The unrelenting attack on our civil liberties and our privacy continues. Last year we managed to survive an onslaught of legislation that would have destroyed entrepreneurship and free enterprise on the Internet, and our ability to define how we share music, art and information in general.
First there was the Stop Online Piracy Act and the Protect IP Act, or SOPA and PIPA, respectively: two pieces of legislation geared at protecting the copyrights of monopolistic media companies and taking drastic measures to enforce them, like shutting down websites that allow the sharing of this copyrighted material for free. The New Zealand police raid of the house of Kim Dotcom, founder of Megaupload, and the site’s subsequent shutdown by the FBI provided a glimpse of what lies ahead if laws like these are passed.
The Anti-Counterfeiting Trade Agreement, or ACTA, took measures a step further by allowing governments to monitor the Internet to enforce copyright law and supposed intellectual property rights. Tens of thousands of Europeans mobilized in response, telling businesses and politicians that companies could not intrude on fundamental human rights, or morph and twist the law to enforce their hand-picked business model.
But despite resounding political opposition in the U.S. and worldwide to Internet censorship and infringements on freedom of speech and privacy, our callous and out-of-touch politicians managed to craft an even scarier piece of legislation: CISPA.
The Cyber Intelligence Sharing and Protection Act passed in April of 2012 in the House by a vote of 248 to 168, but stalled in the Senate because of a disagreement over privacy concerns. At the time, the White House threatened to veto the law because Obama’s advisers raised additional privacy concerns, chief among them Howard Schmidt, who resigned suddenly last May after the bill’s introduction. Schmidt also helped author statements against SOPA and PIPA.
But lo and behold, the two principal authors of the CISPA bill, Rep. Michael Rogers (R-Mich.) and Sen. Dutch Ruppersberger (D-Calif.), re-introduced the same exact bill several weeks ago on February 12 – presumably in response to recent so-called cyber-attacks from China and security breaches by the hacktivist group Anonymous, whose non-violent actions are a direct response to government’s malfeasance and abuse of online authority.
The provisions stipulated in the CISPA legislation are intimidating and far-reaching. Although CISPA does not require private companies to share information with the government, it opens the floodgates for an unprecedented and endless funneling of private communication information to federal military intelligence agencies such as the NSA and the FBI. The only justification for a company to share information with the government is broadly and vaguely defined by a single term: “cybersecurity.”
Additionally, CISPA would override current privacy law such as the Wiretap Act and the Stored Communications Act; in fact, it grants companies complete immunity from judicial oversight and prosecution for the violation of privacy. Under CISPA, information provided to the government would be exempt from FOIA requests.
Furthermore, CISPA does not require companies to notify the individuals from whom they’re collecting data or information – which makes its section about the ability to form a lawsuit against the government little more than a formality.
“If [this bill is] passed,” claims Namecheap, a domain service opposing CISPA, “the U.S. government gains the power to ask your ISP about any/all of your online activities and personal information. Advocated under the premise of anti-terrorism legislation, this legislation is so broad that it threatens to endanger the privacy of every individual and ordinary and law abiding citizens.
“This act makes your private online activity now public, giving ISPs the right to share your personal information completely without your knowledge, due process, or authorization.”
The same day that CISPA was reintroduced, President Obama signed an executive order that deals specifically with information sharing by the owners and operators of CI, or critical infrastructure, such as the banking, communication, transportation and utility industries.
It would not require the passing along of our private information to the government. Additionally, the executive order focuses on the government’s sharing of information that it can already legally collect with the CI companies – instead of its rights to gather new information from private ISPs, as stipulated in CISPA.
Part of the reason SOPA and PIPA were booted from Congress was the overwhelming citizen mobilization against it, but also because companies like Google, Firefox, Tumblr, Twitter, Wikipedia and other giant Internet businesses realized the legislation would devastate their enterprises.
Unfortunately, this time around, we won’t have these companies fighting on our side because CISPA grants them immunity from lawsuits and has provided them with enough assurance that it will not affect their business in any significant way.
The drafting and introduction of SOPA, PIPA, ACTA and CISPA are all examples of our elected leaders’ growing disregard for citizens’ fundamental privacy rights, Constitutional rights and free speech rights as manifested in the digital world. Essentially, this legislation provides the formality our government needs to legitimize and legalize what it is either currently doing or what it wants to do. Just look at the NSA, which is already performing extensive and unprecedented data-mining on U.S. citizens in flagrant violation of the Fourth Amendment – but using only vague legislation to justify it.
Passing CISPA will be a significant step in America’s already far-progressed trudge towards a police state — and will, more specifically, encourage already-compliant businesses to provide our personal information to our government as if those two enshrined words did not exist: Constitutional rights.