The CISPA Circus Goes To Baltimore With Another Misleading 'Local Pride' Editorial

from the maryland-versus-china dept

Mon, May 14th 2012 12:26pm — Leigh Beadon

Recently, I responded to an editorial by CISPA author Mike Rogers in the Detroit News, wherein he took some blatant China fearmongering and targeted it at Michigan's specific industry concerns to rouse the local rabble in CISPA's favor. Now Rep. Ruppersberger—the other driving force behind the bill—is applying the same tactic in Maryland, with an editorial in the Baltimore Sun that focuses on the supposed cyber-threat to the life sciences industry:

Here in Maryland, for example, our growing life sciences sector has generated one-third of all job gains over the last 10 years. It's now supporting more than $9.6 billion in salaries for Maryland families and contributes nearly $500 million to incomes and sales tax revenues each year.

The 500 bioscience companies in Maryland are developing ground-breaking therapies for diseases like muscular dystrophy, inventing state-of-the-art medical devices and testing cutting-edge vaccines. These innovations are valuable and worth protecting. Indeed, just like designer handbags or secret family recipes, many want to imitate — and even duplicate — such successes.

For decades, countries like China have been using every means possible to steal the ideas of American corporations. Today, thousands of highly trained Chinese, Russian and Iranian hackers are pilfering our trade secrets by breaking into the computer networks of U.S. corporations. And we're leaving the door unlocked for them.

Something seems off about comparing the desire to copy new disease therapies with the desire to make knockoff handbags, but I guess that was just meant to clarify things for anyone who didn't understand why ground-breaking medical research is valuable. Of more concern is his statement that the door is left "unlocked"—a blatant exaggeration that makes it sound like CISPA's data-sharing provisions are the difference between airtight security and no security at all, even though security experts question whether CISPA would have any real impact. He then goes on to do exactly what I criticized Rogers for doing, by focusing in on the one (supposedly) useful and genuine cybersecurity aspect of the bill while ignoring the rest:

Currently, the U.S government can identify malicious computer code that could be an incoming cyber attack on a government or corporate network. But the law won't allow us to share this information with private companies so that they can protect themselves.

That's why House Intelligence Committee Chairman Mike Rogers, a Michigan Republican, and I have crafted the Cyber Intelligence and Sharing Protection Act (H.R. 3523), which the House overwhelmingly passed this month in a bipartisan vote. This common-sense bill will simply allow the federal government and American companies to share suspicious computer code. Despite recent media reports, the bill does not authorize the government to monitor your computer use or read your email, Tweets or Facebook posts. Nor does it authorize the government to shut down websites or require companies to turn over personal information.

This is just a bunch of half-truths, semantics and disingenuous statements. Firstly, while there may be some data sharing the government wants to do that is currently blocked by the law, there are also existing mechanisms that allow some sharing to happen. Rather than carve out specific exceptions to the specific laws that are getting in the way, CISPA creates broad immunity provisions that wipe out all existing privacy concerns.

Secondly, the bill does not "simply" allow what Ruppersberger says it allows. CISPA's definition of the information that can be shared allows for much more than just "suspicious computer code," instead potentially including all sorts of tangential data related to a network attack—which, yes, could include lots of personal information. CISPA also does not limit the government to using this information for merely technical purposes related to cybersecurity—it permits them to dig through whatever data they collect for evidence of certain types of crime. You'll notice that investigating violent crime and child exploitation (both specifically listed in the text of CISPA) are not mentioned anywhere in this editorial.

Thirdly, while both of Ruppersberger's assertions about what the bill "does not authorize" the government to do are technically accurate, only the latter is giving the full story. It's true that CISPA does not permit the government to shut down websites or require information from companies—but as for monitoring people and reading their communications, as I just described, it's a bit more complicated. No, CISPA does not allow the government to go out and monitor whoever they wish, but it does allow them to thoroughly mine whatever data is given to them—data that will undoubtedly include private information.

For good measure, Ruppersberger throws in some more fearmongering about terrorist hackers taking down power grids (even though CISPA doesn't include anything that would let the government put a common sense regulation in place, like, say, don't connect power grids to the internet) before circling back to the talking-point of Maryland's valuable medical research. Like Rogers, he plays up the imminence of the threat, claiming "it wouldn't take years from China to steal it all from us" and in fact "it could happen in mere keystrokes"—as if at any moment someone could just select "U.S. Economy" and press delete.

I have a feeling this won't be the last of these locally-focused editorials from the pro-CISPA camp. I'm rooting for a Las Vegas feature on the need to protect casino secrets, because while it would surely still be inaccurate and misleading, it might at least be interesting.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: baltimore, cispa, dutch ruppersberger, maryland, medical research, mike rogers

18 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Tux (profile), 14 May 2012 @ 12:37pm

And how we need this delete button because it really sends it to a trash bin you need to empty. That's called "common sense".
[ link to this | view in chronology ]
Anonymous Coward, 14 May 2012 @ 12:39pm

There is no such thing as an American corporation.
[ link to this | view in chronology ]
Anonymous Coward, 14 May 2012 @ 12:53pm

i find it strange that there is no mention of how the USA intelligence and law enforcement communities are doing their damnedest to infiltrate (hack) as many companies in as many countries as possible to learn as many of the secrets they have and to then use the discoveries to US advantage. i wonder why they haven't made any mention of that? or what the US says as soon as one of these other companies in one of these other countries finds out what the US is up to
[ link to this | view in chronology ]
techinabox (profile), 14 May 2012 @ 12:56pm

English isn't Encryption
Is Ruppersberger unaware that medical journals and patent applications can be translated into Chinese? Or that Chinese people may also know English?
[ link to this | view in chronology ]
GMacGuffin (profile), 14 May 2012 @ 12:58pm

I'm rooting for a Las Vegas feature on the need to protect casino secrets, because while it would surely still be inaccurate and misleading, it might at least be interesting.

