If you haven't heard of it yet, CISPA is the latest piece of proposed legislation that's causing an uproar among privacy and civil liberties advocates, as well as defenders of the free internet everywhere. The Cyber Intelligence Sharing Protection Act is a bipartisan bill that essentially encourages ISPs to work together with the government to keep tabs on users who could pose a 'cybersecurity threat' – or just happens to pirate a file, according to TorrentFreak.
Even though some people have described it as the new SOPA, that's just rhetoric. But even though the bills have almost nothing in common, that doesn't make them any less of a problem. Whereas SOPA was unabashedly targeting piracy (for the record, that wasn't the problem with it; the ends didn't justify the means), CISPA is focused on protecting private and government networks from hackers and more nebulous threats (which, once again, isn't the problem).
Despite containing a few provisions targeting piracy, which we'll get to in a minute, most criticism of CISPA is aimed at the privacy nightmare it threatens to create. Despite co-sponsor Mike Rogers describing the bill to Huffington Post as 'non-invasive,' a legislative counsel at the ACLU called it “a new backdoor around the Fourth Amendment... ,” which protects against unwarranted searches. “This is a whole new surveillance program,” she warned.
So, what's not to love about the bill? According to a summary from the Congressional Research Service, a nonpartisan arm of the Library of Congress, the bill “[encourages] the sharing of [cyber threat intelligence].” Privacy advocates are concerned that this could mean that ISPs would end up sifting through web traffic looking for such threats. The bill also encourages sharing of information involving a “theft or misappropriation of private or government information, intellectual property, or personally identifiable information.”
Now, hacking, especially 'serious' hacking between governments, is no doubt a serious problem, but CISPA seems to be going down the same road as SOPA, due to overly intrusive provisions in a bill that tries to address problems that otherwise need to be reasonably addressed. What's even more disturbing is that CISPA seems to not only permit, but even encourages, companies to actively spy on consumers. Since it doesn't require a warrant, CISPA could potentially lead to ISPs trying to seek out crime, rather than simply reporting truly reasonable threats. A statement from the Electronic Frontier Foundation hits the nail right on the head:
“That means a company like Google, Facebook, Twitter, or AT&T could intercept your emails and text messages, send copies to one another and to the government, and modify those communications or prevent them from reaching their destination if it fits into their plan to stop cybersecurity threats.”
There's a whole host of issues at stake here, but if Congress really does want to pass legislation to protect against cybersecurity threats and yes, even piracy, they would be wise to take the advice given by Caitlin Hayden, a spokeswoman for the National Security Council , to Huffington Post, who would “encourage the Congress to craft information sharing legislation carefully with robust protections to safeguard civil liberties and privacy.” As it is, CISPA could go before Congress as early as the week of April 23rd.