CISPA Is A Really Bad Bill, And Here's Why
from the time-to-speak-up dept
Update: There is now a new draft of CISPA that has rendered some (though unfortunately not all) of this analysis obsolete.
The forces behind HR 3523, the dangerous Cyber Intelligence Sharing and Protection Act which is going to move forward in Congress at the end of the month, are beginning to get cagey about the growing backlash from the internet community. In an attempt to address some of the key concerns, the bill's authors, representatives Mike Rogers and Dutch Ruppersberger, hosted a conference call specifically geared at digital reporters. The invitation was for "Cyber Media and Cyber Bloggers" (seriously) and took place at 7am Silicon Valley time—thus demonstrating that they are totally in touch with the tech community. During the call, the representatives were intent on hammering certain points home: that the bill respects privacy and civil liberties, is not about surveillance, is targeted at actions by foreign states, and is nothing like SOPA.
Unfortunately, none of that is really true. The text of the bill, even with the two key amendments made since (all pdf links and embedded below), is still full of extremely broad definitions which fail to create the safeguards that the representatives insist are present, and which leave room for dangerous unintended consequences.
CISPA at a Glance
In broad terms, CISPA is about information sharing. It creates broad legal exemptions that allow the government to share "cyber threat intelligence" with private companies, and companies to share "cyber threat information" with the government, for the purposes of enhancing cybersecurity. The problems arise from the definitions of these terms, especially when it comes to companies sharing data with the feds.
Is CISPA the new SOPA?
This is the notion that the reps behind the bill are most desperate to kill. Their primary response is that CISPA has nothing to do with seizing domains or censoring websites, but that's only true on the surface. The bill defines "cybersecurity systems" and "cyber threat information" as anything to do with protecting a network from:
‘(A) efforts to degrade, disrupt, or destroy such system or network; or
‘(B) theft or misappropriation of private or government information, intellectual property, or personally identifiable information.
It's easy to see how that definition could be interpreted to include things that go way beyond network security—specifically, copyright policing systems at virtually any point along a network could easily qualify. And since one of the recipients of the shared information would be Homeland Security—the department that includes ICE and its ongoing domain seizures—CISPA creates the very real possibility for this information to be used as part of a SOPA-like crusade to lock down the internet. So while the bill itself has nothing to do with domain seizures, it gives the people behind such seizures a potentially powerful new weapon.
The reps insist that when they refer to intellectual property, they are not thinking about media piracy or even counterfeiting, but about foreign-based attacks on domestic companies to steal their research and development (they tout examples like the plans for jet fighters). Unfortunately, the bill's definitions create no such restriction, leaving the door wide open for more creative interpretations.
How can the government use the information?
The original text of the bill was really bad, simply saying the government cannot use the information for "regulatory purposes." This was amended to be more restrictive, but not by much: now, the same broad "cybersecurity" definition applies to what they can use the data for, and as if that wasn't enough, they can also use it for "the protection of the national security of the United States." I don't need to tell you that the government is not exactly famous for narrowly interpreting "national security."
So is CISPA a surveillance bill?
The bill specifically prohibits the government from requiring anyone to hand over information, or offering any sort of "quid pro quo" data sharing arrangement. Sharing information is voluntary, and as far as the bill's supporters are concerned, that should end the debate. Of course, as we've seen with things like the warrantless wiretapping scandal, complicity between companies and the government, even when legally questionable, is common and widespread. But even if the safeguards work, CISPA will undoubtedly allow for invasions of privacy that amount to surveillance.
Firstly, while the reps insist that the bill only applies to companies and not individuals, that's very disingenuous. CISPA states that the entity providing the information cannot be an individual or be working for an individual, but the data they share (traffic, user activity, etc.) will absolutely include information about individuals. There is no incentive in the bill to anonymize this data—there is only a clause permitting anonymization, which is meaningless since the choice of what data to share is already voluntary. Note that any existing legal protections of user privacy will not apply: the bill clearly states that the information may be shared "notwithstanding any other provision of law".
