Last year, Netizens concerned about their personal privacy managed to drive a stake through the heart of PIPA and hold SOPA's head under the bathwater until the bubbles stopped coming. They even managed to fight off the Cyber Intelligence Sharing and Protection Act. But like one of the undead, CISPA is rising again to terrorize us all.
Theoretically at least, CISPA is supposed to make it easier to defend our little corner of the InterWebs -- and everything that depends on it, from banking systems to utility companies -- from cyber attacks. It's hard to argue with that. But everything else CISPA could allow has moved the villagers at the Internet Defense League and their friends to break out the torches and pitchforks.
[ Cash in on your IT stories! Send your IT tales to firstname.lastname@example.org. If we publish it, we'll keep you anonymous and send you a $50 American Express gift cheque. | For a humorous take on the tech industry's shenanigans, subscribe to Robert X. Cringely's Notes from the Underground newsletter. | Get the latest insight on the tech news that matters from InfoWorld's Tech Watch blog. ]
Over at Wired, DoD security consultant Chris Finan argues legislation that makes it easier for law enforcement and private firms to work together to protect our cyber infrastructure is a good thing. However, CISPA as it currently stands isn't it.
The problem? CISPA negates existing privacy laws, holds private corporations exempt from prosecution for abusing or mishandling our personal information, and allows them to share our data with a wide range of federal agencies, most of whom have nothing to do with cyber security. Aside from that it's just peachy.
The EFF has a list of some 600 federal agencies that could request your data under CISPA. It includes all the usual suspects (FBI, DHS, and so on), as well as truly obscure ones, like the Office of the Second Children, National Cemetery Administration, and the National ICE Center -- because the safety of our nation depends on the vice president's children, dead people, and ice skaters having access to your data.
(Yes, I know "ICE" stands for "Immigration and Customs Enforcement." It's a rule here in Cringeville: Never let the facts get in the way of a stupid joke.)
CISPA can be fixed, Finan argues, by limiting the kind of information that is shared and who gets to see it. The question is, does anyone in Washington really want to fix it? Or is this kind of corporations-gone-wild information sharing the real point of the bill?
We've seen this before. The PATRIOT Act was supposed to be all about keeping us safe from terrorists -- that was the sales pitch. As it turns out, it was too tempting to use the same Fourth Amendment-bypassing provisions to chase run-of-the-mill drug lords and money launderers (unless they were also large multinational banks, in which case they got a free pass).