The American Civil Liberties Union (ACLU) details what information could be shared between government agencies, corporations and other entities if CISPA is ever passed and signed into law by President Barack Obama. With the House Permanent Select Committee on Intelligence set to mark the bill up next week, and the full House scheduled to vote on it the week after that, it is important that Internet users understand why this bill is bad news for them.
So what information can be shared under CISPA? Here's what the ACLU says:
The short answer: any information that 'pertains' to cybersecurity, broadly defined to include vulnerabilities, threat information, efforts to degrade systems, attempts at unauthorized access, and more. You can see the full list on page 20 of the bill (PDF). You'll see that it's not tied to the criminal definition of hacking but instead forges new ground."
The post on the ACLU blog goes on to point out that America can have a cybersecurity bill that protects critical data while at the same time protecting peoples' constitutional rights; all that needs to be done is for the bill to have a layer of privacy protection:
The good news is that there are simple fixes that could be incorporated into CISPA which would put a layer of privacy protection over all shared data. First, the House should require that any shared information must be necessary to understand a cybersecurity threat. Under the current formulation, shared information must only pertain to such a threat. A stricter standard would help narrow the flow of information to that which is, well, necessary.
If you want to learn more about the details of this bill, then we encourage you to check out this ACLU blog post. The organization promises a new one about CISPA later today or tomorrow.