by Hayley Tsukayama
April 27, 2012
from TheWashingtonPost Website

 

 


The House passed the Cyber Intelligence Sharing and Protection Act (CISPA) Thursday night, despite some controversy over how the bill addresses privacy and a threat of a veto from the White House.

The measure, designed to make it easier for the federal government and private sector to share cyber threat data with each other, was approved by a 248-168 vote.

Its supporters and opponents were quick to issue statements following passage of the bill, which now moves to the Senate.

The Obama administration had issued a veto threat against CISPA earlier this week. The White House has previously endorsed a bill from Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine), which would put cybersecurity oversight and private sector coordination in the hands of the Department of Homeland Security.

Some business interests have opposed this proposal, saying it would add unnecessarily regulation. Business groups hailed the CISPA’s passage, saying that it will make it much easier for the private sector to share possible cyber threat information without additional regulatory burden.

Robert Holleyman, president and chief executive of the Business Software Alliance, said in a statement that the act is,

“critical because it unties the hands of companies on the front lines of the digital economy.”

Other business leaders urged the Senate to pass the bill quickly.

“We strongly urge the Senate to swiftly take up this issue because the United States cannot afford to wait to improve our nation’s cybersecurity posture,” said TechAmerica President and chief executive Shawn Osborne.

 

“Standing pat will only further risk our national security.”

Privacy advocates, however, remained concerned that the measure will violate basic civil liberties.

The Center for Democracy and Technology (CDT), which withdrew its support for the bill on Wednesday, said it was,

“disappointed that CISPA passed the House in such flawed form and under such a flawed process.”

While the group was pleased with some of the amendments, which tried to narrow the scope and language of the bill, the group is still concerned that CISPA allows information to move,

“from the private sector directly to the NSA.”

They also said that the bill inappropriately allows for data to be applied to national security issues other than cybersecurity.

In a statement, the American Civil Liberties Union said that it is concerned.

“CISPA goes too far for little reason,” said Michelle Richardson, ACLU legislative counsel.

 

“Cybersecurity does not have to mean abdication of Americans’ online privacy. As we’ve seen repeatedly, once the government gets expansive national security authorities, there’s no going back. We encourage the Senate to let this horrible bill fade into obscurity.”

Shortly after the the House passed CISPA, it also unanimously approved another cybersecurity measure:

amendments to the Federal Information Security Management Act (FISMA) proposed by Rep. Darrell Issa (R-Calif.), which address security on the government federal computer systems.







 



 

 



CISPA

-   Four Viewpoints You Should Hear   -
by Christina DesMarais

April 28, 2012
from PCWorld Website

 


Citing its effort to better protect American infrastructure from foreign attacks, the U.S. House of Representatives passed the Cyber Information and Security Protection Act April 26 in spite of worries that consumer data privacy will be compromised if the bill eventually becomes law.

In an interesting and informative debate hosted by KQED public radio Joshua Johnson in San Francisco yesterday, several parties with strong opinions weighed in on the matter - one that stirs up a plethora of questions.

For instance, can CISPA really protect America from hackers who could do nefarious things such as shut down or blow up power plants?

 

While the answer isn’t cut and dried, certainly cyber terrorists could feasibly do a lot of harm. In fact, as Johnson pointed out, just this week Iran took several of its oil terminals offline due to fears hackers would program the machinery to self-destruct.

And will fears about terrorism ultimately trump the popular desire to keep regular people’s data private? As we become more entrenched in all things online and the social data revolution continues to unfold, is a society reminiscent of Orwell’s Big Brother or - to use a more modern prophecy from popular culture - the movie Minority Report inescapable in years to come?

These questions have no easy answers. The good news is that dialogue on the policy front and in the tech media is earnest and unrelenting.

 

Here are what several experts had to say during yesterday’s debate:

 

 

 


Against CISPA - EFF

Rainey Reitman, activism director for the Electronic Frontier Foundation, is an outspoken contributor to the CISPA debate.

 

Reitman said that while CISPA proponents employ rhetoric that the bill will “fend off a cyber Pearl Harbor,” what they’re really doing is inciting fears of security threats when, in fact, such concerns have existed for years.

“I do think there is a need for companies to get more information from the government in a timely fashion. The problem that arises with CISPA is that it does so much more than that,” she says.

Like what?

“It also opens the floodgates for companies to intercept communications of everyday Internet users and pass unredacted personal information to the governments,” she says, adding that several amendments to the bill would have addressed such concerns but they never made it to the House floor for a vote.

Reitman says civil liberties groups like the EFF don’t want cyber security programs to be a method by which intelligence agencies or the military can garner information about American citizens.

As for why many companies such as Facebook support CISPA, Reitman says the companies understandably want to be better informed about security vulnerabilities and promise not to spy on users or hand unredacted information over to the government.

 

On the other hand, she says CISPA as it stands now lets companies bypass all existing privacy law and pass citizens’ personal data to the government even if there’s a weak excuse that the information is related to cyber security purposes.

