Facebook Explains Why It’s Supporting Congress’ CISPA Cybersecurity Bill

Facebook today explained why it has taken a positive stance on the Cyber Intelligence Sharing and Protection Act, or “CISPA”, bill currently under consideration in the United States Congress. The social networking company is one of a group of tech companies that have announced support for CISPA — Microsoft, Oracle, Intel, IBM, and Symantec are also among its backers.

In a post today on the official blog for Facebook’s Washington D.C. office, the company’s U.S. public policy VP Joel Kaplan wrote that there are a number of bills being considered by Congress at the moment that would notify companies like Facebook when the US government knows there is a “critical threat” of a cyber attack. Facebook is supporting CISPA, he said, in part because it would not make Facebook share any more of its own data than is currently required:

“A number of bills being considered by Congress, including the Cyber Intelligence Sharing and Protection Act (HR 3523), would make it easier for Facebook and other companies to receive critical threat data from the U.S. government. Importantly, HR 3523 would impose no new obligations on us to share data with anyone –- and ensures that if we do share data about specific cyber threats, we are able to continue to safeguard our users’ private information, just as we do today.”

Kaplan did acknowledge the criticism that CISPA has attracted from those who say the bill is along the same lines as SOPA in terms of the potential threat to individual privacy and freedom on the web (the reasons for this scrutiny are articulated pretty well by this Lifehacker post.) SOPA was, of course, the proposed anti-piracy legislation that ultimately foundered after coming under incredibly intense scrutiny from the tech community and beyond. Critics say Facebook’s support of CISPA is suspect, considering that the company came out publicly against SOPA. But Kaplan vowed that Facebook is committed to defending its users privacy, and that its support for CISPA is in line with that value:

“…we recognize that a number of privacy and civil liberties groups have raised concerns about the bill – in particular about provisions that enable private companies to voluntarily share cyber threat data with the government. The concern is that companies will share sensitive personal information with the government in the name of protecting cybersecurity. Facebook has no intention of doing this and it is unrelated to the things we liked about HR 3523 in the first place — the additional information it would provide us about specific cyber threats to our systems and users.

The overriding goal of any cybersecurity bill should be to protect the security of networks and private data, and we take any concerns about how legislation might negatively impact Internet users’ privacy seriously. As a result, we’ve been engaging directly with key lawmakers as well as industry and consumer groups about potential changes to the bill to help address privacy concerns.”

There will certainly be more developments here as time goes on, but one thing seems for certain: The government has set its sights on the world wide web, and more legislation is coming to the space one way or another. Here’s hoping the larger tech industry is not too fatigued from its fight against SOPA and PIPA — it will be important to stay vigilant about the potential impact of the bills that are yet to come.

If you oppose Facebook’s backing of CISPA, there is a petition to ask the company to rescind its support for the bill here.