Anonymous have called for web content providers to blackout their sites today to protest the US House of Representative’s approval of CISPA. Many people in and outside the US still have no idea what CISPA is, or what implications it has for their lives. Today, we look at CISPA: if you aren’t worried, you aren’t paying attention.
What is CISPA?
The Cyber Information Sharing and Protection Act (CISPA) allows internet service providers and sites such as Facebook, Twitter and Google to share its users private information with federal security agencies and ‘private sector entities’ (SEC3, a1), without legal reprisal.
Supporters claim the bill is intended to allow security and private agencies tackle cyber threats. Opponents of the bill argue it creates a legal framework for the websites we love to become government spies for private interests. Sadly, the opponents of the bill are right.
Opposition of the Bill is critical for those who care about the privacy of their personal information.
“Companies have new rights to monitor user actions and share data – including potentially sensitive user data – with the government without a warrant.
CISPA overrides existing privacy law, and grants broad immunities to participating companies.
Information provided to the federal government under CISPA would be exempt from the Freedom of Information Act (FOIA) and other state laws that could otherwise require disclosure (unless some law other than CISPA already requires its provision to the government).
CISPA’s authors argue that the bill contains limitations on how the federal government can use and disclose information by permitting lawsuits against the government. But if a company sends information about a user that is not cyberthreat information, the government agency does not notify the user, only the company”
Anyone with any doubts about the true intention of CISPA should look at the progress of amendments to the Bill that intended to safeguard privacy. A series of amendments with just this purpose went before the House of Representatives last week. These included:
- An amendment to ban employers from asking for the social media passwords of their staff as a condition of employment.
- An amendment to prevent companies selling personal information on for marketing purposes
- An amendment to refuse firearms sales records, library records and tax returns gained from private companies being used by the federal government.
All of these amendments were rejected last week, while the bill itself was approved by the House of Representatives.
This means that in future, a person’s private social media activity and behaviour could impact their employability; the information shared by web users in private chat, messages and emails could be hived off and sold to marketing firms; the private tax and library habits of a person can be passed from corporation to state and back again.
“CISPA is an extreme proposal that allows companies that hold our very sensitive information to share it with any company or government entity they choose, even directly with military agencies like the NSA, without first stripping out personally identifiable information.
We will work with Congress to make sure that the next version of information sharing legislation unequivocally resolves this issue, as well as tightens immunity provisions and protects personal information. Cybersecurity can be done without sacrificing Americans’ privacy online.”
The Bill will now move on to the Senate, which killed the previous iteration of CISPA (SOPA) last year by filibustering. President Obama has also threatened to veto the Bill. But opponents cannot take for granted that this will happen without maintaining and stepping up significant public pressure on web sites, internet service providers and legislators to kill this bill.
Why Should Those Outside the US Care?
It would be a big mistake for those of us outside the borders of the United States to believe that the passing of CISPA is solely an issue for Americans. It is the explicit intention that this Bill provides for managing perceived cyber threats in and outside the US. Therefore this legislation will dictate the privacy of personal information for internet users around the world.
To put this in some perspective, it helps to understand the sheer number of people this bill will impact. Facebook alone has a population of over 1 billion users and just a tenth of these are US based. In numbers, even if the Bill applied to Facebook users alone, it would be equivalent to legislating away the privacy of every citizen of the European and North American continents combined.
This Bill makes it legal for the personal information of internet users across the world, information provided in the belief that it was private, to be shared between state and private agencies – and without our knowledge. Emails, Facebook messages, twitter history, social media passwords, google search histories – all would fall under this bill.
We already know that sites like Twitter, Facebook, PayPal and Google have shown little respect for user privacy and shared this kind of information with state and private entities. The purpose of this legislation is to remove the legal protections from citizens around the world from challenging this illegal practice.
This is a matter we need to get deadly serious about, now. Given the rapid erosion of civil liberties in the real world, the internet has for many become the new home of free speech, assembly and protest. That home is under threat as the police state extends its reach into the online world. We simply cannot allow this to happen.
Blackout your site today – Put a blog post or headline about CISPA on your site and help spread the word.
US Readers: Sign the petition against CISPA.
Readers outside US: Sign the petition against CISPA.
Read more on the implications of CISPA here.
Join the CISPA IS BACK campaign and support their work.
The Electronic Foundation are also a hive of information on the bill and how to fight it.