CISPA Resurrection: What’s The Big Deal?
The Cyber Intelligence Sharing and Protection Act, also known as CISPA, is the US Congress bill that resurfaced again. The so-called zombie, as it fails to die, performs a great chunk of harassment to cyber activists and civil liberties advocates. As previous CISPA co-sponsor, Mike Rogers, is not running for re-election, the House of Democrat will never stop to cease the opportunity in a crisis, and Dutch Ruppersberger is re-introducing CISPA alleged to the recent Sony hacks (North Korea is to be blamed).
What’s the Big Deal?
Let’s for a moment hit the playback button. On Tuesday, at Washington (AFP), President Barack Obama announced that the need to toughened laws on cybersecurity are the major concern taking into account the recent Sony hacking attack.
What started with a simple comment at the White House has allegedly transformed into a coming back cybersecurity legislation act that in the past has been put aside. At a meeting with the congressional leaders, Obama said “it just goes to show how much more work we need to do – both public and private sector – to strengthen our cybersecurity”. After an in-depth conversation to the Republican leaders of the House and Senate, there is a need to “get some legislation done and make sure that we are more effective in protecting the American people”.
The new CISPA proposal unveiled Tuesday seemingly allows increasing information sharing on cyber threats. The info will come from the private sector with protection from liability. In addition, the new law would criminalize the sale of stolen financial data. At the same time, companies are responsible for notifying the customers about the possibility of the data breaches.
More on the In-Depth CISPA Analysis
According to a White House statement the re-introduced proposal “promotes better cybersecurity information sharing between the private sector and government”. The enhanced collaboration would allow:
- to perform prosecution of the botnets’ sales
- criminalize the overseas sale of the financial information stolen from US, including bank account numbers and credit cards
- deter the sale of spyware enabling stalking or committing ID theft
- shut down botnets participating in criminal activity or denying of service attacks
Other than that, the legit proposal will act like a cover up for companies, willing to cooperate, and shield those from the liability unless they are willing to share the info about the cyber threats.
Critics say that the controversial bill does not do enough to protect the Americans especially from the prying and ever-hunting eyes of corporations and surveillance agencies. Applicable to “certified entities”, defined as “protected entity, self-protected entity or cybersecurity provider”, we will provide full access to:
A) security clearance as determined by the Director of National Intelligence
B) demonstration to the Director of NI that the provider, the entity, protects classifieds cyber threat intelligence.
What Does CISPA 2015 Mean for Regular Users?
With introduction of new cyber threat information sharing program, some experts believe that the foxes are asked to guard the hen house. The CISPA 2015 is far from being intended to offer a real oversight for civil liberties and privacy, yet it will definitely provide a much “cozier” and “warmer” relationship between the US government and Silicon Valley.