Can CISPA Be Fixed?

from the perhaps-not dept

Thu, Apr 26th 2012 10:49am — Mike Masnick

We've been arguing for quite some time now that we'd like to see the actual evidence for why a "cybersecurity" bill is actually needed. We've heard fearmongering and warnings of planes falling from the skies, but no evidence that there's a real problem here -- or, if there is a problem, that it needs a legislative solution. And yet, still, CISPA moves forward. Of course, while we still believe that some amendments could fix some of the more egregious problems with CISPA, there is still the big question of whether or not it's needed at all. Larry Downes has taken on the question of whether or not CISPA can be fixed and has decided that it cannot be, and that it represents a real threat to some key elements of the internet ecosystem. He lists out some key rules for policy makers (and goes into great detail on each, so click through):

Don’t legislate technology using definitions that are either too specific or too general
Don’t legislate technology until you can articulate concrete and calculable harms
Don’t encourage or require information sharing with the government unless it’s unavoidable

All of this seems quite reasonable... which is why it's an uphill battle to get people to follow through on it.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cispa, cybersecurity

41 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Skeptical Cynic (profile), 26 Apr 2012 @ 10:00am

CISPA is broken because of one fact...
It is not designed to actually protect people. People are the most prolific users of the internet, not the collectives like Government or Business. CISPA should fail because only protection that service the needs of the people first should ever be implemented.
[ link to this | view in chronology ]
- gorehound (profile), 26 Apr 2012 @ 11:05am
  
  Re: CISPA is broken because of one fact...
  +1
  We do not want nor need CISPA and we do not want this Government trying to Censor the Net nor do we want to be spied upon.
  [ link to this | view in chronology ]
  - Jose_X, 26 Apr 2012 @ 12:12pm
    
    Re: Re: CISPA is broken because of one fact...
    Comment http://www.techdirt.com/articles/20120426/00203318660/can-cispa-be-fixed.shtml#c349 below, including, "this is not to argue for any specific proposal in this or any bill, but the comments sometimes suggest people aren't recognizing what can reasonably be an elevated state of fear in the collective mind of DC."
    [ link to this | view in chronology ]
:Lobo Santo (profile), 26 Apr 2012 @ 10:54am

...can't ...keep ...it ...in
"Can CISPA Be Fixed?"
"No!"

Sorry, articles titles which are easily answered in a single word do that to me...
[ link to this | view in chronology ]
Anonymous Coward, 26 Apr 2012 @ 11:01am

DMCA
What are the chances of Techdirt getting a DMCA on one or more of its CISPA articles? It happened with PIPA/SOPA, it could happen here.
[ link to this | view in chronology ]
Anonymous Coward, 26 Apr 2012 @ 11:06am

complete waste of time considering no one is interested in even amending CISPA, let alone abandoning it.

the biggest change needed is one that prevents anyone from introducing a Bill until they have a reasonable amount of knowledge on the subject concerned in that Bill, and not just able to recite info parrot fashion!
[ link to this | view in chronology ]
This comment has been flagged by the community. Click here to show it

Anonymous Coward, 26 Apr 2012 @ 11:08am

"fixed"

By fixed you mean changed to support your world view?
[ link to this | view in chronology ]
- This comment has been flagged by the community. Click here to show it
  
  Anonymous Coward, 26 Apr 2012 @ 11:13am
  
  Re:
  Yep. If it doesn't comport with Mike's incredibly-narrowed view, it's broken.
  [ link to this | view in chronology ]
- Anonymous Coward, 26 Apr 2012 @ 11:23am
  
  Re:
  No.
  
  Fixed, as in:
  
  Gunner: "The orbital cannon has a Fix on the target. What are your orders Captain?"
  
  Captain: "Fire the orbital cannon! Full power!"
  [ link to this | view in chronology ]
  - Glen, 26 Apr 2012 @ 11:37am
    
    Re: Re:
    I'd use the same solution for the two trolls ahead of you.
    [ link to this | view in chronology ]
    - Anonymous Coward, 26 Apr 2012 @ 11:46am
      
      Re: Re: Re:
      Take note that the second comment was made "exactly" 5 minutes after the first. Note also that the theme of the comments is the same (I hate Mike for no good reason!), and that they have no substance whatsoever.
      
