Although the much-maligned Stop Online Piracy Act or SOPA has effectively been defeated thanks to strong protest from large companies like Google and an active Internet citizenry, those worried about the encroachment of the government on the Internet have another concern.
The Cyber Intelligence Sharing and Protection Act of 2011 or CISPA is the new target and, according to the proposal, gives the federal government and private companies much greater freedom to share cyber-security threat information. More than 800 companies, including Facebook, have been supportive of the measure, which will be put to a vote on the House of Representatives next Monday.
Why are many on the Internet worried about having the government and corporations like Facebook share such information? Here’s some reasons why:
The Language Is Too Broad
Organizations such as the American Civil Liberties Union and the Electronic Frontier Foundation have argued that the current proposal as is vague on details. The EFF contends that with such language, companies would have greater freedom to block website access and filter content. Similar bills proposed last year (and failed) had the same free reign on blocking sites—remember the SOPA and its sister bill Protect IP Act?
No Limits On What Can Be Shared
Due to the broad language that CISPA contains, critics contend that it can mean that companies and the government can share unlimited information collected from users. Michelle Richardson, a legislative counsel for the ACLU, said to Politico, “We just want people to know that Congress is on the verge of giving the government incredible new authorities to collect sensitive and personal Internet information and emails.” In addition, the legislation would allow the nation’s spy agencies (e.g. CIA) to collaborate with private companies with shared information.
Those proposals are putting many in the Internet community on the offensive against CISPA, with The Hill newspaper reporting that activists are calling for social media action and encouraging people to use the hashtag #CongressTMI. Of course, its defenders—most prominently Facebook—have their reasons:
Cooperation to Prevent Cyberattacks
As the language states on the proposed bill, it would more leeway between companies and the federal government to share information related to a cyberattack. Joel Kaplan, Vice-President of U.S. Public Policy for Facebook, said in a blog post that, “When one company detects an attack, sharing information about that attack promptly with other companies can help protect those other companies and their users from being victimized by the same attack. Similarly, if the government learns of an intrusion or other attack, the more it can share about that attack with private companies (and the faster it can share the information), the better the protection for users and our systems.”
It Protects Privacy
In that same blog post, Kaplan made it clear in bold print that Facebook would not share sensitive personal information to the government in case of an attack. In response to the criticism from the Internet, the two sponsors of the bill, Reps. Mike Rogers (R-Mich.) and Dutch Rupplesburger (D-Md.) said that they would make tweaks to the bill so that government would only use the information for cybersecurity purposes and make it optional for companies to participate. The committee responsible for the bill made an effort on Twitter to counter the claims made on the Internet. It tweeted, “Nothing in #CISPA provides any authorities requiring companies to take content off the Internet or to stop access to websites.”