So we've got the government collecting this data, potentially full of identifying information of users in the U.S. and elsewhere, and they are free to use it for any of those broadly defined cybersecurity or national security purposes. But, it gets worse: the government is also allowed to affirmatively search the information for those same reasons—meaning they are by no means limited to examining the data in relation to a specific threat. If, for example, a company were to provide logs of a major attack on their network, the government could then search that information for pretty much anything else they want.
Can CISPA be fixed?
Most of the new provisions currently being considered for CISPA have to do with adding oversight and liability to prevent the government from violating any of the terms—but that doesn't address the problems in the bill at all, since the terms are already so broad. CISPA would require significant new restrictions to come anywhere close to being a good bill—a fact that points to Congress' inability to effectively design internet regulation. Moreover, there isn't even clear evidence that new cybersecurity laws are necessary. This is a bill that needs to die.
The EFF has a tool to help you contact your representative about CISPA and the broader issue of cybersecurity legislation. The bill is going to the House the week of April 23rd, so now is the time to get involved. As with SOPA, this is not an issue that solely effects Americans: the data may come from U.S. companies, but it will involve people from all over the world—and, indeed, foreign entities are one of the bill's prime targets. It's once again time for the internet to speak up and send a clear message to Congress: don't mess with something you don't understand.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cispa, congress, cybersecurity, sopa
Reader Comments
Subscribe: RSS
View by: Time | Thread
That is to say, arrogant, self assured, and more than a little full of shit.
"The Sky is Falling" is probably your favorite concept.
[ link to this | view in chronology ]
Re: .. .. .
On the spot with that vitriol, I see.
Very good, have a cookie.
Have you thought about getting yourself a name? I'm thinking: On-the-spot-troll (or something to that effect).
It's nice to see how much you're enjoying our Techdirt community, and you apparently have a fervent desire to be a contributing member, what with your witty criticisms offered up in such a timely manner...
Anyhow, hope you're having a good day.
[ link to this | view in chronology ]
Re: Re: .. .. .
I trust you are having a good day yourself!
[ link to this | view in chronology ]
Re: Re: Re: .. .. .
[ link to this | view in chronology ]
Re: Re: Re: Re: .. .. .
Try this. How about actually countering his points with points of your own?
Now go get a cookie from Lobo. I hear he has Oreo's and chocolate chips, pour yourself a glass of milk, and try to do better next time. K? OK.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: .. .. .
Sorry 1:16pm
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: .. .. .
[ link to this | view in chronology ]
Re: Re: Re: .. .. .
[ link to this | view in chronology ]
Re: Re: Re: Re: .. .. .
Hey AC, when is your blog going live?
What will it be: a gritty, dirty look at the dealings of K Street, a sad, pathetic view of an artist who's glory days are long gone, or a peek into the sleaze and sychophancy of a content industry middle-manager? (Did I just invent a word?)
Either way, I plan on insulting you personally when I don't have a counter to your arguments, once I find out who you are and get a look at your picture.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: .. .. .
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: .. .. .
All we need to do is sew shut the last asshole; if we're lucky, in a short while the whole chain of them will explode!
Once we clean up the shit after that we should be good to go.
[ link to this | view in chronology ]
Re: Re: Re: Re: .. .. .
Oh, but I do think the sky is falling on "internet freedoms", because they are the ones that ignore the law, ignore personal responsiblity, and ignore the rights of others. Those things are all certainly going to have the sky fall on them.
The "pro internet" types (hi Marcus) would like to have the internet ruled by the lowest, least restictive law sets on the planet. That is to say, if the copyright laws are slack in Spain, he wants the whole world to have to work with Spain's laws. He doesn't give a crap about the rights of people in different countries to have different laws and views. He wants the internet to force the citizen of sovereign nations to suffer under the law making of the weakest countries.
