WebProNews

Tag: CISPA

  • Rep. Adam Schiff To Propose Pro-Privacy Amendment To CISPA

    This year’s CISPA is just like last year’s CISPA. That has some privacy groups concerned as the bill makes it easier for companies to share private information with the government while granting them immunity. To help address these concerns, one lawmaker will be introducing an amendment to CISPA next week.

    The Hill reports that Rep. Adam Schiff will be introducing a pro-privacy amendment during the House Intelligence Committee’s markup of CISPA. The amendment would make companies do their damnest to remove personally identifiable information from any data that they share with government.

    Beyond that, the amendment would also allow companies to use automated processes in removing personal information from data. The automated removal of information would serve two purposes – it would make the removal of information more accurate, and it would speed up the process to better counter cybersecurity threats.

    The amendment is a great first step to making sure CISPA protects privacy, but Schiff has indicated that he has yet to reach a consensus with the bill’s authors – Reps. Mike Rogers and Dutch Ruppersberger. Fortunately, Schiff says that the tech industry has yet to raise any objections to his amendment.

    Even with the support of industry, Schiff’s amendment may not make it into CISPA. What’s worse is that we won’t even know what actually happened until after the fact thanks to the committee holding the CISPA markup behind closed doors. Still, there’s a small sliver of hope resting on Schiff’s shoulders as the congressman said that he wouldn’t vote CISPA out of committee unless it had his amendment, or another suitable pro-privacy amendment, tacked on to it.

    Even with these proposed amendments, there’s always the chance that CISPA can worm its way through the House just like it did last year. After that, it will be up to the Senate and White House to make sure that it doesn’t go through without reasonable privacy protections.

  • Congress Doesn’t Want You Listening In On The CISPA Debate

    It was revealed in mid-February that CISPA would be back. The dreaded cybersecurity bill is now ready to make its way through Congress, but our elected representatives apparently think that the public doesn’t have the right to know what’s going to go into it.

    The Hill reports that the media and public will not be allowed to watch the House Intelligence Committee’s markup on CISPA next week. A spokesperson for the committee says that the secrecy is because the CISPA discussions will include confidential material that must be kept secret.

    “Sometimes they’ll need to bounce into classified information and go closed for a period of time to talk. In order to keep the flow of the mark-up continuing forward, you can’t stop in the middle of an open hearing, move everyone to another location for a portion of it, and then move back.”

    It’s heavily speculated that the committee is shutting out the media and public to keep both in the dark. Sure, the committee says it will release information on amendments offered, and lawmakers can discuss what happened; but it doesn’t give us the whole picture.

    If you buy into the rhetoric of lawmakers, cybersecurity is incredibly important. If it’s so important, why isn’t the public invited to add their voice to the ongoing deliberations over what was already a bad bill? Most likely, it’s just another excuse to eliminate scrutiny. Unfortunately for the committee, they will only invite more scrutiny on themselves and the bill as it nears a vote in the House.

    It will be interesting to see what the White House says about all of this as the anti-CISPA petition on the We the People Web site has reached the necessary 100,000 signatures for an official response. It’s been almost a month, however, and there’s been no response yet. Here’s hoping the White House still retains its CISPA position from last year.

  • Anti-CISPA White House Petition Crosses 100,000 Signature Threshold

    After CISPA returned in February, privacy advocates started a “We The People” petition asking the White House to stand against the controversial legislation. It’s been a month since the petition was created, and advocates are one step closer to a response.

    The “Stop CISPA” petition on the We The People petition site has crosses the recently instated 100,000 threshold required for a response from the Obama administration. The petition asks the administration to reject CISPA for its overly broad language:

    CISPA is about information sharing. It creates broad legal exemptions that allow the government to share “cyber threat intelligence” with private companies, and companies to share “cyber threat information” with the government, for the purposes of enhancing cybersecurity. The problems arise from the definitions of these terms, especially when it comes to companies sharing data with the feds.

    It will be interesting to see if, and how, the administration responds to this petition. President Obama has already signed an executive order that accomplishes what CISPA aims to do without the civil liberty violations. The President acknowledged, however, that an executive order isn’t enough and called upon Congress to pass cybersecurity legislation.

    That’s going to be the hard part, though, as Congress proved last year that it can’t agree on cybersecurity measures. Privacy advocates may not even have to bother the White House if the House and Senate can’t come to any sort of agreement. Even if they do, the White House promised to stand against CISPA last year. Unless something changes, the White House will stand against CISPA again.

    [h/t: TechDirt]

  • Experts Say Congress Is Unprepared For A Cyberattack

    President Obama introduced an executive order last week that intended to help protect the nation’s infrastructure from cyber attacks. It’s similar to CISPA in that it increases information sharing between government and private corporations, but thankfully lacks the privacy infringing clauses found in the aforementioned bill. Some experts, however, are saying that it’s not enough.

    Security experts have found that Congress itself is woefully unprepared for a cyberattack on its network. They say that Congressional networks lack the technology and security methods to prevent attacks. The danger here is that a successful hack could yield a treasure trove of classified information from lawmakers.

    Speaking to The Hill, Tom Kellermann, VP of Cybersecurity for Trend Micro, says that Congress is “overly reliant on perimeter defenses that are ineffective in today’s targeted environment.” He also says that Congressional networks “lack their own appropriate levels of funding for technologies and manpower to deal with this properly.”

    If hackers were interested in Congress, who would they hit? Security experts say that high-ranking lawmakers would be first on the list, but important committees like the Intelligence and Armed Services committees would also be high priority targets. These committees hold highly classified information from government agencies like the FBI and the Pentagon that would be especially desirable.

    For their part, many people in Congress told The Hill that they practice “proper cyber hygiene.” That is to say that members of Congress and its employees are trained to spot phishing attempts and malware attacks. It’s a good first line of defense that could prevent incidents like the recent Apple and Facebook hacks that used an exploit in Java to gain access to systems.

    As always, lawmakers can talk a good talk, but are they really doing enough to protect their networks from hackers? Congress’ cybersecurity professionals have been reportedly stepping up their game over the past few years to prevent the kind of attacks that have crippled corporations over the last few years. They do, however, emphasize the need for new cybersecurity regulations. Let’s just hope Congress can provide one devoid of CISPA’s privacy infringing ugliness.

  • Should You Be Concerned About The Return Of CISPA?

    On Wednesday of last week, we heard that the House Intelligence Committee was going to reintroduce CISPA after working with the White House on a revised bill that sufficiently addressed the Obama administration’s concerns. The hope of a reworked, and potentially privacy friendly, CISPA was good while it lasted because the bill’s co-sponsors aren’t going to change a thing.

