Hey Everyone, CISPA Is Back… Because Of The Sony Hack, Which It Wouldn't Have Prevented

from the because-bad-ideas-never-die dept

This isn’t a huge surprise, but Rep. Dutch Ruppersberger, the NSA’s personal Rep in Congress (NSA HQ is in his district), has announced that he’s bringing back CISPA, the cybersecurity bill designed to make it easier for the NSA to access data from tech companies (that’s not how the bill’s supporters frame it, but that’s the core issue in the bill). In the past, Ruppersberger had a teammate in this effort, Rep. Mike Rogers, but Rogers has moved onto his new career as a radio and TV pundit (CNN just proudly announced hiring him), so Ruppersberger is going it alone this time around.

Not surprisingly, he’s using the Sony Hack as a reason for why this bill is needed:

?The reason I?m putting bill in now is I want to keep the momentum going on what?s happening out there in the world,? Rep. Dutch Ruppersberger… told The Hill in an interview, referring to the recent Sony hack, which the FBI blamed on North Korea.

Fair enough, then perhaps Ruppersberger could explain how CISPA would have prevented the Sony Hack? Of course, he can’t, because it wouldn’t have helped. CISPA is focused on getting companies to share more information with the government (including the NSA and DHS), but there’s no indication that Sony would have actually opened up its network for the NSA to snoop through and find these hackers (wherever they might have come from). Even if Sony had opened up its system to the government, it seems unlikely that the NSA would have magically spotted this hack and done anything about it.

Instead, using the Sony Hack as a hook is a cynical political ploy for a losing idea that is designed to harm the public and take away their privacy.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Hey Everyone, CISPA Is Back… Because Of The Sony Hack, Which It Wouldn't Have Prevented”

Subscribe: RSS Leave a comment
Roger Strong (profile) says:

Re: We Need It ALL

This level of surveillance has been tested before.

From The Risks:

We in the U.S. have just completed one of the largest case studies of what happens when every individual in an industry has all of its e-mail and financial records available to regulators. The Securities and Exchange Commission (SEC) already requires every person in the financial industry to make every e-mail, cellphone text and financial record available to the SEC in order to enforce insider trading and other financial rules.

The result: NADA! NOTHING! With thousands of bankers involved in fraud on the U.S. taxpayer running into the trillions of dollars, not one has been prosecuted; not one has gone to jail. If this level of surveillance of the financial community has produced zero convictions in the largest ripoff of tax dollars in history, there is no reason to expect that any increased level of surveillance of non-financial citizens will produce any better results.

That One Guy (profile) says:

Re: Re: We Need It ALL

Important difference: No one in the government, and certainly no one involved in investigating and punishing those guilty of crimes, has any interest whatsoever in punishing or even seriously investigating large companies and/or banks, so of course such massive surveillance hasn’t resulted in a single prosecution or trial.

However, as the massively overflowing jails can attest to, they are very interested in prosecuting and jailing normal citizens, so mass surveillance would most certainly result in a whole lot of trials and jail sentences in that case.

tqk (profile) says:

Re: Re: Re: We Need It ALL

However, as the massively overflowing jails can attest to, they are very interested in prosecuting and jailing normal citizens

You’ve got to admire the prescience of the people who managed to get The Drug War up and running. Just look at how effective that’s been, and for so long now. From the start back in the 19th century, through to now, it’s had such an effective run ballooning spending, incarceration, regulatory capture, and military spin-offs, just to mention a few. Truly right up there with The Inquisition and Nazi Germany.

This’s a great read: ‘https://en.wikipedia.org/wiki/War_on_Drugs’

Anonymous Coward says:

Re: We Need It ALL

Then I guess they should have no problem taking all of the liability if something happens and they didn’t do anything to stop it – after all, with “EVERYTHING” they will have a hard time claiming they “didn’t know” what was going on.

/as if total power has ever worked like that… bleh

Anonymous Coward says:

Dutch Ruppersberger is a shill, but he’s not the only one.

The White House has been pushing for it:

They all seem to be playing “Don’t let a good crisis go to waste” rather than focusing on the absolutely shitty security Sony used.

Christopher (profile) says:

Re: Re:

Their security was not ‘absolutely shitty’. It was the level of security that MOST companies use, which is part of the issue.
These companies forget that they have some very sensitive information such as CC numbers and SS numbers (whatever the latter are called overseas) and therefore they need very restrictive security for some things.

New Mexico Mark says:

Re: Re: Re:

Granted, most organizations have pretty poor data security practices. In Sony’s case, “the norm” is completely irrelevant.

Most people don’t expect to get punched in the face by a random stranger when walking down the street. However, if that has happened to my family multiple times, caused severe injury at least a couple of times, and I haven’t made radical changes to protect my family, I have sh**ty security practices, full stop.