Normally we try to get rid of the weakest link - Marcus wants us to live by the rule of the weakest link.
So yeah, the sky is falling on internet freedom because it's really just anarchy, and that cannot be tolerated in our society.
[ link to this | view in chronology ]
Re: Re: .. .. .
[ link to this | view in chronology ]
Re: Re: Re: .. .. .
[ link to this | view in chronology ]
Re: Re: Re: Re: .. .. .
[ link to this | view in chronology ]
Re: Re: Re: Re: cookies!
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: cookies!
And, I suppose there's one to spare for you too, though you don't look all that familiar to me...
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: cookies!
[ link to this | view in chronology ]
Re:
It's a testament to how important these issues are and how much some powerful people don't want them discussed or disseminated.
If all was as you say it is, you wouldn't even be here. You'd have better things to do.
So, thank you. I mean that.
[ link to this | view in chronology ]
Re:
Did you even have time to read this then come up with this bullcrap in 12 minuets?
Or do you just have a bunch of troll insults on a word document somewhere to cut and paste from? **** Ding ding ding ding*** We have the winner.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
Which is longer, 12 minuets or 12 waltzes?
[ link to this | view in chronology ]
Re: Re: Re:
are you referring to a regular waltz or chopin's "minute waltz"?
[ link to this | view in chronology ]
What's REALLY going on in AC's head:
Also, "FIRST!"
[ link to this | view in chronology ]
Re: What's REALLY going on in AC's head:
Please continue.
[ link to this | view in chronology ]
Re: Re: What's REALLY going on in AC's head:
Um, please don't... :)
[ link to this | view in chronology ]
Re: Re: Re: What's REALLY going on in AC's head:
[ link to this | view in chronology ]
Re: Re: Re: Re: What's REALLY going on in AC's head:
[ link to this | view in chronology ]
Re: What's REALLY going on in AC's head:
[ link to this | view in chronology ]
Re:
I care about Censorship, Liberty, and the Right to my Privacy from this Government.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
That is to say, arrogant, self assured, and more than a little full of shit.
"The Sky is Falling" is probably your favorite concept.
He's Charlie McCarthy. Why do you think Masnick adopted him.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: AC doesn't understand
[ link to this | view in chronology ]
Brilliant Rebuttal
[ link to this | view in chronology ]
Re: Brilliant Rebuttal
[ link to this | view in chronology ]
That's just mean
That's just mean. That gives them almost nothing at all to mess with.
[ link to this | view in chronology ]
Re: That's just mean
[ link to this | view in chronology ]
Re: That's just mean
*Abort Abort*
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Just read through it, and...
While the Government does have a tendency to contract things off to private companies, is that their intent here, or is it blatantly different from other bills/laws?
[ link to this | view in chronology ]
Re: Just read through it, and...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
"Cyber Bloggers"? What the heck?
[ link to this | view in chronology ]
Re: "Cyber Bloggers"? What the heck?
[ link to this | view in chronology ]
Legislators are old and out of touch
Because of this, I propose that no one over 50 be allowed to propose any laws for the Net. If you don't know how it works, you've no business trying to regulate it.
Since I know that won't happen, I think all Net users need to declare the Internet a sovereign nation, entity, etc., which circumvents the globe, bypasses all borders and unites all peoples in a way unprecedented in history and thus cannot be bound by any terrestrial laws.
I know that won't happen either...
[ link to this | view in chronology ]
Seems to me a knowledgable guy like Issa sees it for what it is and hasn't succumbed to the whole Chicken Little narrative.
[ link to this | view in chronology ]
No patron saints
Here's the thing -- an awful lot of us actually form our own opinions by reading and thinking about the issue at hand. I've never adopted (or rejected) an opinion based on whether or not someone else has. It doesn't matter who that someone else is.
"Issa thinks it's OK, so it's OK" is a logical fallacy, not an argument.
