The controversial Cyber Intelligence Sharing and Protection Act (CISPA) is headed to the House floor this week, so here’s a refresher on the proposed legislation and some of the latest news surrounding it.
What is CISPA?
The legislation was first introduced in 2011 by Rep. Mike Rogers (R-MI). In 2012, it passed in the House, but not the Senate. A revised version, cosponsored by Rep. Dutch Ruppersberger (D-Md), was introduced in February 2013.
This year’s iteration was approved by a House committee last week and is set for a full House vote this week, which could come as early as Wednesday.
The bill would free companies and the federal government to swap data about cyberthreats, giving the federal government a broader role in helping banks, manufacturers and other businesses protect themselves.
Who supports it?
CISPA is widely backed by industry groups that say businesses are struggling to defend against aggressive and sophisticated attacks from hackers in China, Russia and Eastern Europe. Businesses say the House version, which doesn’t include any mandates or stipulations, is the only way they would feel comfortable sharing information with the government about the vulnerability of their networks.
What are the privacy concerns?
Privacy groups and civil liberties experts say the bill would open up Americans to spying by the military. While the legislation does not identify the National Security Agency specifically, it’s widely expected that the military intelligence agency would take a lead role in analyzing threat data because of its expertise in the matter.
The Electronic Freedom Frontier noted that the 12 of the 42 amendments the House committee allowed to go to the full House floor for a vote this week, many did not address the civil liberty issues concerning to some:
Among the amendments that will not move forward are forward-thinking proposals by Reps.Adam Schiff (D-Calif.) and Jan Schakowsky (D-Ill.), both of whom suggested amendments that would address some of the core privacy concerns in CISPA. The first (PDF), championed by Rep. Schakowsky, would requires that the first point of sharing information with the federal government must be with a civilian agency, so that U.S. military or defense agencies won’t directly collect or receive cyber information on American citizens.
Another amendment (PDF) promoted by Rep Schiff, requires companies sharing information with the government or other private entities under the bill make “reasonable efforts” to remove personally identifiable information of individuals unrelated to the cyber threat.
What’s the White House’s stance?
Obama administration has threatened to veto CISPA in its current form, saying the bill fails to require irrelevant personal information to be removed before data is sent to the government or other companies. If this feels a bit like deja vu, it’s because this is the second time the White House has threatened to veto the proposed legislation.
“Citizens have a right to know that corporations will be held accountable – and not granted immunity – for failing to safeguard personal information adequately,” the White House said in its veto threat.
Lawmakers revising the bill say they have made accommodations to address these privacy concerns.
What else has privacy advocates upset?
During deliberation about the bill Rogers compared opponents to “14 your-olds” tweeting from their basement.
Watch the clip showing Roger’s speech uploaded to YouTube by CISPA-opponent Sina Khanifar:
“Once you understand the threat and you understand the mechanics of it and you understand how it works and you understand that people are not monitoring your content of your emails, people are like ‘got it, I’m in,’” Rogers said.
Many opponents picked up his comment, posting to Twitter their age, the fact that they don’t live in a basement and that they still disagree with the legislation:
— Shana Lyons (@ShanaLyons) April 17, 2013
— John D. Ferrara (@bigh0rse) April 17, 2013
— Paul Meyerson (@onetruefrosty) April 17, 2013
Stay tuned for the House vote and see where CISPA goes from there.
- What’s All This Talk About the Government Snooping on Emails for Cybersecurity? Does It Affect Me?
- Cybersecurity Bill for Infrastructure Updated to Address Privacy Concerns — But Some Say It’s Too Little, Others Too Much
- CISPA: How the New Cybersecurity Bill Isn’t SOPA But Some Say Just as Bad
- House Passes Controversial Cybersecurity Bill Even With Looming White House Veto Threat
- What Expected Executive Order Has Conservatives Concerned?
The Associated Press contributed to this report.