In light of the AP’s high-profile Twitter hacking and a vicious domestic bombing, Americans have not let fear derail privacy legislation. Just this week, the Senate advanced an anti-email snooping law and the controversial Cyber Intelligence Sharing and Protection Act (CISPA) is reportedly on its way to the grave. It appears that the burden of proof has shifted to proponents of government surveillance, and they’ve been conspicuously silent about how spying will keep Americans safe.
Two Bills
CISPA, which gives immunity to Internet companies for sharing sensitive data with law enforcement, will reportedly not be taken up for a vote in the Senate. “We’re not taking [CISPA] up,” a representative from the Senate’s Committee on Commerce, Science and Transportation told US News, “Staff and senators are divvying up the issues and the key provisions everyone agrees would need to be handled if we’re going to strengthen cybersecurity. They’ll be drafting separate bills.”
After wavering support from Facebook and other high-profile Internet companies, the White House threatened to veto the bill over privacy concerns, most likely related to ambiguous definitions of what constitutes a cyber “threat” and how agencies would be kept honest.
ECPA Reform – The 1970’s law that permits security agencies to access emails opened or older than 180 days, is on its way to a privacy upgrade. Designed before users kept their email indefinitely in the cloud (i.e. Gmail), a few high-level privacy breaches, including the unearthing of General David Petraeus’s romantic affair, have created overwhelming demand to overhaul the antiquated law. Today, an amendment to require a warrant before reading emails was voted on by voice, which means there wasn’t even enough opposition among the Judiciary committee members for a debate.
Staff members inside the House of Representatives, where the bill will go if it passes the senate, tell me that there also isn’t much opposition to the reforms on their side of Congress, and that a bill by Rep. Zoe Lofgren (CrunchGov Grade: A) could very well be combined with the Senate’s version for a streamlined change (yes, occasionally things are efficient in Congress).
Why Not?
Even after the AP’s Twitter account was hacked to spread a rumor about an explosion at the White House and two American men successfully detonated bombs at the Boston Marathon, there’s no reason to believe that either CISPA or ECPA would have kept Americans safer.
Even President Obama’s freak-everyone-out op-ed last year urging cyber security legislation couldn’t muster more than hypotheticals.
“Last month I convened an emergency meeting of my cabinet and top homeland security, intelligence and defense officials…Unknown hackers, perhaps a world away, had inserted malicious software into the computer networks of private-sector companies that operate most of our transportation, water and other critical infrastructure systems. Fortunately, last month’s scenario was just a simulation,” he wrote in a largely unconvincing imaginary example to prove why we needed enhanced surveillance.
As for the Boston bombers, American and Russian authorities had already been following them. At any level, it appears to be an internal slip up, which neither data from their email nor Facebook pages would have helped prevent.
On the other hand, privacy advocates have had some very tangible close calls. It appears the least liked government agency in the country, the Internal Revenue Service, was spying on the emails of suspected tax dodgers.
While I’m not convinced email and social media privacy necessarily outweigh very real terrorist threats, the burden is on the government to prove it needs a bigger spy glass. Ironically, if the government wants the American people to be more supportive of surveillance, they’ll need to be more transparent.