Tech Giant Warns CISPA Is “Alarming” Threat to Privacy
Tech giant Mozilla has publicly slammed the Cyber Intelligence Sharing and Protection Act (CISPA) which passed the House last week, labeling the legislation an “alarming” threat to privacy.
“While we wholeheartedly support a more secure Internet, CISPA has a broad and alarming reach that goes far beyond Internet security. The bill infringes on our privacy, includes vague definitions of cybersecurity, and grants immunities to companies and government that are too broad around information misuse. We hope the Senate takes the time to fully and openly consider these issues with stakeholder input before moving forward with this legislation,” Mozilla, which is best known for its Firefox browser, said in a statement.
The statement is important because it marks the first time any Silicon Valley entity has denounced CISPA, with an array of powerful companies lining up in support of the legislation which passed the US House of Representatives 248 to 168 and now heads to the Senate.
Facebook, Microsoft, IBM, Intel, Oracle, Symantec, AT&T and Verizon have all backed the bill, with Microsoft re-affirming its support yesterday after rumors the company was getting cold feet, while Google has refused to take either side.
CISPA has been identified by many as a greater threat to privacy than SOPA, which was opposed by a deluge of major tech firms after a viral online opposition campaign, but because CISPA has received less attention, corporate giants have found it easier to stay mute.
Not only would CISPA mandate ISPs to share Internet data of users with government “notwithstanding any other provision of law,” it also empowers the Department of Homeland Security to monitor the communications of the federal courts and Congress, and intercept tax returns sent to the IRS.
The bill “gives companies a free pass to monitor and collect communications and share that data with the government and other companies, so long as they do so for ‘cybersecurity purposes,’” the Electronic Frontier Foundation (EFF) has noted. “Just invoking ‘cybersecurity threats’ is enough to grant companies immunity from nearly all civil and criminal liability, effectively creating an exemption from all existing law.”
“The government would be able to search information it collects under CISPA for the purposes of investigating American citizens with complete immunity from all privacy protections as long as they can claim someone committed a “cybersecurity crime”. Basically it says the 4th Amendment does not apply online, at all. Moreover, the government could do whatever it wants with the data as long as it can claim that someone was in danger of bodily harm, or that children were somehow threatened—again, notwithstanding absolutely any other law that would normally limit the government’s power,” writes TechDirt’s Leigh Beadon.
As we have documented, the Obama administration’s threat to veto the bill is little more than a crude stunt and carries no more weight than Obama’s promise to veto the National Defense Authorization Act, which he signed on New Year’s Eve after the White House itself lobbied for the NDAA’s most egregious provisions to be included.
Indeed, the White House’s primary beef with the legislation appears to be the fact that it doesn’t hand enough power to the Department of Homeland Security.
CISPA now moves to the Senate where it will be amalgamated with one of two other bills before heading to Obama’s desk. Don’t hold your breath on that veto.