Shameful: Tech Companies Fighting Against Necessary CFAA Reform And CISPA Fixes

from the bad-news dept

Fri, Apr 12th 2013 3:42am — Mike Masnick

We've been talking a lot about the importance of CFAA reform lately, even highlighting how, under the CFAA, the founders of some of the most successful tech and software companies of our time could have been thrown in jail under the CFAA. For that reason, it's ridiculous and shameful that many of the largest software companies, via the powerful SIIA lobbying group, are fighting hard against CFAA reform. We've been hearing for a while that companies like Oracle and Adobe were particularly strongly against it, but the SIIA represents an awful lot of tech companies, many of whom otherwise seem to be in favor of CFAA reform. Certainly, in talking to engineers at many of these companies, they think the CFAA is ridiculous, turning ordinary everyday activity into a possible felony. But some of the execs at these companies see a weapon to be used against people who make off with digital information -- especially rogue employees (or ex-employees).

This is silly. The tech companies are refusing to fix a very dangerous and broad law, because of a very specific circumstance that can be dealt with via other existing laws. Also, it's going against basic common sense and the views of many of these companies' own engineers. When companies are so focused on protecting one weapon that they're willing to allow such bad laws to stay, those are companies who are showing that they're not focused on innovation but on litigation and protectionist views.

Similarly troubling is the news that TechNet, an organization representing a bunch of tech companies has sent a letter to the House Intelligence Committee supporting the post-markup version of CISPA. This isn't a huge surprise. TechNet had already been listed as a supporter of CISPA, and the bills' sponsors in Congress had worked overtime (or, rather, had their staffs work overtime) seeking to appease the tech industry on the mistaken belief that the fight against SOPA was really lead by the tech industry, rather than an angry public. The public isn't quite as angry about CISPA, since the threats of CISPA aren't quite as immediately obvious to everyday people, but winning over the tech companies by giving them immunity should they violate their users' privacy is a bad long term strategy.

Yes, tech companies were a part of the coalition who fought against SOPA, but part of that was because those tech companies were focused on what was best for their users. Choosing to go against those same users when it comes to their own privacy is going to backfire eventually. Some people think that it was the tech companies who drove the fight against SOPA, when the reality was that it was the internet users, who pulled the tech companies into the fight. Not listening to their users would be a big mistake, as a vocal internet turning against these companies isn't a good sign for their future.

On that note, Reddit founder Alexis Ohanian has kicked off a campaign looking to shame Google, Facebook and Twitter into coming out against CISPA. Hopefully, he'll do something similar around CFAA reform as well. Having tech companies come down on the wrong side of these two laws is a bad long term strategy for the tech industry.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cfaa, cispa, lobbying, tech companies
Companies: siia, technet

33 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 12 Apr 2013 @ 3:57am

In before "Why are you pro-piracy" and "Google and Facebook just hate when copyright is enforced"
[ link to this | view in chronology ]
Anonymous Coward, 12 Apr 2013 @ 4:05am

Wow, you mean a big company only supports big causes just to enhance it's image? WOW!
[ link to this | view in chronology ]
That Anonymous Coward (profile), 12 Apr 2013 @ 4:07am

Immunity - its a handy thing to get to put your mind at ease as you sell out.
[ link to this | view in chronology ]
DeadBolt (profile), 12 Apr 2013 @ 4:10am

This will probably get me a lot of flak, but if North Korea does one thing, I hope they nuke the shit out of Congress.
[ link to this | view in chronology ]
- Anonymous Coward, 12 Apr 2013 @ 4:18am
  
  Re:
  Well, it needs torching as a hive of scum and villainy, for the most part. Just make sure that Wyden, Lofgren and possibly Issa are outside first...
  [ link to this | view in chronology ]
- Jay (profile), 12 Apr 2013 @ 6:23am
  
  Re:
  Congratulations. You've just fallen for the propaganda that ignores how the US has antagonized North Korea with war like sanctions to cause it to act ruthlessly in regards to South Korea.
  
