CISPA Is Dangerously Vague
CISPA will unnecessarily undermine decades of bedrock privacy law
April 18, 2012
Promoted under the mantle of improving network security, CISPA is a bill with such dangerously vague language that it would undermine decades of bedrock privacy law. It's the wrong solution to the cybersecurity concerns of our country.
If CISPA were to pass, companies could spy on the electronic communications of millions of Internet users and pass sensitive information to the government with no form of judicial oversight. No guidelines are provided to companies about what data can be collected and transferred, and the bill offers companies sweeping immunities provided they act in "good faith," giving them exemption from liability for all "decisions made" based on "cyberthreat information"—a term the bill leaves nebulous.
In practice, this means companies could read your E-mails, monitor what sites you visit, see the files you download—and pass that data to the government without any liability. In response, the government agency receiving the data could pass it to other internal government agencies and use it for investigations and prosecutions unrelated to cybersecurity.
Civil liberties advocates including the Electronic Frontier Foundation, Center for Democracy and Technology, and the Americans Civil Liberties Union have sharply criticized the dangerously vague language for its privacy implications. And Tuesday, the White House joined the chorus of opposition. The administration released a statement that criticized CISPA and said any cybersecurity bill "must include robust safeguards to preserve the privacy and civil liberties of our citizens." The White House declared it would not support a bill that would "sacrifice the privacy of our citizens in the name of security."
To date, the authors of the bill have been unresponsive to these criticisms, offering amendments that are largely cosmetic. Dismissing the grave concerns about how this bill could undermine the core privacy rights of everyday Internet users, Rep. Mike Rogers characterized the growing protests against CISPA as "turbulence" and vowed to push for a floor vote without radical changes.
Given the sponsors' disregard for the deep flaws in the legislation as currently drafted, Congress must vote against this bill.
Ultimately, the right solution to America's network security concerns will uphold the civil liberties of Internet users. CISPA is not that solution.