House Leaders Try to Salvage Cybersecurity Bill By Watering It Down Slightly
Over the past couple weeks, another grassroots protest has emerged against legislation that would affect the Internet. It’s at a lower level than the SOPA/PIPA protests so far, but the activism against CISPA, which is considered cybersecurity legislation, is following the same trajectory. Many experts have described the threats from CISPA, particularly to the privacy of any Internet user. As the Electronic Frontier Foundation’s Trevor Timm told Kevin Gosztola, “what we’re really worried about is that companies will end up handing over large swaths of our emails, private messages on Facebook or Twitter, to the government with no judicial oversight.” Indeed, with CISPA, they will have plenty of incentives to do so.
These expert analyses have led to a number of civil liberties and Internet freedom groups lining up together to stop CISPA. The ACLU joined in on that today.
And now, much like with SOPA/PIPA, the Congressional leadership pushing for the bill is trying to salvage it.
Responding to criticism from privacy advocates, the House Intelligence Committee announced changes to the Cyber Intelligence Sharing and Protection Act (CISPA) on Monday […]
The new draft of the bill uses a different definition for a “cyber threat” that leaves out any reference to intellectual property infringement. Critics had warned that the bill’s definition was so broad that it could include people illegally downloading music and movies.
The new provision defines a cyber-threat as an effort to “gain unauthorized access to a system or network.”
But Michelle Richardson, legislative counsel for the ACLU, said the new language is still too vague.
“It could probably be interpreted broadly enough to include [intellectual property] anyway,” she said.
Another provision would give the Department of Homeland Security access to any information shared with the government, rather than the secretive National Security Agency. This ensures at least some oversight. And the draft maintains a private right of action for individuals and companies, who can sue the government if the information provided to them gets used for malign ends.
But the changes to the bill focus mainly on the IP concerns, and not the larger critique about the bill, which is that it provides incentives for large Internet companies to feed private communications to authorities. I don’t see this mollifying the critics at all.
The legislation is expected for a vote next week in the House.
One difficulty for the grassroots groups is that the Administration appears dug in on the bill. Led by counter-terrorism advisor John Brennan, they are in the midst of a full-court press on the bill, basically dismissing the civil liberties concerns of activists. The coalition opposing this will probably have to get bigger Silicon Valley firms on board before they get top-level attention.