  Maybe you should look at their playbook before thinking that Congress should nuke them.
  [ link to this | view in chronology ]
  - TaCktiX, 12 Apr 2013 @ 9:50am
    
    Re: Re:
    He was suggesting that North Korea should nuke Congress, not vice versa.
    [ link to this | view in chronology ]
Anonymous Coward, 12 Apr 2013 @ 4:27am

it's the same old story. if someone thinks something either wont affect them or will go past them, it's ignored or not contested. when it's found that it does affect and will hit them and it's too late to stop, then all the moaning and regrets start!
[ link to this | view in chronology ]
- Anonymous Coward, 12 Apr 2013 @ 4:37am
  
  Re:
  "All it takes for evil to win is for good men to do nothing."
  [ link to this | view in chronology ]
  - Zakida Paul (profile), 12 Apr 2013 @ 4:43am
    
    Re: Re:
    Or good men can do everything right but if they do not have enough money, they still lose.
    [ link to this | view in chronology ]
    - Anonymous Coward, 12 Apr 2013 @ 7:56am
      
      Re: Re: Re:
      All that means is that the revolution should have happened sooner.
      [ link to this | view in chronology ]
Ninja (profile), 12 Apr 2013 @ 4:44am

Oracle, Adobe... All legacy players that forgot the tech and now know litigation. CFAA allows them to go after people who find security holes in their stuff instead of, you know, fixing.

It's the old battle between the old and established industry that has run out of creativity and the new, innovative ones.
[ link to this | view in chronology ]
- Anonymous Howard (profile), 12 Apr 2013 @ 4:56am
  
  Re:
  Yeah, calling Oracle a tech company is a little bit overstatement..
  All they do today is buy up innovating companies and milk them to the last drop.
  [ link to this | view in chronology ]
  - Ninja (profile), 12 Apr 2013 @ 5:01am
    
    Re: Re:
    EA also comes to mind but I think it's pretty much any legacy player out there. Google will probably reach that stage at some point, there are signs already.
    [ link to this | view in chronology ]
- velox (profile), 12 Apr 2013 @ 8:27am
  
  Adobe wants guaranteed access to your private data
  Adobe's subsidiary and suspected NSA contractor Omniture is the #1 merchant of private data taken from your computer without your permission or knowledge. (Yes, I know Google Analytics is right up there doing the same thing). Adobe/Omniture wants to ensure there is a legal framework for them to continue doing this without your approval, and certainly without any ability for you to block or otherwise interfere.
  
  And in case you might have wondered why the NSA picked Utah as the site for their new multi-billion dollar surveillance data facility, it is not a coincidence that Omniture's new Omniture's new headquarters is being built just "across the freeway"
  [ link to this | view in chronology ]
  - velox (profile), 12 Apr 2013 @ 9:03am
    
    Re: Adobe wants guaranteed access to your private data
    uff... doubling typo.
    [ link to this | view in chronology ]
  - Ninja (profile), 12 Apr 2013 @ 9:51am
    
    Re: Adobe wants guaranteed access to your private data
    Nice piece of info eh? I always thought shell companies, subsidiaries and the likes is just a convenient means big companies use to keep them dissociated from shady business they engage... And unfortunately the average Joe eats this shit.
    [ link to this | view in chronology ]
This comment has been flagged by the community. Click here to show it

out_of_the_blue, 12 Apr 2013 @ 5:18am

Oh, this will work: "shame Google, Facebook and Twitter..."
"...into coming out against CISPA." -- Just my wearied reaction to idealistic kid "Reddit founder Alexis Ohanian" or anyone who believes that corporations aren't amoral monsters, that they've any shame, particularly since those 3 giant soulless corporations will with this "reform" receive (more) gov't money for spying on the public.

SO, Mike, have you YET noticed that your precious Google only pursues money behind its "good guy" public relations facade?
[ link to this | view in chronology ]
- Anonymous Coward, 12 Apr 2013 @ 5:23am
  
  Re: Oh, this will work: "shame Google, Facebook and Twitter..."
  One trick pony, here again for his act.
  [ link to this | view in chronology ]
Anonymous Coward, 12 Apr 2013 @ 5:37am

They might oppose CFAA reform because the 'reform' would make things even worse then before at the moment, and they doubt they can salvage it into something better at this time.
[ link to this | view in chronology ]
The Real Michael, 12 Apr 2013 @ 5:41am

This is why I stopped using Google awhile ago and never used Facebook (nor Twitter for that matter).

The bigger they are, the harder they fall.
[ link to this | view in chronology ]
- Anonymous Coward, 12 Apr 2013 @ 6:45am
  
  Re:
  Greed is eternal.
  Meet the new boss, same as the old boss.
  [ link to this | view in chronology ]
This comment has been flagged by the community. Click here to show it

Anonymous Coward, 12 Apr 2013 @ 7:00am

Maybe as a form of protest, you should stop taking Google's money.
[ link to this | view in chronology ]
- AC Unknown, 12 Apr 2013 @ 10:08am
  
  Re:
  Would you stop trotting out that same old line?
  [ link to this | view in chronology ]
Beta (profile), 12 Apr 2013 @ 7:20am

basic economics, again
"[E]ngineers at many of these companies... think the CFAA is ridiculous, turning ordinary everyday activity into a possible felony. But some of the execs at these companies see a weapon to be used against people who make off with digital information..."

