SEC Investigating Hollywood Studios For... >>
<< UK Police Planning To Arrest Twitter Users For...
 tdicon 

Legal Issues

by Mike Masnick

Thu, Apr 26th 2012 10:49am




Filed Under:
cispa, cybersecurity


Can CISPA Be Fixed?

from the perhaps-not dept

We've been arguing for quite some time now that we'd like to see the actual evidence for why a "cybersecurity" bill is actually needed. We've heard fearmongering and warnings of planes falling from the skies, but no evidence that there's a real problem here -- or, if there is a problem, that it needs a legislative solution. And yet, still, CISPA moves forward. Of course, while we still believe that some amendments could fix some of the more egregious problems with CISPA, there is still the big question of whether or not it's needed at all. Larry Downes has taken on the question of whether or not CISPA can be fixed and has decided that it cannot be, and that it represents a real threat to some key elements of the internet ecosystem. He lists out some key rules for policy makers (and goes into great detail on each, so click through):
  • Don’t legislate technology using definitions that are either too specific or too general
  • Don’t legislate technology until you can articulate concrete and calculable harms
  • Don’t encourage or require information sharing with the government unless it’s unavoidable
All of this seems quite reasonable... which is why it's an uphill battle to get people to follow through on it.

40 Comments | Leave a Comment

If you liked this post, you may also be interested in...

Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    Skeptical Cynic (profile), Apr 26th, 2012 @ 10:00am

    CISPA is broken because of one fact...

    It is not designed to actually protect people. People are the most prolific users of the internet, not the collectives like Government or Business. CISPA should fail because only protection that service the needs of the people first should ever be implemented.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    :Lobo Santo (profile), Apr 26th, 2012 @ 10:54am

    ...can't ...keep ...it ...in

    "Can CISPA Be Fixed?"
    "No!"

    Sorry, articles titles which are easily answered in a single word do that to me...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Apr 26th, 2012 @ 11:01am

    DMCA

    What are the chances of Techdirt getting a DMCA on one or more of its CISPA articles? It happened with PIPA/SOPA, it could happen here.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Apr 26th, 2012 @ 11:06am

    complete waste of time considering no one is interested in even amending CISPA, let alone abandoning it.

    the biggest change needed is one that prevents anyone from introducing a Bill until they have a reasonable amount of knowledge on the subject concerned in that Bill, and not just able to recite info parrot fashion!

     

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click to show the comment.
     
    identicon
    Anonymous Coward, Apr 26th, 2012 @ 11:08am

    "fixed"

    By fixed you mean changed to support your world view?

     

    reply to this | link to this | view in chronology ]

    • This comment has been flagged by the community. Click to show the comment.
       
      identicon
      Anonymous Coward, Apr 26th, 2012 @ 11:13am

      Re:

      Yep. If it doesn't comport with Mike's incredibly-narrowed view, it's broken.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Apr 26th, 2012 @ 11:23am

      Re:

      No.

      Fixed, as in:

      Gunner: "The orbital cannon has a Fix on the target. What are your orders Captain?"

      Captain: "Fire the orbital cannon! Full power!"

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Glen, Apr 26th, 2012 @ 11:37am

        Re: Re:

        I'd use the same solution for the two trolls ahead of you.

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Apr 26th, 2012 @ 11:46am

          Re: Re: Re:

          Take note that the second comment was made "exactly" 5 minutes after the first. Note also that the theme of the comments is the same (I hate Mike for no good reason!), and that they have no substance whatsoever.

          I'm guessing this would be one of those situations where you really could hit two birds with one stone.

           

          reply to this | link to this | view in chronology ]

    •  
      icon
      heyidiot (profile), Apr 26th, 2012 @ 12:55pm

      With a very sharp knife

      "Fixed" in the same way one would "fix" a male dog.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    PlagueSD (profile), Apr 26th, 2012 @ 11:11am

    "You can't fix stupid." - Ron White

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    shawnhcorey, Apr 26th, 2012 @ 11:13am

    Fixed as in neutered or splayed? Sounds good to me. :D

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Berenerd (profile), Apr 26th, 2012 @ 11:19am

    is anyone else watching twitter?

