Will CISPA pass this time?

Written by

Recently the controversial Cyber Information Sharing and Protection Act (CISPA) was passed by the US House of Representatives for the second time. The bill would mean that technology and web companies would be able to share any and all of their customers’ private information with government agencies such as the NSA, despite prior privacy agreements being in place. Although the bill has yet to pass the Senate, and Obama administration has threatened a veto, it was passed in the House by a large majority, suggesting that support for the idea of dragnet internet surveillance may be greater this time around.

Cynically, some supporters of the bill are even using the Boston Marathon bombings as support for their argument. Representative Mike McCaul cited the bombings in his argument, saying "In the case of Boston, they were real bombs", but we must arm ourselves against the ‘digital bombs’ that are on their way. The link between the two situations is frankly non-existent, but unfortunately loaded words such as ‘terrorism’ and ‘evil’ have been successful in the past in provoking a knee-jerk response from both private companies and the public.

In the wake of US security firm Mandiant’s investigation of China’s hacking activities, there is no doubt that many private companies and government agencies are seriously worried about the threat of cybercrime. Mike Rogers, the Republican who co-wrote CISPA, has said "If you want to take a shot across China's bow, this is the answer", suggesting that CISPA has been designed to directly target China’s illegal activities. If this was the case, however, there would be no need to violate the privacy of American citizens so flagrantly.

What hasn’t been widely discussed is that Mike Rogers himself stands to directly benefit from the passing of CISPA. His wife, Kristi Rogers, was recently the CEO of security firm Aegis LLC. As part of her role, she just so happened to secure a $10 billion contract with the US State Department. Rogers has also written an article for Washington Life Magazine, titled ‘Halting Hackers with Good Cyber Hygiene,’ which just so happened to contain a sidebar pertaining to the importance of CISPA. Nowhere in the article was it mentioned that Kristi Rogers was the wife of the author of the bill. She is now a managing director at the lobbying firm Manatt, where she deals with ‘problem solving in the defense and homeland security sectors.’ As Mike Masnick over at TechDirt put it, ‘I'm sure having CISPA in place will suddenly create plenty of demand for such problem solving.’ And yet Mike Rogers has nowhere acknowledged this conflict of interest.

Meanwhile, the ‘bat signal’ of the Internet Defense League has been switched on, letting supporters of internet freedom all over the world know it’s time to make their voices heard. The IDL and Anonymous vigorously campaigned for an internet blackout on the 22nd of April in protest of the bill (in which as many sites as possible, except social media sites, will go black or display prominent anti-CISPA messages). Internet giants Google, Yahoo, and Microsoft have been ominously quiet. This is perhaps because the lobbying group representing all three companies, TechNet, supports CISPA. The executive council of TechNet includes Google’s Executive Chairman Eric Schmidt, as well as Yahoo CEO Marissa Mayer and Microsoft General Counsel Brad Smith. However, all three companies also supported the bill when it was originally proposed and rejected by the Senate the first time around. It seems clear that these major companies are either more worried about the threat of cybercrime than they are about protecting their customers’ rights, or that they have something to gain from the bill.

Despite majority support in the House, the bill may still face heavy opposition in the Senate. Glenn Davis at Mediate and many others believe that the likelihood of the bill being passed in its current form is still very remote, especially with the threat of a veto from the Obama administration.

The fate of the fourth amendment (which guards against unreasonable searches and seizures, along with requiring any warrant to be judicially sanctioned and supported by probable cause) therefore currently lies in the hands of the Senate, the President, and the internet activists who will not take any threat to their freedom or privacy lightly.

What’s hot on Infosecurity Magazine?