The House of Representatives passed the Cyber Intelligence Sharing and Protection Act of 2013 (CISPA) by a vote of 288-127, a nearly veto-proof majority. It now heads to the Senate, where it died last year.
President Obama has threatened to veto the bill in its current form.
For those out of the loop, CISPA will allow private sector firms to search personal and sensitive user data of ordinary U.S. residents to identify this so-called “threat information,” and to then share that information with each other and the U.S. government — without the need for a court-ordered warrant.
An amendment would have allowed companies to keep to the terms of its terms and conditions. It was defeated by a unanimous vote of Republicans in the House Rules Committee. If the bill becomes law, companies will be able to share private customer information with impunity.
The EFF’s Mark Jaycox breaks down the implications of the government having unfettered access to the private information of the millions of Americans who communicate online:
Information provided to the federal government under CISPA would be exempt from the Freedom of Information Act (FOIA) and other state laws that could otherwise require disclosure (unless some law other than CISPA already requires its provision to the government).
CISPA’s authors argue that the bill contains limitations on how the federal government can use and disclose information by permitting lawsuits against the government. But if a company sends information about a user that is not cyberthreat information, the government agency does not notify the user, only the company.
Mike Rogers (R-MI), the sponsor of the bill, claimed that the only people who objected to allowing government unlimited access to our digital lives are “14-year-old tweeters.” It turns out that Rogers’ wife may have a very compelling interest in passing CISPA.
Of course, as we’ve noted all along, all attempts at cybersecurity legislation have always been about money. Mainly, money to big defense contractors aiming to provide the government with lots of very expensive ‘solutions’ to the cybersecurity ‘problem’ — a problem that still has not been adequately defined beyond fake scare stories. Just last month, Rogers accidentally tweeted (and then deleted) a story about how CISPA supporters, like himself, had received 15 times more money from pro-CISPA groups than the opposition had received from anti-CISPA groups.
So it seems rather interesting to note that Rogers’ wife, Kristi Clemens Rogers, was, until recently, the president and CEO of Aegis LLC, a ‘security’ defense contractor company, whom she helped to secure a $10 billion (with a b) contract with the State Department. The company describes itself as ‘a leading private security company, provid[ing] government and corporate clients with a full spectrum of intelligence-led, culturally-sensitive security solutions to operational and development challenges around the world.’
So how are CISPA supporters selling such a bill, which tosses aside Fourth Amendment protections against unreasonable searches and seizures as they rant about the sanctity of the Second Amendment?
There are real digital security threats that the government is facing that may require new tools for the government, says Think Progress‘ Andrea Peterson:
But underneath the problems of scope and privacy, the goal of CISPA is to create a functional structure for coordinating information about cybersecurity vulnerabilities and threats so intelligence can be shared. This would allow the government to share information about the tactics of adversaries with victims, or send up a warning flare about an emerging threat. Consider the report released earlier this year by cybersecurity firm Mandiant about a group of hackers engaging in corporate espionage likely affiliated with the Chinese military: It came along with a cache of threat intelligence indicators that could help identify other attacks by the group in the future, such as domain names, IP addresses, encryption certificates, detailed descriptions of over 40 families of malware they use.
But with the current and past administrations’ record of expanding the scope of intelligence gathering, even doing so illegally then retroactively granting immunity, civil libertarians reject the need to give the government complete access to private information without any need for warrants.
Despite many conservative groups opposing the bill, Republicans voted for it 199-29 with no fears that the government would create a registry of Facebook or iTunes users.
Rogers has an “A” rating from the NRA. In a letter a constituent recently received from Rogers, the congressman said, “we must ensure the Second Amendment rights of law-abiding citizens are not infringed upon.” He went on to say he opposes the creation of a national gun registry.
(He also has said that he doesn’t think bombing Iran would be an act of war.)
The privacy of the 1 in 5 gun owners who don’t have to go through background checks is so important that Republicans refuse to pass any gun legislation. But the privacy of every American who uses an online service is apparently something the GOP has no problem handing over to the government.