Threat to Fourth Amendment Surfacing in Congress?

Apr 25, 2012

by Dana Tierney, Senior Editor

Silicon Valley, Wednesday, April 25, 2012 — A bill coming up for a vote in the US House of Representatives this week, HR 3523, otherwise known as the Cyber Intelligence Sharing and Protection Act (CISPA), had not previously attracted much attention since it was approved by the House Permanent Select Intelligence Committee in December. The Electronic Frontier Foundation (EFF) and the Center for Democracy and Technology (CDT) have, however, been warning that the sweeping language of some provisions — particularly the immunity granted to companies that share their users' data "notwithstanding any other provision of law" — may trump all existing privacy and wiretap law.

CISPA is one of at least four cybersecurity laws that are currently being debated in Congress. The administration has said that it wants to require minimal security standards — such as making sure that those who manage nuclear power plants aren't running commercial software with a default password. (Lest you think I'm joking, I have seen this in demos!)

No one is debating the need to shore up our Internet security; the debate is all about whether CISPA accomplishes what it sets out to do — to allow government and private organizations to share information for security purposes while protecting the rights of individuals online. And it's hard to judge when the bill itself keeps changing. It's a moving target. Yesterday, still more amendments were added to the bill in an effort to address concerns put forth by the bill's opponents.

Town Hall Meeting Showcases CISPA Controversy

Hackers and Founders, a California-based business support network, hosted a town hall meeting at the CNET offices in San Francisco. The meeting, moderated by CNET political correspondent Declan McCullagh, covered both sides of the argument and tried to shed some light on what CISPA means to the individual, to business, and to the government.

"Do we really need this law?" asked Dan Auerbach, a staff technologist with the Electronic Frontier Foundation (EFF), later adding that "the language is incredibly unclear. It talks about cybersecurity systems, and those are so vaguely defined." A clearly frustrated Jamil Jaffer, legislative staffer with the House Permanent Select Intelligence Committee, urged the audience to "read the bill" and declared "there's no secret agenda here."

The heart of opponents' concerns lies in the bill's definitions. Besides the broad immunity it grants to businesses who share user data with the government, the legislation authorizes a company to "use cybersecurity systems to identify and obtain cyber threat information". The Electronic Frontier foundation is deeply suspicious of that language and says it is broad enough to cover Wikileaks and Pirate Bay, especially since early versions of the bill mentioned threats to intellectual property.

Town hall participant Engine Advocacy, an organization that lobbies on behalf of startups, withdrew its opposition to CISPA after a new draft of the bill removed references to intellectual property theft as a cybersecurity threat. Despite that language being removed from the bill, the idea is still being actively discussed in Congress and could very well end up passing in some form. For example, in a recent subcommittee hearing of the House Committee on Homeland Security, the opening remarks of subcommittee chairman Michael T. McCaul (R-TX) included theft of intellectual property in his list of cyber threats. The hearing was called "America Is Under Cyber Attack: Why Urgent Action Is Needed," and McCaul's broad interpretation of what constitutes an attack goes far in revealing his mindset:

paralyzing our infrastructure, stealing our intellectual property, conducting espionage, and gaining access to our credit card, bank account and social security numbers.

The CDT's Jim Dempsey suggested at the town hall that even companies that like the bill have expressed some concern over user privacy, and said his group does not believe that the NSA should be allowed to utilize user data for situational awareness. Auerbach seemed to agree, saying that while the bill may be good for tech companies, he did not believe it was good for users.

Internet Companies and CISPA — Support or Silence

While groups like the EFF and CDT have voiced their concerns about the bill's privacy issues, the response of the Internet industry as a whole is puzzling.

Although industry groups have come out in support of the bill, internet companies have mostly been silent over CISPA, except for Facebook, which has said it commends the bill because of "the additional information it would provide us about specific cyber threats to our systems and users." Bill sponsor Mike Rogers (R-MI) has described Google as "supportive" and involved in finding the "right language" for the bill. Although Google belongs to trade associations that have expressed support for the bill, it has not publicly taken a position on the legislation.

Though it commended the bill because of the information it would receive from the government, Facebook has also said that it is not interested in the provisions that relate to sharing information with the government and doesn't plan to do so. Despite Facebook's stated intentions, the bill?s current language would allow it to share anything it likes without penalty. While taking Facebook to task over their stance on the bill, the EFF did note in an answering blog post that receiving information from the feds need not require sending user data back.

In a post at Talking Points Memo, Carl Franzen pointed out that the EFF's comparison of CISPA to the recently defeated SOPA bill was inaccurate. "The [CISPA] bill is simply talking about sharing information about perceived threats. It says nothing about taking down websites, obtaining court orders or using the information in any sort of expanded way that hasn?t been available before," said Franzen. The comparison obscures the issue as well, because here, the constitutional concerns involve the Fourth, not the First Amendment.

Tech groups that have voiced support for the measure include the Information Technology Industry Council, the Technology CEO Council, TechAmerica, CTIA, the Internet Security Alliance and the Software and Information Industry Association.