[ link to this | view in chronology ]
Re: No patron saints
Please, you're one of Masnick most vocal parrots and loyal sycophants. This entire board is an echo chamber save the handful of AC's who chime in from time-to-time. No, you're a charter member of Masnick's goofy personality cult and strictly adhere to the bylaws prohibiting independent thinking.
[ link to this | view in chronology ]
Re: Re: No patron saints
[ link to this | view in chronology ]
Re: Re: No patron saints
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Darryl Issa & CISPA
2) that by explicitly including Intellectual Property broadly defined (rather than as pertaining to any specific cyber security threat) in its subject matter listing of protected infrastructure assets, CISPA was giving American Foreign Intelligence agencies a changed charter with indirect custody, but direct oversight, over ALL Intellectual Property used DOMESTICLY by every individual American citizen in the formation of every independent and informned judgement relevant to political, moral, and cultural life, 3) that by explicitly includihg broadly defined Intellectual Property within its mandate, CISPA was rechartering American Foreign Intelligence Agencies, not nerely for the protection of Intelectual Property in the abstract; but, for protecting the specific alliance of corporate copyright distributers from whose current perpetual custody and control of Intellectual Property individual Americans express constitutionally protected political dissent, 4) that by granting broad blanket Immunity to ALL counterparties, CISPA was annulling any due process opportunity for ANY American to challenge or be compensated for the grievances which will be inevitably be inflicted by the broad scope and brutal costitutional over reach of CISPA.
In this context, I don't care if Darryl Issa is the patron saint of Benjamin Cardozo, he can not justify this legislation without first addressing his support for such a disgraceful degadation of the constitutional rights of ALL Americans.
[ link to this | view in chronology ]
This 'bundling' of bad ideas sailed past cookoo town and is exploring unknown regions of corruption now.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Oh, that ship sailed a long time ago. Although many ACs here actually make intelligent points (whether or not I agree with them), most don't and never have. As a result when I'm skimming, I ignore ACs. The signal-to-noise raito is pretty low among them.
It's why I've long urged people to use a name of some sort. It helps the conversation quite a lot.
[ link to this | view in chronology ]
About Anonymity
Anonymity insures the equality of ideas, removes prejudice that comes from identifying the author and is the only guarantee against intimidation in democratic venues.
Remove anonymity and you get bias (in other words, prejudice) and increased possibility of either personality cult or character assassination. Common human weakness.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Nigel
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Georgia?
[ link to this | view in chronology ]
Re: Georgia?
If their really are a lot of supporters in Florida, I'm gonna have a pretty busy summer protesting...
[ link to this | view in chronology ]
Innovation kill-switch
When you're looking for a needle, the last thing you need is 50 more bales of hay added onto the pile.
Oh the government can't "require" the data, and there's no "quid pro quo", yea, sure, right. "Hey there service provider, since you didn't think you had anything that we needed, but we know you have it, my friends over there reviewing your bid for that government contract, ya, that bid was accidentally shredded, sorry about your luck, hope you can resubmit in time."
"Hey, ya, you won't give us what we're asking for, we know it's not required, we understand. Hey our friend there over at the SEC, he and his buddies need to bring in some forensic accountants and audit your books for the last 24 months."
No matter how much the writers of a bill try to lock things down to specifics (and really, how often do they ACTUALLY try?), there are over two hundred and fifty million adults in this country, easily tens of million of them are far more intelligent and creative than those lawmaking idiots (and probably several million children as well). They'll find plenty of ways to make the law say what they want it to say (just talk to the department of justice, they seem to be experts at it).
Add on top of that the governments consistently piss poor IT design, and that big ol' database they're putting together, ya, it's like an all you can eat buffet for data thieves (both inside and outside). I can't see how this wouldn't violate fourth amendment stuff to be perfectly frank. Just because it's online doesn't mean it exists outside of all logical thought regarding privacy.