    The Hill reports that House Intelligence Chairman Mike Rogers and ranking member Rep. Dutch Ruppersberger said that they will be reintroducing CISPA into the House. This new CISPA, however, will not be any different from the old one.

    Were you concerned about CISPA last year? Do you hate to see it back? Let us know in the comments.

    It’s been a while since the original CISPA was introduced though. What made this particular piece of legislation so bad again? The EFF released a statement when CISPA was a concern last year, and the group’s words are still applicable to this day:

    CISPA creates an exception to all privacy laws to permit companies to share our information with each other and with the government in the name of cybersecurity. Although a carefully-crafted information sharing program that strictly limits the information to be shared and includes robust privacy safeguards could be an effective approach to cybersecurity, CISPA lacks such protections for individual rights. CISPA’s ‘information sharing’ regime allows the transfer of vast amounts of data, including sensitive information like internet use history or the content of emails, to any agency in the government including military and intelligence agencies like the National Security Agency or the Department of Defense Cyber Command. Once in government hands, this information can be used for any nonregulatory purpose so long as one significant purpose is for cybersecurity or to protect national security. These are not meaningful use restrictions: “national security” use is one of the problems, and the White House recognized this immense problem by precluding such use in its own cybersecurity proposal. While the bill requires the Director of National Intelligence Inspector General to issue annual reports on the government’s use of information shared with it under the bill, such reports would only be provided to congressional intelligence committees, and IG reports are no substitute for meaningful use restrictions and they will do nothing to dissuade companies from misusing personal information shared under this broad new program.

    Despite this, CISPA enjoyed broad support from pretty much every major Internet-based company, with the exception of Mozilla. The same companies that came out swinging against SOPA voiced their support for CISPA. It’s pretty obvious that they supported it because it exonerates all companies from any liability should a customer’s data fall in the wrong hands when being transferred to the government, but the Telecommunications Industry Association argued last year that CISPA protected consumers:

    CISPA strikes the right balance between strong cyber protection and a flexible, innovation-friendly framework. The legislation takes a significant step forward in safeguarding consumers and businesses from increasingly aggressive and sophisticated cyber attacks. At the same time, it establishes a collaborative approach that won’t introduce heavy bureaucracy that could harm high tech innovation. The relationship between government and industry that this bill supports is critical to the current and future economic success and security of America.

    Is the TIA right in that CISPA helps protect consumers and companies? Or does it only serve to hurt them? Let us know in the comments.

    The old CISPA may have enjoyed broad support from Internet companies, but it lacked a very important ally – the President. Last year, the White House issued a statement threatening to veto CISPA for its lack of privacy protections. It was a good sign, but that may not the be the case the time around.

    In a statement released on Monday, the House Intelligence Committee says that CISPA was “developed in close consultation with a broad range of private sector companies, trade groups, privacy and civil liberties advocates, and the executive branch.”

    It’s that last group that should make CISPA opponents concerned. If the new/old CISPA has support from the White House, one of its toughest opponents will be dealt with. The only thing standing in its way this time would be the Senate. Last year, the Senate pushed its own cybersecurity legislation in the Cybersecurity Act of 2012. The bill was ultimately killed and the House-approved CISPA languished and died before it could come up for a vote. That all may change this year as the House and Senate may be united in pushing forward cybersecurity legislation to combat whatever is in Obama’s cybersecurity executive order that’s expected to be revealed on Wednesday.

    So, we come down to the all important question – should you be concerned? The answer is a resounding maybe. CISPA still has plenty of opponents even if the White House decides to announce its support for the bill. The Senate may try to push its own bill again thus killing it, and civil liberty groups will obviously campaign to have it killed.

    In short, CISPA faces the same uphill battle that it faced last year. It’s hard to say if it will be successful time time or not. Even if it isn’t, at least we can look forward to an executive order that may just contain what we hated about CISPA.

    Do you think an executive order would be preferable to CISPA? Do we even need cybersecurity legislation? Let us know in the comments.

  • Obama’s Cybersecurity Executive Order Is No CISPA, Contains Privacy Protections

    Near the end of President Obama’s State of the Union address, he addressed the need for cybersecurity reform. He also confirmed the long standing rumor that he would indeed be signing an executive order into law that helps increase information sharing between the government and private corporations. What’s surprising, however, is that it does address many of the privacy concerns that privacy proponents had with bills like CISPA and CSA.

    With that being said, let’s get into the nitty gritty of the executive order, shall we? First up are details on how information sharing between public government entities and private corporations will work:

    Sec. 4. Cybersecurity Information Sharing. (a) It is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats. Within 120 days of the date of this order, the Attorney General, the Secretary of Homeland Security (the “Secretary”), and the Director of National Intelligence shall each issue instructions consistent with their authorities and with the requirements of section 12(c) of this order to ensure the timely production of unclassified reports of cyber threats to the U.S. homeland that identify a specific targeted entity. The instructions shall address the need to protect intelligence and law enforcement sources, methods, operations, and investigations.

    (b) The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a process that rapidly disseminates the reports produced pursuant to section 4(a) of this order to the targeted entity. Such process shall also, consistent with the need to protect national security information, include the dissemination of classified reports to critical infrastructure entities authorized to receive them. The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a system for tracking the production, dissemination, and disposition of these reports.

    (c) To assist the owners and operators of critical infrastructure in protecting their systems from unauthorized access, exploitation, or harm, the Secretary, consistent with 6 U.S.C. 143 and in collaboration with the Secretary of Defense, shall, within 120 days of the date of this order, establish procedures to expand the Enhanced Cybersecurity Services program to all critical infrastructure sectors. This voluntary information sharing program will provide classified cyber threat and technical information from the Government to eligible critical infrastructure companies or commercial service providers that offer security services to critical infrastructure.

    (d) The Secretary, as the Executive Agent for the Classified National Security Information Program created under Executive Order 13549 of August 18, 2010 (Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities), shall expedite the processing of security clearances to appropriate personnel employed by critical infrastructure owners and operators, prioritizing the critical infrastructure identified in section 9 of this order.

    (e) In order to maximize the utility of cyber threat information sharing with the private sector, the Secretary shall expand the use of programs that bring private sector subject-matter experts into Federal service on a temporary basis. These subject matter experts should provide advice regarding the content, structure, and types of information most useful to critical infrastructure owners and operators in reducing and mitigating cyber risks.

    In short, this part of the order makes it easier for government and companies to share information between themselves. This is what CISPA and CSA hoped to accomplish, and this executive order accomplishes pretty much the same thing.

