PedroDaGr8
04-19-2013, 03:18 PM
Well once again our illustrious HoR passes the CISPA act. This is the Cyber Intelligence and Protection Act for those that don't know. As usual the title of the act hides the reality inside. The stated aim of the bill is to help the U.S government investigate cyber threats and ensure the security of networks against cyberattack. Sounds like a good plan in theory.
The reality:
CISPA will allow private sector firms to search personal and sensitive user data of ordinary U.S. residents to identify "threat information," which can then be shared with other opt-in firms and the U.S. government — without the need for a court-ordered warrant.
It also allows ""information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from either 'efforts to degrade, disrupt, or destroy such system or network'; or 'theft or misappropriation of private or government information, intellectual property, or personally identifiable information." Meaning, any info the government has about you could be shared with private companies. Note, the inclusion of intellectual property in there, just another tool to circumvent the SOPA fiasco. Additionally, the government can share the information with anyone they choose regardless of security clearance. On top of that note the: a vulnerability of, or threat to. my guess is this could have a chilling affect on security researchers. A researcher discovers a flaw in a network, he automatically gets all of his information shared with anyone the government deems suitable. Additionally, once the government has the information ti can be shared with any other agency for cybersecurity or any national security purposes (this is quite vague of course).
The reality:
CISPA will allow private sector firms to search personal and sensitive user data of ordinary U.S. residents to identify "threat information," which can then be shared with other opt-in firms and the U.S. government — without the need for a court-ordered warrant.
It also allows ""information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from either 'efforts to degrade, disrupt, or destroy such system or network'; or 'theft or misappropriation of private or government information, intellectual property, or personally identifiable information." Meaning, any info the government has about you could be shared with private companies. Note, the inclusion of intellectual property in there, just another tool to circumvent the SOPA fiasco. Additionally, the government can share the information with anyone they choose regardless of security clearance. On top of that note the: a vulnerability of, or threat to. my guess is this could have a chilling affect on security researchers. A researcher discovers a flaw in a network, he automatically gets all of his information shared with anyone the government deems suitable. Additionally, once the government has the information ti can be shared with any other agency for cybersecurity or any national security purposes (this is quite vague of course).