How about escalation? Rarely does something like this ever stop here. It's always more and more and more (think TSA screening, when was the last time the TSA actually caught someone trying something nefarious? [listening to the crickets...]).
Congress needs to fuck off, period. They have no idea what the fuck they are doing. I am sick and tired of a bunch of out of date fucks who live off the government (and lobbyist) dole making laws about shit they haven't a goddamned clue about. I'd be surprised if any of them have even seen a database, let alone know how one is constructed. Seriously congress, FUCK OFF.
[ link to this | view in chronology ]
Re: Innovation kill-switch -> Privacy kill-switch
[ link to this | view in chronology ]
Funny how Darryl Issa was so lauded on these pages as the guy who "gets it" during the SOPA debate. Now, apparently he doesn't understand it at all. Interesting how someone's knowledge or expertise is wholly dependent on how closely it fits within the Techdirt narrative.
[ link to this | view in chronology ]
Re:
FTFY
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
The same student who is complimented by his teacher for getting an A in Calculus, could then right after be berated by his Physics teacher for failing. Just because you are lauded in one field of study, doesn't mean you should gain recognition in others.
[ link to this | view in chronology ]
...there have been a lot of them posting today as ACs.
Hi guys! :)
[ link to this | view in chronology ]
They are trying to wear us down
The price of freedom is eternal vigilance. WE must not let our guard down, or we're done for.
[ link to this | view in chronology ]
Re: They are trying to wear us down
Vigilance is OK but really won't solve the issue.
[ link to this | view in chronology ]
Re: Re: They are trying to wear us down
End the legal framework that gives rise to such things and you have little to deal after that.
[ link to this | view in chronology ]
Re: Re: They are trying to wear us down
[ link to this | view in chronology ]
Re: Re: Re: They are trying to wear us down
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
If you really take an honest look at all the anti-communist films that were put out during the 'commie' paranoia era, with all the 'this is what would happen under communist rule', are those scenarios more or less likely to happen in the U.S. today than they were in the 50's?
Instead of quoting from or paraphrasing articles written on the subject, you have the chance while Google is still running, to search for information regarding what life is like under communism and how that's different from life in America. I'm not going to say it's the same, and I'm not going to say it's different. Just because it's a democracy doesn't mean the government doesn't have an iron fist it will use in times of war or peace to do what it thinks must be done, regardless of what the people say.
Then again, if CISPA is passed, and it turns out as bad as all the predictions point it out to be, who's going to have the finger pointed in their direction? They'll be known affectionately as 'The Politicians Who Broke The Internet'. Not a pleasant moniker to have, but if you're the sort of person who likes villain nicknames, then there's something for that. All I know is that there's iron and clay in the feet, and iron and clay don't mix well.
There isn't a point for this issue in this post. It's just a sobering thought.
[ link to this | view in chronology ]
Agree to Disagree
1) Don't bitch unless you have a solution. As an IT security guy working directly in the Critical Infrastructure space, as well as a former military intel guy, I do have a clue. Most of you don't, even though you will spam me with insults for suggesting it. Regardless, I disagree with most of your opinions on this matter (in general).
2) Too many laws, restricting too many freedoms is certainly bad. Therefore I agree with condeming proposed laws that weaken those freedoms... UNNECESSARILY.
However, ask yourself this... Just suppose for a second that the bad things the Gov is saying are happening for REAL. If things really are as bad as the feds say, and getting worse, mostly from direct State or indirectly by State level actors, then it is going to take a great deal of effort to protect U.S. interests at home, and where appropriate abroad. Not an easy thing... you can't just station troops are all the possible entrance points on the ground anymore and call it secure. We're talking about the Internet. This is actually a fairly new game, one our Gov is trying to figure out how to secure. No matter what the Gov does someone will hate it and scream. Again, IF what they (the Gov) say is true, how are they going to protect us? It is one of their REAL core constitutional duties remember (having a military).
Go ahead and scream now. Not really listening to it anyway. Trying to protect my companies systems as best we can....
