This afternoon, the U.S. House of Representatives passed the controversial Cyber Intelligence Sharing and Protection Act (CISPA) by a vote of 248 to 168. Unlike SOPA, which focused on copyright violations, CISPA wants to give Internet companies and the U.S. government the tools to protect and defend themselves against cyber attacks by sharing information with each other. Critics, however, argued that this information sharing would be happening with very little oversight and would put Americans’ privacy rights at risk.
Rep. Jared Polis (D-Colo.), an outspoken critic of the bill, argued that the bill would “waive every single privacy law ever enacted in the name of cybersecurity. Allowing the military and NSA to spy on Americans on American soil goes against every principle this country was founded on.”
Even though this bill has now passed the House, chances are that it will not get through the Senate. On Tuesday, the White House issued a statement condemning the bill and on Wednesday, President Obama threatened to veto the legislation because it “fails to provide authorities to ensure that the nation’s core critical infrastructure is protected while repealing important provisions” of long-established privacy law.
Critics, including the Electronic Frontier Foundation, argue that the current version of this bill is basically a major violation of established privacy rights and would allow companies to hand anything and everything you do and say online over to the government in the name of “cybersecurity.”
Proponents of the bill, including House Intelligence Committee Chairman Mike Rogers (R-Mich.), argue that the bill is “needed to prepare for countries like Iran and North Korea so that they don’t do something catastrophic to our networks here in America.”
An earlier provision in the bill that would have given Homeland Security more authority to monitor the Internet was dropped before the bill (PDF) passed. In return, though, a number of last-minute amendments, including one that expands the list of reasons for which shared information can be used. While the bill still allows for Internet companies to hand over confidential customer information to U.S. security and intelligence agencies, as well as local low enforcement services, it is worth noting that it does not require them to do so.
You can read a full version of the bill here (PDF).