“The government in return has said that if they get information that’s unrelated to cyber security they “may” - don’t have to, but may choose to - remove some of the implications toward civil liberties. But they don’t have to and there’s no real guidelines on what they would have to do about it,” she says.

 

“What we want[are] actual laws in place that make that impossible or difficult. In the very least that if the government wants personal information about users of services including the content of e-mails they [have to ] go to a judge and get a warrant.”

 

 


For CISPA - Information Technology Industry Council

Dean Garfield, president and CEO of the Information Technology Industry Council, has also weighed in on behalf of that industry organization.

 

Garfield said 95 percent of the data breaches that take place on the Internet are breaches of people’s personal information - things like social security numbers and credit card numbers.

“This is really about protecting the people who are a part of the Internet ecosystem on an everyday basis and that’s why it’s so critically important,” he says.

He also makes the point that CISPA doesn’t mandate that companies give the government information, but that doing so is voluntary.

As for why cyber security is so important now, Garfield says it’s a problem that just keeps getting worse and he points to data that said between 2009 and 2010 there was an increase of 93 percent in cyber security breaches.

“Most of us spend seven-plus hours a day in a network environment in front of our computer and so we make all sorts of information available on the Internet. It’s an integral part of our everyday life. And of the information that’s being compromised, 95 percent of it is our personal information and it’s important that we take steps to protect that.

 

And there are simple straightforward ways to do that which from our perspective and from the majority of the Congress’ perspective CISPA was a vehicle for doing just that.”

One fly in CISPA’s pie has been that the White House staff says it will recommend to President Obama that he veto the bill if it makes it to his desk.

 

However, Garfield asserts that the recommendation was made regarding a prior version of the bill and not the amended version that was passed by the House of Representatives.

As for concerns about the bill giving the government free reign to get its hands on whatever data it convinces companies to give it, Garfield says that’s not a concern.

“In fact, there was an amendment in the bill that passed that makes clear that CISPA doesn’t enhance the power of the NSA or any other government agency to engage in the kinds of activity that Rainey’s talking about…For example, the bill sunsets in five years.

 

It has a FOIA (Freedom of Information Act clause) so that those who want to find out the types of information that’s being shared can do so. It sets up the process which I don’t think has existed anywhere else where if the government misuses private information, it’s subject to liability for that misuse of information. “

 

 


A Tech Entrepreneur Speaks Out

A caller into KQED's show identified as “Bruce in Los Gatos” said he is a long-time serial entrepreneur in Silicon Valley who, along with other tech innovators, has invested heavily to develop services, social media, GPS, and mobile apps that give him insight into the behavior and habits of consumers.

“We take pride for the most part in doing the best job we can to use the data responsibly and give consumers value around that,” he says.

What concerns him about CISPA and other previous bills that have been under consideration is that the government seems to want to get at that data.

“And the courts thus far haven’t been very tough on the government in preventing them from accessing it.”

He also points out that modern technology and services companies legitimately know where and when people travel and with whom they communicate.

“But if the government should choose to start to aggregate and track that data, it’s very concerning. And I would be concerned as a consumer that there aren’t more safeguards in place to prevent the government from just grabbing that data or forcing the companies to turn it over in secret,” he said.

 

 

 

What Will Happen to CISPA in the Senate?

Garfield says he’s still hopeful about the bill’s future and Reitman says the EFF’s goal is to have a voice in whatever bill the Senate considers.

That said, Jennifer Martinez, technology policy reporter for Politico, says Democratic sources told her that CISPA is “basically dead on arrival” because of the privacy concerns associated with it.

 

She also says that nothing will happen with CISPA at least for the next week because the Senate is currently in recess and Senate Majority Leader Harry Reid has said the issue will get picked up sometime in May.

What’s most likely to get attention first, Martinez says, is a bill by Senator Joe Lieberman (I-Connecticut) that supports a different method of evading and mitigating cyber threats.

“The main difference is that the core component [of Lieberman’s bill] puts new security mandates on operators of critical infrastructures [such as] utilities companies, [and] possibly water plants [whereas] CISPA is focused on improving information sharing about cyber threats between the government and industries so it doesn’t have that piece that addresses security gaps in critical infrastructures,” she says.

 

 


How You Can Hear and Be Heard

To listen to the entire radio interview for yourself:

 

 

 


And regardless of which side of the fence you’re on, the EFF has posted an online tool that makes it easy for you to send a tweet to your U.S. senators cyber security and privacy.

 

If legislators perk up when a few dozen phone calls come into their offices, imagine the effect of hundreds or thousands of Twitter interactions on the matter.



 

 

 

 




 


-   Why You Should Care   -

CISPA

by RussiaToday
April 30, 2012
from YouTube Website
 

 

SOPA didn't die. It transformed into CISPA and again Internet privacy is under attack. Tim's robot doesn't give a darn about privacy but will revealing his dark online secrets change his mind?

 

Find out right now!