WASHINGTON — U.S. privacy and technology activists are preparing for a new round of fighting against an information-sharing bill they say will let private companies help the government spy on the American public.
They’re troubled by the Cyber Intelligence Security Protection Act (CISPA), which passed the House of Representatives last year but failed to get through the Senate. House members Mike Rogers and Dutch Ruppersberg are hoping to have more success passing it this year. They re-introduced the legislation at a cyber security talk in Washington Wednesday.
Supporters say CISPA will help the government defend private companies and federal agencies from cyber attacks from countries like Iran and China, as well as hacker groups like Anonymous.
“American industry is under attack, costing our country and our economy billions of dollars and thousands of jobs,” Ruppersberger said in a statement. “ We need to do everything we can to enable American companies to defend themselves against these devastating cyber attacks. Our bill does just that by permitting the voluntary sharing of critical threat intelligence while preserving important civil liberties.”
Not everyone is convinced
The American Civil Liberties Union says the bill allows companies to turn over sensitive Internet records to the National Security Agency and the Defense Department without making a reasonable effort to protect the public’s privacy.
Sharon Bradford Franklin of The Constitution Project told The Washington Post the bill is “flawed.” She expressed concern about what information companies can hand over to government, saying “Congress must also address the very real threat this legislation poses to Americans’ privacy rights and civil liberties.”
The ACLU is urging U.S. citizens to fight for their right to online privacy.
“If the House wants smart cyber legislation that also protects privacy, it needs to ensure that the programs are civilian-led, minimize the sharing of sensitive personal information between government and corporations, and protect collected information from non-cyber uses,” the group said.
Criticism of the bill swelled on Twitter Wednesday.
The bill is identical to the one that passed the House last year. It will allow the federal government to provide classified cyber threat information to private companies; allow U.S. businesses to share cyber threat information with the government and other companies; and provide liability for companies that share or receive such information.
CISPA’s re-introduction came just a day after President Barack Obama signed a new cybersecurity executive order that will also let the government share information about cyber threats with private companies involved in key infrastructure, like banking, communication, power and transportation.
The order sounds very similar to the controversial CISPA bill, but the ACLU actually praised the president’s action.