CISPA, the Cyber Intelligence Sharing and Protection Act was reintroduced in the House of Representatives yesterday. CISPA is the contentious bill civil liberties advocates fought last year, which would provide a poorly-defined “cybersecurity” exception to existing privacy law. CISPA offers broad immunities to companies who choose to share data with government agencies (including the private communications of users) in the name of cybersecurity. It also creates avenues for companies to share data with any federal agencies, including military intelligence agencies like the National Security Agency (NSA).

We killed CISPA once before. We will kill CISPA again. It only works if you take part.

Last year, Representatives Rogers and Ruppersberger introduced CISPA, which would create a gaping new exemption to existing privacy law. CISPA would grant companies more power to obtain “threat” information (such as from private communications of users) and to disclose that data to the government without a warrant — including sending data to the National Security Agency.

CISPA was reintroduced in the House of Representatives

This week CISPA was reintroduced in the House of Representatives. Last year, tens of thousands of concerned individuals spoke out against overbroad and ineffective cybersecurity proposals. Together, we substantially changed the debate around cybersecurity in the U.S., moving forward a range of privacy-protective amendments and ultimately helping to defeat the Senate bill. Lawmakers will vote on the bill as early as Wednesday, April 25th or Thursday, April 26th.

Is CISPA like SOPA?

“SOPA was about intellectual property; CISPA is about cyber security, but opponents believe both bills have the potential to trample constitutional rights,” writes ProPublica’s Megha Rajagopalan. But, both have to do with the way you use the Internet and both threaten user privacy. This bill has nothing to do with copyright and online intellectual property. It would do more than just shutdown your favorite overseas pirates. But like SOPA, in the name of some loftier goal — in SOPA’s case copyright, in CISPA’s case cyber-security — CISPA gives the government your Internet. With SOPA, this meant censoring the Internet. CISPA, however, gives companies many Americans use, like Facebook and Twitter the ability to hand over your information to any government agency.

And here’s where many decided CISPA was worse than SOPA. Both the Center for Democracy and Technology and the Electronic Frontier Foundation agree CISPA’s language is far too broad. As Gizmodo points out in its useful explainer, the law’s vague language gives the government a lot of leeway here. Per Gizmodo’s Sam Biddle:

CISPA says companies need to give up your information only in the face of a “cyber threat.” So, what is a “cyber threat”? Nobody really knows! The bill defines it as “efforts to degrade, disrupt, or destroy government or private systems and networks.” In other words, trying to do bad stuff on the internet, or even just talking about it. Ideally, this would be narrowed to specific malicious LulzSec stuff like DDoS attacks, but it’s not. It can be almost anything!

CISPA is deeply flawed. Under a broad cybersecurity umbrella, it permits companies to share user communications directly with the super secret NSA and permits the NSA to use that information for non-cybersecurity reasons. This risks turning the cybersecurity program into a back door intelligence surveillance program run by a military entity with little transparency or public accountability.

What to do about CISPA / How to take action