    I am noticing more and more "Sky is falling" senerios from reps who are supporting the bill or are voting for the bill...like OMG FOX BUSINESS WEBSITE MIGHT GET HAXORED!" from Mrs bachman...just...wow...really?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    weneedhelp (profile), Apr 26th, 2012 @ 11:21am

    Broke needs fixed.

    Its not CISPA that is broke, it's Congress. The question should be; How do we fix congress?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Rekrul, Apr 26th, 2012 @ 11:39am

    You're working on the assumption that CISPA is a legitimate bill meant to address a legitimate concern and that it will be abused for things the creators of the bill never intended.

    The truth is that CISPA was intended right from the start to be a general purpose spying bill that the creators wanted to be vague so that it could be used for virtually anything.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Jose_X, Apr 26th, 2012 @ 12:09pm

      Re:

      I'm not arguing for more spying, but are people really looking at this from the point of view of a group of people (federal government leadership of the US) who feel personally vulnerable to death plots on a daily basis and who since 911 no longer feel this threat is theoretical?

      Besides that, isn't it likely our military leaders who protect them and also see their own lives vulnerable are also pressing on legislators (and we know it's not easy for them to say not to these guys)?

      To a lesser extent, a lot of major business leaders and wealthy individuals likely are pressing as well since they probably see major financial losses at risk (if not their own necks).

      This personal threat aside, how can anyone argue point blank that preserving the state of order at the federal level is not in the best interests of individual Internet users? Do people really think the Internet will keep humming along without fights and blackouts if the federal government takes a brutal hit?

      Again, this is not to argue for any specific proposal in this or any bill, but the comments sometimes suggest people aren't recognizing what can reasonably be an elevated state of fear in the collective mind of DC. Not only are some of their concerns legitimate, but if you don't understand where they are coming from, you will have a harder time being heard clearly. [I'm fairly sure these major groups opposing the bill have thought about this, and that should be one reason why they might be willing to accept an imperfect bill.]

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        John Fenderson (profile), Apr 26th, 2012 @ 12:19pm

        Re: Re:

        Again, this is not to argue for any specific proposal in this or any bill, but the comments sometimes suggest people aren't recognizing what can reasonably be an elevated state of fear in the collective mind of DC. Not only are some of their concerns legitimate, but if you don't understand where they are coming from, you will have a harder time being heard clearly.


        I think most people understand all that pretty well. But that they have an irrationally elevated level of fear doesn't mean that we need to tolerate their irrational legislative responses.

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Rich Kulawiec, Apr 26th, 2012 @ 12:55pm

        Re: Re:

        [...] but are people really looking at this from the point of view of a group of people (federal government leadership of the US) who feel personally vulnerable to death plots on a daily basis and who since 911 no longer feel this threat is theoretical?

        Anyone who feels that way is (a) an idiot and (b) a coward. They should be removed from public service immediately and permanently: they're simply not good enough to serve the citizens of the United States.

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Apr 26th, 2012 @ 1:06pm

        Re: Re:

        If we're at so much risk why isn't the first step to improve our defenses? CISPA does absolutely nothing to incentivize basic IT security like patching vulnerabilities as quickly as possible and instead encourages pro-active monitoring of private communications by both third-parties service providers and the government. Does the bill do anything to encourage vulnerabilities are reported to vendors and patched as quickly as possible? No, in fact the nature of the bill is such that these kinds of things will go unreported so that 'they' won't know that the government knows that they exist. Which seems great for the government and their industry partners (but is actually just going to shoot them in the foot in the long run) and at the user level will actually make individuals less safe.

        The bill doesn't preserve the state of order at the federal level. It creates an illusion of order at the federal level that will be disastrous for individual users and will ultimately leave the federal level more vulnerable longer term. That's without even getting into the major issue that broad immunity from liability presents in any bill.

