>the laziest blog on earth...contact me: mudwerks AT gmail DOT com
ALL MY SONGS!...
AVAILABLE NOW on bandcamp!
CISPA Update of the Day: CISPA, the Cyber Information Sharing and Protection Act that passed the House in April, likely is headed for a Senate vote in early June.
To drum up opposition to the legislation, which would create “a ‘cybersecurity’ exemption to all existing laws,” Fight for the Future, Democrats.com, The Liberty Coalition, and the Entertainment Consumers Association have created a new website called Privacy Is Awesome. The site outlines the top five ways to help defeat CISPA:
- Call your senators and tell them to oppose the Lieberman-Collins bill (CISPA), and ask for a constituent meeting during the Memorial Day recess to help change their mind.
- Email senators offices about CISPA, expressing your opposition.
- Keep calling senators until they plan a constituent meeting.
- Donate to anti-CISPA organizers — the same teams that helped defeat SOPA/PIPA.
- Share your opposition online — Facebook, Twitter, etc.
Meanwhile, Sen. Ron Wyden, D-Ore., is spearheading opposition to the legislation, concluding a recent Senate floor speech with:
I believe these bills will encourage the development of a cyber security industry that profits from fear and whose currency is Americans private data. These bills create a Cyber Industrial Complex that has an interest in preserving the problem to which it is the solution.
Watch the full video here. It’s terrific.
This is important.
…A Wednesday e-mail released by the Office of Management and Budget made very clear that should the bill reach the president’s desk in its current form, “his senior advisors would recommend that he veto the bill.”
“Legislation should address core critical infrastructure vulnerabilities without sacrificing the fundamental values of privacy and civil liberties for our citizens, especially at a time our Nation is facing challenges to our economic well-being and national security,” the e-mail states. “The Administration looks forward to continuing to engage with the Congress in a bipartisan, bicameral fashion to enact cybersecurity legislation to address these critical issues. However, for the reasons stated herein, if H.R. 3523 were presented to the President, his senior advisors would recommend that he veto the bill…”
One of the big concerns we’ve had over politicians trying to regulate technology, is how gleefully ignorant they often seem to be about the technology they seek to regulate. It’s no different with the cybersecurity bill CISPA. We’ve been asking for months for some actual evidence that shows that we really need a cybersecurity bill, and all we get are fanciful stories about planes falling from the sky and hackers taking down powergrids. If either thing was possible, the real response shouldn’t be to set up a cybersecurity bill, but to disconnect those key infrastructure pieces from the internet.
Either way, we’re learning, once again, that the backers of CISPA don’t seem to know the slightest thing about “cybersecurity.” Actual cybersecurity expert, Chris Soghoian has highlighted how the key sponsors of CISPA fail at basic cybersecurity for their own websites, raising serious questions about their competence in writing a cybersecurity bill…
CISPA at a Glance
In broad terms, CISPA is about information sharing. It creates broad legal exemptions that allow the government to share “cyber threat intelligence” with private companies, and companies to share “cyber threat information” with the government, for the purposes of enhancing cybersecurity. The problems arise from the definitions of these terms, especially when it comes to companies sharing data with the feds.
Is CISPA the new SOPA?
This is the notion that the reps behind the bill are most desperate to kill. Their primary response is that CISPA has nothing to do with seizing domains or censoring websites, but that’s only true on the surface. The bill defines “cybersecurity systems” and “cyber threat information” as anything to do with protecting a network from:
‘(A) efforts to degrade, disrupt, or destroy such system or network; or
‘(B) theft or misappropriation of private or government information, intellectual property, or personally identifiable information.
It’s easy to see how that definition could be interpreted to include things that go way beyond network security—specifically, copyright policing systems at virtually any point along a network could easily qualify. And since one of the recipients of the shared information would be Homeland Security—the department that includes ICE and its ongoing domain seizures—CISPA creates the very real possibility for this information to be used as part of a SOPA-like crusade to lock down the internet. So while the bill itself has nothing to do with domain seizures, it gives the people behind such seizures a potentially powerful new weapon…
