CISPA’s Sponsor Can’t Even Keep His Story Straight About NSA Having Access To Your Data

CISPA’s sponsors are doing the same thing they did last year when confronted with serious opposition to a terrible bill: they start lying about it.

NSAby Mike Masnick
Tech Dirt
April 11, 2013

First, they released a “fact vs. myth” sheet about the bill that was so ridiculously misleading that the EFF had to pick apart nearly every dubious claim. A big part of this is trying to hide the fact that the bill has very broad definitions that will make it much easier for the NSA to get access to private data. No one has claimed that this automatically allows the NSA to do full “surveillance” via CISPA, but that’s what CISPA’s supporters pretend critics have said, so they can fight back against the strawman.

What’s incredible is that the statements from CISPA’s supporters are, themselves, quite contradictory. Take, for example, the hilarious statements from CISPA sponsor Mike Rogers to Politico, in which he seeks to “fire back” at critics who worry about CISPA being used by the NSA. Read his comments carefully, and you’ll see that he goes from saying that the NSA won’t have anything to do with it, to saying that the definitions are broad (so that maybe the NSA will have something to do with it) to then saying that the NSA is the best at this, so it should be able to use CISPA to get access to private information. All within a matter of a few sentences.

Here’s the full bit from Rogers: “I don’t know where they get that. It doesn’t say that in the bill. NSA is not authorized to monitor; this is not a surveillance bill. If you read the bill — I encourage those privacy groups to actually read the bill — you won’t find that in the bill. … We’re agnostic on how the government would form [an info-sharing regime]; some want DHS, some want others. We thought, let’s be agnostic on that portion so you get the right regime. But if you don’t have the capability of the NSA, taking that information from the Iranians and the North Koreans and others, and allowing that to get back into the system, it’s worthless. And if you want the gold-standard protection from cyberattacks, the NSA has to be at least somewhere. They don’t have to get it, they don’t have to be the lead in it, but they’re the ones that have the capability for overseas collection.”

So, basically, it’s all an overstatement that the NSA might get access to your data… er… I mean, we don’t actually specify, so we’ll let the federal government make its own decisions later when its outside of public scrutiny and… oh yeah, of course we want the NSA to have access to the data, because they’re “the gold-standard.”

That’s not going to put the privacy concerns to rest, now, is it? Rogers’ problem is that he’s pretending that privacy critics are saying this is an ongoing “surveillance” bill, rather than one where the NSA can get access to private data. As far as I know, none of the privacy groups protesting CISPA have made that claim of it being a surveillance bill. They’re just worried about how CISPA destroys (literally, wipes out) any privacy protections for companies handing private info over to the government. Basically, the end of his statement exactly confirms the concerns raised by privacy advocates, even as he pretends that it disproves them. Incredible.

Meanwhile, aren’t reporters supposed to push back on bogus claims from politicians, rather than just restating them as fact? *Sigh*

Separately, Rogers’ own statements contradict that “fact vs. myth” statement that his staff put out. In that statement, the House Intelligence Committee argue that there aren’t any problems with “broad” definitions in the bill. And yet, here he clearly talks about how they’re “agnostic” on how the program plays out. That’s exactly the kind of “broad” issues that people are concerned about.