Legislators in Washington are at it again, working tirelessly to ruin a perfectly good Internet.
Maybe it would be different if they consulted with leaders in technological advancements to find out the implications of an idea. Or maybe they could ask what technology might break because of a bill. But that’s not how it works.
I imagine the Congressional discussions of Internet manipulation to be like a group of senior citizens sipping coffee at McDonald’s at 5:00 a.m. and fussing about those “dagburned Internet machines” taking over life as they once knew it.
Surely it can’t be that way, but when you read the legislation, you have to wonder.
SOPA and PIPA threatened to do all sorts of bad things to the Internet. There was a whole list of problems with that legislation, and though massive Internet protests managed to derail the bills, it’s worth noting that if not for those protests, SOPA and PIPA would have been passed with much bipartisan support.
Then CISPA came along, and while it wasn’t a brutal pillaging of core Internet technologies like SOPA and PIPA, it would have opened the door for some serious privacy issues. With full cooperation from the Heritage Foundation (which was an outright betrayal of the American public), House Republicans managed to pass CISPA and send it to the Senate, where it fortunately hasn’t gone anywhere – yet.
I spent most of Friday in disbelief.
The House was supposed to be considering the Cyber Intelligence Safety and Protection Act, otherwise known as CISPA, on Friday. Thursday I caught some rumors that it was being moved up a day, and when I got online Friday morning, I found that they had indeed voted on it, and it passed 248-168.
My disbelief wasn’t that it passed but rather that my Congressman, Tom Graves, had voted in favor of it. He has a 5-way conservative test for considering legislation, and I’m still not sure how CISPA passed his test. I think CISPA has some obvious Constitutional problems, and when I saw Graves’ vote, I felt (for lack of a better word) betrayed.
That’s not to say that Graves is awful and needs to be thrown out. On the contrary, Tom really is a pretty good Congressman, and he’s usually on the right side of an issue even before I offer my input on legislation. For example, he opposed NDAA, and he was opposing SOPA before everybody else. Graves wasn’t the only usually-good Congressman to vote for this bill. Several others shocked me with a vote for CISPA as well.
While asking around and looking for reasons why these Congressmen went the wrong way on this bill, I was told multiple times that The Heritage Foundation was a major influence in CISPA’s passing. How unfortunate. While The Heritage Foundation typically does a good thing, apparently when it’s wrong, it’s really wrong.
Yesterday evening, the House — acting a day earlier than scheduled — passed the Cyber Intelligence Sharing and Protection Act (CISPA) in the face of opposition from the White House and a skeptical Internet community:
The House on Thursday approved cybersecurity legislation that privacy groups have decried as a threat to civil liberties.
The Cyber Intelligence Sharing and Protection Act, or CISPA, sponsored by Reps. Mike Rogers (R-Michigan) and Dutch Ruppersberger (D-Maryland), passed on a vote of 248 to 168.
Its goal is a more secure internet, but privacy groups fear the measure breaches Americans’ privacy along the way. The White House had weighed in on Wednesday, threatening a veto unless there were significant changes to increase consumer privacy. The bill was amended to provide more privacy protections, but it was not immediately clear whether the Senate or the White House would give the amended bill its blessing.
On September 11, 2001, our world changed. It seems unreal that it was just nine years ago that Osama bin Laden managed to terrorize an entire nation. We responded militarily, as we tend to do when sucker punched like that. However, I’ve had an idea that’s been bouncing around my head for a little while now, and that is based partially on the idea that Congress can issue letters of marque and reprisal. In the digital age.
Al Queda has money. They have technical savvy. And they’re a pain in the butt.
However, a large amount of their ability to function is because of the internet and secure computer systems. Their money’s in banks, they use the internet to communicate. They’re backwards, but very 21st century at the same time. Every system they use is vulnerable to hacking.
So why not let the hackers have a field day?
Hackers, once considered a plague on computer systems, have been around since before the computer age. They used all kinds of tricks to get around the telephone systems for free. With the coming of the computer age, hackers started poking around in the new technology. Some maliciousness started, just look at viruses, but most hackers are just the curious sort. They might want to hack the Department of Defense computer system, but most to see if they can do it.
Now, let’s let them take that curiosity, and focus it on Al Queda. By issuing a letter of marque, you can hone the hackers’ skills towards crippling Al Queda. They want to hack a bank computer? Sure. However, you can only touch Al Queda money. Of course, once you hack it, it’s yours. They would be digital privateers, raiding the waves of the information superhighway and still fighting terrorism
Despite a veto threat from the White House, the House of Representatives overwhelmingly passed the Cyber Intelligence Sharing and Protection Act (CISPA), a bill that puts Internet privacy at risk:
The Cyber Intelligence Sharing and Protection Act (CISPA), H.R. 624, was approved in a 288-127 vote despite ongoing fears from some lawmakers and privacy advocates that the measure could give the government access to private information about consumers.
