CISPA Bill: 5 Main Privacy Worries

  /     /     /  
Publicated : 22/11/2024   Category : security


CISPA Bill: 5 Main Privacy Worries


Privacy rights groups have launched a week of protests against the House bill, warning that CISPA will weaken current wiretapping and electronic communication laws.



Does the Cyber Intelligence Sharing and Protection Act (CISPA) threaten peoples privacy in unacceptable ways?
Thats one criticism being leveled at CISPA, the House cybersecurity bill introduced by Rep. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.) in November, 2011. Many privacy watchers, notably, have said that the
11-page bill
, which focuses on government monitoring, suffers a similar problem to the
Stop Online Piracy Act
(SOPA), which was defeated earlier this year after a
wave of mass protests
. Namely, the language of CISPA is so broad, that while it attempts to tackle a real issue--in this case, government monitoring--it may spur unintended and detrimental side effects.
As a result, numerous civil rights groups--including the American Civil Liberties Union, the Center for Democracy & Technology (CDT), the Electronic Frontier Foundation (EFF), and Reporters Without Borders--announced Monday that they were launching a Stop Cyber Spying week of protests against CISPA, before a scheduled House of Representatives vote on the bill next week.
What are the privacy-related worries with CISPA? Civil liberties groups have detailed 5 main concerns:
1. Widespread Employee Monitoring.
The CISPA bill states that any business can use cybersecurity systems to identify and obtain cyber threat information to protect [its] rights and property--which privacy watchers said will include email or Facebook message contents--while having immunity from prosecution or lawsuits under any other law.
According to the EFF
, that provision would subvert privacy protections offered by
existing wiretapping laws and electronic privacy communications laws
, allowing companies to bypass all existing laws, as long as they claim a vague cybersecurity purpose, without threat of reprisal.
[ What can enterprises learn from a recent security fight against Anonymous? See
Anonymous Vs. DNS System: Lessons For Enterprise IT
. ]
2. No Information-Sharing Restrictions.
Another criticism of CISPA is that, as worded, it doesnt restrict the reasons for which information may be gathered. It lacks meaningful use restrictions--it should be made clear that information shared for cybersecurity should be used for cybersecurity purposes, not unrelated national security purposes or criminal investigations, said CDT senior counsel Greg Nojeim in a statement.
3. Information May Be Shared With NSA.
Under CISPA, companies could voluntarily share any communications they like with the Department of Homeland Security (DHS). After collecting your communications, companies can then voluntarily hand them over to the government with no warrant or judicial oversight whatsoever as long is the communications have what the companies interpret to be cyber threat information in them, said the EFF. DHS would also then be free to share the information with other government agencies, including the
National Security Agency
, over which theres little oversight, according to civil rights groups.
4. Bill May Encourage Broad Surveillance.
As with SOPA and PIPA, many privacy watchers arent lobbying for no legislation. Rather, privacy groups say that they want more carefully constructed bills, which take into account existing civil liberties, and which monitor government access to peoples personal communications. We need cybersecurity legislation, not surveillance legislation, said CDT President Leslie Harris, in a statement criticizing CISPA.
5. CISPA Alternatives Do Exist.
Better alternatives to CISPA may already exist, according to privacy groups. For example, the CDT is backing a different cybersecurity bill, known as the
PRECISE Act
, which was written by Rep. Dan Lungren (R-Calif.). According to the CDT, that bill has information-sharing language that offers a better alternative to CISPA, balancing cybersecurity, industry, and civil liberties concerns. Might CISPA succeed where
SOPA and PIPA failed
? Last week, members of the
hacktivist group Anonymous
launched a series of
distributed denial-of-service (DDoS) attacks
against Boeing, as well as the trade associations TechAmerica and USTelecom, all of which have publicly backed CISPA.
In other words, before CISPA might pass into law, you can expect to see the
fight to scuttle CISPA
intensify.
At a time when cybercrime has never been more prolific and sophisticated, budgets are being cut. In response, IT is taking a hard look using third-party services--outsourcing--to meet security challenges. Our
Making The Security Outsourcing Decision
report outlines the various security outsourcing options available. (Free registration required.)

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
CISPA Bill: 5 Main Privacy Worries