I was visiting with my son over the weekend and out of the blue, he said to me, “Why isn’t anyone talking about CISPA?”
Well, I had been out of touch with just about everything for the past few days, due to travel and meetings, so I thought I’d find out why no one was talking about the Cyber Intelligence Sharing and Protection Act (CISPA) after the House of Representatives passed the bill by a large margin. Turns out the reason the CISPA conversation disappeared is simple – the bill was dead on arrival in the Senate.
Now, that isn’t surprising in today’s governmental chaos. Everything seems to be DOA when going from one side of Congress to the other. In this case, the fundamental disagreement on CISPA is privacy – the same issue that has haunted CISPA from the beginning. In fact, CISPA already failed once in the Senate because of the fears that it would potentially usurp other laws that protect privacy, especially from the government. According to CNET:
CISPA permits private sector companies -- including technology firms, such as Facebook, Twitter, Google and Microsoft, among others -- to pass "cyber threat" data, including personal user data, to the U.S. government.
This means a company like Facebook, Twitter, Google, or any other technology or telecoms company, including your cell service provider, would be legally able to hand over vast amounts of data to the U.S. government and its law enforcement -- for whatever purpose it deems necessary -- and face no legal reprisals.
The House’s stance on CISPA is that the Act would prevent other countries from stealing ideas generated in our country. The Senate, however, says it is drafting a bi-partisan bill that claims to do a better job addressing the privacy concerns while also focusing on the growing numbers and types of cyber threats.
In my opinion, the toughest thing that will need to be worked out for CISPA to work is a general understanding of what privacy is and how it has changed in the age of the Internet and with not only cyber threats, but threats like the Boston bombing or mass shootings. We know that young people don’t have the same view of privacy as older adults – how does that play into what privacy is and isn’t? I don’t think a real cybersecurity bill with teeth can be passed until we come to that understanding.