Debate Club

CISPA Lacks Protections for Individual Rights

By SHARE

Congress should not pass CISPA. Although a carefully crafted information-sharing program that includes robust privacy safeguards could be an effective approach to cybersecurity, CISPA lacks such protections for individual rights.

[Read: Civil Liberties Organizations Launch Protests Against CISPA]

CISPA would appropriately authorize the federal government to share cyberthreat intelligence with the private sector, to enable private companies to protect their networks from such threats. However, CISPA would also authorize the private sector to share customers' personal information and the contents of private communications with the federal government, without incorporating necessary safeguards:

  • CISPA's definition of the information private companies may share with the federal government is overly broad, and fails to include any requirement that unrelated personally identifiable information be stripped from the data to be shared.
  • CISPA lacks any meaningful limitations on the ways in which the federal government may use personal information and the content of private communications that it receives from private companies. The use of such information should be limited to cybersecurity purposes, or to sharing with law enforcement when there is probable cause of a non-cybercrime. Under CISPA, by contrast, once an individual's information is in the government's hands, it can be used for just about any purpose.
  • CISPA should explicitly require that companies may only share information with civilian agencies. The NSA and the Department of Defense should be able to send out cyberthreat information to the private sector, but when companies report back to the government, all information from private networks should only be turned over to a civilian agency. The best candidate is the Department of Homeland Security, which has developed expertise in cybersecurity through the EINSTEIN program for federal civilian networks and which has prepared numerous Privacy Impact Assessments demonstrating its capacity to protect both cybersecurity and privacy.

[Read the U.S. News debate: Should Congress Pass Anti-Online Piracy Legislation?]

Although we appreciate the Intelligence Committee's efforts to improve the bill and willingness to engage in a dialogue with privacy advocates, the changes in its most current draft do not come close to addressing the civil liberties threats posed by the bill, and some of the proposals would actually make CISPA worse. Therefore, Congress should not pass CISPA.

Sharon Bradford Franklin

About Sharon Bradford Franklin Senior Counsel at the Constitution Project

Tags
internet

Other Arguments

#1
199 Pts
CISPA Is Dangerously Vague

No – CISPA Is Dangerously Vague

Rainey Reitman Activism Director for the Electronic Frontier Foundation

#2
171 Pts
CISPA Not the Right Way to Achieve Cybersecurity

No – CISPA Not the Right Way to Achieve Cybersecurity

Kendall Burman Senior National Security Fellow at the Center for Democracy & Technology

#4
-117 Pts
CISPA Will Improve U.S. Cybersecurity

Yes – CISPA Will Improve U.S. Cybersecurity

Matthew Eggers Senior Director of National Security and Emergency Preparedness for the U.S. Chamber of Commerce

#5
-129 Pts
CISPA Is a Model of Bipartisan Legislating

Yes – CISPA Is a Model of Bipartisan Legislating

James K. Conzelman President & CEO of The Ripon Society.

#6
-129 Pts
CISPA Effectively Addresses Threat of Cybercrime

Yes – CISPA Effectively Addresses Threat of Cybercrime

Cordell Carter Vice President of the Business Roundtable.

#7
-131 Pts
Mike Rogers: CISPA Defends America From Internet Predators

Yes – Mike Rogers: CISPA Defends America From Internet Predators

Mike Rogers Chairman of the House Permanent Select Committee on Intelligence

You Might Also Like


See More