Cyber Intelligence Sharing and Protect Act (CISPA)
Overview
The Cyber Intelligence Sharing and Protect Act (CISPA) is a U.S. Senate bill designed to allow more sharing of "cyber threat intelligence" between the U.S. government and private sectors. If passed, the bill would allow the government with additional powers and resources to monitor the online activities of U.S. citizens to prevent cybercrimes, namely trafficking in intellectual property and counterfeit goods. While it was proposed as an amendment to the National Security Act of 1947, the bill has been widely viewed as a companion bill to the SOPA and PIPA.
Background
Sponsored by Representatives Mike Rogers (R-MI) and Charles Albert “Dutch” Ruppersberger (D-MD), the CISPA bill[2] was formally announced on March 29th, 2012 in a press release[8] by the U.S. House of Representative's Permanent Select Committee on Intelligence, which also noted that the bill has received bipartisan support support from over 100 Members of Congress.
If the bill is passed by the U.S. Congress, Internet companies and websites would be required to collect private information of their users and pass them onto the government upon request. Despite the popular comparison between CISPA and its unsuccessful precedents SOPA and PIPA, the new bill would reward companies for collecting data, intercepting or modifying communications and passing information over to the government. According to the official press release, the bill has gained support from several Internet giants like AT&T, Verizon and Facebook.
Notable Developments
News Media Coverage
The announcement of the bill was picked up by TechDirt[7] and Russia Today[3] on April 2nd, 2012 and spread across a number of other tech news blogs like WebProNews and The Huffington Post[6], as well as digital rights advocacy groups Center for Democracy[11] and Technology and Electronic Frontiers Foundation.[12]
Corporate Support
The Internet companies in support of the bill ranges from telecommunications companies like AT&T,
US Telecom and Verizon to Internet companies like Facebook and Oracle, as well as hardware manufacturers Intel and IBM. The complete list of private companies in support of the bill can be found in the official U.S. House of Representatives' press release. In the Congress, the bill has received backings from at least 100 Congress members as of April 6th, 2012.
Criticisms
The proposal of CISPA was met by heavy criticisms from the opponents of SOPA and PIPA and organizers of the January 2012 protests, who likened the latest bill to the controversial Stop Online Piracy Act (SOPA) bill with a new name. On April 3rd, Electronic Frontier Foundation's Trevor Timm appeared in an interview with RT, during which he raised numerous concerns regarding the lack of specifications and potential conflicts with privacy laws. On the same day, the Center for Democracy and Technology's Kendall Burman also chimed in with similar explanations on the same news program.
During the third week of April, numerous civil liberties organizations and notable figures in the Internet world joined the opposition movement by publicly spoke out against the bill:
- On April 16th, Reporters Without Borders also published an article opposing the legislation of the CISPA bill, describing its provisions as "draconian measures to monitor, even censor, the Web.
- On April 18th, Dr. Tim Berners-Lee expressed his opposition in an interview with The Guardian[14], warning that if passed, the bill will threaten the rights of American people and effectively the rest of the world."
- On April 19th, the American Civil Liberties Union (ACLU) released a statement[13] opposing the bill, asserting that "beyond the potential for massive data collection authorization, the bill would provide no meaningful oversight of, or accountability for, the use of these new information-sharing authorities."
- On April 23rd, 18 Democratic House members signed a letter[17] raising concerns with the lack of safeguard provisions in the bill, mainly in determining what information will be shared, who in the federal government and intelligence communities can access the said information and the purpose in which that information will be used. On the same day, Republican congressman and GOP presidential candidate Ron Paul described CISPA as "the latest assault on Internt freedom."
Protests
Online Petitions
The global civic organization Avaaz[5] was one of the first groups to react to the news of CISPA with an online petition titled "Save the Internet from the US." Since its launch on April 5th, 2012, the petition has accumulated more than 752,000 signatures in less than three weeks. The petition was further supported by the community of Reddit, which played an integral role during the online protests against SOPA and PIPA in January 2012.
