Why CISPA sucks and what you can do about it

Want to stop private companies from sharing your personal information with Uncle Sam? Better hope that CISPA doesn't pass.


That’s a pretty broad net that could also snag whistleblowing sites like WikiLeaks, Apple rumor blogs, complaint sites run by disgruntled employees, legit journalism sites, the Pirate Bay, and everything Anonymous has done for the past three years. It’s a little bit of SOPA and a whole lot more.

The other problem is that CISPA allows fairly indiscriminate sharing of any information, normal privacy protections be damned. Per the text of the bill:

Notwithstanding any other provision of law, a self-protected entity may, for cybersecurity purposes… share such cyber threat information with any other entity, including the Federal Government.

As CNET’s Declan McCullough points out, that opens the doors to sharing all kinds of information – user names and passwords, account histories, the contents of email messages, and the like – that are currently prohibited by wiretap and other laws.

By including the word "notwithstanding… [CISPA] would trump wiretap laws, Web companies' privacy policies, gun laws, educational record laws, census data, medical records, and other statutes that protect information, warns the ACLU's Richardson.

There’s a third really big difference between CISPA and those other bits of legislation: PIPA/SOPA were opposed by the leading companies of the Internet age – Google, Facebook, Microsoft, etc. CISPA is not. In fact, that bill boasts some 800 corporate sponsors, if you count all the members of trade groups like the CTIA and The Business Roundtable separately.

So you’re not going to see partial blackouts of Google or Wikipedia this time around. We’re on our own in this fight.

Facebook published a letter defending its CISPA support in February, and doubled down on it last week in a blog post by VP Joel Kaplan. The salient bit:

Join us:






IT ManagementWhite Papers & Webcasts

White Paper

ACM Leadership Guide

Webcast On Demand

Data Breaches - Don't Be a Headline

Sponsor: Absolute Software Corporation

See more White Papers | Webcasts

Answers - Powered by ITworld

Ask a Question