

CISPA is not SOPA - kylemaxwell
http://overhack.wordpress.com/2012/04/09/cispa-is-not-sopa/

======
pwg
> I do not have an attorney’s license, or even a law degree,

And therein lies the trouble with the analysis. It is factual, but performed
from a perspective of an engineer. An engineer not looking for loopholes and
not looking for how to stretch the meaning of the broad wording to attach it
to something else entirely.

Attorneys are paid to find the loopholes, and to stretch the meaning of the
statutes to fit the desires of their clients. Broad sweeping definitions just
make it infinitely easier to stretch the bill's language to make it apply to
unrelated areas.

If the bill was honestly and truly meant to be what it purports, then the
language would be nice and tight, with no wiggle room to stretch it to fit
something else.

For example, here's passage (B)(1)(i) of the bill:

> `(i) use cybersecurity systems to identify and obtain cyber threat
> information to protect the rights and property of such protected entity; and

The bill does not define "cybersecurity systems" - leaving this term open to
be just about anything. Nor does the bill define "cyber threat information" -
leaving this term open to be just about anything. So long as they are
"protect[ing] the rights and property" of a protected entity.

So, with this broad language, a deep-level packet inspection system sniffing
every ISP's users data streams looking for purported copyright infringement
would be perfectly legal, because it would be a "cybersecurity system"
protecting against "cyber threats" in order to "protect the rights and
property" of a "protected entity". Where "rights" is the copyright and the
protected entity is a MPAA/RIAA member, and the "cyber threat" is that of
supposed lost profits from supposed copyright infringement.

That's the trouble with broadly worded bills. They allow attorneys to stretch
them to fit something they were never intended. Read up on "unintended
consequences": <http://en.wikipedia.org/wiki/Unintended_consequences>.

~~~
kylemaxwell
Except nothing in the bill obliges the ISP to monitor for copyright holders,
which would run significant costs for them both in terms of systems and
personnel. The ISP is not a cybersecurity provider for rights holders under
the definitions of the proposed statute.

Please don't be condescending in actually linking a Wikipedia article on
unintended consequences, by the way. That's not necessary for civil, rational
debate.

~~~
pwg
[http://www.techdirt.com/articles/20120410/12180518442/cispa-...](http://www.techdirt.com/articles/20120410/12180518442/cispa-
is-really-bad-bill-heres-why.shtml)

~~~
kylemaxwell
Another flawed analysis. Again, while imperfect, this bill simply does not
contain any provision that obliges anyone to do anything. I don't disagree
that it can be improved, but CISPA isn't even close to SOPA: no blocking
requirements, no facilities for intervening with advertisers or payment
providers, etc.

