How CISPA threatens our First Amendment rights

The latest 'cyber security' bill is less about protecting us from hackers and spies, and much more about using Facebook and Google to prosecute whistleblowers.

It’s the oldest trick in the Congressional playbook. When you’ve got a piece of legislation you know people will object to because it violates their basic Constitutional rights, call it a “security” bill. Anyone who opposes that bill automatically becomes a friend of the terrorists, the communists, or any other boogieman-du-jour.

So it was with the Patriot Act, a Christmas gift for law enforcement that had been sitting around for years, waiting for an event so horrific Congress would happily gut the Fourth Amendment in the rush to remain ‘secure.’ Yes, the Patriot Act broke down bureaucratic barriers between different security agencies, enabling them to share information more efficiently in a post-9/11 world. It also expanded the government’s ability to spy on American citizens who were not suspected of wrongdoing and avoid judicial checks and balances in cases that had nothing to do with terrorism.

And so it is with the Cyber Intelligence Sharing and Protection Act (CISPA), another “security” bill that enables the free flow of information – in this case from private companies to the Federal government, and vice versa.

As I wrote last week, one of CISPA’s biggest problems is that its definition of “cyber threat” includes “theft or misappropriation of private or government information, intellectual property, or personally identifiable information.”

Upload the latest Gotye MP3 to a torrents hub? That’s a cyber threat. Publish proprietary training manuals for a skeezy religious cult on the Web? That’s a cyber threat. Leak the Pentagon Papers to the New York Times and Washington Post? That too would be a cyber threat.

One might be willing to write off a bill whose definition of security threats includes the Pirate Bay, WikiLeaks, and our nation’s paper of record as just sloppy legislating. But this is no accident. CISPA is directly targeting people who leak government and nongovernment secrets to journalists or anyone else – and they want to deputize Facebook, Google, Twitter, and Microsoft to help do their dirty work. 

Stephen Aftergood, author of the Secrecy News blog for the Federation of American Scientists, found the smoking gun in the transcripts to a May 2011 hearing of the US Senate’s Select Committee on Intelligence [PDF], which were made public last week.

The hearing concerned the confirmation of Lisa O. Monaco to head up the Justice Department’s National Security Division. The senators were keenly interested to hear about how the DOJ is prosecuting government whistleblowers for leaking information to the media, and how they can increase that number. Here’s one of the prehearing questions [PDF] Monaco answered:

Are there any steps that the Department could take to increase the number of individuals who are prosecuted for making unauthorized disclosures of classified information to members of the news media?

Her answer? She would direct the DOJ to “aggressively pursue” those cases – and she has. As Aftergood notes,

…the number of individuals charged with Espionage Act violations by the Obama Administration for disclosing information to the media without authorization is unprecedented and exceeds all previous cases in all prior Administrations combined.

The reasons? One is the intense focus on this demanded by the US Congress, inspired clearly by the Bradley Manning-WikiLeaks case. But another is the relative ease of tracing communications between inside sources and journalists via their “electronic footprints,” says Aftergood. And that is where CISPA comes in.

Having a private DM conversation with a journalist on Twitter or via a Facebook chat? Those convos are no longer private, if Uncle Sam says so. The very fact that a person with access to sensitive information is talking to the media is enough to make them fall under suspicion -- and to intimidate others from ever talking at all. 

By enabling the Feds to gain access to all of our electronic communications -- while offering legal immunity to companies like Facebook or Google who cooperate in good faith -- all of our electronic footprints can be shadowed, no matter where they fall. Private companies can just hand over any information that is requested, no subpoena required. And this doesn’t apply only to classified government information, as in the Bradley Manning case – it applies to anything with a copyright attached or that is deemed “intellectual property” by a private entity.

In short, it’s a war on whistleblowers and corporate leakers. And in that CISPA becomes a direct threat to the First Amendment.

This means that the fight against CISPA will be even tougher than it looks. That vague and overbroad language in the bill is not a mistake; it is what CISPA is all about, which means it’s unlikely to be amended out.

I don’t know about you, but that makes me feel less secure, not more.

Got a question about social media? TY4NS blogger Dan Tynan may have the answer (and if not, he’ll make something up). Visit his snarky, occasionally NSFW blog eSarcasm or follow him on Twitter: @tynan_on_tech. For the latest IT news, analysis and how-to’s, follow ITworld on Twitter and Facebook.

Now read this:

Facebook's 'man in the middle' attack on our data

Making Facebook private won't protect you

Google’s personalized search results are way too personal

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon