FAQ: What you need to know about CISPA

The House version of the information-sharing bill passed last week

By , Computerworld |  IT Management, CISPA, privacy

What do you mean by vaguely worded? Critics claim the bill uses loose language to describe cyberthreats, network security attacks, countermeasures, cybersecurity systems, and other crucial terms. They claim the ambiguity can create big problems. For instance, CISPA offers no clear explanation of what activity defines a cyberthreat, although companies would be allowed to monitor and share information about those activities. The language would also allow companies to collect information on almost all Internet communications, and justify it on cybersecurity grounds. Even innocuous activity such as using a proxy server or an anonymizer could be deemed a suspicious activity under CISPA.

Are these the only concerns? No. Opponents of the bill say CISPA would expand the government's ability to monitor private communications under the premise of cybersecurity. They say the bill would allow data that's collected to detect and deter cyberthreats could also be used for national security purposes and other law enforcement uses. They argue that Internet companies that share data with the government would enjoy a great deal of legal immunity even when they violate personal privacy rights.

How exactly would it affect me? In theory, the bill would allow your ISP, or an Internet company such as Google or a Facebook, to more easily justify collecting information on all your online activities and share them with the NSA and other federal agencies.

Would CISPA require companies to share data with the government? No, it would not. Companies would not have to collect or share any cybersecurity data with the NSA or others. However, most companies are likely to participate in the information sharing because of the promise of getting useful cyberintelligence from the government and other companies in return for their own information. Regardless of whether CISPA becomes law, companies are still be required to provide information to the government if they receive a court order.

What about the amendments in the version of CISPA that was passed by the House Thursday? The amendments address some of the concerns but not all, according to privacy advocates. CISPA as passed, does offer a narrower definition of the information that can be collected and shared. The amended version of the bill would also impose new restrictions on how the data can be used by federal agencies.


Originally published on Computerworld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

IT ManagementWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question