[ link to this | view in chronology ]
Re: Agree to Disagree
I appreciate the inside view on cybersecurity. I cannot personally say for certain whether new information sharing laws are necessary - some say they are, some don't. Some say cyber threats are exaggerated, some say they are real. But I'm absolutely willing to entertain the idea that they are.
However, if we are to create such laws, there are some sensible precautions that should exist to make sure they don't unnecessarily violate people's privacy and freedom. Requiring anonymization of data in most cases, for example. Placing clearer restrictions on what constitutes cyber threat information (not things like copyright infringement). Placing more detailed limitations on what the government can do with the data and how long they can retain it.
I think it's completely fair that people who have an inside view of the cybersecurity situation should play a major role in determining the need for, and drafting the details of, cybersecurity legislation. However, since we're dealing with a law that overrides all other laws and has broad implications for things way beyond cybersecurity, it seems only fair that citizens and the broader internet have a seat at the table too.
[ link to this | view in chronology ]
Re: Re: Agree to Disagree
On the private sector side look at all the breaches over the past two years alone, some of which have been found to have been ongoing for several years (APT). One company recently in the news was deemed to have lost close to a bi$$ion dollars’ worth of intellectual property due to their network being compromised for close to TEN years. Some argue that it’s the individual companies fault and if they fail as a result then so be it. This is so wrong in my thinking. These firms do not have the skill or knowledge to deal with this stuff any more effectively then Lockheed Martin, Boing, or RSA were, each of which have huge cyber security staffs and access to some of the most sensitive cyber security data AND WERE STILL BREACHED! The skill level on both sides is really quite imbalanced IMHO. It is almost like entering a gun fight…. they show up with armor piercing bullets and we show up with a rubber ducky water gun! I am generalizing here so nobody get their panties in a bind.
What I believe our Gov is trying to do, admittedly very sloppily, is use regulation where human skills and technology continues to fail. There are significantly more attacks against private sector entities then Gov entities. Unfortunately, due to current privacy laws private sector entities cannot (WILL not) release that information due to the legal consequences they might face from both individuals and the defense attorney mafia prevalent in the U.S. The threat data that the private sector holds from these many attempted breaches would be incredibly valuable to the feds when it is aggregated with data they get from their systems. Together that data helps tremendously in painting a more complete picture desperately needed to not only catch the bad guys, but to fully analyze exactly WHAT and HOW they are doing it. Defenses can then be designed to reduce the success rates. This is part of that skill gap I mentioned earlier. Yes, the U.S. and our private sector are still on the defensive and will be for the long term.
There was an interesting article related to this topic that came out on April 10, 2012 (Networked World: http://tinyurl.com/76k3pl8) that described how the U.S. Army cannot find people with the necessary cyber security certifications to fill vacancies. Current regulations specify these certification requirements. The Army’s response to the lack of certifications is… reducing the certification thresholds required to fill the openings. “To cope with the shortage of certified personnel, the Army is altering its guidelines so that not as many individuals working in areas it calls "an enclave boundary" -- defined as a specific set of routers and firewalls -- will have to meet the previous requirements…” Seriously? I used to work in that environment not too long ago and I am telling you now, you do NOT want to do this. Also, let's not get into the debate on certifications and how they give a false sense of skill/capability.
So in conclusion, until the U.S. and the private sector takes the necessary steps to produce more advanced skills in its up and coming cyber security people, we will continue to play the defensive role. Coupled with lack of sufficient cyber data from all sources containing sufficient information (not sanitized to the point of worthlessness) to be useful, the U.S. overall is kinda screwed at the moment. It is my opinion that this current legislation is an attempt to get access to that private sector data by protecting private entities from legal repercussions, so they can do as I described above. As a country, we will continue to play defense until we take the necessary steps to significantly change the rules of the game with the adversaries.
