CISPA is a bill that doesn’t seem to want to die, and there are very strong emotions both ways on that fact. The Cyber Intelligence Sharing and Protection Act (CISPA) is a bill that originally was introduced by Republican US Representative Mike Rogers of Michigan in both 2011 and 2013 where it passed the House, but never went past the Senate.
This time, however, it’s Democrat US Representative Dutch Ruppersberger III who is reintroducing CISPA into the House of Representatives as bill HR 234 in 2015. While the early reactions are fairly predictable depending on what side of the argument an individual was on before, there’s still a lot to understand about this bill.
The intent of CISPA is clear. This is a security bill that deals with online access to potentially sensitive information. If passed CISPA would allow government agencies, as well as private companies, to share information on potential cyber security threats.
In theory this would allow a swifter and more comprehensive response to threats to cyber security. The idea with this bill is that attacks like the Sony hacking incident and any full cyber attacks on military sites or computers could be more easily tracked and dealt with.
The reason individual voters might care is that this bill allows a large scale sharing of information that currently is considered private. Some privacy advocates see this as an overreach of government supervision, while others worry that there are not enough checks and balances in place to prevent abuse. Others are worried about the scope of power this gives private businesses to prosecute individuals without any official law enforcement supervision.
CISPA is interesting in that its supporters as well as its detractors seem to cross party lines. There are a number of conservative groups who support CISPA as the next important step to greater security while there are also conservative groups who condemn the bill as being far too vague and offering too much of an overreach.
The same can be said with traditionally liberal or democratic leaning groups. The fact that CISPA was re-introduced by Dutch Ruppersberger III shows that there is bi-partisan support for the idea of a cyber security bill that helps deal with these new attacks in the information age, but finding common ground seems to be a sticking point.
The largest sticking point for opponents of this CISPA bill is the language. In the past many security bills have had intentionally vague language to allow the government greater leniency in how they interpreted the bill and how it could be acted upon.
The problem with having vague language in a security bill that involves corporations is the worry that this could be abused. What if Facebook, Google, or Amazon could sell private data to one another or to other companies? While this does not seem to be the intention of the CISPA bill, there’s questions about whether or not the current language prevents that very breach of privacy from happening.
The additional issue that seems to be coming up with Representative Ruppersberger’s version is that it doesn’t seem to be revised from the last failed bill. The same issues seem to exist in this version that doomed the previous one.
President Obama has commented on putting forward a cyber security bill that would attempt to address the same issues that CISPA is meant to handle, while attempting to also take on some of the concerns about restrictions on when the data can be gathered, and especially on shielding agencies or companies from prosecution if they abuse the powers this bill would grant them.
CISPA has failed twice already to make it to a vote in the Senate. There’s no guarantee it would pass there, either, and President Obama has already made the statement that CISPA as is would be vetoed.
The recent Sony cyber attacks and growing online threat still will put on the pressure to pass some type of a bill to deal with them. Whether CISPA is that bill or not remains to be seen.