On its surface, the proposed bill seems reasonable enough, as it is intended to enable companies to share information with the US government about cyber-security threats, as well as for the intelligence community to share information with companies about prevalent dangers.
points out that sharing their information would be voluntary and not mandatory for private companies. It elaborated that “private companies would only be allowed to use information to protect themselves and their customers, not to gain a competitive advantage, while any information shared would be exempt from public disclosure.”
This makes it considerably less draconian than the measures proposed by both SOPA
Quiet as a mouse, supported by an elephant
However, unlike the high profile SOPA or PIPA, which received condemnation from technology companies and internet users alike, CISPA appears to be flying under the radar and is supported by technology giants such as Facebook. The social media giant, which has thrown its support behind the proposed bill, went so far as to explain in a lengthy letter
why it believes the bill is a good – and benign – idea.
According to Joel Kaplan, Facebook’s vice-president of US public policy, a challenge faced by it and other internet-based companies lay in their ability to share information with each other about cyber attacks.
“When one company detects an attack, sharing information about that attack promptly with other companies can help protect those other companies and their users from being victimised by the same attack.
“Similarly, if the government learns of an intrusion or other attack, the more it can share about that attack with private companies (and the faster it can share the information), the better the protection for users and our systems,” he explained.
However, Kaplan stressed that the bill would impose no new obligations on the company to share data with anyone. He added that it further “ensures that if we do share data about specific cyber threats, we are able to continue to safeguard our users’ private information, just as we do today.”
Addressing one of the main concerns raised, that companies would share sensitive personal information with the government in the name of protecting cyber-security, Kaplan emphasised that “Facebook had no intention of doing do so.”
Wolf in sheep’s disguise?
While Facebook is one amongst the 800 large companies
that support the bill, not everyone is quite as convinced though. The Electronic Frontier Foundation
accuses the bill of “proposing overbroad regulations that could have dire consequences” for the internet.
It further warns that if passed, the US government would be given “free rein to bypass existing laws in order to monitor communications, filter content, or potentially even shut down access to online services for cyber-security purposes.”
The foundation continues by asserting that while the bill may be intended to “facilitate detection of and defence against a serious cyber threat”, it oversteps that mark and could be used against websites like The Pirate Bay or WikiLeaks.
The latter accusation is not completely unfounded. Both SOPA and PIPA, as well as their follow-up, ACTA, clearly took aim at sites believed to be infringing on copyright, which would have been more noble if those supporting those bills weren’t allegedly doing so on behalf of Hollywood and the entertainment industry.
To the point
There is a fine line though, between vigilance and paranoia. While SOPA
, PIPA, ACTA and HR 1981
were clearly egregious threats to internet freedom, we can’t say we are quite so convinced that CISPA is in the same league.
Nonetheless, we are also reminded of another saying, that the day you stop defending your freedom is the same day you start losing it. One look at the local tollgate debacle reminds us of how true this is, and internet freedom is to our minds, no exception to this.