
Analysis: "Cybersecurity" bill endangers privacy rights - llambda
http://arstechnica.com/tech-policy/news/2012/04/analysis-cybersecurity-bill-endangers-privacy-rights.ars
======
Natsu
This is one of the better analyses I've seen of CISPA. I'll save tptacek some
time and quote liberally from the article:

"It's unclear why new legislation is needed to allow this kind of
uncontroversial information sharing to occur. Network administrators and
security researchers at private firms have shared threat information with one
another for decades. And the law also allows information sharing between
private firms and the government in many circumstances. For example, a private
company is already free to notify the FBI if it detects an attempt to hack
into its network."

[...]

"The "notwithstanding" approach to cybersecurity is fundamentally flawed
because it's almost impossible to predict which parts of US law might be
effectively changed by the new law, or to prevent unintended consequences from
unduly broad sharing. It would be far better for Congress to figure out which
specific privacy laws (if any) prevent effective network security responses
and explicitly reform those provisions."

[...]

"Given the roaring success of the Internet's backlash against the Stop Online
Piracy Act, CISPA opponents have an irresistable temptation to compare the two
bills. Both bills represent attacks on the rights of Internet users, but the
similarity largely ends there.

A better analogy is the 2008 FISA Amendment Act, which granted major
telecommunications incumbents retroactive immunity for their participation in
warrantless wiretapping and eliminated judicial oversight for a broad category
of government surveillance. CISPA is likely to further erode the already weak
legal restraints on government surveillance of Americans, and there's no
meaningful judicial oversight of information shared under the "cyber threat"
program."

