If there's something the author of the Cyber Intelligence Sharing and Protection Act wants you to know, it's that CISPA isn't about spying on ordinary Americans—it's about stopping China from stealing America's stuff.
"I've never seen something grow more exponentially serious than China's capabilities in cyber espionage," Congressman Mike Rogers said at a breakfast in Washington, D.C., Tuesday. "It is so prolific—it's breathtaking. In the last year, China has stolen so much intellectual property that it would be considered 50 times the print collection of the United States Library of Congress."
China is using those patents to become an "economic predator," he said.
The bill would allow the government to share all of its classified cyber-security knowledge with private companies, forming knowledge-sharing agreements that would hopefully keep China (and other countries and hackers) out of American computer networks. The catch is that the information shared is a two-lane street—companies would also be allowed to share private data with the federal government, provided there is a reasonable "cyber threat."
That last bit has made CISPA an increasingly controversial bill on Capitol Hill—critics say that the bill is overly broad and can allow the government to spy on personal E-mails and the web browsing habits of ordinary Americans. On Monday, the American Civil Liberties Union and the Electronic Frontier Foundation launched a "week of protest" to let Congress know that Internet users are concerned about their privacy.
Rogers doesn't see what the big deal is.
"At home on your laptop, you won't see any bit of a difference, other than you'll have the comfort that somebody … has applied that malicious software filter on their systems so it's not getting through to your laptop computer," he said. "Pretty good stuff."
He says that recent meetings with privacy advocates have been productive.
Over the past several days, there have been indications that Congress is willing to back off some of the most controversial language in the bill. In the current version, most personal information would be stripped from data shared with the government, and the bill no longer defines intellectual property theft as something relating to national security.
"We think we're making huge progress with the privacy groups, so they understand what we're trying to accomplish, which isn't anything nefarious," Rogers said. "We've found that sweet spot."
But just because your personal information can be stripped from the data doesn't mean that it will be. "Your personal data can be minimized in this as needed," he said. "In some cases, you'll want that personal data, because something [malicious] is embedded in it."