Is CISPA the new SOPA? This article decodes the Cyber Intelligence Sharing and Protection Act, the scariest threat to Internet freedom and privacy currently before the U.S. Congress.
The bipartisan measure, also known as the Rogers-Rupperberger Cyber Security Bill, has set off something of an online war between the politicians and companies who are pushing for the bill's passage and those who say it would limit the openness that makes the Internet so powerful.
The battle between the two camps mirrors the massive one that gripped the nation in January, when Internet freedom fighters led by Web powerhouses like Google, Wikipedia and Reddit participated in a blackout that resulted in the Congress shelving the Stop Online Piracy Act and Protect IP Act.
It makes sense that a new showdown is slowly building (though currently only in its infancy), as CISPA is the new SOPA or PIPA in many ways, from the scope and purview of its provisions to the types of groups that are opposing it.
CISPA is, in the simplistic terms used by the corporations and members of Congress that support it, a cyber security bill. As U.S. Rep. Mike Rogers, R-Mich., a lead sponsor, has said, the bill would help the private sector defend itself from advanced cyber threats.
The bill would provide a new framework for companies and governments to share information collected online with one another in order to fight against cyber attacks.
Co-sponsor Rep. Dutch Ruppersberger, D-Md., says CISPA provides essential tools for repelling online security threats:
Without important, immediate changes to American cyber security policy, I believe our country will continue to be at risk for a catastrophic attack to our nation's vital networks, networks that power our homes, provide our clean water or maintain the other critical services we use every day, Ruppersberger said.
But Internet freedom advocates including the Electronic Frontier Foundation and the Anonymous hacktivist collective have expressed their opposition to the bill, and Anonymous has taken down the websites of USTelecom and TechAmerica in recent days in retaliation for their support of CISPA, according to the RTTNews.com newswire.
According to the Los Angeles Times, the bill would address 'cyber threat intelligence,' which it defines as 'information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or a network of a government or private entity.' The threats listed under the umbrella of cyber-threat intelligence include 'efforts to degrade, disrupt or destroy' systems or networks, as well as 'theft or misappropriation of private or government information, intellectual property or personally identifiable information.'
This sounds to the uninitiated like a useful bill aimed only at stopping criminals. But Internet freedom and privacy advocates warn it could be misused to target non-criminal activity, either by restricting uses of intellectual property or infringing on people's rights to privacy online.
The Electronic Frontier Foundation explained its opposition to the bill in a statement released last month:
It's a little piece of SOPA wrapped up in a bill that's supposedly designed to facilitate detection of and defense against cybersecurity threats. The language is so vague that an ISP could use it to monitor communications of subscribers for potential infringement of intellectual property. An ISP could even interpret this bill as allowing them to block accounts believed to be infringing, block access to websites like The Pirate Bay believed to carry infringing content, or take other measures provided they claimed it was motivated by cybersecurity concerns.
CISPA, which has been endorsed by such heavyweights as Microsoft, Facebook and AT&T, is not the only threat to Internet freedom and privacy currently facing Web users the world over, however, as the Anti-Counterfeiting Trade Agreement is before world governments now as well.
A proposed agreement that would create an international framework and set of standards for enforcing intellectual property rights, ACTA would create a voluntary legal regime that would allow for copyright and intellectual property cases to be adjudicated across national lines without having to contend with individual nations' conflicting laws. ACTA would restrict the ability of Web sites to engage in open discourse by placing draconian copyright and intellectual property restrictions in place throughout the world.
And, since the United States, Australia, Canada, Japan, Morocco, New Zealand, Singapore, and South Korea signed the treaty in October 2011, and Mexico and Switzerland declined to sign but indicated that they plan to do so in the future, the momentum is in favor of ACTA supporters.