Yesterday, the U.S. House of Representatives passed the Cyber Intelligence Sharing and Protection Act (CISPA). While the bill was introduced with bibartisan sponsors, the bill passed the house on mostly party lines…Republican “yes” votes were 206 and Democrat “No” votes were 140. Both sponsors were the ranking members of the House Intelligence Committee. 42 democrats supported the bill while 28 republicans were against it, including Republican U.S. representative and presidential candidate Ron Paul who called it “Big Brother writ large”. President Obama has threatened to veto the legislation if it remains in its current form, but Obama waffled on his support of SOPA, so who know what could happen in an election year.
Why would this bill be fast-tracked while other data security bills or data privacy bills have been stymied for years?
Does this bill simply legalize the warrantless wiretapping that is already being done throughout the country?
Rather than being an attack on the first amendment like SOPA, CISPA attacks the fourth amendment to the constitution. The Fourth Amendment of the Constitution says:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
A good question to ask might be what is an unreasonable search? For Law Enforcement, if you see someone in public committing a crime, they can act. Why is there an expectation of privacy for communications over Facebook? Over email? It is probably very reasonable to expect that Law Enforcement can look at all publicly available information on Facebook. Is it reasonable to let them look at information that a user has expressly defined as private? Keep in mind that no one is saying that Law Enforcement can’t get a warrant to access the information.
Of course, none of these questions are posed in the bill. Instead, CISPA purports to create a more secure Internet. How does it attempt to do this? One blogger site took Representatives Rogers and Ruppersberger to task over their own lack of security on their congressional web pages, including broken certificates, lack of HTTPS and broken links.
When asked about whether the government could use this private information to spy on its own citizens, one Representative, Dan Boren (D-Oklahoma) said: “The government is not the enemy.” I don’t think this would be comforting to most Americans, given the low approval rating of Congress right now.
So why isn’t there greater oposition from all the same organizations that were against SOPA? One answer might be that SOPA requred a lot of intervention on the part of search engines or payment processors (think Google, Yahoo, PayPal, etc.) They would have had to have dedicated people to respond to requests and to develop technology to help respond. CISPA would mostly impact ISPs, who in large part support the legislation.