Between the months of February and March 2012, over 100 posts related to the topic of CISPA have been submitted to Reddit[9], one of the major participants during the SOPA protest blackout in January. On April 23rd, Redditor HazySummerSky posted a link to the Avaaz petition in a thread titled "Reddit, we took the anti-SOPA petition from 943,702 signatures to 3,460,313. The anti-CISPA petition is at 691,768, a bill expansively worse than SOPA. Please bump it, then let us discuss further measures or our past efforts are in vain. We did it before, I'm afraid we are called on to do it again." In less than 24 hours, the thread received more than 52,700 upvotes and reached the frontpage.
Stop Cyber Spying Week
On April 16th, 201, a coalition of civil liberties groups and digital rights advocates launched an online campaign dubbed the "Stop Cyber Spying Week" with Twitter hashtags #CISPA and #CongressTMI in an effort to raise awareness of the bill. The participating groups includes the Constitution Project, American Civil Liberties Union, Electronic Frontier Foundation, Center for Democracy and Technology, Fight for the Future, Free Press, Reporters Without Borders, Sunlight Foundation and TechFreedom among others. The Electronic Frontier Foundation, one of the spearheading organizers in the movement, released an infographic post[16] detailing the implications of CISPA (shown below).
Hackers Target CIA Website
On April 24th, hackers associated with the anti-U.S. government hacktivist group "UGNazi" claimed responsibility for launching a distributed denial-of-service (DDoS) attack and successfully bringing down the websites of the Central Intelligence Agency and the U.S. Department of Justice. According to the International Business Times[15], intrusion was initially claimed by associates of the Anonymous hacktivists, but later gave credit to UGNazi for taking the assault in protesting against CISPA. Meanwhile, spokespeople from the agency did not confirm the attack but said they were "looking into these reports."
Cia.gov was not taken down by #anonymous ,but by @UG , #UGNazi , not #Anonymous ,HF kids stop taking credit.
— AoS (@AnonOpsSweden) April 23, 2012
The UGNazi group was formed by hacktivists JoshTheGod aka Josh Matthews, MrOsama and AntiGov, who hacked the Ultimate Fighting Championship website following the company's endorsement of the controversial SOPA bill in January 2012. A day prior to the attack on April 23rd, UGNazi claimed to have intercepted a notice sent by the FBI's Assistant Director in Charge Janice Fedarcyk to the field offices, which was published via Pastebin[18] in the name of a protest against CISPA.
Legislation
House Passes CISPA
On April 26th, 2012, the House passed bill with 248 yes votes and 168 no votes.[20] During hours of debate on the floor, a total of 11 amendments were approved for CISPA, including limitations of circumstances under which user information can be shared with the government.[20] Following its passage, both the opponents and proponents of CISPA issued public statements; Privacy advocacy and civil liberties groups like The Center for Democracy and Technology withdrew its support for the bill and the American Civil Liberties Union raised concerns with its broad scope and language of the bill. The White House[27] also reiterated its opposition against the latest version of CISPA, hinting that Obama's senior advisors would recommend a veto action against it.
Online Reactions
Tech companies' reactions were largely divided on the House passage of the bill. Although it was initially reported in the news[21] that Microsoft has softened its support for the bill citing privacy reasons, the company’s spokesperson[22] later reaffirmed that Microsoft’s position remains unchanged. Meanwhile, Mozilla[23] openly denounced the bill by stating that "the bill infringes on our privacy, includes vague definitions of cybersecurity, and grants immunities to companies and government that are too broad around information misuse.” Reddit also went abuzz with the news of the bill’s passage; In a post titled “Let's get Reddit Inc. interested in opposing CISPA,”[24] Redditor Zenkin proposed a plan to boycott the site, citing frustration with Reddit administrators’ lack of efforts in raising awareness of the bill. Later on the same day, Reddit released a statement[25] acknowledging the concerns of the community. Another thread[26] started by Redditor Zenkin proposed an idea for an interest group for the freedom of the Internet, which turned into an impromptu fundraising event for existing digital rights organizations. By Monday, the Electronic Frontier Foundation[31] had received 200 individual donations in amount up to $7,500.