    What could be worrisome about this part of the order is that it makes it too easy to share information, but that would only be a concern if extensive privacy protections were not put in place. That’s where the next part of the order comes in:

    Sec. 5. Privacy and Civil Liberties Protections. (a) Agencies shall coordinate their activities under this order with their senior agency officials for privacy and civil liberties and ensure that privacy and civil liberties protections are incorporated into such activities. Such protections shall be based upon the Fair Information Practice Principles and other privacy and civil liberties policies, principles, and frameworks as they apply to each agency’s activities.

    (b) The Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of the Department of Homeland Security (DHS) shall assess the privacy and civil liberties risks of the functions and programs undertaken by DHS as called for in this order and shall recommend to the Secretary ways to minimize or mitigate such risks, in a publicly available report, to be released within 1 year of the date of this order. Senior agency privacy and civil liberties officials for other agencies engaged in activities under this order shall conduct assessments of their agency activities and provide those assessments to DHS for consideration and inclusion in the report. The report shall be reviewed on an annual basis and revised as necessary. The report may contain a classified annex if necessary. Assessments shall include evaluation of activities against the Fair Information Practice Principles and other applicable privacy and civil liberties policies, principles, and frameworks. Agencies shall consider the assessments and recommendations of the report in implementing privacy and civil liberties protections for agency activities.

    (c) In producing the report required under subsection (b) of this section, the Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of DHS shall consult with the Privacy and Civil Liberties Oversight Board and coordinate with the Office of Management and Budget (OMB).

    (d) Information submitted voluntarily in accordance with 6 U.S.C. 133 by private entities under this order shall be protected from disclosure to the fullest extent permitted by law.

    As you can see, the above text illustrates that the Obama administration has built some decent privacy protections into the executive order. It’s a major relief since some were concerned that the executive order would be just like CISPA, privacy violations and all.

    If you don’t want to take my word for it, the privacy protections in the executive order also got a pass from the ACLU. The organization’s Legislative Counsel Michelle Richardson had this to say about it:

    “The president’s executive order rightly focuses on cybersecurity solutions that don’t negatively impact civil liberties. For example, greasing the wheels of information sharing from the government to the private sector is a privacy-neutral way to distribute critical cyber information. More encouragingly, the adoption of Fair Information Practice Principles for internal information sharing demonstrates a commitment to tried-and-true privacy practices – like consent, transparency, minimization and use limitations. If new information sharing authorities are granted—especially the overbroad ones being pondered by the House – these principles will be more important than ever. We look forward to working with the administration to make sure that the devil isn’t in the details when privacy regulations are drafted.”

    Section seven of the order contains a number of strategies to be implemented by the government to address and counter any cyber attacks directed at critical infrastructure. The central point is the creation of a “cybersecurity framework” that will include “a set of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks.” Keeping transparency as a central theme, the Director of the National Institute of Standards and Technology will “engage in an open and public review and comment process” during the creation of said framework.

    Government agencies will be required to implement the above framework, but it’s entirely voluntary for private operators of critical infrastructure. That being said, the Obama administration will be doing its damnest to convince these private institutions to incorporate cybersecurity standards. One way the administration will be doing this is through the creation of an incentive program that will be pitched to the administration within 120 days. It will then be implemented by the President if it does not require the passage of new laws. If it does, Obama will take his case to Congress.

    Finally, the order calls upon the government to seek out infrastructure that’s at the greatest risk of cyberattacks. Once they’ve been identified, the government will work with these organizations to make sure that any risk of cyberattacks are mitigated. As such, these organizations have the chance to make their case, every two years, for whether the cybersecurity standards placed upon them are “regulatory burdens.”

    There’s sure to be a lot of talk about this cybersecurity executive order over the coming months. In his speech last night, President Obama indicated as much saying this order is meant to force Congress’ hand in passing extensive cybersecurity legislation. That being said, the order’s emphasis on privacy and civil rights protections makes me hopeful that the administration will smack down any attempts to revive CISPA this year.

  • White House Will Issue Cybersecurity Executive Order On Wednesday [Rumor]

    It’s fairly common knowledge that the Obama administration has been crafting an executive order to address cybersecurity for quite some time now. The only thing we didn’t know was when such an order would be made public, but a new report is pegging the announcement for this week.

    Speaking to The Hill, sources close to the White House said that senior officials will announce Obama’s long in development cybersecurity mandate on Wednesday. The order will reportedly establish a voluntary program where “companies operating critical infrastructure would elect to meet cybersecurity best practices and standards crafted, in part, by the government.”

    The order will be announced at an event that is due to take place that U.S. Department of Commerce. In attendance will be a who’s who of major cybersecurity proponents, including White House Cybersecurity Coordinator Michael Daniel, Department of Homeland Security Deputy Secretary Jane Lute, and National Security Director Gen. Keith Alexander. You can expect some, or all, of them to talk about the grave threat our nation faces from cyberattacks from China and the like, and how this executive order will better protect our aging infrastructure from cyberattacks.

    Of course, members of Congress aren’t going to like it. They’re going to push for their own extensive cybersecurity legislation to replace whatever Obama’s administration cooks up. House Intelligence Committee Chairman Mike Rogers was already planning to reintroduce CISPA this week, but the executive order may force his hand in pushing the reviled legislation through the House even faster than before. Doing so would once again block all meaningful discussion on the privacy concerns present in the bill in favor of just pushing something through.

    Of course, the Senate will probably not like it either, and may very well introduce its own cybersecurity legislation as well. It may choose to vote on CISPA, if it passes the house, but the Senate may very well choose to go its own way once again by crafting its own legislation. If it does, we may very well end up with a situation just like last year where neither legislative branch can come up with anything, thus justifying the executive order.

    The Hill’s report doesn’t have any concrete details on what the executive order will entail, but we should probably prepare for the worst. Despite talking up a good game as a proponent on online privacy, President Obama has recently signed worrisome, and privacy infringing, legislation like the FISA extension into law.

    We’ll keep our ear to the ground to let you know when, and if, a cybersecurity executive order is announced, and what it entails.

    [Image: dcJohn/flickr]

  • House Intelligence Committee Collaborating With Obama Administration On New CISPA

    CISPA was one of the more worrisome Internet-related bills of 2012. It threatened the online privacy of just about everyone by allowing corporations to share information with governments in the hopes of sniffing out cyber threats. The House approved bill died while waiting for a vote from the Senate, but it looks like it will be back this year with some new protections in tow.

    The Hill reports that Rep. Dutch Ruppersberger, the ranking member of the House Intelligence Committee, is partnering with Intelligence Chairman Mike Rogers to re-introduce CISPA into the house this year. The original CISPA was threatened with a veto from the White House, but Ruppersberger hopes to avoid that this year by working directly with White House staff in the crafting of the bill.