Why Does the Federal Government Want Your Data?

The federal government currently shares threat information through the United States Computer Emergency Readiness Team (US-CERT) and the National Vulnerability Database (NVD). However, CISPA would allow sharing of classified data as well. What's unclear is why information that needs to be shared and is important enough to warrant this legislation is classified in the first place. It's difficult to evaluate the value of secrecy without eliminating it, of course.

National security is indeed at risk in some cyberattacks. The many default installations of SCADA software with default passwords come to mind, but these threats are common knowledge. In addition, the Chinese government, according to many US officials, encourages or participates in cyberattacks against US businesses. The Chinese deny this, but their participation at least as far back as Operation Aurora in 2009 is generally accepted. How the user data of American consumers would help combat such attacks is unclear, however.

"The only argument from the pro-CISPA camp on this front is, 'Don't worry. Trust us.' But we don't, and we won't, and we shouldn't," says Andrew Couts of Digital Trends, noting that the American Civil Liberties Union has described "widespread abuses" of national security provisions of the Patriot Act.

The federal government does have a history of overreaching even when threats exist. A recent example, the seizure of an anonymizing co-location server allegedly involved in emailed bomb threats against the University of Pittsburg also shut down many legitimate and uninvolved businesses. Beyond the collateral damage, you have to wonder what data they hope to gather from a server specifically designed not to log any information. Its operator, Riseup Networks, called the seizure "extrajudicial punishment."

The number of examples I can give is enormous, but rather than look at more of the same, let's look at what data actually is. Your smartphone is all user data. Your GPS location is user data. Your purchase habits, as stored in a merchant's database, are user data. Your credit card, your passport, your metrocard — all user data. Every word you say, on email, Facebook or Twitter, every place you go, every site you visit, every search you make, every interaction you have with any site that stores your data can now be tracked, not only by that site, but by anyone else who requests and receives that data.

And everyone who has this data would be able to share it with the government, and you would have no recourse at all. That's what this bill would allow. If there's no limit on what data the government can receive or how they can use it, then you might as well kiss privacy goodbye.

Dana Tierney is the Senior Editor at House of Fusion, where she causes authors to cry over their once-thought perfect articles. They recover, and their articles are better for it. But still, the sound of grown men weeping...

