitter data—directly into the hands of U.S. intelligence.
Even the White House was concerned, and threatened to veto the bill altogether.
But now, there are two separate reports that suggest CISPA could be heading back to the Congressional table, but also that President Obama may bypass his lawmakers altogether and issue his own executive order. A lot of confusion still surrounds what CISPA can do, who it affects, and what it will practically achieve. Here’s what you need to know.
CISPA, known officially as H.R. 624, is a cybersecurity Bill currently going through the motions in the lower house of Congress, the US House of Representatives. It is designed to help prevent and defend against cyberattacks on critical national infrastructure and against other internet attacks on private firms by obtaining and sharing “cyberthreat information”.
Its sole purpose is to allow private sector firms to search personal and sensitive user data of ordinary US residents to identify this so-called “threat information”, and to then share that information with each other and the US government — without the need for a warrant.
By citing “cybersecurity”, it allows private firms to hand over private user data while circumventing existing privacy laws, such as the Wiretap Act and the Stored Communications Act. This means that CISPA can permit private firms to share your data, such as emails, text messages, and cloud-stored documents and files, with the US government.
It also gives these firms legal protection to hand over such data. There is no judicial oversight.
To make matters worse, because there is little transparency and individual accountability, those who have had their data handed to the US government may not even know about it or be given a chance to challenge it.
In April 2012, the US House passed CISPA by a large majority, voting 248 to 168. It passed at a time when the White House threatened to veto the Bill should it pass the desk of President Obama, citing privacy and civil liberty concerns. But once it was handed to the Senate, it failed to gain traction, likely in light of similar legislation being drafted in the upper house at the time.
Source: Associated Press