      I'm guessing this would be one of those situations where you really could hit two birds with one stone.
      [ link to this | view in chronology ]
      - rubberpants, 26 Apr 2012 @ 11:53am
        
        Re: Re: Re: Re:
        Yes, unfortunately techdirt is home to some of the most unskilled sock puppets on the Internet.
        [ link to this | view in chronology ]
        
        Anonymous Coward, 26 Apr 2012 @ 3:03pm
        
        Re: Re: Re: Re: Re:
        So says Charlie McCarthy....
        [ link to this | view in chronology ]
- heyidiot (profile), 26 Apr 2012 @ 12:55pm
  
  With a very sharp knife
  "Fixed" in the same way one would "fix" a male dog.
  [ link to this | view in chronology ]
PlagueSD (profile), 26 Apr 2012 @ 11:11am

"You can't fix stupid." - Ron White
[ link to this | view in chronology ]
shawnhcorey (profile), 26 Apr 2012 @ 11:13am

Fixed as in neutered or splayed? Sounds good to me. :D
[ link to this | view in chronology ]
- Anonymous Coward, 26 Apr 2012 @ 12:57pm
  
  Re:
  'speyed', I think, not' splayed'
  [ link to this | view in chronology ]
- Anonymous Coward, 26 Apr 2012 @ 1:03pm
  
  Re:
  'speyed', I think, not' splayed'
  [ link to this | view in chronology ]
Berenerd (profile), 26 Apr 2012 @ 11:19am

is anyone else watching twitter?
I am noticing more and more "Sky is falling" senerios from reps who are supporting the bill or are voting for the bill...like OMG FOX BUSINESS WEBSITE MIGHT GET HAXORED!" from Mrs bachman...just...wow...really?
[ link to this | view in chronology ]
- Anonymous Coward, 26 Apr 2012 @ 2:34pm
  
  Re: is anyone else watching twitter?
  can i get a link to this?
  [ link to this | view in chronology ]
weneedhelp (profile), 26 Apr 2012 @ 11:21am

Broke needs fixed.
Its not CISPA that is broke, it's Congress. The question should be; How do we fix congress?
[ link to this | view in chronology ]
- :Lobo Santo (profile), 26 Apr 2012 @ 11:23am
  
  Re: Broke needs fixed.
  If Congress were a car or a computer, I'd advise throwing it out and getting a new one.
  [ link to this | view in chronology ]
  - weneedhelp (profile), 26 Apr 2012 @ 11:32am
    
    Re: Re: Broke needs fixed.
    Agreed.
    [ link to this | view in chronology ]
  - Chosen Reject (profile), 26 Apr 2012 @ 11:51am
    
    Re: Re: Broke needs fixed.
    What a senseless waste to just throw them out like that. Utah and Idaho have Kidneys Kars, I don't see why the US couldn't do a Kidney Kongress thing. I'm sure at least half of our congress critters have harvestable organs.
    [ link to this | view in chronology ]
  - E. Zachary Knight (profile), 26 Apr 2012 @ 12:24pm
    
    Re: Re: Broke needs fixed.
    Just follow the advice of Sega and "Try a Hard Reset".
    [ link to this | view in chronology ]
- Anonymous Coward, 26 Apr 2012 @ 3:06pm
  
  Re: Broke needs fixed.
  MASNICK FOR CONGRESS 2012!!!!!! I even have his campaign slogan already picked out:
  
  Seldom Right.....Never In Doubt
  [ link to this | view in chronology ]
Rekrul, 26 Apr 2012 @ 11:39am

You're working on the assumption that CISPA is a legitimate bill meant to address a legitimate concern and that it will be abused for things the creators of the bill never intended.

The truth is that CISPA was intended right from the start to be a general purpose spying bill that the creators wanted to be vague so that it could be used for virtually anything.
[ link to this | view in chronology ]
- Jose_X, 26 Apr 2012 @ 12:09pm
  
  Re:
  I'm not arguing for more spying, but are people really looking at this from the point of view of a group of people (federal government leadership of the US) who feel personally vulnerable to death plots on a daily basis and who since 911 no longer feel this threat is theoretical?
  
  Besides that, isn't it likely our military leaders who protect them and also see their own lives vulnerable are also pressing on legislators (and we know it's not easy for them to say not to these guys)?
  
  To a lesser extent, a lot of major business leaders and wealthy individuals likely are pressing as well since they probably see major financial losses at risk (if not their own necks).
  
  This personal threat aside, how can anyone argue point blank that preserving the state of order at the federal level is not in the best interests of individual Internet users? Do people really think the Internet will keep humming along without fights and blackouts if the federal government takes a brutal hit?
  
  Again, this is not to argue for any specific proposal in this or any bill, but the comments sometimes suggest people aren't recognizing what can reasonably be an elevated state of fear in the collective mind of DC. Not only are some of their concerns legitimate, but if you don't understand where they are coming from, you will have a harder time being heard clearly. [I'm fairly sure these major groups opposing the bill have thought about this, and that should be one reason why they might be willing to accept an imperfect bill.]
  [ link to this | view in chronology ]
  - John Fenderson (profile), 26 Apr 2012 @ 12:19pm
    
    Re: Re:
    Again, this is not to argue for any specific proposal in this or any bill, but the comments sometimes suggest people aren't recognizing what can reasonably be an elevated state of fear in the collective mind of DC. Not only are some of their concerns legitimate, but if you don't understand where they are coming from, you will have a harder time being heard clearly.
    
