CISPA and Why You Should Care
In early 2012, Internet users banded together to fight SOPA, the Stop Online Piracy Act. The law would have required Internet service providers and websites to block access to sites suspected of hosting or distributing copyrighted material. The law had far-reaching implications, and freedom of information activists and tech companies alike mobilized against it with an Internet blackout. On January 18th, 2012, sites like Wikipedia and Reddit blacked out their content, and millions of users changed their profile pictures to “Stop SOPA” avatars.
The new threat to Internet freedom is CISPA (the Cyber Intelligence Sharing and Protection Act) which passed the House last week. CISPA would allow service providers to find and share “threat information” by accessing your private data and sharing it with government agencies and law enforcement. This would include not only Internet service providers like Comcast and AT&T, but also search engines like Google and social networking sites like Twitter and Facebook. The Electronic Frontier Foundation, which opposes the bill along with the ACLU, argues, “It is written so broadly that it allows companies to hand over large swaths of personal information to the government with no judicial oversight.” (Jaycox and Opsahl, 2013.) Shared information — which could include everything from the sites you visit, to the contents of your email, to every file you have stored in cloud services — could be turned over to authorities, which are then free to compile and search the information as they see fit.
Perhaps the most troubling language in the bill states that the law would apply “notwithstanding any other provision of law,” meaning it would supersede any other laws or privacy policies. Representatives on both sides of the aisle proposed amendments that would curb CISPA’s reach. Rep. Alan Grayson, a Florida Democrat, attempted to include a one-sentence amendment to the bill that would require a warrant in accordance with the Fourth Amendment. Republican Rep. Justin Amash of Michigan proposed an amendment that would ensure service providers’ privacy policies remained valid and legally enforceable. Both amendments were rejected, meaning that under the current version of CISPA, companies would have no legal accountability for how and with whom they share your data.
The hactivist collective known as Anonymous has called for a CISPA protest on Monday April 22nd. They released this video announcement.
Anonymous has called on web developers and site owners to go black for 24 hours. You can read their full statement, including CISPA information, links to premade CISPA black out pages, and anti-CISPA avatars can be found here.
It is easy to dismiss the CISPA as doomed for failure and ultimately of little consequence. Granted, CISPA has to make it though a historically dysfunctional Senate that has difficulty passing any legislation, and President Obama has promised a veto. But, unlike SOPA, which most Internet service providers and other tech companies opposed, CISPA has the support of AT&T, Comcast, Time Warner Cable, Verizon, and a number of other companies. (Facebook and Microsoft also announced support for the measure, but have since become somewhat ambivalent.) And, in the wake of the tragedy in Boston, CISPA could easily be framed as anti-terrorism measure. After all, a YouTube account under the name Tamerlan Tsarnaev bookmarked videos with the label “terrorists.” It’s not difficult to imagine CISPA proponents suggesting that the law would have allowed YouTube to report such activity, possibly preventing the attack. In the face of horror, we Americans often become willing to sacrifice civil liberties in the name of security. So, please contact your Senators and tell them to oppose CISPA. You can find your Senators and their contact information by going to www.senate.gov/general/contact_information/senators_cfm.cfm.
Jaycox, Mark M. and Opsahl, Kurt. (2013, 25 February). CISPA is back: FAQ on what it is and why it’s still dangerous. Electronic Frontier Foundation. Retrieved 19 April 2013. From https://www.eff.org/cybersecurity-bill-faq.