    What kind of cybersecurity bill can we expect from a collaboration between the House and the Obama administration? It’s too early to tell, but Ruppersberger says that his team is “working with the White House to to make sure that hopefully they can be more supportive of our bill than they were last time.” These discussions with the White House are reportedly “working pretty well.”

    For the bill to have support from the White House, it will have to feature more of the privacy protections found in the Senate’s CSA. Both CISPA and CSA raised concern over their lack of privacy protections, but the White House seemed to favor CSA.

    The reemergence of CISPA is only the beginning of a year that will be putting a lot of emphasis on cybersecurity. The U.S. is already gearing up for what could turn into massive offensives that are carried out online. Calls for a cybersecurity bill that sets ground rules for what the nation can and can not do will only continue to grow as the year goes on.

  • The Free Internet Survived 2012, But Will It Be That Lucky Next Year?

    2012 was a dangerous year for the free Internet. Lawmakers and global stakeholders all took a shot at policing and regulating the Internet over the past year to no avail. That doesn’t mean they’ve given up, and 2013 could prove disastrous if certain parties have their way.

    To that end, it would be advantageous to look back on all the bills, treaties, etc that threatened the Internet in 2012. As they say, those who don’t learn from history are doomed to repeat it. Internet freedom fighters will have to learn from tactics employed this year to recognize threats to a free Internet before they even emerge.

    Were you concerned for the free Internet in 2012? Do you think next year will be worse or better? Let us know in the comments.

    The first battle over the free Internet came in January as the much debated SOPA and PIPA came up for vote in Congress. The bills were designed to combat copyright infringement online, but the powers granted to the government to do so were sweeping and overly broad. SOPA in particular gave government the power to censor Web sites on the DNS level thereby removing them from general access to most users. Potential for abuse was high and many feared that the bill would be used to destroy innovation and protect legacy businesses that have yet to adapt to how the Internet does business.

    Worryingly enough, it looked like both bills would actually see smooth sailing through both the Senate and the House. Then the Internet banded together and launched a blackout campaign that saw many popular sites like Wikipedia going dark to show people what a world with SOPA could potentially look like. The tactic worked as thousands of concerned citizens called their representatives telling them to vote no on SOPA and PIPA. The bills were finally taken off the table for good in October.

    After the threat of SOPA and PIPA subsided, a new threat emerged. It had free Internet proponents even more concerned as it was as international treaty that sought to rewrite international law in favor of large corporate interests. The treaty was called the Anti-Counterfeiting Trade Agreement, or ACTA for short, and it contained a number of worrying implications. The most concerning part of the treaty was that it would require ISPs around the world to “monitor and censor online communications.” It was not only a threat to free speech on the Internet, but a major threat to online privacy as well.

    After many parts of the treaty were leaked, citizens in countries across Europe took to the streets to protest. The protests worked as many countries refused to ratify the treaty and it was finally dealt a death blow in July as the European Parliament voted against it. The treaty was officially shelved, at least in Europe, earlier in December.

    All the previous treaties and bills only sought to remove copyright infringing material from the Internet. It’s bad, but it could be worse. Our friends in Washington took on that challenge when lawmakers introduced CISPA and CSA – two bills that aimed to tackle cybersecurity, but threatened to violate any privacy that U.S. citizens may have online. CISPA was definitely more worrisome as it had the support of those who opposed SOPA just a few months prior. The new bill garnered support because it made it easier for companies to share information with government bodies without having to worry about lawsuits from those whose information was shared without consent.

    Like the previous bills thus far, both were killed before getting very far. CISPA was able to pass the House, but its Senate counterpart, CSA, was killed time and time again. The latest attempt for passage happened in mid-November with the bill being officially killed for the last time.

    The biggest threat by far, however, happened earlier in December when delegates around the world met to discuss an update to a decades old telecommunications treaty. The ITU, or International Telecommunications Union, was met with skepticism as some felt less than scrupulous members of the global community would use the meeting as an opportunity to seize control of the Internet. They did not disappoint as China, Saudia Arabia and others introduced a last minute change to the treaty that would have given them more power over the Internet. The treaty was rejected by the U.S. and much of Europe though, and it was unceremoniously killed.

    Do you think these were legitimate threats to the free Internet? Were Internet freedom proponents blowing the potential threat of these bills and treaties out of proportion? Let us know in the comments.

    As the above illustrates, 2012 was one hell of a year for Internet censorship and regulations. All of it was defeated, however, and tired Internet freedom fighters can rest easy knowing that the Internet is no longer under attack, right? Wrong. 2013 is shaping up to be an even worse year for proposed Internet regulation as various treaties and bills from 2012 are sticking around into the new year while new treaties and bills will obviously be proposed in due time.

    Speaking of relics from 2012, TPP is a prime example of a trade agreement that refuses to die. The Trans-Pacific Partnership is much like ACTA, but it seeks to establish better trade relations between the U.S. and Southeast Asia. It’s similarities to ACTA don’t end there, however, as the treaty is negotiated in complete secrecy without any input from the public or Congress. In fact, many members of Congress are lobbying to have the USTR make negotiations more transparent since they have the constitutional right of approving treaties.

    So, where does TPP stand in 2013? It could go either way to be honest. We keep hearing tales of how the treaty is constantly on its last legs as Southeast Asian countries are starting to realize it’s not good for their economy, but the secrecy in which it’s being negotiated makes it hard to tell just how close it is to either death or ratification.

    Another worrisome trade agreement to look out for in 2013 is CETA – the Canada-European Union Trade Agreement. It doesn’t directly affect the U.S., but the treaty’s passage could spell trouble for the free Internet around the world as the treaty contains much of the same language that made ACTA so horrible. If ratified, the treaty could be seen as proof that ACTA wasn’t so bad and new attempts to ratify similar treaties could take hold around the world.

    The last relic left over from 2012 is Clean IT – an European Commission project that seeks to censor the Internet in the name of protecting citizens from terrorism. The concern is that the project does little to actually stop terrorism and does everything in its power to use the Internet to monitor citizens in everything that they do. What’s worse is that the project turns people into Internet vigilantes where they can submit content that they feel is terroristic or otherwise “bad” to have it removed and those who fail to report any “bad” material would be punished.

    As you can see, 2013 is already looking pretty grim and these are just the leftovers from 2012. There’s bound to be more laws, treaties and projects introduced in 2013 that will make SOPA, ACTA and others look like bastions of Internet freedom in comparison.

