CISPA danger escalates as bill receives approval

Privacy & Security Posted on April 27, 2012

CISPA danger escalates as bill receives approval

The Cyber Intelligence Sharing and Protection Act (CISPA) was yesterday approved by the US House of Representatives, in a vote that brings the US one step closer to eradicating the very principle of user anonymity and privacy in the online space.

Having been rushed through a day earlier than expected, the House voted in favor of the bill with a bipartisan vote of 248 to 168. The bill will now go onto the Senate.

Mike Rogers (Rep), the author of the bill, said any organisations that opposed CISPA (which includes the American Civil Liberties Union and Electronic Frontier Foundation) were engaging in “obfuscation”. Rogers called on fellow congressmen to “stand up for America. Support this bill”. He added that CISPA was “the last bastion of things we need to do to protect this country.”

Unhelpful amendments

If you need a recap, CISPA essentially gives new powers to internet service providers, allowing them to bypass existing privacy laws and spy on the personal data (i.e. emails, web browsing history, Facebook activity, you name it) of their users and pass it on to government law enforcement agencies. The bill also allows ISPs and companies such as Facebook and Google, to share user information with each other about any potential, and ill-defined, ‘cyber security threats’ – while protecting them from any privacy lawsuits. It’s essentially a bill that invokes the spectre of state-sponsored cyber-terrorism to crack down on free-speech and online civil liberties.

Even worse, due to yesterday’s last minute amendments, CISPA has now become even more of a threat to online freedoms. According to TechDirt, the bill now encompasses three more uses – the protection of children, the protection of individuals and the prosecution of cyber-security crime.

“Basically this means CISPA can no longer be called a cybersecurity bill at all,” argues TechDirt. “The government would be able to search information it collects under CISPA for the purposes of investigating American citizens with complete immunity from all privacy protections as long as they can claim someone committed a “cybersecurity crime”. Basically it says the 4th Amendment does not apply online, at all.”

Presidential opposition

CISPA now allows the government to use CISPA for five specific purposes - cybersecurity; investigation and prosecution of cybersecurity crimes; protection of individuals from death or serious bodily harm; protection of minors from child pornography; and the protection of national security. But as the Electronics Frontier Foundation points out, “cybersecurity” and “national security” are terms that are incredibly vague and could encompass everything from posting copyrighted content, to circumventing digital rights management security on a DVD.

However, CISPA may not have a smooth ride ahead and there is still time to pressure US senators into opposing the bill. In fact, the opposition already has a pretty big player on their side – none other than President Obama himself. The Obama administration is wholly opposed to CISPA in its current form (though whether or not the Obama’s own proposed bill to address cybersecruity issues is any better remains to be seen.). A statement issued on Wednesday went as far to say The President would veto CISPA as it stands.

“Legislation should address core critical infrastructure vulnerabilities without sacrificing the fundamental values of privacy and civil liberties for our citizens,” read the White House statement. “Especially at a time our Nation is facing challenges to our economic well-being and national security…if H.R. 3523 were presented to the President, his senior advisors would recommend that he veto the bill.”

Still time to fight

Other politicians, from both the Republican and Democratic sides, also expressed their opposition to CISPA.

“In an effort to foster information sharing, this bill would erode the privacy protections of every single American using the internet. It would create a ‘wild west’ of information sharing,” said Republican Bennie Thompson of Mississippi. Republican Joe Barton added “until we protect the privacy rights of our citizens, the solution is worse than the problem.”

CISPA advocates may have won an important battle, but the war isn’t quite over. There’s still plenty of political opposition to make sure the bill stalls. However, given that online companies, such as Facebook, support CISPA, the US and global public need to continue to pile on the pressure and keep up the protests. More information on how to add your voice to the CISPA opposition can be found over at the EFF.

Privacy
We invite you to discuss this post in our Reddit community or on Twitter. You can also send your feedback to blog@ivpn.net.
IVPN News

Independent security audit concluded

By Nick Pestell

IVPN News

IVPN applications are now open source

By Viktor Vecsei

Releases

Beta IVPN Linux app released

By Viktor Vecsei

IVPN TunnelCrack vulnerability assessment Privacy & Security

IVPN TunnelCrack vulnerability assessment

Posted on September 7, 2023 by IVPN Staff

Context TunnelCrack is the combination of two independent security vulnerabilities (LocalNet attack and ServerIP attack) that affect VPN applications. The research paper detailing these vulnerabilities was published and presented on 11 August 2023. IVPN apps were not tested by the researchers, and unlike other providers, we did not receive a vulnerability disclosure.
Most people don't need a commercial VPN to work from home securely Privacy & Security

Most people don't need a commercial VPN to work from home securely

Posted on April 7, 2020 by Nick Pestell

Many small businesses and their employees are concerned about the security of their data whilst working from home during the coronavirus pandemic. We see a lot of confusion surrounding this topic, even from fairly technical folk and there is unfortunately a lot of misinformation being spread by commercial VPN providers themselves.
Spotted a mistake or have an idea on how to improve this page?
Suggest an edit on GitHub.