CISPA: Just say no to the Cyber Intelligence Sharing and Protection Act

Sponsoring the Cyber Intelligence Sharing and Protection Act of 2011 (CISPA) Congressman Mike Rogers (R-Michigan) is competing to see if he is more evil than SOPA sponsor Lamar Smith (R – Texas).

The bill’s stated purpose is…

[t]oprovide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities, and for other purposes.

The official summary of the bill by the Congressional Research Service states that CISPA…

[a]mends the National Security Act of 1947 to add provisions concerning cyber threat intelligence and information sharing. Defines “cyber threat intelligence” as information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from: (1) efforts to degrade, disrupt, or destroy such system or network; or (2) theft or misappropriation of private or government information, intellectual property, or personally identifiable information. Requires the Director of National Intelligence to: (1) establish procedures to allow intelligence community elements to share cyber threat intelligence with private-sector entities, and (2) encourage the sharing of such intelligence. Requires the procedures established to ensure that such intelligence is only: (1) shared with certified entities or a person with an appropriate security clearance, (2) shared consistent with the need to protect U.S. national security, and (3) used in a manner that protects such intelligence from unauthorized disclosure. Provides for guidelines for the granting of security clearance approvals to certified entities or officers or employees of such entities. Authorizes a cybersecurity provider (a non-governmental entity that provides goods or services intended to be used for cybersecurity purposes), with the express consent of a protected entity (an entity that contracts with a cybersecurity provider) to: (1) use cybersecurity systems to identify and obtain cyber threat information in order to protect the rights and property of the protected entity; and (2) share cyber threat information with any other entity designated by the protected entity, including the federal government. Regulates the use and protection of shared information, including prohibiting the use of such information to gain a competitive advantage and, if shared with the federal government, exempts such information from public disclosure. Prohibits a civil or criminal cause of action against a protected entity, a self-protected entity (an entity that provides goods or services for cybersecurity purposes to itself), or a cybersecurity provider acting in good faith under the above circumstances. Directs the Privacy and Civil Liberties Oversight Board to submit annually to Congress a review of the sharing and use of such information by the federal government, as well as recommendations for improvements and modifications to address privacy and civil liberties concerns. Preempts any state statute that restricts or otherwise regulates an activity authorized by the Act.

Under the guise of protecting cyber and national security, the bill would allow the government and private companies — like your Internet Service Provider (ISP) or Facebook — to share information with each other about “threats.” Those threats are not clearly defined and there’s no requirement that any information shared be stripped of personally identifiable information either. At a minimum, this bill encourages companies to become spies for the government.

Like the SOPA debacle, the Electronic Frontier Foundation is fighting against CISPA. Join the fight against this attempt to destroy your online privacy.

  

One Response to “CISPA: Just say no to the Cyber Intelligence Sharing and Protection Act”

Read below or add a comment...

  1. Rwolf says:

    CISPA Legislation, Will Escalate Government Asset Forfeiture

    CISPA the Cyber Intelligence Sharing and Protection Act if signed into law will allow——the military and NSA warrant-less spying on Americans’ confidential electronic Communications; any transmitted private information circumventing the fourth amendment. CISPA will allow any self-protected cyber entity to share with the Feds any person’s private information that might allegedly relate to a cyber threat or crime. Considering the U.S. Government’s current business relationship with telephone and Internet companies, it should be expected the feds would use CISPA to gain unprecedented access to lawful Americans’ private electronic communications. Almost every week news media reports corrupt police arrested for selling drugs, taking bribes and perjury. It is foreseeable that broad provisions in CISPA that call for private businesses’ cyber entities to share among themselves and with Spy Agencies confidential information will open the door for corrupt government, police and entity employees to sell a corporations’ confidential information to its competitors, foreign government and others. CISPA provides insufficient safeguards to control disposition of (shared) confidential corporate and client entity information, including confidential information shared by spy agencies with private and government entities derived from spying on Americans.

    Ironically Government can use CISPA to (covertly certify employees) of a Government approved certified cyber self-protected entity—to spy on their certified employer and clients with full immunity from lawsuits if done in good faith. U.S. Government is not prohibited from paying a Government Certified self protected cyber entity or their employees “Asset Forfeiture commissions” that result from providing Government a corporation’s confidential and private client information—that otherwise would require a warrant.

    The recent House Passed Cyber Security Bill overrides the Fourth Amendment. Government may use against Americans in Criminal, Civil and Administrative courts (any information) derived from CISPA warrant-less Internet spying.

    CISPA will open the door for U.S. Government spy agencies such as NSA; the FBI; government asset forfeiture contractors, any private entity (to take out of context) any innocent—hastily written email, fax or phone call to allege a crime or violation was committed to cause a person’s arrest, assess fines and or civilly forfeit a business or property. There are more than 350 laws and violations that can subject property to government asset forfeiture. Government civil asset forfeiture requires only a civil preponderance of evidence for police to forfeit property, little more than hearsay.

    CISPA (warrant-less electronic surveillance) will enable the U.S. Justice Department to bypass the Fourth Amendment, use information extracted from CISPA electronic surveillance) of Americans’ Web Server Records, Internet Activity, transmitted emails, faxes, and phone calls to issue subpoenas in hopes of finding evidence or to prosecute Citizens for any alleged crime or violation. If the current CISPA is signed into law it is problematic federal, state and local law enforcement agencies and private government contractors will want access to prior Bush II NSA and other government illegally obtained electronic records to secure evidence to arrest Americans; civilly forfeit their homes, businesses and other assets under Title 18USC and other laws. Of obvious concern, what happens to fair justice in America if police become dependent on “Asset Forfeiture” to help pay their salaries and budget operating costs?

    Note: the passed “Civil Asset Forfeiture Reform Act of 2000” (effectively eliminated) the “five year statue of limitations” for Government Civil Asset Forfeiture of property: the statute now runs five years (from the date) police allege they “learned” an asset became subject to forfeiture. If CISPA takes affect, allows (no warrant) electronic government surveillance of Americans, it is expected CISPA will be used by government not only to thwart cyber threats, but to aggressively prosecute Americans and businesses for any alleged crime: U.S. Government spy and police agencies; quasi government contractors for profit, will relentlessly sift through Citizen and businesses’ (government retained Internet data), emails and phone communications) to discover possible crimes or civil violations.

    A corrupt U.S. Government Administration too easily use CISPA no-warrant-seized emails, faxes, Internet data and phone call information) to target, blackmail and extort its political opposition; target any Citizen, corporation and others in the manner Hitler used his Nazi passed legislation that permitted no-warrant Nazi police searches and seizure of Citizens and businesses or to extort support for the Nazi fascist government. Hitler Nazi Laws made it possible for the Nazis to strong-arm German parliament to pass Hitler’s 1933 Discriminatory Decrees that suspended the Constitutional Freedoms of German Citizens. History shows how that turned out.

    CISPA warrant-less electronic surveillance) has the potential of turning America into a Fascist Police State.