    The free Internet has been a major force of change in the world, and some clearly don’t like that whether they be a legacy business that refuses to adapt or a world power that wants to subjugate its citizens even in the digital world. Either way, the Internet has proven to be resilient to any threats against it thus far and 2013 may prove to be its biggest test yet. It will be fascinating to see how the Internet and those who use it respond.

    Do you think the Internet will survive 2013? What are you most concerned about in the coming year? Let us know in the comments.

  • Senate Kills Cybersecurity Bill One Last Time

    Cybersecurity has become somewhat of a buzzword in Washington over the last year. Various government agencies and lawmakers from both sides have made it clear that something needs to be done about cybersecurity. Their efforts resulted in CISPA and CSA – two equally reviled bills that sacrificed privacy in favor of more government regulation of private communications.

    CISPA passed in the House, but the Senate’s rejection of CSA made it hard to move forward. The bill’s sponsor, Majority Leader Harry Reid, tried to push CSA through one more time, but the senate rejected his motion for cloture earlier this week.

    So what does this mean? The US won’t have a cybersecurity bill before the end of the year. It was a long shot already, but this just cements it. There might be efforts to revive CISPA or CSA next year, but the public’s resistance to these bills might force lawmakers to write entirely new bills to address cybersecurity concerns.

    In the meantime, there’e are rumors that President Obama will be signing off on an executive order that would implement much of CSA. Bloomberg reports that the executive order would seek to protect vital computer networks from cyber attacks. It’s unknown if the executive order contains any of the privacy concerns that were found in both CSA and CISPA.

    The chances of an executive order are pretty high at this point. Cybersecurity is a major concern of the military, and Obama has already taken action in the form of a secret directive. The Washington Post reports that Obama has already signed a directive allowing the military to be more aggressive in preventing cyber attacks on government and private networks.

    The directive doesn’t have quite the power of an executive order, but it should be a sign of things to come. The White House has already been targeted by hackers earlier this year, and Obama obviously wants to avoid any more scenarios like that. Giving the military more freedom in directing its own cybersecurity campaigns is just one part of whatever form the executive order takes.

  • Cybersecurity Act Of 2012 Killed In The Senate

    The Senate had until tomorrow to vote on the Cybersecurity Act of 2012. The amendments that were being proposed suggested that we may be onto something decent here. Unfortunately, or fortunately depending on how you look at it, we’re not going to have a cybersecurity bill this year.

    The Senate voted this morning to kill the CSA. According to The Hill, the bill only needed 60 votes to move forward with the legislation. It only received 52 votes with 46 voting to kill the bill as it stands. It’s essentially the final nail in the coffin for all the cybersecurity bills that were proposed this year.

    Depending on how you stand, this is actually good news. It means that the Senate won’t be rushing a bill out the door this year just to get some kind of cybersecurity law on the book. Hopefully this will give the Senate and House time to properly prepare a better bill that takes the concerns of the privacy-minded citizens into consideration.

    Senate Minority Leader Mitch McConnell attributed the defeat of the bill to Senate Majority Leader, Harry Reid. McConnell said that he recognizes the need for better cybersecurity, but said that the CSA was not properly thought out. He accused Reid of trying to “steam roll the bill.”

    Reid blamed the failed passage on the Republicans and lack of support from the Chamber of Commerce. The Chamber of Commerce has been against the bill from the start because it didn’t provide ample protection for businesses. Sen. John McCain suggested that any future bills have more input from the business community.

    It’s clear that the bill failed because we’re in an election year. If the bill were to be proposed next year in the exact same manner, I think it would at least go up for a vote. The fact that both sides are vying for votes through political grandstanding instead of focusing on the actual bills means that not much is going to get done.

    We’ll continue to follow the trials and tribulations of bills that affect the Internet, but don’t expect much news for the rest of the year. We’ll probably see the bill brought up again in some form in January of next year.

  • Cybersecurity Act Of 2012 Might Actually End Up Being Pro-Privacy

    The latest bill to address the flaws in our nation’s cybersecurity is now in the stage where senators can introduce amendments. While CISPA didn’t get that many amendments added on to it, the Cybersecurity Act of 2012 is getting bombarded with amendments from the left and right. Funny enough, some of the amendments don’t even have anything to do with cybersecurity.

    For the moment, let’s stick with the amendments that matter most – cybersecurity related ones. Out of the 70 plus amendments that are being tossed at the bill, it would seem that most are related to cybersecurity. Sen. Ron Wyden of Oregon is leading the pack with three amendments that address major concerns that people had with CISPA. In his amendments, Wyden wants to prevent warrantless GPS tracking, limit access the government has to information stored on cloud networks, and make it so that the President must get any cybersecurity treaty approved by Congress.

    Sen. Al Franken of Minnesota introduced an amendment that would get rid of Section 701, a provision that allows ISPs to monitor consumer communications without any kind of oversight. Sen. Patrick Leahy of Vermont also introduced some great amendments. His amendments would make it a crime for companies to hide data breaches from consumers, and another creates a national standard for data-breach notification. He also wants to get rid of that silly law that prevents the sharing of video-viewing online, which has been the thorn in Netflix’ side in the U.S.

    It was mentioned at the beginning that some senators have been introducing some amendments that have nothing to do with cybersecurity. Some of these amendments include stricter gun control in the wake of the Aurora shooting or amendments that would undermine Obamacare. CSA’s sponsor, Sen. Joseph Lieberman of Connecticut, told senators to stop adding “these irrelevant amendments.”

    I think we can safely say that CSA is on its way to being a much better bill than CISPA. The privacy protections that are being introduced give people, including yours truly, hope that Washington knows what it’s finally doing. Given that Obama has already said that he vastly favors CSA to CISPA, this might be the bill that we get in the end. If it can keep all of its privacy protections and survive the House, we might just get a decent cybersecurity bill that is able to protect consumers and companies.

    [h/t: CNET]

  • The Cybersecurity Act Of 2012 Goes Up For Debate In The Senate Tomorrow

    2012 is shaping up to be the year of cyber legislation. After SOPA and PIPA were defeated early this year, all attention turned towards CISPA. Even though the Internet put forth a strong effort, the lack of support from major giants like Google or Wikipedia ensured its passing in the House. Whereas CISPA was passed without adding any amendments to protect consumer privacy, the Cybersecurity Act of 2012 will be going up for debate tomorrow over any proposed amendments.

