“When one company detects an attack, sharing information about that attack promptly with other companies can help protect those other companies and their users from being victimized by the same attack,” said Facebook Vice President of Public Policy Joel Kaplan in a blog post. “Similarly, if the government learns of an intrusion or other attack, the more it can share about that attack with private companies (and the faster it can share the information), the better the protection for users and our systems.”
Technology associations: The technology industry is fully behind the bill, with associations such as Tech America, the Software & Information Industry Association, the Business Software Alliance and the Telecommunications Industry Association all applauding the House’s passage. The common thread through all of the statements issued by industry groups point to the fact that the bill allows companies to share vital information with the government without giving additional power to any part of it. An alternative bill in the Senate, co-sponsored by Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine), would grant that oversight to the Department of Homeland Security.
Bipartisan support, bipartisan dissent: The law was proposed by Reps. Dutch Ruppersberger (D-Md.) and Mike Rogers (R.-Mich.), and has had bipartisan support. While most of the bill’s most vocal supporters are Republicans, 28 Democrats joined with the majority to pass the bill.
“We can’t stand by and do nothing as U.S. companies are hemorrhaging from the cyber looting coming from nation states like China and Russia,” said Rogers in a statement. “America will be a little safer and our economy better protected from foreign cyber predators with this legislation.
There is also, however, bipartisan dissent on the bill. Rep. Ron Paul (R-Tex.) said in a statement Monday that “CISPA is Big Brother writ large, putting the resources of private industry to work for the nefarious purpose of spying on the American people.” And Rep Jared Polis (D-Colo.) made an impassioned speech against CISPA on the House floor, saying that the bill would “waive every single privacy law ever enacted.”
The American Civil Liberties Union: In a statement, Michelle Richardson, ACLU legislative counsel, said that “CISPA goes too far for little reason. Cybersecurity does not have to mean abdication of Americans’ online privacy. As we’ve seen repeatedly, once the government gets expansive national security authorities, there’s no going back. We encourage the Senate to let this horrible bill fade into obscurity.”
Privacy advocates: The Center for Democracy and Technology, which withdrew its support for the bill Wednesday, said it was “disappointed that CISPA passed the House in such flawed form and under such a flawed process.” While the group was pleased with some of the amendments, which tried to narrow the scope and language of the bill, the group is concerned that CISPA allows information to move “from the private sector directly to the NSA.” They also said that the bill inappropriately allows for data to be applied to national security issues other than cybersecurity.
The Electronic Frontier Foundation, which advocates for digital rights, said in a late Thursday statement that it will continue to fight the bill in the Senate. “We will not stand idly by as the basic freedoms to read and speak online without the shadow of government surveillance are endangered by such overbroad legislative proposals,” said Rainey Reitman, the EFF’s Activism Director.
The White House: The White House said Wednesday that it would veto the bill, because it would put American’s privacy at risk, The Washington Post reported. In a statement, the administration said that the bill “lacks sufficient limits on the sharing of personally identifiable information” and that there is not “adequate oversight” to make sure data is shared for the right purposes.
How it could affect you: As we’ve noted above, CISPA could be interpreted to allow companies to share any of their customers’ personal data as long as the companies say that the information is related to a “cyber threat.” That includes agencies such as the Department of Homeland Security and the National Security Agency. And while the bill doesn’t require that companies share this data — Facebook, for one, has said that it “has no intention” of sharing personal information with the government — the bill doesn’t require a warrant for the information.
If companies are willing to cooperate with the government, that means that users could have their personal information shared with the government without their permission.
CISPA passes the House, privacy battle moves to Senate
Obama threatens to veto CISPA cybersecurity bill, citing privacy concerns
Facebook weighs in on cybersecurity legislation