Remember SOPA and PIPA, the terrible "anti-piracy" bills the internet raged into nonexistence? There's a new one, and it's maybe worse: the Cyber Intelligence Sharing and Protection Act. CISPA. Here's everything you need to know about the worst privacy disaster our country has ever faced.
The intent of the Cyber Intelligence Sharing and Protection Act, introduced by U.S. Representative Michael Rogers (R-MI), is to protect America's internet interests (both governmental and our precious YouTubes) against attacks. It's technically an amendment to the National Security Act of 1947, but would have sweeping 21st century consequences. Rogers cites China as a main threat—conventional wisdom does say they're constantly trying to breach American networks, along with Russia and Iran—but this goes way beyond Cold War hack paranoia, and into your laptop.
The scariest part of CISPA is how astonishingly broad and loose it is, like some sort of giant, poorly-built rope bridge. Over a volcano. CISPA would permit any private company (Facebook, YouTube, Instagram, Pinterest, Google, you name it) to give away any and all data it's collected on you when asked by a government agency. Literally any government agency. This data would then head to the Department of Homeland Security.
CISPA says companies need to give up your information only in the face of a "cyber threat." So, what is a "cyber threat"? Nobody really knows! The bill defines it as "efforts to degrade, disrupt, or destroy government or private systems and networks." In other words, trying to do bad stuff on the internet, or even just talking about it. Ideally, this would be narrowed to specific malicious LulzSec stuff like DDoS attacks, but it's not. It can be almost anything!
Would Facebook need to be given a warrant or subpoena before spilling your data to the feds? Nope! Would you ever be informed that you data had been released? Nope! What if you think the government has accessed your personal stuff without cause? Too bad! They're 100% immune, as long as the groups involved acted in "good faith," which legally means pretty much zilch. All previous laws that protected your privacy against government eavesdropping, like the Wiretap Act and the Electronic Communications Privacy Act, would be overridden.
Facebook, Google, and Microsoft all support CISPA. Why? Because they don't want to get hacked, and they think this will keep them safe(r). Are they right in this? Maybe, but they're also ignoring the companies can share anything they want whenever they want however they want with the government aspect of the bill.
The White House is having none of this CISPA nonsense:
Cybersecurity and privacy are not mutually exclusive. Moreover, information sharing, while an essential component of comprehensive legislation, is not alone enough to protect the Nation's core critical infrastructure from cyber threats. Accordingly, the Administration strongly opposes H.R. 3523, the Cyber Intelligence Sharing and Protection Act, in its current form.
President Obama says he'll veto the bill if it lands on his desk.
But! Lets try to make sure it doesn't get that far: the EFF has an easy tool to find your representative and tell him and/or her that you don't want to be sold out by Facebook and spied on by the government. It only takes a few minutes—and the House votes tomorrow.
If you still don't think CISPA is bad, read this.
Update: The vote was quietly moved up to tonight, and passed in the House 248 to 168, mostly along party lines. The bill is still stalled in the Senate, and President Obama's most recent statements still indicate he would use veto power.