    I think most people understand all that pretty well. But that they have an irrationally elevated level of fear doesn't mean that we need to tolerate their irrational legislative responses.
    [ link to this | view in chronology ]
  - Rich Kulawiec, 26 Apr 2012 @ 12:55pm
    
    Re: Re:
    [...] but are people really looking at this from the point of view of a group of people (federal government leadership of the US) who feel personally vulnerable to death plots on a daily basis and who since 911 no longer feel this threat is theoretical?
    
    Anyone who feels that way is (a) an idiot and (b) a coward. They should be removed from public service immediately and permanently: they're simply not good enough to serve the citizens of the United States.
    [ link to this | view in chronology ]
  - Anonymous Coward, 26 Apr 2012 @ 1:06pm
    
    Re: Re:
    If we're at so much risk why isn't the first step to improve our defenses? CISPA does absolutely nothing to incentivize basic IT security like patching vulnerabilities as quickly as possible and instead encourages pro-active monitoring of private communications by both third-parties service providers and the government. Does the bill do anything to encourage vulnerabilities are reported to vendors and patched as quickly as possible? No, in fact the nature of the bill is such that these kinds of things will go unreported so that 'they' won't know that the government knows that they exist. Which seems great for the government and their industry partners (but is actually just going to shoot them in the foot in the long run) and at the user level will actually make individuals less safe.
    
    The bill doesn't preserve the state of order at the federal level. It creates an illusion of order at the federal level that will be disastrous for individual users and will ultimately leave the federal level more vulnerable longer term. That's without even getting into the major issue that broad immunity from liability presents in any bill.
    [ link to this | view in chronology ]
  - Anonymous Coward, 26 Apr 2012 @ 1:08pm
    
    Re: Re:
    Oh, and since when does fucking 911 have a single solitary thing to do with cybersecurity? Were the plains hacked and remote piloted into the towers or something? Why is an actual, ultimate of low-tech, physical attack indicative at all that a cyber threat is 'no longer theoretical?'
    [ link to this | view in chronology ]
  - Rekrul, 26 Apr 2012 @ 7:18pm
    
    Re: Re:
    This personal threat aside, how can anyone argue point blank that preserving the state of order at the federal level is not in the best interests of individual Internet users? Do people really think the Internet will keep humming along without fights and blackouts if the federal government takes a brutal hit?
    
    What's wrong with writing a narrowly defined bill that can be used for real threats, not used for anything under the sun and which has real penalties for its abuse?
    
    Is a denial of service attack on a web site really a serious enough threat that we need a new law and extra harsh new punishments to deal with it? Especially considering that it's the online equivalent of the Occupy Wallstreet movement. And should private companies really have blanket immunity for sharing customer's private data regardless of whether there was a valid reason to do so or not?
    
    If this bill was written so that it only applied to cyber threats that actually endangered lives of threatened the stability of the net, and which included penalties for the abuse of said law, nobody would have a problem with it.
    [ link to this | view in chronology ]
Anonymous Coward, 26 Apr 2012 @ 11:54am

Nothing is going to be fixed. The only reason why we were successful in taking down SOPA is because the internet corporations did not like it. They like this bill.
[ link to this | view in chronology ]
squirrel (profile), 26 Apr 2012 @ 11:57am

I'm watching them debate CISPA on C-SPAN right now. I wish I could reach through my screen and launch water balloons at them with a trebuchet. It would make me feel better.
[ link to this | view in chronology ]
Anonymous Coward, 26 Apr 2012 @ 12:06pm

Can CISPA Be Fixed?

NO! only vetoed.
[ link to this | view in chronology ]
Overcast (profile), 26 Apr 2012 @ 12:10pm

I suspect the law is just as they want it - ambiguous to make some cash for trial lawyers, and overbearing to keep big political contributors in media happy.

**
"In politics, nothing happens by accident. If it happens, you can bet it was planned that way." - Franklin D. Roosevelt
[ link to this | view in chronology ]
Anonymous Coward, 26 Apr 2012 @ 12:36pm

The real question is...
Do we even need CISPA?
[ link to this | view in chronology ]
Anonymous Coward, 26 Apr 2012 @ 2:42pm

We've heard fearmongering and warnings of breaking the internet, but no evidence......

Adapted the above to characterize the SOPA debate.
[ link to this | view in chronology ]
Anonymous Coward, 26 Apr 2012 @ 2:58pm

Don�t legislate technology using definitions that are either too specific or too general

This is incredibly helpful. wtf?
[ link to this | view in chronology ]
Shrey Patel, 27 Sep 2013 @ 2:38am

Birthday Ballons
Hi,

Nice Birthday Blog.
Amazing Information you shared with us.
Thank You.
[ link to this | view in chronology ]