Personal Democracy Plus Our premium content network. LEARN MORE You are not logged in. LOG IN NOW >

Activists Plan Protests Against House Internet Surveillance Bill "CISPA"

BY Sarah Lai Stirland | Wednesday, April 11 2012

Image: Shutterstock/Arena Creative

Many of the same organizations that planned the Internet-wide protests that killed the Stop Online Piracy Act are gearing up to launch another high profile demonstration against a controversial piece of cybersecurity legislation that is speeding towards the House floor.

"The bill uses very broad language that is capable of many interpretations, and now people are starting to focus on what those interpretations might mean, and they're looking down the road at how companies and the government might interpret this very broad language, and they're finding problems," says Greg Nojeim, senior counsel at the Center for Democracy & Technology and the director of its Project on Freedom, Security & Technology. "If the sponsors of the bill believe these are not problems, it's incumbent on them to clarify that these are not problems to preclude these interpretations. So far, that hasn't happened."

CDT is part of a group of organizations including the American Civil Liberties Union, Demand Progress, and the Electronic Frontier Foundation, which are going to launch a week-long campaign to persuade netizens to contact their members of Congress over their concerns about the legislation, which they say expands domestic Internet surveillance to unprecedented levels.

The legislation is H.R. 3523, the Cyber Intelligence Sharing and Protection Act (CISPA), which the Electronic Frontier Foundation has characterized as "a little piece of SOPA wrapped up in a bill that’s supposedly designed to facilitate detection of and defense against cybersecurity threats."

To be clear, the legislation doesn't involve any blacklisting, or domain name blocking, but works to immunize the private sector from any legal liabilities for sharing potential network threat information with each other and the government. Because the legislation's authors are concerned about economic espionage by foreign actors such as China, the language defining threats includes theft of intellectual property. That's one component that's alarmed many Internet users as well as activists, who worry that that might ensnare the activities of file-sharers.

Another concern is that the legislation doesn't place enough limits on what the shared information can be used for, and the extent of the sharing within the government community.

Nojeim, for example, says that the legislation should specify that the information that private companies share about threats to their networks shouldn't be siphoned off to the National Security Agency to be used for national security purposes.

"The NSA shouldn't be allowed to use this information about who communicated with whom to decide who to wiretap," he says, which would be one way the law as written could be interpreted. "We don’t need the information used for cyber to be dumped into the massive NSA database for these other purposes."

Nojeim says a competing House bill, H.R. 3674, sponsored by California Republican Dan Lungren, makes more sense because the legislation is much more specific as to what constitutes a cyber threat, who the information can be shared with, and how the information can be used.

Yet CISPA has broad support. It boasts a bipartisan co-sponsorship list of 105 House members and 28 letters of support from private industry. The list includes industry trade groups like the U.S. Chamber of Commerce, US Telecom, The Broadband Association, CTIA -- The Wireless Association, Business Roundtable, The Financial Services Roundtable, the Information Technology Industry Council, and the Internet Security Alliance. Prominent technology companies that have written letters supporting the legislation include Facebook, Intel, Microsoft and IBM. AT&T and Verizon also support the legislation.

Conspicuously absent from the list however, is Google. An e-mail sent to the company's press department was unanswered. Rainey Reitman, leader of the EFF's activism team, declined to say whether Google was one of the companies that would be involved in the protests against CISPA next week. She said that the EFF is in the process of trying to get a number of companies to sign on to support their campaign.

"I think this will be an interesting issue -- Internet companies were happy to come out to protest legislation that could not only impact the future of the internet, but it could also impact their bottom lines," she says. "Nonetheless, I think there are still a lot of companies out there that in the wake of the SOPA debate who now have a more nuanced understanding of why we need to protect civil liberties in general."

Though she declined to give more specifics, the intent of the campaign is to get people to call their members of congress about the legislation the week before Congress embarks on its own self-designated "cybersecurity week," when CISPA is scheduled to be voted on on the House floor on Monday April 23.

And she said the campaign is going to involve elements of the "Tell Vic Everything," campaign that was launched on Twitter in Canada in February, where citizens used the hashtag #TellVicEverything to flood the microblogging service with useless minutia of their lives.

"The way this campaign worked was folks would Tweet everything about their daily lives to showcase just how much data would be sucked up under the mantle of fending off terrorists threats, and most of the data was useless," Reitman says. "Our campaign isn’t like that, but it was a little bit inspired by that effective campaign in Canada."

Members of Anonymous have already started attacking some of the web sites of the associations that have expressed support for CISPA, and members of Reddit have talked about boycotting Facebook.

As if fearing a SOPA backlash, the two sponsors of the legislation, the majority and minority leaders of the House Permanent Committee on Intelligence convened a conference call with reporters on Tuesday morning to sell CISPA, and to dispel any notions that it has any resemblance to SOPA.

