By Robyn Greene
March 21, 2013
The Propellerheads may have been talking about fashion trends when they sang that “to me it seems quite clear that it’s all just a little bit of history repeating.”
But that sentiment rings loud and true today when talking about the privacy-busting cybersecurity bill CISPA.
Leaders of the House Intel Committee reintroduced CISPA with the same privacy flaws as last year. While they suggested at its unveiling that they worked with the privacy community and addressed our concerns, they didn’t. This is the same bill, with the same problems.
But since this is a repeat of last year, there is good news, too. Last year, citing many of our privacy concerns, President Obama threatened to veto CISPA, making clear that protecting privacy and civil liberties is a priority in any cybersecurity legislation he signs. Today the ACLU and 33 other organizations sent a letter to the president, urging him to do it again.
Last year, President Obama cautioned that CISPA would repeal “important provisions of electronic surveillance law without instituting corresponding privacy, confidentiality, and civil liberties safeguards,” while failing to establish “requirements for both industry and Government to minimize and protect personally identifiable information.” He warned that CISPA “does not contain adequate oversight or accountability measures necessary to ensure that the data is used only for appropriate purposes.” And he objected to CISPA’s overly broad liability protections that would make it virtually impossible for Americans to sue a company for improperly sharing our private information with the government or with another company.
Finally, President Obama echoed our serious concerns about the militarization of the cybersecurity mission – concerns that the House Homeland Security Committees also addressed at a hearing last week, before which the ACLU testified. In his veto threat, the president warned that CISPA “effectively treats domestic cybersecurity as an intelligence activity and thus, significantly departs from longstanding efforts to treat the Internet and cyberspace as civilian spheres.” He also stated unequivocally that “The Administration believes that a civilian agency…must have a central role in domestic cybersecurity, including for conducting and overseeing the exchange of cybersecurity information.”