The Cyber Intelligence Sharing and Protection Act, better known as CISPA, cleared the House of Representatives late last week.
CISPA aims to allow private businesses to share information about cybersecurity threats with one another and with the federal government. Proponents say that sharing helps beef up American networks' defense against cyberattacks, but opponents have -- justifiably -- warned that it would put Internet users' privacy in jeopardy.
[More from Mashable: Today’s Top Stories: CISPA Passes House, BlackBerry 10 Phone Rumors]
CISPA truly had the potential to become decent cybersecurity legislation. Information sharing between businesses is a good idea, but when you get the federal government and shady intelligence organizations like the National Security Agency involved, it seems as if Big Brother is looking over our shoulders while we browse our favorite websites.
There's a reason Rep. Hank Johnson, while debating CISPA, said that it "feels like 1984 in this House today."
[More from Mashable: President Obama Threatens to Veto CISPA Cybersecurity Bill]
Sadly, amendments that would've addressed those privacy fears were blocked from discussion by House leadership for reasons unknown. The version of CISPA passed by the House last week did little to address worries that the bill would jeopardize Internet users' privacy, disappointing some -- myself included.
Now CISPA's headed to the Senate, where two things can happen: It can be stripped of its Orwellian language, leaving a decent bill that allows private firms to share threat information with one another while protecting users' privacy, or it can be killed off and Congress can adopt new cybersecurity legislation and try again.
Public Outcry is Growing
The struggle against the Stop Online Piracy Act, or SOPA, came to a head before that bill reached a vote in the House. That led directly to SOPA's author, Lamar Smith, dropping the bill to avoid legislative defeat.
Opposition to CISPA on the part of those who say it would jeopardize online privacy has been steadily rising for the past few weeks, but naysayers needed a spark to really start rallying the troops. It turns out that the bill's passage in the House is proving to be exactly the kick in the pants that the privacy-minded Internet community needed to start organizing against CISPA.
The House was nearly destined to pass CISPA -- it had more than 100 co-sponsors before it came up for a vote -- but now it's the Senate's turn. The Internet community sees its savior in the Senate, where CISPA can (and will) be changed or killed.
A search for "CISPA" on Reddit, where the early anti-SOPA movement began, reveals almost ten recent threads about taking action against the bill with more than one thousand "upvotes" and an equally high number of comments. Redditors have also started a 4,000-member community called "watchingcongress," where users keep a close eye on Congressional actions.
Petitions elsewhere on the web have already gathered hundreds of thousands of signatures.
Most of the public opposition is outright against CISPA's passage. Meanwhile, organized privacy groups, such as the Center for Democracy and Technology, are smartly looking to the Senate's amendment process to salvage the bill.
While we're still too far out to know exactly how the Senate might amend CISPA, proposals rejected by the House offer a clue. Those proposed amendments addressed critics' desire for more civilian oversight and discomfort with technology companies' immunity from lawsuits if a user believes his or her information was disclosed improperly.
A major difference between CISPA and SOPA was that CISPA enjoyed at least the quasi-support of top technology companies, such as Microsoft -- but even they are starting to back away from the bill, citing privacy concerns.
The Senate will take heed of this rising tide of opposition and either address the privacy concerns inherent in CISPA -- something the House failed to do -- or kill it.
The Partisan Divide: Cybersecurity Edition
Rep. Mike Rogers (R-Mich.), the author of CISPA, has repeatedly hailed the bill as a "bipartisan success." There's some truth to that -- the bill's co-author is Maryland Democrat Dutch Ruppersburger and 42 House Democrats voted for CISPA.
However, Rogers' language masks the truth behind cybersecurity legislation in Congress.
Most Republicans support a cybersecurity approach that stresses national security and information-sharing, but doesn't call for government-set security standards that private firms must meet -- which they view as oppressive overregulation. Many Democrats, on the other hand, want those standards while insisting we keep Big Brother out of cybersecurity.
That partisan divide will lead the Democrat-controlled Senate to either radically alter CISPA or kill it off entirely. Even if the Senate passes a version of CISPA (or another cybersecurity bill) which suits Democrats' tastes, it'll have to go back to the House, where such a bill likely wouldn't pass muster.
Cybersecurity will become a microcosm of Congress in general -- excessive polarization blocking smart, effective policymaking.
The Specter of Obama's Veto
President Obama's top advisors said they'll recommend a veto if a version of CISPA reaches his desk without adequate privacy protections -- and most believe CISPA's very much lacking in that department.
Obama's been known to backtrack on veto threats before. He eventually signed the controversial National Defense Authorization Act after saying he'd trash it, while promising he'd never use some of its most onerous provisions.
However, Obama's track record on cyber issues has been solid. The administration opposed SOPA and wants cybersecurity legislation that addresses "core critical infrastructure vulnerabilities without sacrificing the fundamental values of privacy and civil liberties for our citizens," a bar CISPA doesn't reach.
The Democrat-controlled Senate's not going to pass something they know the administration will oppose in an election year. It's a waste of time, resources and political capital. They will fix the problems with CISPA or leave it dead on the side of the legislative road.
Where Do We Go From Here?
Legislation that lets private firms share cybersecurity threats is badly needed. The Internet's bad guys are certainly working together, and the good guys should be allowed to follow suit. But let's keep the intelligence community out of it -- we don't need a digital PATRIOT Act.
The best possible result of the CISPA controversy is a restart. Let tackle cybersecurity legislation anew, with all stakeholders at the table -- everyday Internet users included. Let's demand Congress think like Internet users and crowdsource the next piece of cyber legislation.
After all, the Internet belongs to everybody, and we all deserve a say in how it's protected.
Image courtesy of iStockphoto, franckreporter
This story originally published on Mashable here.
