CISPA and Facebook: Orwellian alliance or much ado about nothing?
In the last several days—though, in truth, it has been months in the making—there has been a lot of South Parkian uproar over Facebook’s support of CISPA (Cyber Intelligence Sharing and Protection Act). To that it must be said: Who amongst you ever thought Facebook wasn’t already willingly sharing data with the US government, to say nothing of foreign governments?
Facebook claims it is out of self-interest that it supports CISPA. It only desires to protect its infrastructure and assets, while EFF and Anonymous (watch video below) variously claim CISPA is essentially SOPA in disguise (because of an intellectual property provision) and will allow Facebook to “pass personal information about Internet users to the government without any form of judicial oversight.”
Taking a rational gaze at CISPA, however, legislators and the private sector seem to have in mind simply an intelligence clearinghouse of sorts—a means of communicating clearly and quickly about cyber attacks. This, in theory, is not Orwellian. Not even the most committed Facebook critic would wish for the company to undergo a crippling attack.
If there is no ulterior motive such as creating an immense public-private spy complex, it seems that CISPA is rather unnecessary, a prime example of over-legislation. If Facebook is under attack and wants to communicate this with the NSA and thus share its intel with Twitter, Google, etc., then, by all means, share it with those private and public sector actors. And, if the government has knowledge of how to fight such attacks, they can of course do this without a bill giving Facebook and other private entities security clearance. Simply instruct them about the attacks. None of the stated aims of CISPA require a bill and the attendant bureaucracy, and it’s certainly not worth creating a miasma of fear about user privacy.
Even a brief perusal of CISPA’s language, however, doesn’t give much indication that it would create a mechanism for private entities such as Facebook to essentially hand over user data to the US government.
As Facebook’s Joel Kaplan, Vice President-U.S. Public Policy, writes in a public statement:
The concern is that companies will share sensitive personal information with the government in the name of protecting cybersecurity. Facebook has no intention of doing this and it is unrelated to the things we liked about HR 3523 in the first place.”
Julian Assange famously called Facebook the “most appalling spying machine that has ever been created,” and this was well before CISPA was on the public’s radar. The fact is that Facebook has always put its data stores at the disposal of US intelligence agencies. CISPA doesn’t seem to legalize a warrantless intelligence clearinghouse. If the government wants user data, they can easily get it without a bill like CISPA.
That said, privacy advocates should indeed use the uproar around CISPA to argue for a provision that would expressly make illegal any warrantless sharing of user information, whether it be, though not limited to, searches, private communications or more public user sharing as found on Facebook.
Anonymous, for its part, has launched DDoS attacks against the CIA and Boeing, amongst others, in the opening salvo of Operation Defense.
Read CISPA and decide for yourselves.