Cyber-security bill causes deja vu for Internet activists

The House of Representatives will soon vote on a bill that will allow greater communication between government agencies and private corporations on cyber-security matters, giving both a stronger weapon against hackers. But opponents say the bill is overly broad and easy to abuse, and will violate Internet users’ privacy.

CISPA – The Cyber Intelligence Sharing and Protection Act – is to be put up for a vote in the House this week, as Congress prepares to take a long break so its members can concentrate on their re-election campaigns. The bill was introduced by Rep. Mike Rogers (R-Mich.), and has support from members of both parties. The bill also has the support of technology industry titans like Facebook, Intel, Oracle, Microsoft, IBM, AT&T, and Verizon. However, the bill’s opponents also include a few big names – among them the American Civil Liberties Union, the Electronic Frontier Foundation, and most recently, Republican presidential candidate Ron Paul.

The way CISPA works is by making changes to the National Security Act of 1947. It gives the Director of National Intelligence the power and responsibility to set up a system where government agencies and private corporations can share cyber-security information with each other. The bill does not require any company to comply with this program, companies can sign up for the program freely. It also prohibits participating companies from abusing this shared information to gain an unfair advantage over their competitors.

The bill’s supporters point out that the government has no legal power or right to help companies defend themselves against hackers, a problem this bill is designed to remedy. They also have worked hard to distance this bill from SOPA and PIPA, two Internet bills that were defeated in Congress after a massive public outcry.

But opponents of the bill are far from satisfied. They claim the bill is giving them deja vu, and that the new bill is actually very much like the old ones. For although the two bills seem to have different focuses (CISPA is an anti-hacker bill, while SOPA and PIPA were concerned with online piracy), CISPA does allow information on “threats to intellectual property” to be one of the things shared in the name of “cyber-security”. This means that, theoretically, participating companies could share information with each other on identifying Internet pirates and people who download pirated material.

Yargh! Google be blockin' by website so none may partake of me stolen wares!

Other objections to the bill are centered around the provisions that all this cyber-security sharing is to be kept from the public view, that participating companies can’t be sued over what they do with the data they collect, and that there are no safeguards whatsoever to protect user privacy. Ron Paul said that the bill “encourages some of our most successful internet companies to act as government spies, sowing distrust of social media and chilling communications in one segment of the world economy where Americans still lead.”

You can read the full text of the bill here, and decide for yourself.

Update! CISPA passed the U.S. House of Representatives 248-168 Thursday, but a statement from the White House indicated President Obama would veto the bill if passed as-is.