The Cyber Intelligence Sharing and Protection Act (CISPA) is a bill in the United States House of Representatives. The purpose of the bill is to provide a framework for information sharing between government agencies and private companies on matters of cybersecurity. It also encourages private companies to share information among themselves.
This framework provides private companies with an immunity to privacy laws for information shared or actions taken in response to a threat to cybersecurity systems.
President Barack Obama issued a veto threat if CISPA passed both chambers of Congress in its current form. On April 12, 2012, shortly after the White House veto threat, the House of Representatives passed the legislation. The vote was 248 in favor and 168 opposed, with 42 Democrats joining 206 Republicans in supporting the legislation.
Groups like the Electronic Frontier Foundation and the American Civil Liberties Union criticized the legislation for being unnecessarily vague and overly broad, essentially creating a loophole to existing privacy laws.
Groups like Verizon and the U.S. Chamber of Commerce supported the legislation for setting out a simple and effective means of sharing important cyber threat information with the government.
The initial version of the legislation never made it to a vote in the Senate.
The House is expected to vote on this incarnation of CISPA in April 2013.
Criticisms of CISPAEdit
Critics of CISPA point to the fact that the language in the bill is both vague and broad. It gives quite a bit of leeway to internet companies to take any action they deem necessary in response to a perceived threat. Many key terms are undefined, or defined in circular ways that could increase the probability of abuse. The end result would pose a danger to privacy by making it too easy for companies to share user information.
Another criticism of the bill is that companies already share information about cyberthreats, and the proposed law is unneeded.
Benefits of CISPAEdit
Proponents of the bill have pointed to the prevalence of cybersecurity threats to American infrastructure, including financial institutions, electric and water utilities and air traffic control systems.
CISPA would make it more likely for internet companies to voluntarily share information and could lead to increased response time to cyberattacks by pooling data to identify the threat. Furthermore, this version of CISPA does not specifically single out intellectual property infringement as being included. It also does not mandate companies to share information, it just makes it easier for them to do so.
Supporters of CISPAEdit
* AT&T * Business Roundtable * Chamber of Commerce * Comcast * Edison Electric Institute * EMC * Financial Joint Trades * Financial Services Roundtable * IBM * Intel * Internet Security Alliance * Juniper Networks * Motorola Solutions * National Cable & Telecommunications Association * ORACLE * TechAmerica * Telecommunications Industry Association (TIA) * Time Warner Cable * USTelecom, the Broadband Association * Verizon
Opponents of CISPAEdit
* Abine * Access * ACLU * Advocacy for Principled Action in Government * Alexis Ohanian, Co-founder of Reddit * American Association of Law Libraries * American Library Association * Association of Research Libraries * Bill of Rights Defense Committee * CALPIRG * Center for Democracy & Technology * Center for Digital Democracy * Center for Financial Privacy and Human Rights * Competitive Enterprise Institute * The Constitution Project * Consumer Watchdog * Craigslist * DailyKos * Demand Progress * DownsizeDC.org * DuckDuckGo * Electronic Frontier Foundation * Entertainment Consumers Association * Fight for the Future * Free Press Action Fund * Gandi * Government Accountability Project * IFEX * Internet Defense League * Liberty Coalition * Mozilla * Namecheap * National Association of Criminal Defense Lawyers * New America Foundation's Open Technology Institute * NY Tech Meetup * OpenMedia * Personal Democracy Media * Politihacks * Privacy Rights Clearinghouse * Privacy Times * Reddit * TechFreedom
- Cyber Intelligence Sharing and Protection Act of 2013
- Cyber Intelligence Sharing and Protection Act of 2011
- Overview of CISPA published on the National Law Review: CISPA, Approved by House, Poses Threat to Internet Freedom