Debunking CISPA supporters' claims of harmlessness, inevitability


A coalition of US civil liberties organizations have declared this to be Stop Cyber Spying Week, with the goal of scuttling CISPA, the Internet spying bill that promotes web-censorship, bulk surveillance, and warrantless wiretapping by government and Internet companies, while turning over spying governance to the unaccountable, secretive NSA.

CISPA's supporters, notably CISPA sponsor Rep Mike Rogers (R-MI), have pooh-poohed the Internet's concerns, and say that the bill is a lock, and nothing we say can change Congress's mind (apparently, they've forgotten the lesson of SOPA). Now, the Electronic Frontier Foundation replies with specific, Internet-breaking, out-of-control surveillance scenarios CISPA would create:

One of the scariest parts of CISPA is that the bill goes above and beyond information sharing. Its definitions allow for countermeasures to be taken by private entities, and we think these provisions are ripe for abuse. Indeed, the bill defines "cybersecurity purpose" as any threat related to safeguarding or protecting a network. As long as companies act in "good faith" for a cybersecurity purpose, they have leeway to protect against “efforts to degrade, disrupt, or destroy [a] system or network.” This opens the door for ISPs and other companies to perform aggressive countermeasures like dropping or altering packets, so long as this is used as part of scheme to identify cybersecurity threats. These countermeasures could put free speech in peril, and jeopardize the ordinary functioning of the Internet. This could also mean blocking websites, or disrupting privacy-enhancing technologies such as Tor. These countermeasures could even serve as a back door to enact policies unrelated to cybersecurity, such as disrupting p2p traffic.

Yes, CISPA Could Allow Companies to Filter or Block Internet Traffic