Blog Archives

A Positive Side to CISPA?


CISPA - The solution is the problem

CISPA – The solution is the problem (Photo credit: DonkeyHotey)

In an opinion article for Digital Trends, Andrew Couts, points out some positive information( in his opinion) about the passing of the Cyber Intelligence Sharing and Protection Act.  His article, Five things everyone needs to know about CISPAstates that specific amendments made prior to the passing by the House, have actually improved the bill.Couts says these are the five things people should be aware of.

1.  CISPA has nothing to do with SOPA.

2.  CISPA got better with amendments.3.  …But it’s still fundamentally broken.

4.  CISPA is not the only cybersecurity bill in Congress.

5.  CISPA likely won’t pass the Senate. (unchanged)

The first point Couts makes is this, “CISPA has to do with privacy. SOPA dealt with censorship. CISPA threatens our Fourth Amendment rights — the right against “unreasonable searches and seizures” — because it allows businesses to hand over a staggering amount of information about us to the federal government with impunity. SOPA threatened our First Amendment rights — the right to free speech — because it would have allowed the federal government to block access to websites using the same practices employed in oppressive regimes, like Iran and China.”

His second point?  “A total of 11 amendments were added to the bill, some of which made positive changes to the types of information that may be shared, and how the government may legally use that information.”  He continues on to list some of the major changes made in the bill and discusses the most notable change, the Quayle amendment that he summarizes in his article.

“One added provision, known as the Quayle amendment, has raised the most number of eyebrows. It outlines the purposes for which the government may use information collected from businesses. They are as follows:

  1. cybersecurity;
  2. investigation and prosecution of cybersecurity crimes;
  3. protection of individuals from the danger of death or physical injury;
  4. protection of minors from physical or psychological harm; and
  5. protection of the national security of the United States

Couts goes on to discuss why he thinks the bill is still flawed and said, “For starters, the bill still does not provide any limits on the information shared under CISPA to be passed along to shadowy organizations, like the National Security Agency, which has essentially no public oversight. Furthermore, CISPA still allows data collected under the bill to be used for vague purposes of “national security,” a term that could mean almost anything.”

He also informs his readers that there are two other bills currently in Congress, one brought forth by Sen. John McCain (R-AZ) called SECURE IT Act or S. 2151.  The other bill is presented by Sen. Joe Lieberman (I-CT), called Cybersecurity Act of 2012 or S. 2105.  Couts explains that both other bills share the problem of broad language like CISPA and that it’s possible in the end that CISPA could be combined with one of the two bills.  Couts reports that currently, Lieberman’s bill has the support of the White House and Senate Democrats.  This is significant since the President has threatened to veto CISPA if certain changes do not take place.

The veto issue is also part of Couts last point, that CISPA will not likely pass in the Senate.  He includes the caveat of change.  If certain requirements outlined by the President take place, and the bill can be hashed out to everyone’s liking, it may pass into law.  Considering the track record, of the two major political parties agreeing on anything, as being less than stellar, I’m personally not going to hold my breath.  That doesn’t mean I’m not deeply concerned about the bill.  After all, it did pass the House with a 248-168 vote and had over 100 cosponsors, which is cause for serious concern for all those who use the internet, and more specifically, investigative journalists.

Overall, I don’t see any real positive change in the language of the bill.  I’m concerned for investigative journalists for a very good reason.  The nature of their work.  The “watchdogs” of government may have to begin re-thinking the methods they use to get information online.  I’m skeptical that should the government get wind of an investigation through the abilities provided by the CISPA bill, they would just let journalists go about their job undeterred.  We may end up seeing more instances like what happened to the two journalists working for USA Today.  You can read more about their story here.

So what’s the take-away?  Well, as Couts points out, it’s a long process and we should all be willing to accept that fact, and keep paying attention no matter how long it takes for a decision to be made on CISPA.  Journalists especially, should be paying close attention.  If you thought there were problems with the use of anonymity before, just wait and see what happens when the government, at will, snoops around your information and starts to monitor you under the guise of national security.  (Especially if your story targets the government.)  As a computer scientist friend of mine casually suggested recently, getting to know the ins-and-outs of encryption might become a valuable investment in your career.

Advertisements

Rate My Amendment, How CISPA Attacks the Constitution


Jason Koebler wrote an article Thursday for US News.com that discusses the dangers of the new Cyber Intelligence Sharing and Protection Act. Yes, bear with me as we explore yet another acronym from the government, CISPA.

In his article, Koebler says, “…Experts say the danger level associated with CISPA depends on the answer to one question: Which Constitution amendment do you care about more, the First or the Fourth?”.

The idea behind CISPA according to the article and the congressmen who sponsored the bill is, that this will allow corporations and companies to share user information with the government without penalty or threat from general citizens or in other words, without getting sued by their users. Now, the government says this information is completely voluntary and, the companies are not required to share data. They are encouraged to share data only if it pertains to cyber-security and national security with the hope of stopping attacks from outside sources trying to steal information and other similar threats. The makers of the bill say it’s a two-way street.

In his article Koebler quotes Jim Dempsey, vice president for public policy at the Center for Democracy and Technology, “ The government can say ‘you want our secret sauce, give us all your data, if you play ball with us, we’ll play ball with you.’”

Dempsey also goes on to say in the article that once the bill, “CISPA removes the legal barriers, it becomes harder for companies to resist those inducements, which can lead them to do things they’re uncomfortable with.”

From what I can gather from the article by Koebler, and the statements from the congressmen and Dempsey, this bill is opening a two-way street of “non-required” sharing of private users information and in doing so, skirts the Fourth Amendment. This leaves every private citizen who uses the internet vulnerable to the governments smooth talking proposals to the companies and corporations like Facebook, Verizon, AT&T, Microsoft and others.

Well. Now if that doesn’t box your ears and leave them ringing, I don’t know what will. I’m sorry, could you repeat the question? Which Amendment do I care about more? Why should that be entertained? 

Recently our government, via the FBI, put out a Request For Information regarding software that could be used to find “danger” words in social media platforms like Facebook and Twitter as well as on search engines.  Is this the beginning of the end of free speech on the Internet?  Is this a violation of a reasonable expectation of privacy?

I’ve had a few conversations on this subject.  One friend pointed out that just as driving is not a right it is a privilege, so is the Internet.  We don’t have a right to use it, we choose to use it.  In doing so, we are subject to terms of use, just as we are subject to traffic laws.  While this makes sense to me, I can’t help but think about a few counter arguments.

If you are pulled over by the police while driving, can they just search your vehicle because they feel like it?  I don’t think they can.  Can the police show up on your doorstep and search your house, your phone, your laptop or your refrigerator?  Nope.  Please correct me if I am wrong on any of this, but it was my understanding that without evident probable cause or a warrant, the government in any form is not allowed to search and seize a private citizen or their property.  I would think that this would include intellectual property, no?  I know that might be a stretch, but if we can  sue others in court over the ownership of intellectual property, then does it not become just as tangible as your car?

What do you think about this? Do you think the government is over-reaching?  Is this legislation something we should support in the name of national security?  Is it in violation of the Constitution?

The Fourth Amendment states the following:  

AMENDMENT IV

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.