Now Is The Time To Improve CISPA Before Friday's Vote By Pushing These Critical Amendments
from the last-minute-push dept
Update: The White House has now officially threatened to veto CISPA.
In Congress, this week is CISPA week. With the bill going up for debate tomorrow, and the final vote scheduled for Friday, it's clear that the voice of the internet community has had an impact. The reps have been proposing their final amendments, and all are clear attempts to address some of the biggest criticisms from civil liberties groups and the public. CISPA has strong bi-partisan support and a very good chance of passing—and unfortunately, it's still a highly problematic bill. But, while the proposed amendments cannot perfect it, some of them could certainly reduce its potential for abuse in significant ways. If you're looking for a practical way to fight back against the serious privacy violation that CISPA represents in these final days before its potential passage, encouraging your representative to support these amendments is a good place to start.
There are two in particular that, though simple, would make drastic improvements on CISPA by refocusing it on network security and minimizing the chance of shared data being used to go after individuals. An amendment from Rep. Barton (pdf and embedded below) would insert the sensible requirement that shared data will only include personal information (further defined to include the content of any communications and even IP addresses) if it is necessary to combat a specific cyber attack. Another, even better amendment from Rep. Akin (pdf and embedded below) goes a step further and would bring CISPA back in line with the fourth amendment by barring the sharing of any personally identifiable information without a warrant. Of course, it's annoying that such an amendment is necessary—but the whole point of CISPA is to route around well-established requirements like going to a judge before violating someone's privacy. Though the bill still creates all sorts of potential privacy problems, the Akin amendment fixes a big one.
Rep. Thompson has also proposed an amendment (embedded below) that is supposed to address privacy concerns, and TPM reports that it is being backed by Ron Paul, who got attention earlier this week with a strong condemnation of CISPA. However, the Thompson amendment seems to lack teeth: it has a lot of talk about "minimizing" the impact on privacy and making "reasonable efforts" to remove personal information, and graciously offers to consult with "civil liberties stakeholders" (wouldn't that be everybody?), but it sets down no firm requirements or limitations. Despite being a fraction of the length, both the Akin and Barton amendments would do far more to fix CISPA, because they clearly prohibit certain activities.
Thompson's other proposed amendment (embedded below), however, is very good: it would limit the government recipients of the data from the overly broad "Federal Government" in the current bill to just Homeland Security and other civilian agencies. This addresses the significant fear that the NSA could use CISPA to expand their already-aggressive data collection programs. While civilian agencies and the DHS especially are hardly perfect, this would still be a lot better than handing data collected under CISPA over to the intelligence community.
There are other amendments on the table too, but these are some of the ones that get directly to the core privacy issues that make CISPA so dangerous. The CDT has a post taking a look at others. Ultimately the best solution would be to toss the bill out and start again, drafting sensible cybersecurity legislation that is evidence-based (starting with an evaluation of whether or not its even needed), and since Friday's vote is still not guaranteed there's no reason to stop speaking out against CISPA as a whole. But it's also a good idea to ensure that the bill is as good as it can possibly be when it goes up for vote, by pressuring Congress to adopt these critical amendments.