So. It is back, like a bad slasher movie remake (Don't worry. I'm killing these comparisons now.). And like before the idea is to sell it as a beneficent new law meant to help us, and keep us safe. Trouble comes in how it opens up the citizenry to new levels of privacy invasions. If the government says the words "national security", POP!, you're privacy rights and agreements online are no longer valid. (Lifehacker, Verge, and here look some more at the CISPA bill and it's troubles.)
Here's the bill language.
What this means is that when the government sees a threat, or deems one is rising, it can request an online provider hand over certain persons data. The provider can then just hand over all of the persons information. And under the new law the provider is protected from any lawsuits for violating promises about protecting personal data. It is all a quick and legal transaction between business and government.
And that is the key to CISPA now. SOPA got industrial opposition (the major business interests) because they were stuck in the middle and open to being held accountable. But now they will be made immune, while the law will still be able to screw the users over. But Twitter, Facebook etc. will be fine (Phew!). The key thing is that this means these players aren't backing us now. For instance, AT&T and Verizon, along with the Telecom lobbyists, have come out in eager support now of CISPA.
And this is troubling. Troubling for peoples ability to speak freely. Troubling for privacy. Troubling for being able to feel confident in out constitutional rights.
No warrants. No courts. No oversight. The American Library Association noted with the last attempt to pass this:
The ALA is concerned that all private electronic communications could be obtained by the government and used for many purposes–and not just for cybersecurity activities. H.R. 3523 would permit, and sometimes even require, Internet service providers and other entities to monitor all electronic communications and share personal information with the government without effective oversight by claiming the sharing is for “cybersecurity purposes.”
It isn't directly meant to be a new spy tool. But it is built so it can be instantly re-purposed as one. And when government is given a tool like this, it tends to find a reason to make use of it, like with the RICO law.
Now we should remember that laws need to be changed and updated. And cyber laws do need to move with the times. But their is a difference between what we need on the books to reasonably protect and serve society and what is just a means to easily control. When is it overreach? Miranda is an inconvenience to law enforcement. But it is a good one. It helps some people get the aid they need to not be abused. The need to get warrants before scouring your personal data is another important protection. This law leaves us vulnerable, while doing to little to actual protect us.
More from the Electronic Frontier Foundation on this.
Fight for the Future - CISPA is Back
Right now. Many people are planning to use today as a CISPA blackout, where they will have no presence online, in protest to the effect this law could have on online activity. I am still deciding whether to do this to (Yes. Based on my clock, I am over the deadline a little already. But time is relative, and it's still Sunday in some of the US still.) I am tempted to. But I am also tempted to see if I can write anything of use tomorrow, focused o this. We'll see.
Still, whether blacked out or not, CISPA is back. And it's passed the House of Representatives. President Obama has indicated he'd VETO it's current form if it passed the Senate. But if he's pressured to do otherwise... Or, if enough support is bought in the Senate, how close would they be to being able to override a veto?
As EFF above asks. Contact your senator now. Be sure they know where you stand, and why you stand there.
Be informed. Be involved. These are your rights.