Under CISPA 2015 (HR 234), the Secretary of Homeland Security, the Attorney General, the Director of National Intelligence, and the Secretary of Defense would create the cyber threat information sharing program and also provide oversight for the program’s civil liberties protections. This is akin to allowing the foxes to guard the hen house.
CISPA 2015 also mandates privacy and civil liberties reports, but allows government agencies to classify the annexes to the reports. In other words, CISPA 2015 does not intend to have any real oversight for civil liberties and privacy. Cyber threat information shared with the government would also be exempt from the Freedom of Information Act and would be a serious blow to transparency in government.
Perhaps the worst thing about the CISPA 2015 bill is that it would give immunity from criminal prosecution and lawsuits to anyone sharing cyber threat information with the government. CISPA 2015 would provide for an even cozier relationship between Silicon Valley and the US government at the detriment of civil liberties and privacy for everyone else.
The Cyber Intelligence Sharing and Protection Act (CISPA) is the bill in the US Congress that just refuses to die. Like a zombie, it keeps rising from the dead to harass cyber activists and civil liberties advocates. In a slight reprieve, Representative Mike Rogers, CISPA’s previous co-sponsor, has announced that he will not run for re-election. Never one to waste an opportunity for a crisis, a House Democrat, Representative Dutch Ruppersberger, has decided to re-introduce CISPA after the Sony hacks, which the US government blames on North Korea.