When it comes to legislation involving the Internet, the masses have become quite paranoid. Perhaps rightly so.
The latest bill to gain attention online is CISPA, or the Cyber Intelligence Sharing and Protection Act. As the title suggests the main goal of the bill is to deal with “cybersecurity,” but with a lack of definition as to what that actually entails, it’s also one of the major weaknesses.
In short CISPA would allow companies to spy on Internet users and collect and share this data with third-party companies or Government agencies. As long as the company states that these privacy violations are needed to protect against “cybersecurity” threats, they are immune from civil and criminal liabilities.
Some have described the bill as a new SOPA, but it’s nothing like it. Where SOPA was focused on the shutting down of copyright infringing websites, CISPA is directly targeted at individual Internet subscribers, including copyright infringers.
While the definition of a cybersecurity threat is rather vague, intellectual property is specifically mentioned in the bill. For example, among many other descriptions CISPA defines a cybersecurity purpose as follows.
“A system designed or employed to […] protect a system or network from […] theft or misappropriation of […] intellectual property.”
In other words, the bill would make it possible for ISPs to actively monitor the private communications of subscribers to detect and censor the transfers of copyrighted content. In addition, the personal details of these users could then be freely shared with third parties.
It’s hard to not interpret the above as a huge problem for people’s right to private communications.
While there is little known about how companies and authorities plan to use the bill, it is the vagueness and broad definitions that get people worried. Copyright holders should have tools to protect their rights, but as it stands CISPA completely destroys people’s right to privacy under certain circumstances.
This has caused great concern among the public, and a few days ago digital rights group EFF also sent out an alarming message warning people about the looming threat posed by CISPA.
“There are almost no restrictions on what can be collected and how it can be used, provided a company can claim it was motivated by ‘cybersecurity purposes’,” EFF writes.
“That means a company like Google, Facebook, Twitter, or AT&T could intercept your emails and text messages, send copies to one another and to the government, and modify those communications or prevent them from reaching their destination if it fits into their plan to stop cybersecurity threats.”
In recent weeks CISPA has gained support from over 100 lawmakers in Congress, anti-piracy lobby groups such as the BSA and US Chamber of Commerce, but also tech companies including Facebook, Microsoft and Verizon.
These supporters are likely to argue that the bill wont be used as a massive spying machine, but if that’s the case the text should be amended to reflect that. To a certain degree CISPA faces the same problem as SOPA, in that the vagueness of the definitions give rise to speculations, in this case horrific 1984-like spying systems.
In its current form CISPA serves only to fuel the paranoid concerns of the public in which ironically the bill itself exists as the security threat.