A Challenge To Facebook: Withdraw CISPA Support Until The Bill Is Fixed Or Replaced

from the get-off-the-fence dept

One of the more concerning aspects of CISPA that sets it apart from SOPA/PIPA is the number of technology companies that support it. Of chief concern is Facebook, which handles a lot of sensitive private data, but is standing behind the bill. Joel Kaplan, Facebook's VP of U.S. Public Policy, has now released a statement explaining their support, which basically amounts to "we promise not to abuse the gray areas in the bill".

A number of bills being considered by Congress, including the Cyber Intelligence Sharing and Protection Act (HR 3523), would make it easier for Facebook and other companies to receive critical threat data from the U.S. government. Importantly, HR 3523 would impose no new obligations on us to share data with anyone –- and ensure that if we do share data about specific cyber threats, we are able to continue to safeguard our users’ private information, just as we do today.

That said, we recognize that a number of privacy and civil liberties groups have raised concerns about the bill – in particular about provisions that enable private companies to voluntarily share cyber threat data with the government. The concern is that companies will share sensitive personal information with the government in the name of protecting cybersecurity. Facebook has no intention of doing this and it is unrelated to the things we liked about HR 3523 in the first place -- the additional information it would provide us about specific cyber threats to our systems and users.

Kaplan then goes on to say that Facebook is engaging lawmakers to see about amending the bill to address people's concerns. But that creates a pretty big question: why are they still supporting the bill if they recognize its problems? Based on this statement, Facebook wants to use cybersecurity laws the right way—to give and receive anonymized and minimized data about specific threats, to be used solely in relation to those and similar threats. But CISPA does not require any of that. It's nice that Facebook is "able to" protect private information, but why aren't they and all other companies forced to? If the authors of the bill want to tout its "strong privacy protections", then a requirement to eliminate personal user information from shared data seems like a necessity.

Moreover, while Facebook may only be worried about specific cyber-threats, they can't control what the government does with the information. As currently written, CISPA basically allows the feds to keep whatever data Facebook shares on file, and search it whenever they want, for anything they want, as long as there is a "cybersecurity" or "national security" purpose. And "cybersecurity" is very broadly described, and includes things like intellectual property. If this bill is supposed to be about protecting networks from disruptive attacks, why aren't the terms and limitations narrowly defined to ensure that's the only thing it can be used for?

If Facebook's cybersecurity motivations are good—and I'm willing to grant them the benefit of the doubt and assume that they are—then they should withdraw their support of CISPA until it is fixed to exclude the broad provisions that go well beyond what Facebook wants to use it for. If the company is so proud of its commitment to user privacy, then surely it has to acknowledge that there are other companies which are not so responsible, and which will abuse the same powers and immunities that Facebook promises to handle responsibly. Unless they can show us that they are making meaningful demands of Congress, this attempt to soften their support of CISPA is just hot air.

Filed Under: abuse, cispa, cybersecurity, pipa, privacy, sopa
Companies: facebook

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Rwolf, 14 Apr 2012 @ 9:00am

    Internet Spying Law — Pushed by For-Profit Spy Lobby

    Re: Internet Spying Law — Pushed by For-Profit Spy Lobby

    Not mentioned in article: Spy Law would Legitimize Massive Spying On Americans' Electronic Communications To Facilitate Civil Asset Forfeiture of U.S. Citizens’ and Business Assets:

    U.S. Government wants the power without a warrant, to introduce as evidence in criminal prosecutions and government civil trials, any phone call record, email or Internet activity. That would open the door for Police to take out of context, any innocent—hastily written email, fax or phone call record to allege a crime or violation was committed to cause a person’s arrest, fines and or civil asset forfeiture of their property. There are more than 350 laws and violations that can subject property to government asset forfeiture. Government civil asset forfeiture requires only a civil preponderance of evidence for police to forfeit property, little more than hearsay.

    If the Justice Department has its way, any information the FBI derives from circumventing the Fourth Amendment, i.e. (no warrant searches) of Web Server Records; a Citizen’s Internet Activity, personal emails; fax / phone calls may be used by the FBI for (fishing expeditions; to issue subpoenas in hopes of finding evidence or to prosecute Citizens for any alleged crime or violation. Consider that neither Congress nor the courts—determined what Bush II NSA electronic surveillance, perhaps illegal could be used by police or introduced into court by government to prosecute Americans criminally or civilly. If U.S. Justice Department is permitted (No-Warrant) surveillance of all electronic communications, it is problematic state and local law enforcement agencies and private government contractors will want access to prior Bush II /NSA and other government illegally obtained electronic records not limited to Americans’ Internet activity; private emails, faxes and phone calls to secure evidence to arrest Americans, assess fines and or civilly forfeit their homes, businesses and other assets under Title 18USC and other laws. Of obvious concern, what happens to fair justice in America if police become dependent on “Asset Forfeiture” to help pay their salaries and budget operating costs?

    The “Civil Asset Forfeiture Reform Act of 2000” (effectively eliminated) the “five year statue of limitations” for Government Civil Asset Forfeiture: the statute now runs five years (from the date) police allege they “learned” an asset became subject to forfeiture. It is foreseeable should (no warrant) government electronic surveillance be approved; police will relentlessly sift through Citizen and businesses’ (government retained Internet data), emails and phone communications to discover possible crimes or civil violations. A corrupt despot U.S. Government too easily can use no-warrant-(seized emails, Internet data and phone call information) to blackmail Americans, corporations and others in the same manner Hitler utilized his police state passed laws to extort support for the Nazi fascist government, including getting parliament to pass Hitler’s 1933 Discriminatory Decrees that suspended the Constitutional Freedoms of German Citizens. A Nazi Government threat of “Property Seizure” Asset Forfeiture of an individual or corporation’s assets was usually sufficient to ensure Nazi support.

    Under U.S. federal civil forfeiture laws, a person or business need not be charged with a crime for government to forfeit their property. Most U.S. Citizens, property and business owners that defend their assets against Government Civil Asset Forfeiture claim an “innocent owner defense.” This defense can become a “Catch 22” a criminal prosecution trap for both guilty and innocent property owners. Any fresh denial of guilt made to government when questioned about committing a crime “even when you did not do the crime” may (involuntarily waive) a defendant’s right to assert in their defense—the “Criminal Statute of Limitations” past for prosecution; any fresh denial of guilt even 30 years after a crime was committed may allow Government prosecutors to use old and new evidence, including information discovered during a Civil Asset Forfeiture Proceeding to launch a criminal prosecution. For that reason many innocent Americans, property and business owners are reluctant to defend their property and businesses against Government Civil Asset Forfeiture.

    Re: waiving Criminal Statute of Limitations: see USC18, Sec.1001, James Brogan V. United States. N0.96-1579. U.S. See paragraph (6) at:

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.