The controversial Cyber Information and Security Protection Act (CISPA) is once again making its way through the legislative process. In April 2012, CISPA passed the United States House of Representatives but never made it through the Senate due to pressure from outside groups and threats of a presidential veto. Public outcry after the Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA) contributed to CISPA’s difficulty getting through the legislative process.
Why It’s in The News
In early 2013, CISPA’s sponsors reintroduced a modified version of the original CISPA bill before the House of Representatives. Critics question the necessity of CISPA now that President Obama has signed an executive order requiring certain departments within the federal government to disclose cyber security information to private businesses, including internet service providers. Learn more about providers here.
What is CISPA?
Whereas, President Obama’s executive order creates a one way street of information sharing, CISPA’s information sharing will go both ways. CISPA will allow the government and private businesses to share information about cyber security threats. As long as a business is acting in good faith for a cyber security purpose, such as safeguarding a network, it can provide the government with information gleaned from its users’ online presence. This information sharing can be done regardless of any existing privacy laws. CISPA provides immunity for decisions based on cyber security threat information.
What’s It For?
Recent cyber-attacks show that it is necessary to protect American businesses and critical networks from cyber-attack. The New York Times, Google and the United States Department of Defense have all been the subject of foreign cyber-attacks. Supporters of CISPA argue that it will increase America’s ability to defend itself and American businesses from cyber security attacks. CISPA has its supporters among United States businesses but some companies, including Facebook and Microsoft, are withdrawing their support as debates about online privacy continue.
What’s the Problem?
Opponents worry that CISPA will allow the United States government to skirt privacy laws and use private business data to gather information on United States citizens. What is especially troubling about CISPA is that there is no disclosure to an individual if their personal information is transmitted to the government because a business feels that they are subject to a cyber-threat.
What’s Being Done
The previous attempt to enact CISPA as law failed due to well-publicized privacy concerns, the existence of a competing Senate bill, and the threat of an executive veto by President Obama. With uncertain legislative and executive support and with CISPA losing support among technology companies, the future of CISPA remains unclear.