... except if it were published in the LV Review-Journal, then quoted in this blog, you might get sued by Righthaven ... wait, what's the date?

(Full disclosure: I worked at the Las Vegas Review-Journal for 4 days in 1988.)
[ link to this | view in chronology ]
Capitalist Lion Tamer (profile), 14 May 2012 @ 1:30pm

Life-saving medications and handbags
Because there are two things Grandma can't live without: her Oxycontin and her knockoff Louis Vuitton handbag.
[ link to this | view in chronology ]
Capitalist Lion Tamer (profile), 14 May 2012 @ 1:34pm

And it's no surprise a representative from Maryland is mouthing off about "cybersecurity." The state's been trying to nail down lucrative government contracts and build a "National Center for Excellence for Cyber Security."

http://articles.baltimoresun.com/2010-01-12/business/bal-bz.cybersecurity12jan12_1_cyb er-security-homeland-security-work-force
[ link to this | view in chronology ]
Vidiot (profile), 14 May 2012 @ 2:18pm

Dealing in caricatures
Rep. Ruppersberger drags the Chinese bootlegger archetype out of the closet for good effect... picture the DVD bootlegger on a city street, selling from his trenchcoat, only it's diagnostic analyzers, not DVD's. But that notion is as old a stereotype as the laundryman or rickshaw driver. One of my biggest corporate clients has a huge presence in the Baltimore-region life sciences community; but rather than fearing the evil Chinese, partnerships and Asian expansion have made it a region of runaway (legitimate!) growth for that company... at a time when the US and Europe are virtually flat. You'll need a better excuse to force that legislation, Mister R.
[ link to this | view in chronology ]
Anonymous Coward, 14 May 2012 @ 2:30pm

" The 500 bioscience companies in Maryland are developing ground-breaking therapies for diseases like muscular dystrophy, inventing state-of-the-art medical devices and testing cutting-edge vaccines"

Protect them from whom, those who cannot afford it?

Ma'am, you have a very serious disease, and I'm afraid you only have 6 months to live.
The good news is, if you lived in America, and could afford it, you'd had a much better chance
I'm sorry for your loss
[ link to this | view in chronology ]
Anonymous Coward, 14 May 2012 @ 2:30pm

" The 500 bioscience companies in Maryland are developing ground-breaking therapies for diseases like muscular dystrophy, inventing state-of-the-art medical devices and testing cutting-edge vaccines"

Protect them from whom, those who cannot afford it?

Ma'am, you have a very serious disease, and I'm afraid you only have 6 months to live.
The good news is, if you lived in America, and could afford it, you'd had a much better chance
I'm sorry for your loss
[ link to this | view in chronology ]
Anonymous Coward, 14 May 2012 @ 3:15pm

No, CISPA does not allow the government to go out and monitor whoever they wish, but it does allow them to thoroughly mine whatever data is given to them�data that will undoubtedly include private information.

OMG, who do they think they are.... Google?
[ link to this | view in chronology ]
- Mike Masnick (profile), 14 May 2012 @ 3:55pm
  
  Re:
  OMG, who do they think they are.... Google?
  
  Er... Google gets data people give to it. CISPA gives the gov't data that individuals never agreed to give the gov't.
  [ link to this | view in chronology ]
- chelleliberty (profile), 24 May 2012 @ 7:23am
  
  OMG, who do they thing they are.... Facebook?
  
  FTFY ;)
  [ link to this | view in chronology ]
elias79 (profile), 14 May 2012 @ 3:24pm

Terrible :(
[ link to this | view in chronology ]
Beech, 14 May 2012 @ 3:32pm

Man, maybe the hackers could do us a solid and select "Current U.S. Congressmen," then push delete.
[ link to this | view in chronology ]
Anonymous Coward, 14 May 2012 @ 4:25pm

I'm sick of hearing these guys whine about China. If you're so desperate to start World War 3, just go ahead and launch some nukes at them. It's not like there'll be enough people left afterward for it to matter who started it.
[ link to this | view in chronology ]
Anonymous Coward, 14 May 2012 @ 10:42pm

If the secret research of a company can be accesed by some key strokes then that company is to blame and should hire cybersecurity experts by itself.

And i'm shure those companies do it, becouse they're not gonna let they're door unlocked if they have a really important something that everyone wants.

It would be as silly as banks firing all of they're security because theres a law against theft.

Just like there's already laws against using companies secrets without autorization.
[ link to this | view in chronology ]
ahow628 (profile), 17 May 2012 @ 8:18am

Assholes
I can't believe all those Chinese assholes with muscular dystrophy are going to try to seek out effective treatment so they can lead a productive and pain-free life. Jerks.
[ link to this | view in chronology ]