Now Is The Time To Improve CISPA Before Friday's Vote By Pushing These Critical Amendments
from the last-minute-push dept
Update: The White House has now officially threatened to veto CISPA.
In Congress, this week is CISPA week. With the bill going up for debate tomorrow, and the final vote scheduled for Friday, it's clear that the voice of the internet community has had an impact. The reps have been proposing their final amendments, and all are clear attempts to address some of the biggest criticisms from civil liberties groups and the public. CISPA has strong bi-partisan support and a very good chance of passing—and unfortunately, it's still a highly problematic bill. But, while the proposed amendments cannot perfect it, some of them could certainly reduce its potential for abuse in significant ways. If you're looking for a practical way to fight back against the serious privacy violation that CISPA represents in these final days before its potential passage, encouraging your representative to support these amendments is a good place to start.
There are two in particular that, though simple, would make drastic improvements on CISPA by refocusing it on network security and minimizing the chance of shared data being used to go after individuals. An amendment from Rep. Barton (pdf and embedded below) would insert the sensible requirement that shared data will only include personal information (further defined to include the content of any communications and even IP addresses) if it is necessary to combat a specific cyber attack. Another, even better amendment from Rep. Akin (pdf and embedded below) goes a step further and would bring CISPA back in line with the fourth amendment by barring the sharing of any personally identifiable information without a warrant. Of course, it's annoying that such an amendment is necessary—but the whole point of CISPA is to route around well-established requirements like going to a judge before violating someone's privacy. Though the bill still creates all sorts of potential privacy problems, the Akin amendment fixes a big one.
Rep. Thompson has also proposed an amendment (embedded below) that is supposed to address privacy concerns, and TPM reports that it is being backed by Ron Paul, who got attention earlier this week with a strong condemnation of CISPA. However, the Thompson amendment seems to lack teeth: it has a lot of talk about "minimizing" the impact on privacy and making "reasonable efforts" to remove personal information, and graciously offers to consult with "civil liberties stakeholders" (wouldn't that be everybody?), but it sets down no firm requirements or limitations. Despite being a fraction of the length, both the Akin and Barton amendments would do far more to fix CISPA, because they clearly prohibit certain activities.
Thompson's other proposed amendment (embedded below), however, is very good: it would limit the government recipients of the data from the overly broad "Federal Government" in the current bill to just Homeland Security and other civilian agencies. This addresses the significant fear that the NSA could use CISPA to expand their already-aggressive data collection programs. While civilian agencies and the DHS especially are hardly perfect, this would still be a lot better than handing data collected under CISPA over to the intelligence community.
There are other amendments on the table too, but these are some of the ones that get directly to the core privacy issues that make CISPA so dangerous. The CDT has a post taking a look at others. Ultimately the best solution would be to toss the bill out and start again, drafting sensible cybersecurity legislation that is evidence-based (starting with an evaluation of whether or not its even needed), and since Friday's vote is still not guaranteed there's no reason to stop speaking out against CISPA as a whole. But it's also a good idea to ensure that the bill is as good as it can possibly be when it goes up for vote, by pressuring Congress to adopt these critical amendments.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cispa, congress, dhs, fourth amendment, nsa
Reader Comments
Subscribe: RSS
View by: Time | Thread
I'm looking at Bartons and...
I can see forwarding transaction history, or working with a financial provider to freeze an account - but I can't see where it would be appropriate for law enforcement to access an account directly.
[ link to this | view in chronology ]
Re: I'm looking at Bartons and...
Any other similar personal content that the Director of National Intelligence determines is appropriate to be considered personal information.
[ link to this | view in chronology ]
Re: Re: I'm looking at Bartons and...
[ link to this | view in chronology ]
Re: Re: Re: I'm looking at Bartons and...
Law enforcement is expensive, as is the court system. They are just recouping their costs ahead of time. Its cheaper than arresting them, holding them and their accounts hostages, then having both disappear into the system never to be heard from again. Just wait until they codify capital punishment for companies and people they don't like and things will get much easier for them.
[ link to this | view in chronology ]
CISPA isn't fixable
And the philosophy is wrong because the authors didn't bother to talk to any of us who've actually been doing this stuff for a long time. They didn't bother to learn. They didn't both to hear about things that work and things that we're pretty sure are never going to work. They didn't talk to Ranum and Bellovin and Spafford and Cheswick and Schneier and Felten and Halderman and Weinstein and Neumann and Edelman and Crocker and Lewis and Forno and and and...
If they had, and if they'd listened, then maybe they'd realize that the entire approach they've taken is not only ill-advised and fraught with extremely serious privacy issues, but its most likely outcome is to make things much worse.
But as it stands, they're meddling in things that they don't understand, at the behest of the OMG!OMG!CYBERWAR cheerleaders and with the backing of all the ersatz security companies ready to sell horribly overpriced snake-oil. This won't end well.
[ link to this | view in chronology ]
Re: CISPA isn't fixable
In other words these people do not really care and they are putting on a little show to gain some public favor.
I will Vote against anyone who supports this Bill and says YES to it.
CISPA & their other pitiful attempts wit the Internet which are coming after this one are all written by those who have very little Technical Knowledge at all.
But they will give out jobs to those who Lobbied them with the Big Bucks and the 99.9999999999999% of the rest of us will not be one bit happy at all at the Results.Things will be worse not better.
DUH !
[ link to this | view in chronology ]
Re: CISPA isn't fixable FTFY
[ link to this | view in chronology ]
Thompson's
[ link to this | view in chronology ]
[ link to this | view in chronology ]
"Fixing"
[ link to this | view in chronology ]
And this my friends is the worst way to write legislation. remember the PATRIOT act, rushed through to defend us from evil terrorists who caused 9/11 by a 99 to 1 vote in the senate? Yeah, turned out to not be such a good idea to lots of people once they learned about it's violations of American's privacy.
And then there was the Wall Street bailout, passed a few months before the 2008 election, with strong bipartisan support, including both presidential candidates. Because we HAD to do something, and giving hundreds of billions of dollars to the very people who caused the big economic mess seemed like the best idea that both parties could agree to. Yet studies showed spending that kind of money on ANYTHING would have had mostly the same effect at helping the economy.
[ link to this | view in chronology ]
Re: Anonymous Coward, Apr 25th, 2012 @ 11:25am
We'll never know if he's a fan if it, but considering he updated NDRP and H.R. 347 all on his own, I think he's a fan of anything of the statist agenda.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
and why should this bill even pass?
[ link to this | view in chronology ]
Re:
Ultimately the best solution would be to toss the bill out and start again, drafting sensible cybersecurity legislation that is evidence-based (starting with an evaluation of whether or not its even needed), and since Friday's vote is still not guaranteed there's no reason to stop speaking out against CISPA as a whole. But it's also a good idea to ensure that the bill is as good as it can possibly be when it goes up for vote, by pressuring Congress to adopt these critical amendments.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
No.
[ link to this | view in chronology ]