They said that their legislation is aimed at thwarting hackers and malicious code unleashed by "nation state actors" like China and Russia. Committee Chairman Mike Rogers, (R-Mich.) and ranking member Dutch Ruppersberger, a Democrat from Maryland, emphasized on the conference call Tuesday that the legislation was meant to stop the theft of U.S. companies' business information from their networks, as well as help the private sector combat online crime and hackers by giving them access to classified threat information currently held by the U.S. government.

Rogers and Ruppersberger told reporters on Tuesday that they'd spent a year consulting with various groups, including the American Civil Liberties Union and CDT on the legislation. Nojeim says they were consulted, but ignored. Nothing in the language of the legislation changed even after numerous consultations. There wasn't even a hearing to air concerns about the legislation.

"This is a bill that was introduced one day, marked up the next, and marked up secretly," Nojeim said in an interview. "Only now is it getting scrutiny, as it heads towards the floor for a vote."

Asked about the broad language on the conference call, Ruppersberger said:

"We continue to work with various groups to see if the definition can be more narrowly tailored, but it is important that any definitions be flexible enough to deal with rapidly changing technologies, and the various adaptive techniques used by any nation state hackers."

The legislators are also trying to sell the legislation on their social networks, but some members of the networks weren't buying.

A Tuesday Facebook post about the conference call attracted critical comments from readers. On Wednesday, that post was then nowhere to be found.

Twenty-seven people "liked" the post, but several readers also reacted negatively.

Scott Swanson was one of the more polite commenters.

"So not only are you trying legally thwart public discontent with government censorship on the internet, you are allowing corporations to directly profile individuals and groups as they see fit and report that activity to the government. Who do you work for, exactly?" he wrote.

This post has been updated. The story incorrectly reported that a Facebook post had been removed, when it had just moved.

Transparency and Public Shaming: Pakistan Tackles Tax Evasion

In Pakistan, where only one in 200 citizens files their income tax return, authorities published a directory of taxpayers' details for the first time. Officials explained the decision as an attempt to shame defaulters into paying up.


wednesday >

Facebook Seeks Approval as Financial Service in Ireland. Is the Developing World Next?

On April 13 the Financial Times reported that Facebook is only weeks away from being approved as a financial service in Ireland. Is this foray into e-money motivated by Facebook's desire to conquer the developing world before other corporate Internet giants do? Maybe.


The Rise and Fall of Iran's “Blogestan”

The robust community of Iranian bloggers—sometimes nicknamed “Blogestan”—has shrunk since its heyday between 2002 – 2010. “Whither Blogestan,” a recent report from the University of Pennsylvania's Iran Media Program sought to find out how and why. The researchers performed a web crawling analysis of Blogestan, survey 165 Persian blog users, and conducted 20 interviews with influential bloggers in the Persian community. They found multiple causes of the decline in blogging, including increased social media use and interference from authorities.


tuesday >

Weekly Readings: What the Govt Wants to Know

A roundup of interesting reads and stories from around the web. GO

Russia to Treat Bloggers Like Mass Media Because "the F*cking Journalists Won't Stop Writing"

The worldwide debate over who is and who isn't a journalist has raged since digital media made it much easier for citizen journalists and other “amateurs” to compete with the big guys. In the United States, journalists are entitled to certain protections under the law, such as the right to confidential sources. As such, many argue that blogging should qualify as journalism because independent writers deserve the same legal protections as corporate employees. In Russia, however, earning a place equal to mass media means additional regulations and obligations, which some say will lead to the repression of free speech.


Politics for People: Demanding Transparent and Ethical Lobbying in the EU

Today the Alliance for Lobbying Transparency and Ethics Regulation (ALTER-EU) launched a campaign called Politics for People that asks candidates for the European Parliament to pledge to stand up to secretive industry lobbyists and to advocate for transparency. The Politics for People website connects voters with information about their MEP candidates and encourages them to reach out on Facebook, Twitter or by email to ask them to sign the pledge.


monday >

Security Agencies Given Full Access to Telecom Data Even Though "All Lebanese Can Not Be Suspects"

In late March, Lebanese government ministers granted security agencies unrestricted access to telecommunications data in spite of some ministers objections that it violates privacy rights. Global Voices reports that the policy violates Lebanon's existing surveillance and privacy law, Law 140, but has gotten little coverage from the country's mainstream media.


friday >

In Google Hangout, NYC Mayor de Blasio Talks Tech and Outer Borough Potential

New York City Mayor Bill de Blasio followed the lead of President Obama and New York City Council member Ben Kallos Friday by participating in a Google Hangout to help mark his first 100 days in office, in which the conversation focused on expanding access to technology opportunities through education and ensuring that the needs of the so-called "outer boroughs" aren't overlooked. GO