from Sewell, Anne (4/4/12) Move over SOPA & PIPA: Here comes CISPA - 'net censorship updated’. Digital Journal. Retrieved from http://www.digitaljournal.com/article/322396
Another terrifying bill - The Cyber Intelligence Sharing and Protection Act as the paranoia seeks another way to avert the ongoing cyber-attacks which will also allow the government access to personal correspondence of any person of their choosing. As happened with the deceased SOPA and PIPA bills, this gem of an act (H.R. 3523) is far worse. The wording of the paper is vague and broad. The act could allow Congress to circumvent existing exemptions to online privacy laws and would allow the monitoring and censorship of any user and also stop online communications deemed disruptive to the government or to private parties.
Official Summary reads: Amends the National Security Act of 1947 to add provisions concerning
cyber threat intelligence and information sharing. Defines "cyber threat intelligence" as information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from: (1) efforts to degrade, disrupt, or destroy such system or network; or (2) theft or misappropriation of private or government information, intellectual property, or personally identifiable information. Requires the Director of National Intelligence to: (1) establish procedures to allow intelligence community elements to share cyber threat intelligence with private-sector entities, and (2) encourage the sharing of such intelligence. Requires the procedures established to ensure that such intelligence is only: (1) shared with certified entities or a person with an appropriate security clearance, (2) shared consistent with the need to protect U.S. national security, and (3) used in a manner that protects such intelligence from unauthorized disclosure. Provides for guidelines for the granting of security clearance approvals to certified entities or officers or employees of such entities. Authorizes a cybersecurity provider (a non-governmental entity that provides goods or services intended to be used for cybersecurity purposes), with the express consent of a protected entity (an entity that contracts with a cybersecurity provider) to: (1) use cybersecurity systems to identify and obtain cyber threat information in order to protect the rights and property of the protected entity; and (2) share cyber threat information with any other entity designated by the protected entity, including the federal government. Regulates the use and protection of shared information, including prohibiting the use of such information to gain a competitive advantage and, if shared with the federal government, exempts such information from public disclosure. Prohibits a civil or criminal cause of action against a protected entity, a self-protected entity (an entity that provides goods or services for cybersecurity purposes to itself), or a cybersecurity provider acting in good faith under the above circumstances. Directs the Privacy and Civil Liberties Oversight Board to submit annually to Congress a review of the sharing and use of such information by the federal government, as well as recommendations for improvements and modifications to address privacy and civil liberties concerns. Preempts any state statute that restricts or otherwise regulates an activity authorized by the Act.
Basically, CISPA would give any federal entity claiming threatens by online interactions the ability to take action against the "perpetrator". Unlike the SOPA and PIPA acts, discarded after a successful online campaign, widespread recognition of what the latest proposed law will do has yet to surface. The U.S. government will be permitted to involve itself in any online correspondence if it believes there is reason to suspect a cybercrime.
CISPA has also been condemned by the Electronic Frontier Foundation, stating, “It effectively creates a ‘cybersecurity'’ exemption to all existing laws. There are almost no restrictions on what can be collected and how it can be used, provided a company can claim it was motivated by ‘cybersecurity purposes'.”
Over 100 representatives in the House, favor the cyber-security legislation, but do not take into account what it can do to the everyday Internet user. Read more: http://www.digitaljournal.com/article/322396#ixzz1rr0oDOom