
House Session on CISPA, ongoing now [video] - jen_h
http://www.c-span.org/Live-Video/C-SPAN/
======
EvanKelly
After just reading through the bill for the first time, I agree with most of
the criticism that the broadness of the bill creates significant opportunity
for misuse.

Unfortunately, if you read the bill with an optimistic view of government,
most of the items in the bill are written to seem like common sense and good
ideas. If the bill is read with a skeptical eye, one can see how vast the
breaches of privacy and abuses of CISPA could reach.

~~~
tptacek
Those being?

~~~
EvanKelly
As mentioned, I only just now read the bill, and you appear to be much more
educated on it than I, and from reading your comments, you seem very even-
keeled on your defense of the bill. I am generally supportive of the purpose
and goals of the bill.

It's been hard for me to get clarification on what some of the vagueries and
broad language of the bill could actually mean legally due to most articles I
read having a strong bias one way or the other.

I'm supportive of information sharing in order to combat and better protect
against cyber threats, but if that information sharing is covered by a
liability shield (which it almost certainly has to be), it seems like even a
benevolent company may err on the side of sharing more information than needed
with the government.

As the bill details little about oversight of who gets access to the data and
how it will be used, a skeptical and cynical look at this information being in
the hands of the government could suggest that this information would be used
for profiling or information gathering on US citizens.

I think the broader argument could be "what expectation of privacy do we have
on the internet?". I'm not sure where I fall on that issue, but I do wish it
was clearer, not necessarily for me, but moreso for folks like my parents that
don't truly understand what it means to send information across the internet
(encrypted or unencrypted).

~~~
tptacek
Except for the bit where you were nice to me, this is a great comment. It
actually captures a lot of what I think about CISPA, too.

------
tptacek
Here are the amendments being debated today:

[http://www.gpo.gov/fdsys/pkg/CRPT-113hrpt41/pdf/CRPT-113hrpt...](http://www.gpo.gov/fdsys/pkg/CRPT-113hrpt41/pdf/CRPT-113hrpt41.pdf)

The first of them has passed.

The second, limiting the use of CLASSIFIED information to cyber-security
activities, has passed.

The third, allowing independent contractors to handle cyber-threat information
sourced from the USG, has passed.

I am predicting the fourth, which is so unbelievably boring that I refuse to
summarize it, is about to pass.

~~~
sehugg
Full text of bill (only 33 double-spaced pages, not too long):

[http://www.gpo.gov/fdsys/pkg/BILLS-113hr624rh/pdf/BILLS-113h...](http://www.gpo.gov/fdsys/pkg/BILLS-113hr624rh/pdf/BILLS-113hr624rh.pdf)

~~~
tptacek
You probably want to start here:

[http://intelligence.house.gov/bill/cyber-intelligence-
sharin...](http://intelligence.house.gov/bill/cyber-intelligence-sharing-and-
protection-act-2013)

This landing page includes links to the amendments.

~~~
mpyne
I like how page 22 is rotated upside-down on the "HR 624 as Amended" PDF from
the "Bill and Amendments" section.

------
u2328
I watched it, but to be honest, I zoned out towards the end. So little
substance; just a collection of dinosaurs throwing around the 'cyber' rhetoric
like computer security is a game of Risk. They don't know what the hell
they're talking about. They just repeat all the buzzwords they get from the
literature provided by all the pro-CISPA lobbyists.

I just called my Representative and hope for the best, but I fear these
assholes are going to win this round. I will be throwing the EFF some more
money next payday though.

------
sinak
Final vote is tomorrow. Take 2 minutes and call your House Rep and tell them
what you think about CISPA: <https://eff.org/r.5bPw>

~~~
rdl
This would seem to require figuring out what I think about CISPA, first. I
don't feel very strongly about it either way -- slightly positive toward some
aspects, slightly negative toward other aspects, but it feels pretty much like
a legislative no-op.

------
DanielBMarkham
Worth noting that 1) the ACLU and others still oppose the bill in modified
form, and 2) there was a half-assed veto threat from the WH, and 3) lawmakers
view the veto threat as a negotiating ploy.

So I believe this is a done deal -- unless something dramatically changes.

(Shameless plug: I've summarized some of this on the blog: <http://freedom-or-
safety.com/blog/aclu-cispa-far-from-fixed/>)

------
pfraze
Could somebody give an argument (or link to an argument) for why CISPA
shouldn't be passed?

~~~
sehugg
One thing that does not seem to be often discussed is that CISPA data can be
used to investigate and prosecute crimes. Specifically, crimes involving harm
to minors or serious bodily harm.

No one likes to see adults or minors injured, but this inclusion is at odds
with proponents' claim that it CISPA is only "for cybersecurity purposes".
Even the House Committee on Intelligence's own FAQ seems to contradict the
bill's text in its first entry:

[http://intelligence.house.gov/sites/intelligence.house.gov/f...](http://intelligence.house.gov/sites/intelligence.house.gov/files/images/041613cispamythfact.pdf)

"Serious bodily harm" isn't a term which just covers terrorist acts; it covers
things like automobile accidents. One wonders if data collected under CISPA
could be used to find and prosecute drunk drivers in a National Park -- hey,
it prevents serious bodily harm and it's on Federal property, right?

Other claims that the bill's language is too broad and needs more work:

[http://www.legislationandpolicy.com/747/cispa-and-the-
need-t...](http://www.legislationandpolicy.com/747/cispa-and-the-need-to-
increase-cyber-security-without-infringing-on-personal-privacy/)

[http://www.whitehouse.gov/sites/default/files/omb/legislativ...](http://www.whitehouse.gov/sites/default/files/omb/legislative/sap/113/saphr624r_20130416.pdf)

~~~
lawnchair_larry
Talking about protecting minors is usually a good thing to thrown into a dirty
bill that can't stand on it's own, as a weak appeal to emotion. Sadly, it
works.

------
jen_h
Now finished; see [http://intelligence.house.gov/bill/OMGWTF-intelligence-
shari...](http://intelligence.house.gov/bill/OMGWTF-intelligence-sharing-and-
protection-act-2013) for the full-text bill and ongoing schedule.

Noticed that there are only letters of support provided here, though. See
<https://www.eff.org/cybersecurity-bill-faq> for EFF's take.

------
DigitalSea
I watched for a little while but when you're watching the political equivalent
of paint drying its hard to remain interested after a while. I see quite a few
things passed, lets hope the White House follows through with their veto
threats. With the appropriate amends required to make this bill less broad, it
wouldn't be nearly as bad. The scary about about this bill is for some reasons
the amends weren't made which leads me to believe there are ulterior motives
of those in support of this bill yet to be revealed until it's too late.

~~~
okamiueru
I thought the veto was because the bill was too lenient on companies.

"However, the Administration is concerned about the broad scope of liability
limitations in H.R. 624. Specifically, even if there is no clear intent to do
harm, the law should not immunize a failure to take reasonable measures, such
as the sharing of information, to prevent harm when and if the entity knows
that such inaction will cause damage or otherwise injure or endanger other
entities or individuals."
[[http://news.cnet.com/8301-13578_3-57579905-38/obama-
threaten...](http://news.cnet.com/8301-13578_3-57579905-38/obama-threatens-
veto-of-cispa-database-sharing-bill/)]

In other words, that corporations should be punished for not providing
information.

------
loupeabody
Thanks for this! I'm tuning in

