Visual Economy

Videos about how to invest, investing in gold and silver, and economics 101

Hidden Language in CISPA Interprets Desire for Privacy As Threat

One of the greatest concerns about the proposed CISPA cyber-security law is language that goes beyond foreign or terrorist cyber-attacks and could outlaw whistle blowers or otherwise impinge upon First Amendment rights.

Bookmark and Share

User Comments


WealthCycles Commentary


First we had SOPA (Stop Online Piracy Act), then PIPA (Protect IP Act). Now there’s CISPA (Cyber Intelligence Sharing and Protect Act), HR 3523, the most recent so-called cyber-security legislation that, internet activists and privacy advocates say, may be the most invasive of them all.

In this video report by RT Studio’s Alonya Show, Electronic Frontier Foundation activist Trevor Timm explains why, offering this “nightmare scenario”:

A company like Google, Facebook, Twitter or AT&T could intercept your e-mails and text messages, send copies to one another and to the government, and modify those communications or prevent them from reaching their destination… if it fits into their plan to stop cyber-security threats.

The legislation, which has already garnered more than 100 congressional supporters, “carves out a cyber-security exception to all our privacy laws,” Timm explains.

Once it gets to the government, all this information, your private communications, we don’t know where it goes, or what they’re using it for. We don’t know what agency it goes to, or whether they’re allowed to share between agencies. We don’t know whether they are allowed to use this information for other than cyber-security purposes like normal criminal investigations. We know that probably NSA [National Security Agency] is going to be one of the biggest benefactors. And while the NSA deals with cyber-security threats, we’ve also heard many allegations that NSA is spying on Americans. In fact, at EFF we have a suit going on right now accusing them of just that. So this bill is very dangerous and doesn’t actually solve the problems that it says it’s supposed to.

One of the greatest concerns about the proposed legislation, Timm continues, is language buried in it that goes beyond foreign or terrorist cyber-attacks and potentially could clamp down on whistle blowers or otherwise impinge upon First Amendment rights.

There are no restrictions, and there are even definitions in there that encompass things that you wouldn’t even think are involved with cyber-security, in Rogers bill, that talk about misappropriating government information or intellectual property. We fear that this clause hidden in the bill, that nobody’s really paying attention to, could end up being used to censor or block websites such as a whistle blower site such as WikiLeaks, which the government obviously has not liked but can’t shut down, because it’s protected by the First Amendment. Same thing goes with copyright infringement: the intellectual property clause may give the government a way or excuse to censor websites that they think people are downloading music illegally off of.
And the problem is that it’s the hair trigger which allows these companies to kind of use cyber-security purposes to go after these people and hand the information over to the government. So … encrypting your emails might be an indicator, or using an anonymization service like Tor that allows you to hide where you are or hide your identity.
So these are normal privacy tools that people should be able to use to just keep their identity private, but they are ending up as indicators of a cyber threat in this bill.

One thing that distinguishes CISPA from other earlier cyber-security legislation is that CISPA has support from mainstream tech companies such as Microsoft, Facebook and Tech America. Timm says that’s because the bill has less impact on their corporate bottom lines.

With SOPA and PIPA, their livelihood was threatened more directly I think. They were going to have to censor so much content themselves, and there was going to be so much more legal liability put on them.

The danger is that, in companies’ sincere desire to support government in preventing legitimate cyber-security threats, they may sign on to a broad-based bill that will compromise civil liberties and Internet users’ right of privacy.