A little #CISPA Q+A


SOURCE: Daily Dot – http://www.dailydot.com/politics/what-is-cispa-2015/

How serious are these cyberattacks, really?

That’s a major point of debate. Those in Washington who push for stronger cybersecurity have for years referred to an imminent “Digital Pearl Harbor” or “Cyber 9/11,” where attackers will derail our critical infrastructure (think power plants, or air traffic controls) without stronger laws. And, to be fair, the U.S. itself appears to have already carried out such an attack when it released the Stuxnet virus on Iran, seriously hampering that country’s nuclear research program.

On the other hand, some researchers have found that statistics on the frequency of cyberattacks against the U.S. tend to be misrepresented by the government and are vastly overblown.

Both Obama and Ruppersberger have invoked recent high-profile attacks, like the one on Sony Pictures Entertainment, as evidence that we need information-sharing legislation. But experts say that’s nonsense, and wouldn’t have helped Sony in the slightest.

So under CISPA, the government could claim there was a cybersecurity breach and spy on any website it wants?

It’s not that easy. As CISPA’s supporters repeatedly stress, information-sharing is voluntary. Any network would need to give permission for a federal agent to have access. Note, though, that means the network’s permission. Not yours.

Why would a network want to volunteer?

Pretty simple: It means the government helps out with its cybersecurity efforts, which can be a real burden. Facebook, for example, infamously initially supported CISPA.

If I admitted in an email that I stole a candy bar, and the Department of Justice sees it, am I going to jail?

No, it has to be big. There are a few extremely specific criteria that have to be met for the government to actually prosecute civilians based on information acquired through CISPA—stuff like child porn or intent to commit terrorism.

If I’m not a terrorist pedophile, do I have anything to hide?

Plenty argue that CISPA directly violates any modern interpretation of the Fourth Amendment, which prevents “unreasonable searches and seizures” without a warrant. And to put it mildly, privacy advocates heavily contest the “what if I have nothing to hide?” argument. In short, you probably do have something to hide even if don’t realize it.

How is CISPA different from Obama’s proposal?

Obama’s proposal has several tenants, but both it and CISPA really stress information sharing. On one hand, privacy groups generally regard Obama’s version as similar, but with somewhat better user-privacy protections built in.

On the other hand, some groups, like the Electronic Frontier Foundation, question why we’d need an information-sharing law at all. There are already little-used government information-sharing programs in place, and a large number of high-profile hacks would be prevented if the victim used just basic security measures.

Will CISPA pass the House?

It’s still early. CISPA passed the House in both 2012 and 2013, but was led by the one-two punch of the two ranking members of the House Intelligence Committee, Ruppersberger and former Michigan Republican Mike Rogers, who has since retired.

Ruppersberger’s office has so far declined to share if they’re getting enough promises to give the bill a chance. And It’s hard to imagine Obama signing a bill in 2015 that he openly disparaged and repeatedly promised to veto.

However, given his own proposal’s insistence on information-sharing, it’s definitely possible Obama would agree to a compromise. In previous years, he’d hoped that the Democrat-held Senate could find a cybersecurity bill more to his liking, but they couldn’t ever get anything to pass, much less something that the Republican House would. Now that Republicans control the Senate, too, Obama’s hands are more tied.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s