Note: I am a private citizen with no current, direct or indirect connections or affiliations with the U.S. Government or any related public/private firm. My opinion is my own and does not reflect that of any company, business, or entity I have had dealings with, either past or present. Dam Mafia!
[ link to this | view in chronology ]
Re: Re: Re: Agree to Disagree
I don't know only the basics of online security, so I'm not the best person to ask on whether or not a cyber-security bill is really needed. But, if something must be done, I would rather run the risk of some sort of cyber threat, then rush a bill that may or may not prove useful, or may in fact be used for entirely different purposes that I do not support. I have seen too many bills where the backers insist the bill will "only" be used a certain way, in order to leave out measures to protect against misuse, and then have the bill used in the exact way the backers insisted it wouldn't. Some fine examples include the Pro-IP act, Canada's failed "Protecting children from Internet Predators Act" that was really an online surveillance bill whose only mention of Child Porn was in its name, and who could forget the Patriot Act.
If there is to be a Cyber-Security bill passed that may affect me, I want that bill to be as specific as possible, thoroughly researched, and to give only as much power as necessary to the government to reduce the collateral from misuses that will inevitably happen.
My problem with this particular bill, CISPA, is its broad undefined wording, how it overrides any state legislation on the matter, the exemption from FOIA, and the thought of worrying my private data being shared without my knowing not only by hackers but by the government as well.
[ link to this | view in chronology ]
Re: Re: Re: Re: Agree to Disagree
I've gotta ask, was there ever such a bill (ANY bill, not just cyber-security) that was thoroughly researched and gave the government only necessary power that couldn't be abused?
Hmmm, I like you Psyphurr, unlike most people who come into the comments section with a differing point of view, you presented your opinion in a clear and concise manner without resorting to ad hominems or declaring our arguments wrong without any support.
And I've gotta agree, it's refreshing to hear an opinion that actually backs up what they have to say without resorting to "Marcus/Mike," "freetards," "piracy," "Google," or gay jokes.
Based on his comment, it's obvious he knows what he's talking about instead of acting all uppity and thumbing his nose at the rest of us.
Hope Psyphurr sticks around and shows what REAL counter-points are supposed to look like.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Agree to Disagree
another "sad but true" button moment... unfortunately it happens all too often. Fortunately, as proven by SOPA, the public can actually have an effect on lawmaking. And, hopefully, in the future we will be able to stand up and be heard over the giant lobbying organizations that buy out politicians.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Agree to Disagree
[ link to this | view in chronology ]
Re: Re: Re: Re: Agree to Disagree
I'm not trying to hijack the thread, but the root of this problem really is piracy. The powerful companies that sponsor and promote legislation like this and buy off our representatives aren't doing it because they want to destroy privacy any more than the SOPA sponsors wanted to destroy free speech. They just want to protect their profits.
They're trying to get more power over consumers that can steal their stuff basically at every turn. These companies are fearful and feel powerless to stop the masses from pirating any content they come out with, so they draft up legislation like this with their purchased Washington representative. The users feel powerless against these companies who take advantage of them at every turn trying to get them to pay more for less, so they turn to piracy in greater and greater numbers. It's a self perpetuating cycle of powerlessness and power grabs.
If we REALLY want to stop legislation like this, both groups need to start empowering each other. Companies need to make it easier to purchase, and adjust the prices of their media content to take into account the deflation that's occurred because of the internet; my 10,000 song iPod should not cost me $10,000 to fill.
Conversely, consumers need to start seeing piracy as the crime that it is and change the culture around it. It may not be stealing per se, but as long as people think they're losing profits from the content they create, they'll take aggressive measures like this to protect themselves.
CISPA, SOPA, PIPA, they all stem from fear. It's like a momma bear attacking you because she thinks your a threat to her cubs. All you see is a bear claw coming at you, but in her mind, YOU are the intruder.
