IE 11 is not supported. For an optimal experience visit our site on another browser.

CISPA veto could protect privacy, say experts, but Congress presses ahead

"It doesn't get much better than a veto threat," says Michelle Richardson, Legislative Counsel for the American Civil Liberties Union. 

She's talking about the announcement from the White House regarding the controversial Cyber Intelligence Sharing and Protection Act. Earlier this week, a statement from the administration said that President Barack Obama's office threatened to veto it if it passed. Well, it was passed by the House of Representatives late on Thursday. 

Killing CISPA is exactly what the ACLU and other civil liberty advocates have been working hard to do for the past two weeks, and they welcome the president's opposition. House speaker John Boehner, however, does not. Prior to the Thursday vote, Boehner rejected the administration's criticism that CISPA could lead to invasion of Americans' privacy. 

And so, the furor over CISPA rages on, with all eyes on the Senate.

"As we’ve seen repeatedly, once the government gets expansive national security authorities, there’s no going back," Richardson said in an ACLU statement soon after the House passed CISPA. "We encourage the Senate to let this horrible bill fade into obscurity.”

The bipartisan bill allows the feds and private corporations (such as Facebook, AT&T, etc.) to share Internet   information about possible attacks — cyber and otherwise — from other countries, terrorists and hackers. Critics, however, say it's also a surveillance bill, one that will decimate what remaining privacy U.S. citizens have on cellphones and the Internet, the feds unprecedented power with no judicial oversight. 

CISPA "will negate existing privacy laws and allow companies to share user data with the government without a court order," Electronic Frontier Foundation warned last week. "The language of this bill is dangerously vague, so that personal online activity — from the mundane to the intimate — could be implicated."

The Obama administration, meanwhile, wants Homeland Security Department in charge of domestic cybersecurity, but criticizes the bill for not prioritizing the privacy of U.S. citizens. Boehner, in his weekly press conference, made it clear he doesn't care for that idea. 

"The White House believes the government ought to control the Internet, government ought to set standards, and government ought to take care of everything that's needed for cybersecurity," Boehner told reporters. "They're in a camp all by themselves." Boehner also defended CISPA as a common-sense step in preventing cyber attacks.

Attempts at compromise?
Despite the House passing CISPA on Thursday, the president's kibosh on a national security bill carries "a lot of weight," the ACLU's Richardson explains. Yet how much weight it carries depends on who you're asking

Rep. Adam Schiff, D-Calif., told the Associate Press on Thursday that he expected the bill to pass. Schiff attempted to amend the bill by limiting the government's ability to collect information, such as birthdays, that could be used to identify individuals. His measure reflected the concerns of the White House, and it was applauded by civil libertarians. But Republicans refused to allow its consideration. 

Bill sponsor Rep. Mike Rogers R-Mich. did introduce 16 amendments to the bill, which he said adequately addressed concerns from both civil libertarians and the White House.  

The majority of the House are obviously OK with the amendments. Critics remain unimpressed.

"The handful of amendments are really just cosmetic changes," ACLU's Richardson said. The bill "still allows companies to decide what type and how much info to turn over to the government, the military is still empowered to collect internet records on innocent Americans, and cybersecurity info collected under this program can be used for unrelated ‘national security’ purposes." 

The Obama administration's own harsh words criticized CISPA for failing to “ensure that the nation’s core critical infrastructure is protected," or provide “sufficient limitations on the sharing of personally identifiable information." Hence, the veto threat.

Security vs. privacy: the debate continues
Even if CISPA dies in Senate, before it reaches president's desk, the conversation and controversy are far from over. 

"There's still a cybersecurity debate in this country," EFF activist Trevor Timm told "It's important that the government keeps its networks secure and for private companies to keep their networks secure," Timm noted. And CISPA critics are OK with the portion of the bill that allows the government to share vital security information with private companies.   

The beef remains over the privacy of U.S. citizens, one critics will keep an eye on as other cybersecurity legislation moves forward in the coming months, including legislation suggested by the Obama administration. 

"Whenever you're going to write a bill like this, you have to take into account the user's privacy first and foremost," Timm said. "Once that's established, we can decide what we need to do to protect cybersecurity." 

Why CISPA proponents choose to focus on citizen surveillance over improving the nation's Internet infrastructure remains a mystery — one that might stem from our representatives' ignorance over how the Internet works.

That’s the theory I floated past Richardson, who was game to address it. "The best we can do is educate (our representatives) about the kind of information that is on these networks," she said. "It's so rich and intensely personal. Look at someone's Internet records, and you call see if they're thinking about bankruptcy or divorce or mental illness."

As Richardson noted, there is no real-world comparison to the imprint we leave online, and our protections need to reflect that fact. The Wild West days of the Internet are long over. Internet users are no longer faceless avatars, thanks Mark Zuckerberg and his compatriots, who we are on the Internet is who we are offline too. 

If we're going to be real people online, we need real protections. While this may be an abstract concept to politicians too busy or wary to spend a lot of time online, it's a hardcore fact for their constituents. "You don't need a computer science degree on whether the government should be collecting information on its citizens," Richardson pointed out. "It's not a cyber issue, it's a constitutional issue, and all of these members (of Congress) took an oath to uphold the constitution." 

 Associated Press contributed to this report

Helen A.S. Popkin goes blah blah blah about online privacy, afterwards asks we to join her on Twitter and/or Facebook. Also, Google+. Because that’s how she rolls.