Ninety-two Democrats voted with Republicans in favor of the bill and just 29 Republicans opposed it. The bill secured enough votes to override a veto.
That’s greater support than last year, when a similar bill passed 248-168 with the support of 42 Democrats. Twenty-eight Republicans opposed that bill.
Click here to see how the representatives from your state voted.
While most agree that more needs to be done to protect the United States from hackers and other cyber threat, it needs to be done in a way that ensures Internet privacy. The bill, as currently, simply doesn’t go far enough to that end. The Electronic Frontier Foundation (EFF) recently noted that CISPA gives immunity to companies that improperly share data with the government.
It looks like President Barack Obama may finally come down on the right side of an issue. According to a statement released yesterday from the White House, President Obama has issued a veto threat over H.R. 624 — the Cyber Intelligence Sharing and Protection Act, which is more commonly known as CISPA.
“The Administration recognizes and appreciates that the House Permanent Select Committee on Intelligence (HPSCI) adopted several amendments to H.R. 624 in an effort to incorporate the Administration’s important substantive concerns,” read the statement from the White House. “However, the Administration still seeks additional improvements and if the bill, as currently crafted, were presented to the President, his senior advisors would recommend that he veto the bill.”
The “improvements” mentioned in the statement are the need for greater privacy protections than the bill currently provides for Internet users.
“H.R. 624 appropriately requires the Federal Government to protect privacy when handling cybersecurity information,” noted the statement. “Importantly, the Committee removed the broad national security exemption, which significantly weakened the restrictions on how this information could be used by the government.”
It’s not often that writing about politics intersects with my day job of managing servers for a large company. It does happen from time to time, but for the most part, they’re two very different worlds. This month being National Cyber Security Awareness Month brings me to one of those intersections.
(I’ve got a site disclaimer that covers this, but it’s worth mentioning again that the opinions expressed by me are my own and that I’m not authorized to speak on behalf of anyone other than myself.)
National Cyber Security Awareness Month is an effort by the National Cyber Security Division of the Department of Homeland Security to promote awareness of security vulnerabilities and encourage people to follow best practices with their security online.
If you’ve read any of my posts for more than about 12 seconds, you’ll know that I’m no fan of government bureaucracies. DHS is no exception to that rule, but rather than discussing the inadequacies of DHS and its agencies, I’d like to use this opportunity to encourage you to do some things to enhance your security online.
Security is important. You should guard your data. You should guard your personal information. You should be careful about posting information that will compromise your physical safety. This stuff is all very important.
A while back, I was using FourSquare and checking in everywhere I went. A girl from my gym (who I didn’t know) added me as a friend. From that one interaction, I was able to find her elsewhere online. That led to a complete stranger having access to her work schedule, address, phone number, email address, and an active feed of where she was checking in around town.
Written by Jim Harper, Director of Information Policy Studies at the Cato Institute. Posted with permission from Cato @ Liberty.
If you’re not at the table, you’re on the menu.
That aphorism about Washington, D.C. power games certainly applies to the “cybersecurity council” that a draft Obama Administration executive order would create.
The failure of cybersecurity legislation in Congress was regarded as “a blow to the White House“—heaven knows why—so the plan appears to be to go ahead and regulate without congressional approval. Under the draft EO, a Department of Homeland Security-led cybersecurity council will develop a report to determine which agencies should regulate which parts of the nation’s “critical infrastructure.”
With the passage of the Cyber Intelligence Sharing and Protection Act (CISPA) in the House last week, many of us are still trying to determine the impact of the bill on the Internet and how it will affect users.
There is no easy answer to the question, after all, this is a complex issue in a time when hacking and other cyber crimes are becoming more prominent. But those of us that helped kill the Stop Online Piracy Act (SOPA) because of concerns over censorship, CISPA may indeed be much worse because it essentially ignores Fourth Amendment protections:
According to the bill’s main author, Rep. Mike Rogers (R-Mich.), CISPA’s main purpose is to allow companies and the government to share information to prevent and defend against cyberattacks. But the bill’s language is written so broadly that it carves out a giant cybersecurity loophole in all existing privacy laws.
The problem is in the bill’s definition of “cyber threat information” and how companies can respond to it. “Cyber threat information” is an overly vague term that can be interpreted to include a wide range of tasks that normally wouldn’t be considered cyberthreats — like encrypting emails or running an anonymization tool such as Tor — and as a result, a company’s options would be so numerous as to allow it to read any user’s communications for a host of reasons.