The House of Representatives passed the Cyber Intelligence Sharing and Protection Act of 2013 (CISPA) by a vote of 288-127, a nearly veto-proof majority. It now heads to the Senate, where it died last year.
President Obama has threatened to veto the bill in its current form.
For those out of the loop, CISPA will allow private sector firms to search personal and sensitive user data of ordinary U.S. residents to identify this so-called “threat information,” and to then share that information with each other and the U.S. government — without the need for a court-ordered warrant.
An amendment would have allowed companies to keep to the terms of its terms and conditions. It was defeated by a unanimous vote of Republicans in the House Rules Committee. If the bill becomes law, companies will be able to share private customer information with impunity.
The EFF’s Mark Jaycox breaks down the implications of the government having unfettered access to the private information of the millions of Americans who communicate online:
Information provided to the federal government under CISPA would be exempt from the Freedom of Information Act (FOIA) and other state laws that could otherwise require disclosure (unless some law other than CISPA already requires its provision to the government).
CISPA’s authors argue that the bill contains limitations on how the federal government can use and disclose information by permitting lawsuits against the government. But if a company sends information about a user that is not cyberthreat information, the government agency does not notify the user, only the company.
Mike Rogers (R-MI), the sponsor of the bill, claimed that the only people who objected to allowing government unlimited access to our digital lives are “14-year-old tweeters.” It turns out that Rogers’ wife may have a very compelling interest in passing CISPA.
Of course, as we’ve noted all along, all attempts at cybersecurity legislation have always been about money. Mainly, money to big defense contractors aiming to provide the government with lots of very expensive ‘solutions’ to the cybersecurity ‘problem’ — a problem that still has not been adequately defined beyond fake scare stories. Just last month, Rogers accidentally tweeted (and then deleted) a story about how CISPA supporters, like himself, had received 15 times more money from pro-CISPA groups than the opposition had received from anti-CISPA groups.
So it seems rather interesting to note that Rogers’ wife, Kristi Clemens Rogers, was, until recently, the president and CEO of Aegis LLC, a ‘security’ defense contractor company, whom she helped to secure a $10 billion (with a b) contract with the State Department. The company describes itself as ‘a leading private security company, provid[ing] government and corporate clients with a full spectrum of intelligence-led, culturally-sensitive security solutions to operational and development challenges around the world.’