[ link to this | view in chronology ]
Revolution is Imminent
[ link to this | view in chronology ]
Re: Revolution is Imminent
[ link to this | view in chronology ]
Re: Re: Revolution is Imminent
[ link to this | view in chronology ]
..problem solved
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
--
This post under full military copyright to Anonymous. Do not use, do not cite, do not steal! All rights super-government reserved to and by Anonymous ©®™ by Anonymous. Do not share under penalty of death.
[ link to this | view in chronology ]
Re:
LOL! I stole (copied) it! :D
[ link to this | view in chronology ]
Don't BREAK the internet!
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Yes, it's clear there are issues that need to be addressed in order to properly deal and coordinate on "cyber" threats, but providing our gov't carte blanche cannot be an option, they have proven themselves unworthy of the trust endowed upon them.
[ link to this | view in chronology ]
can't we all just... get a fong?
i guess that's privatization coming back to bite you in the ass...
nonetheless removing culpability for false/mistaken accusations?... that's crap. if you're gonna accuse me of something and you're wrong, i want to know i can be at least compensated and that the threat of retribution will keep you from using your powers carte blanche.
Finally, this seems like a two way street, as in not only will the private companies pony up info to the government but will have government backing for their own ulterior motives.... and frankly, no way. I voted in the government.... well the government was voted in. Private companies were not, and i'll not have private companies dictating law without repercussion. hell, even having a law protect them whilst they do it. yes i know they dictate laws now to an extent, but laws are in place to limit that and public humiliation of being caught gets them in hot water too, but once laws protect them, where would it stop?.. buy our product or be a terrorist?.. elections won and lost by financial margins
okay i'm being dramatic and fatalistic. But still, this law is heading us down a dark path and anyone not set to gain (financially or power wise) from it can see that.
[ link to this | view in chronology ]
"Efforts" to degrade
[ link to this | view in chronology ]
CISPA Is Fascism—Disguised In Cyber Security Legislation
The U.S. Justice Department can use CISPA spying to circumvent the Fourth Amendment, (no warrant searches) of Web Server Records; a Citizen’s Internet Activity, personal transmitted emails; fax and phone calls to issue subpoenas in hopes of finding evidence or to prosecute Citizens for any alleged crime or violation. If CISPA is passed it is problematic federal, state and local law enforcement agencies and private government contractors will want access to prior Bush II NSA and other government illegally obtained electronic records not limited to Americans’ Internet activity; private emails, fax and phone calls to secure evidence to arrest Americans, to civilly forfeit their homes, businesses and other assets under Title 18USC and other laws. Of obvious concern, what happens to fair justice in America if police become dependent on “Asset Forfeiture” to help pay their salaries and budget operating costs?
The passed “Civil Asset Forfeiture Reform Act of 2000” (effectively eliminated) the “five year statue of limitations” for Government Civil Asset Forfeiture: the statute now runs five years (from the date) police allege they “learned” an asset became subject to forfeiture. If CISPA is passed allowing (no warrant) electronic government surveillance of Americans, it should be expected CISPA will be used by government not just to thwart cyber threats but to prosecute Americans for any alleged crime; expect government/police will relentlessly sift through Citizen and businesses’ (government retained Internet data), emails and phone communications to discover possible crimes or civil violations. A corrupt despot U.S. Government Administration may too easily use no-warrant-seized emails, Internet data and phone call information) to blackmail political opposition, U.S. Citizens, corporations and others in the same manner Hitler used Nazi passed no-warrant police state search and seizure laws to selectively target Citizens for arrest, to extort support for the Nazi fascist government, including strong-arming parliament to pass Hitler’s 1933 Discriminatory Decrees that suspended the Constitutional Freedoms of German Citizens.
A Nazi Government threat of “Property Seizure” Asset Forfeiture of an individual or corporation’s assets generally was sufficient to ensure Nazi support. History shows how that turned out…
[ link to this | view in chronology ]
Anonymity
[ link to this | view in chronology ]
Re: Anonymity
[ link to this | view in chronology ]