Notice it isn’t the top executives getting punched in this scenario. They’ll take the corporate jet to DC, stay at a swank hotel, maybe take in a couple of private spas, do damage control “testimony” while spending more time “encouraging” key representatives and lobbying organizations from the “family” savings account. Absolute worst case, they’ll bail with an enormous golden parachute while their “family” is out on the streets.

tqk (profile) says:

Re: Re:

They all seem to be playing “Don’t let a good crisis go to waste” rather than focusing on the absolutely shitty security Sony used.

This is The Hollywoodification of Network Security, after all. Most regular users haven’t a clue what really happened at SPE or what actually happened in the hack. They’re fed salacious email gossip and nationalistic sabre rattling instead.

John Fenderson (profile) says:


A better name than CISPA is: The Destroy Any Remaining Trust in US Companies act. Not that there is that much left to destroy.

The stated goal of CISPA is ludicrous. Companies can share anything they like with government agencies right now without additional legislation. What CISPA would do is grant companies a shield from being sued by irate customers for doing so (and, perhaps, compel companies to share even when they don’t want to).

The existence of CISPA would mean that it’s even more dangerous to share your data with companies than it already is — and it already is plenty dangerous.

In terms of actually enhancing security, CISPA is worthless. In terms of further eroding trust in both companies and the government, CISPA is a superstar.

Yes, I know I'm commenting anonymously says:

First it is the law.
Then it gets bent a little.
Then it gets bent a lot
Then it breaks but there is still a little bit attached.
Then the little bit severs bus still is in proximity.
Then it was attached, traditionally.
Now it is enough to get mentioned in the same sentence.

(It looks like the default state of `modern’ politics is mission creep.)

Anonymous Coward says:

this whole episode has been rigged, i wouldn’t mind betting! and as for N.Korea actually committing the Sony hack rather than just being blamed for it, has been a ploy to get more and more data collecting which needs new bills introduced or old ones reenabled.
we are fast heading for a serious global issue where there is no privacy and no freedom because those that say we need to be protected from losing our privacy and freedom, by terrorist attacks etc, are doing those things instead, removing the need for any terrorist or other organisation to do anything! how can anyone, even for a second, think that having a government or government security forces remove your privacy and freedom is any different from having the same things removed by someone purported to be anti-government?? the result is exactly the same! we have no privacy and no freedom. the government has no respect and no trust. off we go into yet another world war, this time however with the capabilities to destroy everyone and everything!! no going back then! no saying ‘i’m sorry’! no saying ‘i didn’t mean for things to go this far’!! this situation gives no alternatives and no second chances!!

Anonymous Coward says:

The reason I’m putting bill in now is I want to keep the momentum going on what’s happening out there in the world,”

Im actually fckin gob smacked that he actually admitted that

So this is a guy that thinks its ok to pass laws during times where the media has mustered up a frenzy in the public, coincedently? Who the fuck knows………and the when the frenzy subsides and emotions normalize people start wondering, mmmm was that really a good idea

Let me ask, in a hypothetical world, should all “terrorist” drop dead tomorow, will our governments stop, give up and revert back to the means that takes our rights back into account……WILL THEY FUCK……their not gonna give up the things they worked so hard to get, the real reason why they “care”……care about the ability to control oposition absolutely, and i think the internet is the biggest reason their doing it, for the, i dont know, maybe the first time in our history has give the public previously un-accesible information they previous had no access to, a medium they cant easilly control unlike the camera…….people are starting to realise their governments are alot worse or not exactly as good as they previously thought……..their scared that their nature will show

There is no such thing as a terrorist, they are, if anything, criminals, irregardless of what a two man “army” says……

Quite frankly, im getting sick and tired of being this angry, ontop of my anger, its infuriating knowing that however much we peacably try to stop this train, its gonna run over us anyway……….governments create terrorists……they also create revolutions, if they go full out tyranical, i pray for that generation

Anonymous Coward says:

Anyone, anywhere, could suddenly decide to drop everything, pick up that fork knife and take someones life while yelling something deemed “terrorist”

How do you stop that, how invasive would you have to get, to stop THAT

Where are the restrictions to go with these “laws”, where is the accountability, WHERE IS THE DISCUSSION on the bill brought up today passed tomorow, or when no ones looking, or nobodies read but still blindly votes for because leadership says so, or a beneficial promiss is made by said leadership

The whole system is fucked……..how can we do good if ours are so corrupt, how can someone say, yeah i agree, politicians just seem to lie all the time in one breath, and then listen and agree with them in another breath………..this is all so infuriating

Anonymous Coward says:

“CISPA is focused on getting companies to share more information with the government (including the NSA and DHS), but there’s no indication that Sony would have actually opened up its network for the NSA to snoop through and find these hackers (wherever they might have come from).”

Why not? Sony certainly opened up its network enough for the hackers to snoop through! /s

Anonymous Coward says:

Does anyone really believe the NSA and FBI has the resources to defend every single corporate network in the United States? Is the FBI fronting the bill for IT staff wages and intrusion detection systems for all these companies? If not, then what kind of defensive protections are they actually offering?

As Mike said in another post, companies can already share information with the FBI without CISPA. In fact, Sony brought in the FBI in to help analyze their security breach. All with CISPA.

