Hackers from the Syrian Electronic Army launched an attack on the Twitter profile of the Associated Press on Tuesday, and claimed, falsely, that two โExplosionsโ had gone off at the White House injuring President Obama.
The ruse sent the U.S. stock market tumbling, as investors lost $200 billion in several minutes of what we can only imagine looked something like Bane harrying stock exchange traders with drop kicks straight to the chest.
For congressional supporters of CISPAโthe Cyber Intelligence Sharing and Protection Actโsuch an attack seems like validation of the billโs call for stronger cybersecurity protections by enacting provisions ensuring liability protections for private companies that share cyber attack and threat information with the federal government.
But the bill, which passed the U.S. House last week, now sits unexamined in a U.S. Senate more concerned with gun control and immigration reform. As the AP reported:
The lack of enthusiasm in the Senate and objections by the White House mean that the legislation is in limbo despite an aggressive push by lobbyists representing nearly every corner of industry.
CISPA is stalled thanks to Senate indifference, not because of objections raised by privacy and civil liberties groups since the cybersecurity legislation was re-introduced in February.
Still, CISPA’s opponents protest on: CISPApetition.org has attracted more than 177,000 signatures and informs visitors that CISPA โgives private companies the power to share our private e-mails, tweets and Facebook messages with various government agencies.โ
โCISPA works to protect the privacy of individuals,โ said Democratic Congressman Dutch Ruppersberger in an interview with Technically Baltimore. Ruppersberger, co-sponsor of the bill and the ranking member of the House Intelligence Committee, represents Marylandโs 2nd district, in which the U.S. Cyber Command and the National Security Agency are both located.
โIt does not allow the government to โฆ read your e-mails,โ he said. โ[Or] require companies to turn over personal information.โ
Enemies of CISPA donโt buy it. More than 500 websites went โdarkโ Monday to protest CISPA passing the U.S. House. on April 18, even with an amendment added during Intelligence Committee hearings the week before the vote that requires the federal government to strip personally identifiable information from cyber threat data they receive from private companies.
โDespite a (good) fix that bars the government from using information under CISPA for any โnational securityโ purpose โฆ CISPA still contains loopholes for companies to directly hand potentially sensitive and personal private information to secretive intelligence agencies like the NSA,โ said Mark M. Jaycox, a policy analyst with the Electronic Frontier Foundation, in an e-mail.
While the Department of Homeland Securityโs cybersecurity center is directly responsible for any cyber threat information shared by private companies with the federal government, that information is still accessible by the NSA and a long list of other federal-level government agencies.
If CISPA is picked up by the Senate with any vigor, this will be the chief gripe of privacy advocates:
- An amendment that wouldโve required private companies to remove personally identifiable information from cyber threat data prior to sharing that data with the federal government never made it into the version of the bill that cleared the House.
As the bill now stands, all CISPA does โis encourage companies to actively monitor information by giving them immunity to monitor and hand over [personal] information to the government,” said Jaycox.
Read Technically Baltimore’s series on the CISPA cybersecurity bill.
