Companies can’t help the government help itself to your private electronic communications – for now
If nothing else, those television commercials for Microsoft’s privacy campaign really make me stand back and wonder. Usually I ask myself why the company suddenly embraces user privacy. Do they really think that Bing is going to make a measureable dent in Google’s search dominance, or do they have some kind internal or external data that suggests Americans are at least little concerned about online privacy? Whatever their reason, Microsoft appears to be sincere (http://cnet.co/IYyoB9). They recently backed away from a troubling privacy bill that was nearly foisted on us by the United States Congress — CISPA (Cyber Intelligence Sharing and Protection Act).
At its surface, CISPA would have allowed private companies to share information with the government — and vice-versa, in the event of a cyber attack. Presently, there are laws that forbid private companies from turning user information over to the government without having a compelling reason. The Electronic Frontier Foundation (EFF) notes that CISPA would nullify those laws, creating “a broad immunity for companies against both civil and criminal liability.” (http://bit.ly/11owG6w)
In mid-April, the U.S. House of Representatives passed the bill. Thankfully, as I was finishing this piece, the U.S. Senate appears to have decided it will not consider this bill. Disturbingly, as word of the bill spread, there was a lot of apathy around the web — in stark contrast to the overwhelming negative reaction to the anti-piracy legislation known as SOPA and PIPA. An Internet “blackout” similar to the one which helped spread the word about SOPA/PIPA went largely unnoticed — partly due to its occurrence in the midst of the Boston bombings — and partly due to the lack of big companies that oppose it. In fact, some big names were in favor of it (http://1.usa.gov/16vvpxC).
To his credit, President Obama threatened to veto CISPA, citing privacy concerns and his wish to leave cyber security to the Department of Homeland Security. House Speaker John Boehner, in criticizing the President, said “The White House believes the government ought to control the Internet, government ought to set standards, and government ought to take care of everything that's needed for cybersecurity" (http://nbcnews.to/XNsBGd). The CISPA alternative, however, potentially means the Internet would control us, with the government acting as the puppeteer.
According to the EFF, “CISPA is written broadly enough to permit your communications service providers to share your emails and text messages with the government, or your cloud storage company could share your stored files.” (http://bit.ly/11owG6w). And as Michelle Richardson of the ACLU notes, "As we’ve seen repeatedly, once the government gets expansive national security authorities, there’s no going back.” That’s why it’s so important to remember — as we grapple with an increasingly problematic cyber security threat — we can’t just say “I’ve done nothing wrong so I’ve got nothing to hide. Have at my information, Uncle Sam!” While your emails and private information may seem innocuous now, those politically charged communications you’re used to sending your friends may get caught up in a data sweep long after today’s political players are gone. And lf a cyber emergency is declared, will your favorite news source or social media platform even be available to you if it can be used to communicate information that’s inconvenient to the government?
While this year’s CISPA threat appears over at the time of this writing, little of it changed since the CISPA of 2012 that met a similar fate. We have to constantly be wary of legislation like this because it will continually get resurrected as it was this spring. (I predict that variations of SOPA, PIPA and CISPA will return but with new, consumer-friendly names.) SOPA/PIPA’s defeat was refreshing, but it was because of a combined effort of concerned citizens and corporations who saw it as bad for business. This time around, some big corporate names were in favor of CISPA, so individual vigilance against this type of legislation is critical. Thankfully enough politicians saw 2013’s CISPA as just plain bad.