CISPA is another pretext for the Mass Surveillance State, just like Section 215. Another attempt to legalize their unconstitutional warrentless search and seizure programs. It serves no other effective purpose. It’s only effective at mass spying.

In the end, CISPA will end up making us all less safe and secure. By creating more soft spots in corporate systems for hackers to exploit and exfiltrate people’s personal data.

GEMont (profile) says:

Fool me once, and you can fool me forever...

Well now we know why the Feds went to NK and why the phony hack on Sony took place, and why all the hype on TV about Cyber Terrorist Hackers from NK, bombing all your theaters into thermite-laden 9/11 dust…. it was a another False Flag Bogey-Man Story, designed by the US tri-letter agencies, to get the now permanently cowardly US public cringing under their beds once again and demanding the Feds do “something” about the terrifying Hackers From North Korea.

That “something” is of course CISPA.

A legal stunt that will do absolutely nothing to help in the phony fight against terrorism, but will aid and abet the criminals in the Whore House tremendously.

And once again, it all worked perfectly.

What a gullible bunch of pathetic humans. I’m beginning to believe you really do get the government you deserve.

GEMont (profile) says:

Re: Re: Re: Fool me once, and you can fool me forever...

I might agree with that scenario if it was also every citizen’s duty to undertake a five year fire arms course, starting at age 13, similar in most ways to that which every soldier goes through, and then take a refresher course and undergo a psychological evaluation every ten years thereafter. A carry permit would then be awarded at the end of the course, at age 18, to every citizen who did not “conscientiously object” to such training.

When the only weapons held by citizens are in the hands of criminals, then democracy really is two wolves and a sheep deciding what’s for dinner.

That is the current situation in the USA today.

On the other hand, when the citizenry of a nation is armed and dangerous and well trained in the use and control of fire arms, then the wolves are kept in check by their own cowardice, and everyone thinks twice about causing anyone else grief.

That is the way the founding fathers planned things to be.

GEMont (profile) says:

Re: Re: Fool me once, and you can fool me forever...

“What makes you a hero?”

Well I suppose its the shiny plastic-coated blue cotton tights, long-sleeve skin-tight red, white and blue kevlar shirt, the velcroed red cape and plastic ski-mask style face covering. Although in truth, my trademark 1957 jet-black T-bird with rocket boosters and rear stabilizing wings might be more readily associated by the public as an avatar itself.

What makes you ask stupid questions?

nasch (profile) says:

Re: Fool me once, and you can fool me forever...

it was a another False Flag Bogey-Man Story

It seems more likely they took advantage of an opportunity. If this were cooked up from the start, surely they could have come up with something more scary than a movie studio getting hacked. I mean who cares, really? The citizenry is not frightened or motivated by something like that. Plus the feds LOVE Hollywood, and Sony has been quite embarrassed by the whole thing.

GEMont says:

Re: Re: Fool me once, and you can fool me forever...

You’re probably right about the hack itself. Although the timing of all the friendly back and forth visits between the USA and NK is suspicious, I don’t think the US or Korea had anything to do with the actual hack.

I think blaming it on NK was purely because the USG believes Americans generally think NK is a nation of assholes, led by assholes, who are perfectly suited to pulling off such a stunt.

There is also the very real possibility that, aware of the plot against Sony by Sony’s ex-employees, the USG has actually asked the leaders of NK if they would be willing to be seen publicly as the powerful and technologically savvy nation who hacked Sony in return for some future under-the-table arms deals or technology transfers from the USG.

The bombing threat itself was, I’m certain, devised as damage control by the USG and Sony as a way to detour public attention away from the emails and their contents and onto “The Scary Terrorist Hackers from NK” scenario, which is the only aspect of the hack I’ve seen on TV news to date. TV has made not a single mention of the emails so far.

The hack was, in my opinion, revenge by ex-employees and while I think that the NSA was probably somewhat aware of the plot through its global surveillance, I’m also pretty sure that the theft of all those emails was something they did not foresee.

That can be blamed on Sony’s continued incompetence in its own data security.

I suspect that some of that communication cache could implicate the USG in some of Sony’s shenanigans eventually – thus the instant assistance of the USG in destroying sites (and yes I think it was the NSA that DOSed those sites), that disclose the info and in flooding the news with the Terrorist Hacker From NK Story.

The USG assistance in covering up Sony’s criminal activity will also put Sony in a position of debt to the USG, and the whole scenario was perfect for the Cyber Security FUD to come.

However, I think the people behind CISPA were informed of the plot to hack Sony right at the start because its exactly what they’ve been trying to set up themselves – a “terrorist hacker gang threatens the west” scenario, upon which they could re-launch their pet legislation with public acceptance.

What I do not believe is that NK hackers did Sony, or that NK hackers threatened US theaters, or that the USG believes any of that.

I think the USG simply twisted all the facts into their newest “False Flag Bogey-Man Story”, because it was exactly made to order for their intended purposes re CISPA and Cyber Security and puts the books on the credit side of Sony’s future favors to the USG.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...