This shortsightedness supports the theory that the only real talent executives have is the ability to get themselves promoted.
[ link to this | view in chronology ]
jupiterkansas (profile), 12 Apr 2013 @ 7:24am

Did that guy seriously think he was going to get Larry Page on the phone for a chat and did he really think he was making a point by trying?
[ link to this | view in chronology ]
MikeC (profile), 12 Apr 2013 @ 7:42am

There is a reason to oppose change! The devil you know..
What people sometimes don't realize is that it's often much more effective to deal with a bad law than have it changed to something you don't know - taking the chance it will cause other circumstances even worse than present. In particular dealing with congress and unintended(so they say)results.

Large firms have a major investment in navigating the status quo and as large entrenched firms, many see it as better to know the lay of the land than trying to find a better landscape. Sad but true ... like ISO9001(x) or whatever, I don't care if you it make it not perfect, just make it the same every single time so we can adjust to it. That is the tack taken by many large firms.
[ link to this | view in chronology ]
- TaCktiX, 12 Apr 2013 @ 9:54am
  
  Re: There is a reason to oppose change! The devil you know..
  So why are the same companies that are opposing CFAA reform supporting CISPA which by design will change the existing landscape in regards to personal data in the name of "security"?
  [ link to this | view in chronology ]
slick8086, 12 Apr 2013 @ 10:15am

This is the more of same thing.

People who have wrested power/control (executives/management/publishers) want to keep it out of the hands of the people who produce (engineers/creators).

The CFAA clearly favors bureaucracy over industry, so it is obvious that the bureaucrats favor it and the industrious don't.
[ link to this | view in chronology ]
NoahVail (profile), 12 Apr 2013 @ 2:12pm

Expansion dead but CFAA Maximalist Juggernaut is born
House subcommittee shelves recent CFAA expansion bill
http://www.huffingtonpost.com/2013/04/12/cfaa-internet-activists_n_3068978.html

Meanwhile: CFAA forces join up to form monster org representing Billions in pro-CISPA, max-CFAA interests.

ABM, the association of business information and media companies, and the Software & Information Industry Association (SIIA) announced today that they plan to merge in order to form the comprehensive, global business information and media industry association.

http://www.marketwire.com/press-release/abm-and-siia-announce-plan-to-join-forces-1777 484.htm

SIAA member list http://www.siia.net/index.php?option=com_wrapper&view=wrapper&Itemid=43

ABA member list http://www.abmassociation.com/assnfe/companydirectory.asp?MODE=FINDRESULTS

SIAA acts on fear that Aaron Swartz suicide could lead to CFAA reform
http://www.siia.net/blog/index.php/2013/01/page/5/

The CFAA was the subject of several proposed legislative reforms in 2012, and SIIA has been engaged, seeking to preserve the ability of SIIA members to use the CFAA to deter and prevent unauthorized access to or misuse of databases, subscription services and cloud services.

ABA loves CFAA's criminal/civil penalties, longs to lovingly protect them
http://www.abmassociation.com/News/2748/Inside-the-Beltway-%3A-April-2012

The CFAA carries civil as well as criminal provisions, and it has long been considered an effective tool for protecting business databases.
(sadly) Lobbyists for employees have sought to narrow the CFAA to prevent its use against employees.
But their proposed narrowing of the statute could also diminish its usefulness in protecting private databases, and ABM has joined other database companies in opposing the amendment.

I'm sure the best is yet to come and we'll be hearing from our new Global Business Information and Media Industry Association overlords soon enough.
[ link to this | view in chronology ]
Anonymous Coward, 12 Apr 2013 @ 7:13pm

The bill to expand the CFAA, while it would not outlaw VPNs or proxies, per se, could outlaw on common use of VPNS and proxies, the bypassing of geoblocking, with that bills expansion of "exceeding authorized access".

Of course, that would depend on whethe the VPN itself kept any logs.
[ link to this | view in chronology ]
ChrisH, 12 Apr 2013 @ 7:37pm

http://www.techdirt.com/articles/20130405/09461122596/wa-bill-allowing-employers-to-request-facebook -passwords.shtml#c982
[ link to this | view in chronology ]
- Mike Masnick (profile), 14 Apr 2013 @ 10:45pm
  
  Re:
  http://www.techdirt.com/articles/20130405/09461122596/wa-bill-allowing-employers-to-request-facebook -passwords.shtml#c982
  
  As I replied there, you point to a single ruling by a *DISTRICT* court judge, which means nothing. Other courts have ruled otherwise and the DOJ continues to claim this theory is correct. So... what's your point?
  [ link to this | view in chronology ]