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Apr 26th, 2012 @ 1:08pm

        Re: Re:

        Oh, and since when does fucking 911 have a single solitary thing to do with cybersecurity? Were the plains hacked and remote piloted into the towers or something? Why is an actual, ultimate of low-tech, physical attack indicative at all that a cyber threat is 'no longer theoretical?'

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Rekrul, Apr 26th, 2012 @ 7:18pm

        Re: Re:

        This personal threat aside, how can anyone argue point blank that preserving the state of order at the federal level is not in the best interests of individual Internet users? Do people really think the Internet will keep humming along without fights and blackouts if the federal government takes a brutal hit?

        What's wrong with writing a narrowly defined bill that can be used for real threats, not used for anything under the sun and which has real penalties for its abuse?

        Is a denial of service attack on a web site really a serious enough threat that we need a new law and extra harsh new punishments to deal with it? Especially considering that it's the online equivalent of the Occupy Wallstreet movement. And should private companies really have blanket immunity for sharing customer's private data regardless of whether there was a valid reason to do so or not?

        If this bill was written so that it only applied to cyber threats that actually endangered lives of threatened the stability of the net, and which included penalties for the abuse of said law, nobody would have a problem with it.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Apr 26th, 2012 @ 11:54am

    Nothing is going to be fixed. The only reason why we were successful in taking down SOPA is because the internet corporations did not like it. They like this bill.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    squirrel (profile), Apr 26th, 2012 @ 11:57am

    I'm watching them debate CISPA on C-SPAN right now. I wish I could reach through my screen and launch water balloons at them with a trebuchet. It would make me feel better.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Apr 26th, 2012 @ 12:06pm

    Can CISPA Be Fixed?

    NO! only vetoed.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Overcast (profile), Apr 26th, 2012 @ 12:10pm

    I suspect the law is just as they want it - ambiguous to make some cash for trial lawyers, and overbearing to keep big political contributors in media happy.


    **
    "In politics, nothing happens by accident. If it happens, you can bet it was planned that way." - Franklin D. Roosevelt

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Apr 26th, 2012 @ 12:36pm

    The real question is...

    Do we even need CISPA?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Apr 26th, 2012 @ 2:42pm

    We've heard fearmongering and warnings of breaking the internet, but no evidence......

    Adapted the above to characterize the SOPA debate.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Apr 26th, 2012 @ 2:58pm

    Don’t legislate technology using definitions that are either too specific or too general

    This is incredibly helpful. wtf?

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
SEC Investigating Hollywood Studios For... >>
<< UK Police Planning To Arrest Twitter Users For...
 tdicon 
Follow Techdirt
Flattr rss rss
A word from our Sponsors...
Sponsored Resource
Essential Reading
Techdirt Reading List
Techdirt Insider Chat

A word from our Sponsors...
Recent Stories

Friday

7:39pm: In Defense Of Digital Freedom: It's Time To Get Beyond 'Cyber' Hyperbole (0)
6:40pm: Xbox One Release: Tons Of Questions, Very Few Answers (10)
5:37pm: Think DOJ Spying On Reporters Was 'Unprecedented'? Think Again (2)
5:00pm: DailyDirt: DIY Soda (Pop Or Whatever You Call Carbonated Beverages) (2)
3:51pm: Petition Asks Obama To Support Treaty For The Blind, Rather Than Siding With Hollywood (11)
2:46pm: Fair Use For Me, But Not For Thee (20)
1:45pm: Another Court Tells Prenda To Pay Up On Attorneys Fees (20)
12:45pm: If You Thought Copyright Was A Mess On Earth, What Does It Look Like In Space? (20)
11:45am: Guy Sues Twitter For Taking Away His Twitter Handle (12)
10:40am: Copyright... Patent... It's All The Same To The World's Third-Largest News Agency (54)
More arrow
A word from our Sponsors...

Close

Email This