"When a well-packaged web of lies has been sold gradually to the masses over generations, the truth will seem utterly preposterous and its speaker a raving lunatic." --Dresden James
Published by: HackThisSite Staff, on 03:01 am Sunday January 25th, 2015 - Source:
This week, US President Barack Obama delivered his sixth State of the Union Address. In the wake of an eventful end to 2014, President Obama urged Congress to "finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft, and protect our children's information".
Although the specific legislation was not explicitly stated, it's reasonable for this to spark conversation surrounding the Cyber Intelligence Sharing and Protection Act H.R. 234 (CISPA). CISPA is a bill that empowers the government and private companies to exchange "cyber threat information" to protect national security. While the issues that warrant the involvement of Congress may very well be significant, the ambiguous language employed by CISPA H.R. 234 has some very serious implications; Threatening freedom on the internet as well as the freedoms afforded by the US Constitution, just to name a few. Even worse, due to the rampant surveillance CISPA would legally afford the US, it may also violate other nations' laws, treaties, and recently-enacted European Union privacy rights.
You may recall CISPA as H.R. 624, which passed the House in 2013, met with extremely massive amounts of criticism and protest, both online and offline, and after much fighting (including from the EFF, ACLU, Google, and many more) was never heard from again. This time around, it has been reintroduced as CISPA H.R. 234. The difference? 390. This bill is, word for word, just as ambiguous and dangerous as the last. The trouble with CISPA is that it allows violations of privacy based on vaguely defined terms like “national security” and “cyber threat information”. CISPA is not intended to be a government surveillance program, but in its current state it does not adequately restrict the government (or the corporations) from utilizing the acquired data in ways that jeopardize your personal information. Or, to put it into perspective, when President Ronald Reagan signed Executive Order 12333, it was never intended to allow for the rampant and unconstitutional spying on an Internet that never existed yet. What guarantees do we have that CISPA will not be abused equally or worse?
As hackers and security enthusiasts, there is even more to worry about. CISPA will make it easier than it has ever been to crack down on even the most petty cybercriminal activity, or not-criminal-at-all activity. (Such as the Department of Justice bringing down the near-30-year-old Computer Fraud and Abuse Act on Andrew "weev" Auernheimer, using such ludicrous reasoning even as far back as 2002 with Intentia v. Reuters.) But it doesn’t stop there. With talk of earlier proposals to update the Racketeer Influenced and Corrupt Organizations Act (RICO), successfully prosecuting hackers could just be a matter of deciding to. The successful implementation of such an update would do worlds of harm to 100% perfectly legal communities like HTS, and that’s just one of several initiatives being taken to heighten cybersecurity in the United States.
Hacking laws are no stranger to stretched interpretations, and history shows us case after case of ambiguity in the Computer Fraud and Abuse Act landing people in all kinds of legal trouble. You don’t even need to be a hacker to fall victim to the dubious world of anti-hacking laws. At this rate, you may just need to know one.
Concerns surrounding H.R. 234 are not lost on the President. In 2013, President Obama was ready to veto CISPA H.R. 624, concerned that it may not “safeguard personal information adequately”. Given that this is the exact same bill, concerns should remain constant. One might speculate that the recent Sony hack acted as a political catalyst, stoking the fire under CISPA and sparking debate over hackers and terrorists. Whether or not that’s the case, it’s not likely that CISPA would have ever stopped the attack in the first place.
Where do we fit into all of this? The obvious and painfully usual portrayal of hackers as terrorists is unsettling, but that’s not what this is about. This is about the freedom of our internet and our people, and not just in the United States of America. Propositions like CISPA are popping up all over the place, and if we’re not loud enough, there’s going to be a lot more to worry about than being misunderstood.
Get loud about CISPA. Protect yourself and your internet by writing to Congress and the Senate and encouraging others to do the same. "If we do, we can continue to protect the technologies that have unleashed untold opportunities for people around the globe."
See what I did there?
--
Authored by Parakkafaith, edits by various HTS staff.
NOTICE ABOUT COMMENTS: Due to the complicated nature of discussions surrounding this topic, our simplified comment system is enabled below, but discouraged for complex replies. We strongly encourage discussions be held in the related forum thread instead, due to its more capable nature in handling discussions and quoted replies.
HackThisSite is the collective work of the HackThisSite staff, licensed under a CC BY-NC license.
We ask that you inform us upon sharing or distributing.