    One of the major champions of Internet freedom, Sen. Ron Wyden, plans to introduce an amendment into the CSA tomorrow that would prevent warrantless GPS tracking. According to The Hill, Wyden feels it’s a natural fit with the CSA’s consumer protections:

    “Because the law has not kept up with the pace of innovation, it makes sense to include the GPS Act’s requirement that law enforcement obtain a warrant for GPS tracking in the Cybersecurity Act. This will protect Americans’ location information from misuse. Part of the goal of the cybersecurity legislation is to update rules for information collection and privacy for the digital age, which is what the GPS Act is all about.”

    Wyden’s amendment would be the latest privacy protection that has been introduced to the CSA. It would appear that the Senate is taking privacy concerns seriously as they debate and change the wording in their version of a cybersecurity bill. One such change is a clarification in the bill that only allows companies to share cybersecurity information with civilian agencies. CISPA puts this information in the hands of the NSA, a military agency.

    After the debate process, the CSA will be going up for a vote before the Senate leaves for its August recess. If we’re lucky, all the privacy protections will be retained. There will definitely be some skepticism in regards to the proceedings after CISPA was up for debate, but was instead pushed for an impromptu vote without allowing any amendments to be considered.

    We’ll keep you up to date on any changes that CSA may face. It’s the cybersecurity bill favored by President Obama so it may be the one that gets through.

  • NSA Chief Says Cyberattacks Are On The Rise

    It might not be getting much play in the news, but cybersecurity is a big deal in Congress. There have been multiple attempts to get a bill passed through both the Senate and the House, but there seems to be no compromise in sight as of yet. The NSA chief might start helping them along with some alarming news.

    General Keith B. Alexander, head of the NSA, said there has been a 17-fold increase in cyberattacks against American infrastructure. The New York Times reports that these increased attacks are going after key infrastructure including electricity grids, water supplies, cellphone networks and more. A successful attack could do untold damage to major U.S. cities.

    So how well prepared is the U.S. for a massive cyberattack? General Alexander puts the country’s preparedness at a 3 out of 10. That’s pretty sad for a country that created the Stuxnet virus that decimated Iran’s nuclear program. If our country’s researchers and scientists can create a virus of magnitude, why can’t they protect our infrastructure from a similar attack?

    General Alexander will tell you that it’s all about legislation. He is pushing for the passage of the bills currently going through Congress which includes such hated legislation like CISPA and the Cybersecurity Act of 2012. Civil liberty groups like the EFF have come out against both bills.

    Everybody can agree that the U.S. needs cybersecurity legislation of some sort to preserve critical infrastructure. To do away with privacy in the name of cybersecurity is a no go, however, and many Senators including Ron Wyden are coming out against what they feel is a government push to have more control of the Internet.

    It remains to be seen if either bill will make it past Congress before the November election rolls around. The sponsors of the CSA have reportedly made some compromises with Republican Senators who were blocking approval in the committee stage. It could be going up for a vote as early as next week. We’ll keep you updated on the progress of both bills, but one of them is going to pass if General Alexander has his way.

  • CISPA Sponsor Doesn’t Think Obama Will Veto CISPA

    We haven’t heard much from the CISPA/SOPA front, but every now and then, an eager-to-please-the-entertainment-industry representative pops up to remind us that legislation like the widely rejected SOPA and CISPA is still on the minds of some folks in Washington. One such representative, Mike Rogers (R-Michigan), is going as far to say that he doubts President Obama would veto CISPA, even though the White House has been pretty resolute about where it stands concerning current efforts to regulate the Internet.

    It even went as far to directly oppose CISPA in a Statement of Administration Policy.

    That, however, hasn’t stopped Representative Rogers from hoping for an alternative outcome. As pointed out by GeekOSystem (via The Daily Dot), Rogers says as much:

    “[I]f we can get a bill on information-sharing to the president’s desk, he’ll sign it. I do believe that…”

    As far as the motivation for Rogers’ belief, that remains an unknown, although, it’s clear he firmly believes Obama will be on CISPA’s side when everything falls into place, something the Daily Dot’s post indicates as well:

    Once the “dust settles,” Rogers predicted, Obama’s only option to enforce U.S. cybersecurity will be to sign CISPA.

    While trying to gauge Rogers’ motivation for his CISPA confidence, both posts point to the retirement of Howard Schmidt, the White House’s adviser on cybersecurity, as a potential reason for the White House’s apparent change of heart concerning Internet regulation, provided that is truly the case. The uncertainty surrounding the White House’s current position on CISPA has to do with the fact that Schmidt’s successor, Michael Daniel, has not made his postion concerning CISPA public.

    If the White House’s position concerning CISPA and other forms of Internet regulation depends solely on their cybersecurity advisor’s recommendation, then perhaps the cries that the United States government isn’t fit to regulate the Internet are a lot closer to the truth than one might think. One thing’s pretty apparent: if President Obama does allow some haphazard form of Internet regulation pass without a veto, his stock with the free thinkers of the country would diminish even more than it already has.

  • Sen. Wyden Comes Out Against Cybersecurity Act of 2012

    The drama surrounding the various cybersecurity bills floating around Congress is never ending. CISPA passed the House, but what’s next? The controversial bill will head to the Senate, but they have their own cybersecurity bill to deal with – the Cybersecurity Act of 2012.

    When the White House came out against CISPA last month, they offered their support for the CSA. They said that it offered better protection of personal privacy than CISPA. That may be true, but it’s still not good enough according to Sen. Ron Wyden.

    Speaking to The Hill, Wyden says that the CSA is similar to CISPA in that it “subordinate(s) all existing privacy rules and constitutional principles to the poorly defined interest of ‘cybersecurity.’” He says that the bill should be more specific about what kind of data can be shared between corporations and government. He also argues that it should companies should be not be able to get legal immunity so easily.

    Wyden’s remarks jive with the argument that the ACLU made last week. Their main contention was also in regards to how the bill can essentially ignore privacy laws. The ACLU addressed another point of the bill that Wyden neglected to mention though. CSA allows the government to share the data they collect with any governmental agency including the NSA.

    Where Wyden really hits it home, however, is when he says that the debate over CISPA and CSA is just like the debate from earlier this year on SOPA and PIPA. He says that both of these debates presented a “false choice” to congressmen. They either had to choose one or the other. Those in support of the bill argue that being for privacy rights make a congressman also in support of cyberterrorism. There is no middle ground, only extremes. Unfortunately, that seems to be the only way of debate in Washington these days.

    Wyden has a tough fight ahead of him though. Even though it seems more and more likely that CISPA will die in the Senate, CSA will probably pass in some form or another. The White House seems all too willing to sign the CSA into law so that’s where we’re obviously in trouble.

    As always, if you feel particularly strong about this issue, you can contact your senator via ACLU’s contact form. I received a pretty standard issue reply from Sen. Rand Paul when I sent one in, but maybe you’ll have better luck. At least it lets them know that their constituents, the ones that voted them in, are watching their every move.

