The Lady Geek's Topic of the Day: CISPA and You

Tales of the Lady Geek

The Lady Geek's Topic of the Day: CISPA (The Cyber Intelligence Sharing and Protection Act) and You

Greetings dear readers from the wonderful City of Brotherly Love!  As of this writing, I have just returned from a very exciting day of teaching. As you already know, this Lady Geek is a computer support technician and part of my services includes teaching the uninitiated and computer illiterate, the proper basic care and upkeep techniques as well as the ins and outs of their new equipment.  I love this aspect of my job, because I am free to express myself, indulge in my passions and protect the unprotected from those in 'Big Business' who would take advantage of them.

I only wish I could do more.  One of the best things about my life is the freedom I take for granted as an American. The freedom to dispense information without fear of retribution from 'Big Brother' has always been in my top ten list of great rights. Under this new Bill before the House, that freedom might soon be gone from not just me, but everyone who uses the internet.

As you may remember from earlier Topics brought to you by this Geek Girl, there are forces at work within the confines of this great governing body with the aim of protecting America from various online threats including fake inexpensive drugs, piracy of information and hacker attacks.  These have been presented as bills named "SOPA", "PIPA" and "ACTA". Each time we, the American People protested against these invasive bills, the powers that be stepped back from it and immediately redrafted it with yet another acronym and more scrupulous wording.  Well now it's name is the Cyber Intelligence Sharing and Protection Act (CISPA) and this bill, as of April 26, 2012, has already been passed by the US House of Representatives.

What is CISPA:

According to Wikipedia: CISPA "is an amendment to the National Security Act of 1947, which doesn't currently contain provisions pertaining to cybercrime...adds provisions to the Act describing cyber threat intelligence as...information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity...protecting a system or network from either efforts to degrade, disrupt, or destroy such system or network...theft or misappropriation of private or government information..." It further goes on to say that, "In addition, CISPA requires the Director of National Intelligence to establish procedures to allow intelligence community elements to share cyber threat intelligence with private-sector entities and encourage the sharing of such intelligence."

So basically, CISPA is a proposed law that has already been passed by the United States House of Representatives, that would allow for the sharing of Internet traffic information between the U.S. government and certain technology and manufacturing companies. It sounds innocent enough, "..the aim of the bill is to help the US government investigate cyber threats and ensure the security of networks against cyber attack..." but after all of the mess with ACTA, PIPA and SOPA, what does this really mean for us?

The Proponents:

Here's the thing about CISPA, unlike SOPA and PIPA, corporations like Microsoft, Facebook and the United States Chamber of Commerce are actually in favor of the bill. Believing it to be a simple and effective means of sharing important cyber threat information with the government. In February of this year, Facebook Vice President, Joel Kaplan wrote an enthusiastic letter ot Representative Rogers in order to commend them on CISPA, which he said, 'removes burdensome rules that currently can inhibit protection of the cyber ecosystem."

Representative Mike Rogers, the drafter of this bill has been quoted during the April 26th debate as saying:

"In just the last few years, nation states like China have stolen enough intellectual property from just defense contractors, that would be equivalent to 50 times the print collection of the US Library of Congress. We have nation states who are literally stealing jobs and our future. We also have countries that are engaged in activities and have capabilities that have the ability to break networks, computer networks. Which means you can't just reboot. It means your system is literally broken. Those kinds of disruptions can be catastrophic when you think about the financial sector, or the energy sector, or our command and control elements for all our national security apparatus. 

You know, without our ideas, without our innovation that countries like China are stealing every single day; we will cease to be a great nation. They are slowly and silently and quickly stealing the value and prosperity of America. One credit card company said that they get attacked for your personal information 300,000 times a day, one company."

So the position of the Representatives backing CISPA say that the bill is necessary to deal with threats from China and Russia and that the bill "Protects privacy by prohibiting the government from requiring private sector entities to provide information."  which translates to me as in order to protect us from the "Unknown Forces at Large", they had to have some kind of control over our personal information and the ability to send whatever they monitor to the Feds...hmm...sounds like good ole fashioned Nixon logic to me.

Those Against It:

Advocacy groups including the American Library Association, the Electronic Frontier Foundation and the ACLU are against the Bill.  Why? The answer is in the wording. Under all that pretty legalese, the section of CISPA that says, "notwithstanding any other provision of law", companies may share information 'with an other entity, including the federal government." By including the word, "notwithstanding", experts agree, CISPA was intended to surpass all existing federal and state civil and criminal laws.

That means, under CISPA as it's currently worded, that such laws meant to protect the average American's rights against illegal wire tapping, educational record and medical records distribution among other laws that that protect our intimate information could be superceded by this new law in the name of cyber security.

Picture, if you will, a Skype call to your relative being monitored, recorded, replayed without your express permission and potentially edited against you because the government decides you are a security risk. It's happened before to such leaders as Malcolm X and Reverend King, who says it won't happen again?

Another thing that worries us about CISPA is that under the current wording, it could allow companies to violate their terms of service by turning over information to the Feds without a search warrant.  In fact, according to a recent article on CNET.com, "One reason CISPA would be useful for government eavesdroppers is that, under existing federal law, any person or company who helps someone "intercept any wire, oral, or electronic communication"--unless specifically authorized by law--could face criminal charges. CISPA would trump all other laws."
  
That's frightening.

My Take Away:

CISPA allows Americans' personal information to be consumed by government agencies under the name of 'cybersecurity' at the drop of a hat. If it remains unchanged, it could actually lead to the "Big Brother" that Mr. Orsen Wells warned us about in his famous book, "1984". 

Here's my take on the situation in one simple statement of fact. Power corrupts, absolute power corrupts absolutely. While I understand that national security is a great priority, while I understand that we need laws that govern how we legally use the internet and the information available at the drop of a hat, and certainly while I understand how a properly worded bill could be used to help ferret out and prevent major information leaks, what I don't understand is the governments insistence on reopening the old wounds left by former president Richard Nixon.  There has got to be a better way.

Written by: MaryAnn Paris
Follow MaryAnn on Twitter