Who is pushing cispa

Evidently some "Cyber Media" fell for it, because it took until April 13 for CISPA to start hitting mainstream media via tech media channels , and only then did it make any loud noise when comparisons to SOPA were made. Okay, not really. But here's how they pretended to listen to our serious concerns when we got two pro-CISPA reps from Washington face-to-face last week.

After hearing what they had to say in response to our concerns, they could barely pretend they were there for little more than lip service.

Near the end, many of us in the room were laughing in nervous disbelief at their cavalier and dismissive responses. We were told there was robust discussion about the bill and that the idea internet communities hate it is false. Questions about the NSA and potential abuse of private data and information sharing for individuals were ignored. Instead the room was told that privacy and civil liberties are a "new element" for them to consider in the future.

When asked about what they meant by concrete threats, the pro-CISPA rep conflated cybersecurity with infringement, and that China is a big major cybersecurity threat to intellectual property that needs protection under the bill. The pro-CISPA reps demonstrated repeatedly that not only were they there for lip service and misdirection, they actually had no technical knowledge of what they were talking about.

The EFF's Dan Auerbaugh concluded afterward that "Congress just doesn't know enough to meddle intelligently with technology. The audience questions demonstrated this point quite sharply The other is a more ominous path, creating new government surveillance capabilities with little restriction on abuse. This Congress has dealt with dozens of bills relating to cybersecurity; most are now dead or dormant. It's also the target this week of a grassroots campaign aimed at raising awareness of the serious risks the bill poses.

Internet users are being urged to call or write their members of congress and push for changes or vote against the bill as it now stands. SOPA opposition turned on threats to the First Amendment; CISPA is about the Fourth, owing to the potential it creates for unprecedented government monitoring of internet users' personal online information.

Mike Rogers R-Michigan and Dutch Ruppersberger D-Maryland , insist that their bill is mindful of user privacy while providing important legal mechanisms that would encourage private companies to share information with the government in return for receiving critical help in fighting off cyber attacks. Information sharing is a critical component of successful cybersecurity policy, when that information is narrowly defined, is used only for cybersecurity purposes, and the process controlled by a civilian agency, such as the Department of Homeland Security.

Two weeks ago, CISPA was thought to be untouchable, until the winds of internet rebellion began to stir. You can see the list of who can get your data here. Instead, Congress should insist that data shared with the government flows to civilian agencies, and then only to defense, intelligence, and law enforcement agencies when necessary for clearly and precisely defined cybersecurity purposes.

Otherwise, CISPA's broad, vaguely defined framework could be abused as a warrantless backdoor wiretap. Since CISPA broadly immunizes corporations from criminal and civil liability, it prevents customers from holding those companies accountable if they negligently or recklessly mishandle their data.

To avoid the moral hazards of such broad immunity, lawmakers should carefully tailor corporate liability protections. Such an entity -- consisting of privacy and consumer advocates, civil libertarians, and computer security researchers -- could help uphold privacy and consumer rights while also providing researchers with a trove of information. This way, we can draw on the collective expertise of those who believe a free and open internet is entirely compatible with a secure one -- while also helping them develop more effective technologies to prevent and mitigate cyber intrusions.