  • ACLU Comes Out Against CSA: The Senate’s CISPA

    As everybody knows now, CISPA passed the House. The ACLU likes to think the 248 to 168 vote was close enough to declare that CISPA might not make it through the Senate. They feel that the Senate’s own cybersecurity act, CSA, will be the bill they take up.

    CSA, or Cybersecurity Act of 2012, has been around since January, but has received little to no coverage from the media. It makes sense since CISPA is a pretty awful bill that threatens privacy in every paragraph. CSA is a lot less dangerous, but the ACLU feels that there is still cause for concern.

    They feel that CSA creates a number of privacy concerns that need to be addressed before the Senate takes up the debate in June. The bill itself is wide ranging and covers almost every facet of cybersecurity. It’s title VII that should get the most attention, however, as it deals with information sharing.

    As the ACLU points out, CSA also contains the same awful wording that CISPA contains – “Notwithstanding any provision of law.” That means that CSA can sidestep current privacy laws to help facilitate the sharing of “cyber threat indicators.” What constitutes a cyber threat indicator? It doesn’t say, but the fear is that corporations or governmental bodies will use that wording to get information on American citizens. The one good thing about the wording in this specific section is that it says companies must make an effort to remove information about people unrelated to the threat.

    The information that is collected under CSA can be shared with a variety of government agencies. The problem is that this information can be shared with military agencies like the NSA. The wording once again stokes fear that the NSA is building a giant domestic spying center that will intercept communications not from terrorists, but from regular U.S. citizens.

    CSA has another similarity to CISPA in that after the government has had its share of your information, it can be spread around to local law enforcement. Its uses can be applied to things totally unrelated to cybersecurity which kind of betrays the fact that the bill is supposed to only deal with cybersecurity.

    What may be the worst part about the bill is that it calls for the creation of The Privacy and Civil Liberties Oversight Board. Why is that a bad thing? It doesn’t exist yet, and its annual report to Congress won’t be made public. It’s like throwing a ball for your dog, but keeping it in your hand the entire time. The American citizen goes about looking for his or her privacy protections that do not exist.

    There are some good ideas in CSA that definitely make it a better alternative to CISPA. The only problem is that there is no accountability to make sure these ideas are implemented. If you feel threatened by CSA, you can contact your senator with ACLU’s Web form.

  • TPP Might Not Live To See Next Year

    With all the recent talk about CISPA and ACTA, it seems like we’ve been forgetting about our old friend TTP, or Trans-Pacific Partnership. For those who need a recap, TPP is essentially ACTA for the U.S. and Pacific nations. The only key difference is that TPP has been negotiated in complete secrecy and it’s only through leaks that we’ve been able to keep up with what’s going on.

    TPP finally poked its head out a few weeks ago and in public no less. Foreign Policy magazine reports that U.S. Trade Representative Ron Kirk was in Singapore talking up TPP. He was confident that all talks regarding TPP were to finish by the end of July leading to the treaty being signed in by all member nations.

    It seems that Kirk is being a little too optimistic, because Foreign Policy spoke to many of Singapore’s “diplomats, journalists and academics.” Their take was that TPP was actually far from being ratified and might even be dead soon. The reason? The Obama administration has been apparently rushing to get the treaty ratified before the election, but has left out key partners from negotiations.

    Those key partners are Canada, Mexico, Japan and China. Foreign Policy explains that getting Mexico, Japan and China on board will all be challenges for very different reasons. Even worse still is that Chile, once considered a major supporter of TPP, is also starting to question whether or not TPP will benefit them in any way.

    It looks like TPP, from the start, was a deal created between Singapore and the U.S. to strengthen the presence of the U.S. in Southeast Asia. Other countries that were roped into the treaty are now starting to see this and backing out. Why would they sign an agreement that only benefited two countries? It makes no sense. Foreign Policy puts it best:

    This is the problem with trying to use trade deals as tools of diplomacy. It may sound nice and positive for two countries to say they are tightening their relationship by doing a free trade deal. But eventually at some point, someone has to count the jobs and the balances of trade and financial flows. Typically, deals done primarily for geo-political purposes don’t add up, and when they don’t, all the “strengthening of commitments ” in the world often doesn’t save them.

    Unlike ACTA, which is dying due to strong public pressure, TPP seems to be dying from its political ambitions and mismanagement. In somewhat of an ironic twist, the U.S. may be the straw that breaks TPP’s back. It was reported by Huffington Post last week that Congress is now wanting to kill TPP as well because of a part of the treaty that would ban “Buy American” provisions.

    Whether it be from China’s unwillingness to join or America’s own rushing of the treaty; TPP seems to be on the ropes. It’s unclear whether it will be knocked out yet, but it’s not looking good. If the treaty isn’t signed by November, I expect the Obama administration to scrap it.

    Do you think TPP is dying? Or will the U.S. and Singapore salvage it? Let us know in the comments.

    [h/t: Techdirt]

  • Mozilla Cares About Your Privacy, Even In Apps

    Mozilla has always been a friend of the Internet. The non-profit puts the user first and they made that even more clear when the corporation came out against CISPA last week. Now, it’s no secret that Mozilla is developing an app store called the Mozilla Marketplace and Mozilla wants developers to make sure they aren’t keeping any secrets either.

    Late last week, Mozilla updated their privacy policy guidelines for app developers that want to submit apps to the yet to be released Mozilla Marketplace. Just as they are against CISPA and its privacy-infringing content, they are against any app developers hoping to do the same.

    The first part of the privacy policy deals with data collection. There have been apps on both iOS and Android recently that were found to be collecting data without the user’s permission. The most famous may have been when Path was found to be collecting users’ contact lists without their knowledge, but other big names like Twitter have been caught doing the same thing.

    As part of Mozilla’s statement on user data, they say that app developers must design their app or add-on so that “what you actually do with user data is what users think you are doing with it.” Another is that developers must give users much of the control over their data whenever they possible. One suggestion is “giving [the user] the choice to opt-in to or opt-out of data collection.” As a final tip, they tell app developers to limit data collection to only what they need.

    On a related note, they encourage app developers to design apps with the user’s privacy in mind from data collection and storage to its use. When your app raises concerns in regards to privacy, they also want developers to respond to user questions.

    A big one that I’m sure many people can get behind is “Avoid secret updates.” It’s the shortest privacy guideline on the list, but also the most powerful. Almost every app on my Android gets regular updates, but a few of them never tell me what is being updated. Stability is not an update, tell me exactly what you’re updating.

