CISPA: The internet finds a new enemy

The internet began issuing a call to arms over the weekend as cyber activists took notice of cyber security legislation now being touted by its opponents as the latest iteration of SOPA and the web’s newest enemy.

The Cyber Intelligence Sharing and Protection Act (CISPA) quietly snuck out of committee during the uproar over SOPA last December. While SOPA focused on enabling copyright holders and the US judiciary to fight what was deemed to be online piracy, CISPA centers on an information exchange between private companies and the US government to combat cyber security threats. 

“A bill to provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities, and for other purposes,” reads the text of the relatively brief bill. 

As it stands, CISPA would amend the 1947 National Security Act and allow the Director of National Intelligence to establish parameters under which classified information regarding cyber security threats would be shared with the public sector. 

In a flurry of tweets, petitions, and Reddit posts, the internet began to take action against the legislation after Mike Masnick of Techdirt composed a blog post bringing attention to the bill. In the post Masnick articulated a pressing need to stand against the legislation before it is put to a vote on the House floor, likely to take place next month. 

More from GlobalPost: Major League Gaming seeks to rival Major League Baseball

“The bill is awful — and yet has somehow already gained over 100 sponsors. In an attempt to pretend that this isn't a "SOPA-like" problem, the supporters of this bill are highlighting the fact that Facebook, Microsoft and TechAmerica are supporting this bill,” Masnick wrote. 

Shocking internet activists, Masnick also draws attention to CISPA’s long list of corporate supporters that includes social media websites, telecommunications companies and government contractors.

The Electronic Frontiers Foundation came out in opposition to the bill last month, arguing that the legislation directly targets anti-government whistleblowers.

“The language is so broad it could be used as a blunt instrument to attack websites like The Pirate Bay or WikiLeaks,” wrote Rainey Reitman of EFF.

Supporters of the bill argue that America’s private sector is much more vulnerable to cyber attacks carried out by online criminals, hacker collectives and cyber espionage undertaken by foreign governments. 

“Every day US businesses are targeted by nation-state actors like China for cyber exploitation and theft. This consistent and extensive cyber looting results in huge losses of valuable intellectual property, sensitive information and American jobs. The broad base of support for this bill shows that Congress recognizes the urgent need to help our private sector better defend itself from these insidious attacks,” said CISPA sponsor Rep. Mike Rogers in a statement published on his website. 

More from GlobalPost: LulzSec sets sail again

But as internet activists gear up for a fight and lawmakers prepare for a vote, cyber-security experts argue that CISPA is, in fact, less sinister than it is being made out to be and most certainly not the reincarnation of SOPA.

"The risks to privacy and freedom are much less with CISPA. The intentions, at least, are above board and all for the good," said Richard Stiennon, chief research analyst at IT-Harvest, a risk analysis company focused on technology, and author of the book "Surviving Cyberwar".

Part of CISPA's good inentions include an effort to bridge the longstanding communication disconnect among different branches of the intelligence community, the private sector, and the government on matters of cyber-security. Still, Stiennon says, CISPA falls far short of solving such an important issue.

“The biggest problem the government faces right now is the lack of information sharing between its various branches and agencies. Cyber intelligence sharing between federal agencies and the private sector is severely restricted. [CISPA] attempts to address this but I believe it will not succeed because of the classification and certification requirements. I can see yet another quagmire of bureaucracy building up around those requirements. If a federal agency knows that a particular US company is being targeted they should just tell them," said Stiennon. 

With the public outcry growing and the internet firing an opening salvo, CISPA may face the same level of opposition that brought down SOPA last year. One key difference, however, is the private sector’s support for CISPA. Without companies like Google and Wikipedia standing shoulder to shoulder with individual activists, CISPA is less likely to face the same level of opposition brought out against SOPA, be it a malignant crack down on internet free speech or just another benign layer of bloated bureaucracy.