Latest CISPA 'Privacy' Amendment Is More Of The Same: Minor Changes Dressed Up As Real Solutions

from the same-old-thing-with-a-new-coat-of-paint dept

Update: It has become a little unclear what the status of this amendment is now. Yesterday we heard that it had passed, but now it seems to have been changed, and it's back up for debate on the floor. We'll get you more updates on whether or not it goes through, and the latest changes, as soon as we can.

In the latest round of changes to CISPA, the House passed a new amendment that supposedly (according to CISPA supporters) addresses the privacy and civil liberty concerns about the bill. The amendment (pdf and embedded below) ostensibly establishes civilian agency control (through Homeland Security) over information shared under CISPA, since many people are reasonably worried about all this data ending up in the hands of the NSA. Unfortunately, as the EFF determined in their initial analysis, it doesn't really change anything—it just lets the DHS go along for the ride:

The amendment in question does not strike or amend the part of CISPA that actually deals with data flowing from companies to other entitities, including the federal government. The bill still says that: “Notwithstanding any other provision of law, a self-protected entity may, for cybersecurity purposes...share such cyber threat information with any other entity, including the Federal Government." The liability immunity provisions also remain.

While this amendment does change a few things about how that information is treated within the government, it does not amend the primary sharing section of the bill and thus would not prevent companies from sharing data directly with military intelligence agencies like the National Security Agency if they so choose.

Indeed, the text of the amendment appears to create a significant role for the DHS in information sharing procedures, but gives it little power in terms of actually protecting privacy or filtering information—the amendment mandates that information still be shared with other agencies in realtime, and it still appears to allow companies and organizations to bypass the DHS entirely.

A portion of the amendment outlines certain privacy guidelines, but they are the same as those we discussed before: filled with enough release valves and escape routes to render them virtually meaningless, closer to a list of "best practices" than actual rules. The fact is that, despite what the bill's supporters and some of the media reporting on it would have you believe, the core problems with CISPA have not been addressed, nor have any of the "efforts" in that direction amounted to much more than a smokescreen. With a final CISPA vote looming at any time, it's never been more important to voice your opposition to the bill.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cispa, cybersecurity, mike rogers

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 18 Apr 2013 @ 4:50am

    unless there is serious opposition to the magnitude of what was shown against SOPA, PIPA and ACTA, Congress is going to take no notice of what anyone else says. the bill is going to go through and it wont be until after that and when, hopefully, some of the Senators are affected, that Congress will then see the flaws in it and the harm it's going to do. what Rogers is coming out with is pure, unadulterated shit! he has been seriously 'encouraged' to push this through and no matter what objections and what facts are shown to him, he is gonna get it through! the people need to remember what bills have been forced through or come very close to it when the next elections are due and make some serious changes to who is representing them. at the moment, the only ones being represented are everyone except the 'people'!

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.