“Hacktivist” group Anonymous has it out for Maryland Congressman Dutch Ruppersberger. At least, so he says.
In a late-April interview with The Hill, Ruppersberger said, “Anonymous was threatening us. Anonymous was telling [others] to shut down people who supported the bill and that kind of thing.”
The bill Ruppersberger refers to is the Cyber Intelligence Sharing and Protection Act — CISPA — of which he is a co-sponsor. It passed the U.S. House last month, although the bill is now languishing in a U.S. Senate that appears to have no interest whatsoever in considering the House version of the cyber legislation, let alone drafting its own version of some type of cyber threat information sharing bill.
That, however, doesn’t matter, because everything old is new and obfuscated again — especially if you’re a major telecommunications company receiving legal immunity from criminal prosecution for participating in a clandestine cybersecurity program.
When CISPA was first introduced in 2012, it was roundly harried by privacy groups for being an infringement of people’s online lives. The version of the legislation re-introduced this February reignited privacy groups’ vehemence, as the bill was essentially unchanged:
- It allows private companies to pass cyber threat information to the federal government, including the National Security Agency — located in Congressman Ruppersberger’s 2nd District — and the Department of Homeland Security, without removing people’s personally identifiable information, what’s known as PII.
- It provides those private companies with legal immunity. If a company shares a purported hacker’s PII only to discover that person isn’t a hacker, the misidentified hacker has no recourse through the justice system.
An Electronic Frontier Foundation representative has said in interviews with Technically Baltimore that CISPA encourages private “companies to actively monitor [people’s personal] information” and deliver it to the federal government. Even the White House, which issued an Executive Order in February to specifically address the cybersecurity vulnerabilities of the U.S., threatened for the second time a veto of CISPA.
But it doesn’t matter: senior Obama administration officials “have secretly authorized the interception of communications carried on portions of networks operated by AT&T and other Internet service providers,” according to documents obtained by the Electronic Privacy Information Center and reported on by CNET.
Here’s the gist:
- The Justice Department and other government agencies issued what are called “2511 letters” to give Internet service providers legal immunity from the Wiretap Act, which CNET explains “limits the ability of Internet providers to eavesdrop on network traffic except when monitoring is a ‘necessary incident’ to providing the service or it takes place with a user’s ‘lawful consent.’ “
- The “2511 letters” ensured that companies would not be prosecuted for criminal violations of the Wiretap Act.
- CISPA, as its written, overrides state and federal privacy laws, including the Wiretap Act and the Electronic Communications and Privacy Act, meaning if CISPA (or a similar form of the bill) became law, legal workarounds like the “2511 letters” wouldn’t be needed.
Such events as these make privacy groups question the veracity of the U.S. claim that cyber attacks are this country’s top security threat, even as the U.S. for the first time publicly accuses the Chinese military of “having having a direct hand in intrusions aimed at government and defense contractor systems.”
But, CISPA or no CISPA, there are always “2511 letters.”-30-
Cybersecurity data-sharing bill passes US House
Use this Sunlight Foundation app to contact MD members of Congress [VIDEO]
30 state agencies under Maryland State Archives vulnerable to cyber attacks
CISPA: online petitioners hope to scuttle Senate-bound cybersecurity bill
Sign-up for daily news updates from Technical.ly Baltimore