Thursday, April 18, 2013

CISPA Goes to The Floor for a Vote, Privacy Amendments Blocked

Mark M. Jaycox and Kurt Opsahl and Rainey Reitman
EFF.org
April 18, 2013

[Editor's note: This article appeared yesterday at EFF.org]

Yesterday, the US House prepared for the debate on the privacy-invading “cybersecurity” bill called CISPA, the Cyber Intelligence Sharing and Protection Act. The rules committee hearing was the last stop before the bill is voted on by the full House.

In the hearing, Rep. Mike Rogers (R-MI) was questioned about the core problems in the bill, like the broad immunity and new corporate spying powers. In response, he characterized users who oppose CISPA as “14 year olds” tweeting in a basement.

The bill may be voted on as early as Wednesday. This means there’s little time left to speak out. Please tell your Representative to vote no on the bill:

Call your Representative

Tweet at your Representative

Here are some of the takeaways from the hearing.

Rep. Rogers Dismisses CISPA Opponents as Teenage Basement Tweeters

After a heated exchange about the overly broad legal immunity, Rep. Jared Polis (D-CO) noted the widespread opposition to CISPA by Internet users. In response, Rep. Rogers characterized opponents to CISPA as “14 year olds” tweeting in a basement. See the video here.

Of course, many people oppose CISPA — several thousand of whom tweeted at Rogers after his remark.

Internet companies like Mozilla, Reddit, NameCheap, Gandi.net, and other have also come out strong against the bill. And over 70 cybersecurity experts and academics sent a joint letter opposing CISPA last year, expressing their firm opposition to the dangers of Roger’s approach to computer security:

We have devoted our careers to building security technologies, and to protecting networks, computers, and critical infrastructure against attacks of many stripes. We take security very seriously, but we fervently believe that strong computer and network security does not require Internet users to sacrifice their privacy and civil liberties.

Earlier this week, 34 civil liberties groups sent a letter opposing CISPA in its current form.

And the newest addition to CISPA opposition? The White House, which issued a veto threat (PDF) yesterday.

Rep. Rogers Makes The Case For Why Representatives Should Vote No

Rep. Rogers is adamant that no sensitive personal information or email content will be collected under the bill and then sent to the federal government. Under questioning from Rep. Polis, Rogers said “Again, zeroes and ones, hundreds of millions of times a second, in patterns. It has nothing to do with content. Nothing.”

First of all, of course it’s zeros and ones. That’s how information is passed in the digital environment–whether it is content or not. If Rogers is going to propose fundamentally changing privacy on the Internet, he ought to know that the contents of email are transferred with zeros and ones in patterns.

Second, if Rogers really meant this, there is an easy solution. Exclude the content of communications from the bill. Voila! Companies would not be able to transfer the content of anyone’s email under the bill, whether in the form of zeros and ones, or by carrier pigeon.

Reducing Confidence in the Internet

Rep. Polis spoke candidly during the hearing about some of the detrimental effects CISPA could have on Internet users’ trust in online services:

This directly hurts the confidence of Internet users. Internet users – if this were to become law – would be much more hesitant to provide their personal information -even if assured under the terms of use that it will be kept personal because the company would be completely indemnified if they ‘voluntarily’ gave it to the United States government.

Rep. Rogers was not convinced, asserting this would not be a problem. He’s wrong. CISPA gives legal immunity to companies who share your information under the bill, with no exception for privacy policies or user agreements that promise to protect your privacy. Even worse, core privacy laws like the Privacy Act, Cable Communications Policy Act, the Wiretap Act, the Video Privacy Protection Act, and the Electronic Communications Privacy Act will be decimated by CISPA, robbed of their power to protect you when it comes to this so-called cybersecurity sharing.

One amendment that could have helped to address this concern was a proposal by Rep. Justin Amash (R-MI) which would have made clear that a company can still make a legally-enforceable commitment to users via a contract (such as terms of use) that it will not share personally identifiable information with the federal government.

However, this amendment was not allowed to proceed to the floor for a vote.

Privacy Amendments Aren’t Allowed to Proceed For A Full House Vote

The hearing ended with the decision on which amendments would be allowed for consideration during the floor vote. In all, 42 amendments were submitted to CISPA – the majority of which dealt with privacy and civil liberties problems with the bill. Only 12 were allowed to go to the floor for a full vote.

Among the amendments that will not move forward are forward-thinking proposals by Reps. Adam Schiff (D-Calif.) and Jan Schakowsky (D-Ill.), both of whom suggested amendments that would address some of the core privacy concerns in CISPA. The first (PDF), championed by Rep. Schakowsky, would require that the first point of sharing information with the federal government must be with a civilian agency, so that U.S. military or defense agencies won’t directly collect or receive cyber information on American citizens.

Another amendment (PDF) promoted by Rep Schiff, requires companies sharing information with the government or other private entities under the bill make “reasonable efforts” to remove personally identifiable information of individuals unrelated to the cyber threat.

At first the chairmen didn’t even allow a vote on whether or not these amendments could be presented to the full house for a vote. A vote on the amendments was held by the committee only after Democrats raised the issue.

Unfortunately, both amendments were ruled out of order – along with many others that would have addressed civil liberties issues. This means that fixing the bill through floor amendments –which was always unlikely–is now clearly impossible. EFF is urging Representatives to oppose the bill in the upcoming vote.

Say No To CISPA

CISPA will likely be up for a vote in the next 24 hours. CISPA is still riddled with problems and must be stopped. Tell your Congressmen now to say no to CISPA.

Call Now: Tell Congress to Reject CISPA

The House is about to vote on the “cybersecurity” bill known as CISPA, the Cyber Intelligence Sharing and Protection Act. Despite recent amendments, CISPA still features dangerously vague language that could put your personal information in the hands of military organizations like the National Security Agency.

While CISPA passed through the House last year, it failed to be enacted after a veto threat. This year’s bill fails to solve the fundamental privacy and civil liberties problems with the misguided law. Please speak out! We’re asking individuals to call Representatives and follow up with a tweet.

Click here if you’re not in the United States.

Suggested script:

Hello, my name is [YOUR NAME] and I am a constituent of [Congressperson's name].
Please oppose H.R.624, the Cyber Intelligence Sharing and Protection Act, also known as CISPA. It is a misguided bill that violates my privacy. I believe that the right cybersecurity solution does not involve sacrificing the privacy rights of Internet users.
Thank you for your consideration, and for acting against this dangerous bill.

Phone lines closed?

If you call and the phone lines are already closed or overwhelmed, please send an email.

Spread the word!

Excellent! Now that you’ve made the call, use our Twitter tool to tell key members of Congress to stand up for your privacy and vote NO on CISPA and to help spread the word.

No comments:

Post a Comment