CISPA, or the Cyber Intelligence Sharing and Protection Act, passed the House of Representatives last week, but will not be voted on in the Senate, according to US News. The vote was 288-127 in favor of passing the bill, with 18 congressmen abstaining from the vote. It was quite a decisive victory for Rep. Mike Rogers and his staff, who is not only sponsoring the bill but has been an active proponent of CISPA as well; however, the recent news regarding the Senate is (probably) unexpected for Rogers and his office.
Rep. Rogers' spokesperson, Kelsey Knight, spoke to us about CISPA passing the House, and more.
"Yes, we and the Congressman are thrilled about CISPA [passing the House]. It passed with overwhelming bi-partisan support and we're excited about the improvements to cybersecurity without compromising any civil liberties."
Speaking of civil liberties, dozens of organizations and Internet activists have been very vocal about their discontent over CISPA. Last week, before the House voted on CISPA, #endcispa was trending on Twitter among other hashtags opposing CISPA. However, Knight maintains that this CISPA bill isn't similar to the original version submitted to Congress last year, one that was approved by the House but denied by the Senate.
"Well, I'm concerned that when the media think of CISPA, they think of SOPA, which is something that Mike Rogers did not vote for and he opposed it and has nothing to do with this bill. That's why I think the media is wrapping these bills together. SOPA was an infringement on civil liberties, with the government's ability to shut off the Internet [in SOPA]"
Knight and I spoke last week, before this report came out. We talked about CISPA's chances in the Senate.
"We don't have any projections on how CISPA will fare in the Senate, but I know for the past year, Congressman Rogers and Dianne Feinstein, who's running that as well, and they've been in talks. So I can't predict what's been going on over there [in the Senate] , but this bill started as a blank sheet.
Essentially, it was like 'China is coming in and taking our ideas...' You know, these cyberhackers come in and attack a company, and if you're a company, they're taking that idea and then creates the same product and sells it in the same market and you lose. There are tons of other things getting hacked; our credit cards are getting attacked 30,000 times a day, I mean China is already in our computers. So this started as a totally blank slate, and Chairman Rogers sat down and spoke with the ACLU and other privacy groups, and asked them 'What do you want in this bill? How can we both get our way?'"
It's clear that some sort of cybersecurity bill is necessary, with hacks coming left and right. Most recently the Associated Press' Twitter account was hacked and tweeted "Two explosions at White House and Barack Obama is injured." Obviously, that was fake, but at the time it looked legit. The Twittersphere went into a frenzy and even the markets reacted to the news, dropping over 100 points in only a few minutes. The real-world ramifications of cyberhacks like the AP's are clear — they could destabilize key infrastructures like our economy pretty easily.
But, if cybersecurity legislation is so important, why was CISPA killed? Sen. Jay Rockefeller a Democrat from West Virginia and chairman of the US Senate Committee on Commerce, Science, and Transportation spoke to US News about the issues with CISPA:
"...the passage of CISPA was 'important,' but said the bill's 'privacy protections are insufficient.'"
In addition, the article notes that the White House's threat of vetoing the bill hurt CISPA a lot. Here's what Knight said about the White House's veto threat:
"Well he veto-threated it, but it passed with a lot of Democrats voting yes. So we think the CISPA bill is "veto-proof," it's important and not partisan at all, its just to protect Americans and I think Democrats and Republicans can sit on the same side."
US News also noted that the general uncertainty over the privacy issues have led to CISPA's downfall. But are the privacy concerns valid? Knight explained the nuances of the bill to us:
"So what this bill provides is for the intelligence community — who receives tons of threats and information — to send that information to private companies. So, hypothetically, it lets you know that there are some security hackers over in China are trying to Heavy's system. The government actually knows those 0's and 1's, so they can contact you and give you a heads up and say 'This attack is coming, why don't you change your router and security information so you can try and prevent that.
Now, if you end up getting hacked, even without that information, you now have the ability to share that IP address, not personal information — all of that is stripped and you can read and interpret it any which way you want — but if your company ends up getting hacked, voluntarily, you are allowed to send the IP address and ask 'Can you tell me what went wrong? Can you tell me what happened here and who this is?' And all the personal information is stripped before the company even send it to the government. So health records, tax records, education records — or PII, Personally Identifiable Information — anything like that has to be stripped.
And then it goes to the government, and these are 0's and 1's that they're looking at without personal information, and they can help the company figure out where the threat came from. On top of it, if any personal identifiable information comes out, that individual has the ability to sue the government."
Seems like CISPA upholds the civil liberties of American citizens right? Well, clearly not according to the Senate. US News did say that the Senate was planning on drafting up their own cybersecurity bill, but one that does a better job protecting innocent civilians. It seems like the Senate — working on "separate bills" — can take months to write up. So, while cybersecurity legislation is important, it's clear that Senate won't sacrifice civil liberties guaranteed to Americans in the constitution just so they can push out a highly controversial bill.