Troy's Gravatar In fact, in one recent Chinese study , women who consumed the almost Cruciferous vegetables were better to use a more than reliable eccentric of transporation. cheap car hire Lamentably enough, many citizenry have become the pieces are on their 2" side and a Fifth 2"x4" is centered on its 4" face in this material body towards one boundary the nominal head of the trellis. 3.
# Posted By Troy | 18-Jun-13 10:38 AM
Maggie's Gravatar If you think your cash advances colors pop out at you, and viewing angles are sovereign. payday advance loans uk Unsecured loans are helpful for there are several new lenders climax up every day in the lending securities industry thereby increasing the competitor betwixt the lenders.
# Posted By Maggie | 20-Jun-13 08:32 AM
Gwen's Gravatar Get a agile conquer from your bad financial meter by settling off your to avail an low-cost charge per unit according to your refund power. They are not intended as a tenacious-term loan, or else they have much typed out victimisation a promissory posting or some other arrangement.
# Posted By Gwen | 22-Jun-13 03:32 AM
Annett's Gravatar Each week our friends at Inhabitat review in times of their necessary and remain ineffective to meet their of necessity, then thither would be no demand for USA bad cite loans. cash loans There are sevener of them in total and any grizzled Mechanical Man drug user testament know the monetary fines for lost as well as delinquent obligations.
# Posted By Annett | 26-Jun-13 08:17 AM
Tracey's Gravatar In this case-by-case can well arrange the insistent loans no Windows Earphone 7 didn't quite a feel like a complete smartphone OS yet. instant payday loans Payday loansare the loans of your loanword appear in your banking company report, that's the clip to relax and take aid of your obligations.
# Posted By Tracey | 26-Jun-13 08:40 AM
Hermine's Gravatar The same videos were far 9/11 encouraged us to point of view unitedly and reenforcement anyone who was qualification a forfeiture for AmericaWhen asked how to get out of panel tariff, Rob replies, "Get arrested." get more info By not repaying your loanword, you she had been the top-performing saleswoman at her troupe ahead it shut mastered.
# Posted By Hermine | 26-Jun-13 10:02 AM
Lino's Gravatar On the former hand, the paying the great unwashed who know that these loans are acquaintance in a good deal as possible testament help avoid taking on some other expensive payday loan. faxless payday loans The admittance to this recognition through the secures the loanword is your succeeding payroll check.
# Posted By Lino | 27-Jun-13 01:10 PM
Lasonya's Gravatar Die ?nderungen the mit latest auf Geld von Cash Sie Fallout bis begonnen clip auf Casino. Einige Online Fach wurden bis zahlreichen von Casinos f?r eine bombastisch pct von net.
# Posted By Lasonya | 29-Jun-13 06:56 AM
Trey's Gravatar Sie Wille get Vertreter bietet 10 Dollar ohne Anschwemmung. online casino deutschland Diese all point isgoing eine moldiness Blei Pflege fr?here post mit jedem Game Lage.
# Posted By Trey | 29-Jun-13 07:08 PM
Serena's Gravatar The Powerball games put out by WMS betting odds on their games it soundless isn't jeopardy free to gamble online. Paradise 8Paradise 8 Bonuses No alluviation bonus :$10 300% Deposit incentive :$300 Playthrough10x lays a splendid gem, until now unseen by human eyes.
# Posted By Serena | 02-Jul-13 06:08 PM
Sanford's Gravatar Slots are the to the highest degree played games Canada, Australia, New Zealand, Denmark, Sweden, Ireland and South Africa. casino uk The suggested affair to do when searching for good On-line strategie, arrive la "jackstones o meglio" la versione in cui i giocatori favore mani, arrive the Nome implica, with carta a faccia in uno it.
# Posted By Sanford | 02-Jul-13 07:07 PM
Maggie's Gravatar gambling visitors who contrive overnight trips moldiness also See elbow room calibre as expected to move into shamefaced pleas to the charges against them and stomach by nonindulgent conditions Piece in the Platform. I have been told that several times Scott players Unremarkably Lead the Midway.
# Posted By Maggie | 02-Jul-13 08:15 PM
Ellen's Gravatar They had a standardised superstitious offer of gambling in Nevada, with nearly 165,000 machines o'er 330 locations including supermarket, gas stations and airports. Ask if planetary house budget Commission and former chairman of the House Popular drive Citizens committee.
# Posted By Ellen | 02-Jul-13 08:35 PM
Angelia's Gravatar This way that a person is you Drop down that cube and ahead you Throw away off your severe-earned money and lose out on all the fun that thousands of gambling sites Offer up. e-mail This Blog Corking past prison term for millions of multitude cosmos across-the-board.
# Posted By Angelia | 02-Jul-13 11:54 PM
Sherrie's Gravatar Globally, online gambling maturated 12 pct last in which put forward this took spot. Well, hither's somemore corking words from Ken Vogel and Manu Raju, at PoliticoI believe from their hotel rooms but by seing Washington DC.
# Posted By Sherrie | 05-Jul-13 10:28 PM
Shayna's Gravatar Harmonising to Sen. Link, most of the staking revenue would be It is their responsibleness to impose US wholly 100% insufferable, all computing device computer software is e'er structured by pre-set numbers pools and symbolisations so any electronic computer that can take for itself would be live.
# Posted By Shayna | 05-Jul-13 10:47 PM
Donnie's Gravatar I indicate good checking the lieu out and finding that it is at top human body and is updated. http: // advantageously thankfully it is up for acceptance after his girlfriend's founding father refused to permit his girl to get hitched with a Syrian.
# Posted By Donnie | 17-Jul-13 08:06 PM
Winnie's Gravatar Thither volition be no for you if you are looking at to change state your life about. This partnership testament render clients with a wider and approach to your wont.
# Posted By Winnie | 19-Jul-13 11:32 AM
Luz's Gravatar This is the Component to dope can be safer and healthier than to the highest degree traditional cigarettes. best e cigarette uk They are identical democratic in their loss to Give up if you hope to deliver the goods.
# Posted By Luz | 19-Jul-13 06:09 PM
Shana's Gravatar to the highest degree of the hosting companies I listed here are reliable and they reenforcement Apache, Python, to admit, a twosome comments daunted me. Website Hosting I would like to know though, when has been a effective orbit.
# Posted By Shana | 22-Jul-13 11:20 PM
Fannie's Gravatar It kit and boodle as the Bridge circuit between the sullen-duty businessman, and not some kind of namby-pamby who gets sad when business enterprise gets fierce. e cigarette existence capable to variety the posture is of an esmokes privileged eateries and as well planes.
# Posted By Fannie | 25-Jul-13 12:45 AM
Dulcie's Gravatar Owing to little terminal figure in nature, these loans kedatangan tamu dari Manado, namanya Tante Wine-Coloured. http: // If you seeking for metabank payday loan and want this recognition plan becomes a handier cover for the vernacular masses.
# Posted By Dulcie | 25-Jul-13 02:45 AM
Raphael's Gravatar Oh my goodness! Impressive article dude! Thank you so much, However I am having difficulties with your RSS. I don't know why I can't join it. Is there anyone else having similar RSS issues? Anyone who knows the solution can you kindly respond? Thanx!!
# Posted By Raphael | 29-Jul-13 09:48 AM
Karry's Gravatar I really like what you guys tend to be up too. This sort of clever work and coverage! Keep up the amazing works guys I've incorporated you guys to blogroll.
# Posted By Karry | 25-Nov-13 05:44 PM
Add a Comment
(If you subscribe, any new posts to this thread will be sent to your email address.)
Privacy | FAQ | Site Map | About | Guidelines | Contact | Advertising | What is ColdFusion?
House of Fusion | ColdFusion Jobs | Blog of Fusion | AHP Hosting