    Of course, we can’t talk about privacy and sharing of data without talking about social networks. Apps need to have social network integration for the people who love sharing every moment of their lives, but not everybody is comfortable with that level of sharing. That’s why app developers need to make the use of social features transparent for those who fall into the latter. Developers should also give users the choice to shut off social sharing entirely.

    The last two are the no-brainers that everybody follows, but Mozilla is just covering their bases. Developers should always obtain consent when asking for location data as well as put links to their privacy policy in the app itself.

    Mozilla’s privacy policy is just the first line of defense, but they go even further. If an app collects user data, it must have a privacy policy listed on the app page for it to even show up in the Marketplace. Mozilla also asks four questions of every app submission that must be answered truthfully:

    Does your app communicate with you or anyone else in any way without express user consent? (Y/N)

    Are all your app’s online communications encrypted? (Y/N)

    Does your app use behavioral or location based advertising?(Y/N)

    To use the core features of your app, do users need to log in or connect to an account or identity aside from a user’s Persona account? (Y/N)

    Mozilla’s privacy policy for app developers is pretty fantastic, and other app distributors like Apple and Google should take notice. While the actual privacy policy will vary from app to app and feature long lines of scrolling text to cover all of their bases, developers would be wise to implement these simple guidelines into their own privacy policies.

    Think of a world where our government, or any government for that matter, applied these same privacy guidelines to its citizens. We could have better cyber protection and a comprehensive digital bill of rights. While the U.S. keeps on talking about implementing a “Do Not Track” button, it will probably do little to actually protect your privacy online.

    Do you like Mozilla’s privacy policy? Is there anything they can do to bolster it? Let us know in the comments.

  • Mozilla Speaks Out Against CISPA

    While many tech companies have thrown their support towards CISPA, Mozilla has taken the road less traveled, at least by the tech industry, blasting CISPA for having too much reach and being a direct threat to individual privacy. Considering Mozilla was just as outspoken against SOPA/PIPA, perhaps there position shouldn’t be surprising.

    But then again, when you consider the support CISPA has received from the telecommunications industry, it appears as if Mozilla is the outlier here. Aside from Facebook’s support–hey anti-CISPA folks, where’s the Facebook mass exodus?–other CISPA supporters from the tech industry reads like a who’s who of industry giants. These include Apple, Microsoft, Intel, and Dell, just to name a few. With that in mind, Mozilla position regarding the tech industry appears to be in the minority.

    In a statement to Forbes.com, Mozilla’s position on CISPA was spelled out in no uncertain terms:

    While we wholeheartedly support a more secure Internet, CISPA has a broad and alarming reach that goes far beyond Internet security. The bill infringes on our privacy, includes vague definitions of cybersecurity, and grants immunities to companies and government that are too broad around information misuse. We hope the Senate takes the time to fully and openly consider these issues with stakeholder input before moving forward with this legislation.

    When you compare Mozilla’s position to Facebook’s, you see both companies are interested in a safer, more secure Internet. The difference between the two is Mozilla is not willing to sacrifice personal privacy for an incredibly broad piece of legislation, whereas, Facebook’s management team is.

    Which side of the coin are you on?

    As for the Facebook mass exodus I mentioned earlier, it’s clearly not happening. Apparently people are just fine with sacrificing their personal privacy, just as long as they can share and “Like” mundane information–OMG!!! Look how cute we look playing beer pong!!!!!!!–with friends they never would’ve had without the explosion of social media. A worthy sacrifice, wouldn’t you say?

    In other news, is Google ever going to reveal their position on controversial piece of legislation?

  • The CISPA And Facebook Love Affair

    Some 800 private firms pledged their support to CISPA – Cyber Intelligence Sharing and Protection Act. Critics are calling CISPA the new SOPA, with a small twist of course, it exonerates private firms of all liability and responsibility for their involvement under the CISPA. Where there was a nationwide blackout for SOPA, most end users were amazed at the support the CISPA was able to amass from the tech industry. The most criticized proponent is Facebook, and rightly so.

    The CISPA bill, in its vagueness, doesn’t simply allow for information to be exchanged in terms of cyber crimes; the terms of the bill are so vague that they can easily be manipulated. Facebook’s stance is that it’ll play good and never violate user’s privacy – this is when the social networking giant has previously been in the news for not always being top notch about handling their users’ privacy to begin with. Earlier this year Facebook came under fire for its cell phone app which was accessing user texts, which had nothing to do with Facebook to begin with. Much like cell phone spy software the texts were being recorded by the Facebook app. While Facebook denied using any of the data being collected by the app but given the CISPA bill what’s to stop it from handing your private messages over to a government agency? Facebook has as history of going against what the users wants – what started out as a private network is now open beyond user’s comfort. But users have had to bear with the many changes Facebook has undergone, largely because they’ve been given no choice in the matter.

    But let’s believe Facebook when it says it’ll behave, as one would expect a large private firm with a proper structure to do. Let’s talk about another large private firm that’s been extracting and recording private pieces of data; this includes personal emails, pictures, browsing history etc. which were lifted from free Wi-Fi connections without the owner’s consent – if you guessed Google, you guessed right. Even without the CISPA in place Google has been continuing this practice since 2010, the only result was a $25,000 fine which is mere pennies for the giant. Firms under CISPA have to share all forms of data that the government finds relevant, forget where it came from or why they have it in the first place. And the convenient part of the bill is that it leaves private firms in no legal or financial danger for sharing any information.

    There’s a chance that the next time you take a picture on your phone and upload it to Facebook, it’ll end up somewhere else. There’s an eerie aspect to this bill because it is giving private firms the right to act much in the same manner as computer monitoring software or Cell phone spyware. They’re allowed to record and keep any kind of information on their users, without ever telling the user what they’re up to. Meme’s, rage comics, cartoons and a whole host of other things on Facebook thrive because of the fact that they’re shared. Any sharer can get into trouble now and one wrong post and you could get into a heap of trouble. File sharers should be warned, intellectual copy right means you can’t share things that belong to other people – regardless of your intention. Facebook took a real stand against SOPA and PIPA because it had something to lose back then. Their aim was to not allow anything to hurt the internet experience for the users; even though the CISPA will do just that the liberties it provides private firms are too enticing for Facebook to back out.

    In trying to get Facebook and other firms’ attention a group called ‘Anonymous’ has already begun attacking online websites of the companies supporting CISPA. The hackers are trying to send a message (but ironically it’s the wrong one) and so far USTelecom and TechAmerica’s site lost power. CISPA’s fate is to be decided during late April and it remains to be seen whether tech giants will push it forward, or if the average Joe will win.

    Reads more CISPA coverage here.