The Non-Geek's Guide to CISPA, the Cybersecurity Bill The Internet is Freaking Out Over
Remember the protest over the anti-piracy bill SOPA, which left Wikipedia black for a day and depressed the GPA of a large portion of the world's high school students? This week brings another internet freakout over a similarly geeky bill: The Cybersecurity Information Sharing Act (CISPA). Non-geeks, here is what you need to know.
CISPA Is All About Sharing
The Cybersecurity Information Sharing Act is a bipartisan bill that would allow federal agencies and private companies to share customer information that relates to "cybersecurity" threats in order to combat hacking attacks. The House is considering the Act today.
Is CISPA Sharing or Spying?
Of course, one person's sharing is another person's spying—just ask Mark Zuckerberg. Civil liberties groups like the Electronic Frontier Foundation (EFF) argue CISPA's definition of cyber threats is too broad, and that the information sharing amounts to "cyber spying" on innocent cyber users. The bill offers broad immunity to companies against privacy laws that prohibit the sharing of information as long as they claim to be acting in the name of cybersecurity.
As long as companies act in "good faith" and the collection is for a "cybersecurity purpose"—a purpose as vague as protecting or securing any network from degradation or disruption—there are no limits on what type of information can be intercepted and shared.
But CISPA's sponsors say there are plenty of limitations in the bill to keep your information from being abused, or being sold to Joe Biden for use in email marketing a post-vice presidential smooth jazz compilation. New amendments to restrict the scope of the bill have addressed the biggest concerns of some critics.
CISPA Is Meant to Stop Hackers, Who Are The New Terrorists
The easiest way to understand the debate over CISPA is to recall the debate over the Patriot Act and just replace the word "terrorism" with "cyberattacks," and "al Qaeda" with "Anonymous." Many commentators have made apt comparisons between CISPA and the Patriot Act's own controversial information sharing provision. The cybersecurity hysteria is built on a similarly overblown fear of a "cyber pearl harbor," where cyber attackers would blow up a nuclear station or something, using computers.
Sen. Joe Lieberman captured the hacker-as-terrorist mentality when he introduced a different cybersecurity bill earlier this year by invoking 9/11: "I fear that when it comes to protecting America from cyberattack it is Sept. 10, 2001," he said.
CISPA Is Meant to Stop Chinese Hackers
CISPA is aimed especially at the threat of Chinese hackers breaking into American computers and stealing the secret codes to Freedom. In February 2011, for example, Chinese hackers broke into U.S. oil companies—the gas stations to the Ford Explorer of Freedom. The U.S. sucks at dealing with these hacking threats because you can't use a predator drone to extrajudicially assassinate Chinese hackers, and all of America's geeks are making iPhone apps now instead of working for the government fighting hackers. Even the Pentagon has been hit by Chinese hackers!
Tech Companies Love CISPA
While SOPA was vocally opposed by internet companies like Tumblr, and Google, the tech industry in general supports CISPA because they hate hackers. Facebook offered a letter in support of the bill, because defending their users from hackers costs millions and CISPA transfers some of the burden of keeping track of more mischievous users to the government.
This is a big reason why, even though more than 800,000 people have signed an anti-CISPA petition, there will be no SOPA-level freakout. Though they wont admit it, the internet's geek populist crowd often goes with the tech companies they work (or would like to) work for.
But How Does CISPA actually affect me?
In the best case scenario, CISPA won't effect anyone unless they are cyber threats to America, in which case it will help arrest you. In the worst case scenario, CISPA is another step in our gradual slide to an all-knowing surveillance state where the government has instant access to everything you've ever done on a computer. Either way: Not much in the short term, honestly.
CISPA Is Probably Going to Pass
"We have the votes" to pass the bill, CISPA co-author Rep. Mike Rogers said today. But the White House has threatened to veto the bill unless there are significant improvements in privacy protection.
Cyber
Cyber.