Anonymous: Operation Defense
On April 27th, 2012, Anonymous-affiliated YouTube channel TheAnonMessage uploaded a communique video titled “Operation Defense: Phase II,” which proposed a series of “coordinated physical demonstrations” against the bill and its corporate supporters. The group also acknowledged the reduced effectiveness of DDoS attacks due to many companies’ server upgrade.
Senate Rejects CISPA
On May 24th, 2012, a coalition of internet privacy advocacy groups led by Fight for the Future launched the online campaign Privacy is Awesome[32], which proposed a plan to contact the offices of U.S. senators during the Memorial Day recess before they vote.
In contrary to the initial outlook that the CISPA would be put to vote by the Senate in early June 2012 following the Memorial Day recess, the cloture on the bill was repeatedly postponed for nearly two months. On August 2nd, with the final outcome of 52 yes votes and 46 votes, the bill was declared to be shelved indefinitely.
Return of the CISPA
On February 8th, 2013, U.S. House Representative Mike Rogers and C.A. Dutch Ruppersberger announced a plan to bring the CISPA back in a press release. That same day, Bloomberg reported that the White House is preparing to sign an executive order in an effort to improve U.S. cybersecurity infrastructure, citing two former officials briefed on the administration's plans.
Anonymous: Operation SOTU
On February 12th, in response to the news reports of the CISPA's return, Anon Relations released a communique titled "Operation SOTU," calling on citizens of the Internet to disrupt the State of the Union by affecting the online streaming of the presidential address on major news websites.
We reject the State of the Union. We reject the authority of the President to sign arbitrary orders and bring irresponsible and damaging controls to the Internet. The President of the United States of America, and the Joint Session of Congress will face an Army tonight. We will form a virtual blockade between Capitol Hill and the Internet. Armed with nothing more than Lulz, Nyancat and PEW-PEW-PEW! Lazers, we will face down the largest superpower on Earth. And we will win! There will be no State of the Union Address on the web tonight.
Throughout the day, the group's call to action quickly spread across the internet and tech news sites. However, no major disruptions to the streaming service were reported by YouTube or the White House during the course of the address and by 10:18 p.m. (ET), ComputerWorld had reported that Anonymous failed to accomplish its objectives.
Executive Order on Cybersecurity
Meanwhile, President Obama confirmed during his State of the Union address that he has signed an executive order that will establish more effective means of information sharing between the government and private sectors, including the expansion of a real-time communications software program currently limited to private companies in the defense industry, as well as a presidential directive that will launch a program to come up with cybersecurity standards.
House Passes CISPA Again
On April 17th, the day before the House's scheduled vote on the bill, Washington D.C.'s political news site The Hill reported[47] that a minor compromise had been reached between the advocates and the opposition with the last-minute inclusion of a pro-privacy amendment that "would require the Departments of Justice and Homeland Security to establish an entity to receive cyber threat information from companies." On April 18th, 2013, the House of Representatives voted 288-127 to pass CISPA.[37]
Despite Representative Rogers assuring his peers that the final revision of the bill would include privacy safeguards, at the time it was passed, there were no requirements that sensitive information pertaining to health or banking records would have to be anonymized before passed on to the government.[38] Because of this, President Obama’s top advisers have recommended that he veto the bill if it passes in the Senate.[39]
2013 Blackout Protest
On April 20th, 2013, Anonymous affiliate YourAnonNews called for a blackout[40] protest against the House passage of CISPA on Monday, April 22nd, asking Internet users to change their profile photos to ones promoting the Twitter hashtag #StopCISPA.[41] Nearly 500 websites, including personal blogs, gaming sites and Facebook fan pages, pledged to go offline for the day,[42] many of them replacing the homepage content with a number of promotional images provided by Anonymous (shown below, left). Additionally, a number of subreddits including /r/Funny[43] chose to set the page's CSS code to make the background black (shown below, right), while other subreddits chose to go private for the day.[44] On Tumblr, many users chose not to blog for the day[45], supplementing this by blacking out their blog's homepag ewith CSS code[46] circulating via Pastebin.
Search Interest
External References
[1] Digital Trends – Watch out, Washington CISPA replaces SOPA as Internet’s Enemy No. 1
[2] The Library of Congress – Bill HR 3523
[3] RT – Even worse than SOPA: New CISPA cybersecurity bill will censor the Web
[4] YouTube – CISPA: Nightmare Cybersecurity Bill
[5] Avaaz – Stop CISPA
[6] Huffington Post – Congress Renames SOPA, Hopes No One Will Notice
[7] TechDirt – Forget SOPA, You Should Be Worried About This Cybersecurity Bill
[8] U.S. House – Co-sponsors Top 100 for the Rogers-Ruppersberger
Bipartisan Cyber Bill
[9] Reddit – Even worse than SOPA: New CISPA cybersecurity bill will censor the Web
[10] Avaaz – Save the Internet from the US
[11] Center for Democracy & Technology – Cybersecurity's 7-Step Plan for Internet Freedom
[12] Electronic Frontier Foundation – Don’t Let Congress Use "Cybersecurity" Fears to Trample on Civil Liberties
[13] American Civil Liberties Union – Proposed Amendments to #CISPA Don't Protect Privacy
[14] The Guardian – Tim Berners-Lee warns against web snooping bill – audio
[15] International Business Times – Hackers Target CIA Website Against CISPA
[16] Electronic Frontier Foundation – Stop Cyber Spying Week Launches to Protest CISPA
[17] ComputerWorld – CISPA Concerns Spread in Congress
[18] Pastebin – FBI Court Order Leaked
[19] TechDirt – Insanity: CISPA Just Got Way Worse, And Then Passed On Rushed Vote
[20] Washington Post – CISPA passes the House, privacy battle moves to Senate
[21] CNET – Microsoft backs away from CISPA support, citing privacy
[22] The Hill – Microsoft denies softening of CISPA support
[23] CNET – Mozilla is first major tech company to denounce CISPA
[24] Reddit – Let's get Reddit Inc. interested in opposing CISPA
[25] Reddit – A quick note on CISPA and related bills
[26] Reddit – Why don't we form an Internet Freedom Association like the NRA has for firearms?
[27] White House – STATEMENT OF ADMINISTRATION POLICY
[28] Geekosystem – White House Reaffirms Opposition To CISPA, Standing Veto Threat
[29] The Daily Beast – In Cybersecurity Bill CISPA Passage, Voices of the Internet Community Were Heard
[30] Forbes – Reddit Founder Says He Won't Buy Facebook's Stock Due To Its CISPA Support
[31] MSNBC – Reddit post results in $7.5K donations for Internet Freedom
[32] Fight For the Future – Privacy is Awesome
[33] Bloomberg – "Obama Said Near Issuing Executive Order on Cybersecurity":www.bloomberg.com/news/2013-02-08/obama-said-near-issuing-executive-order-on-cybersecurity.html
[34] Anon Relations – Anonymous CALL TO IMMEDIATE ACTION! #opSOTU
[35] Anon Relations – A Message From Anonymous to the President of the United States
[36] CNN – Anonymous vows to disrupt State of the Union on Web
[37] US News – CISPA Passes House; Obama Threatens Veto
[38] ZDNet – CISPA passes U.S. House: Death of the Fourth Amendment?
[39] Huffington Post – White House Threatens CISPA Veto, Says Revised Cybersecurity Bill Doesn't Adequately Protect Privacy, Civil Liberties
[40] Pastebin – YAN: CISPA Blackout: April 22
[41] Twitter – #stopcispa
[42] AnonOps – List of Sites Participating in CISPA Blackout
[44] Reddit – /r/Stand Official Unofficial CISPA Discussion Thread.
[45] Tumblr – Posts tagged "CISPA Blackout"
[46] Pastebin – CISPA BLACKOUT CODE
[47] The Hill – CISPA sponsors mull privacy change
Top Comments
Iso
Apr 17, 2013 at 09:13PM EDT
Ric Te$l@
Apr 07, 2012 at 10:35PM EDT