What in the Name of SOPA and PIPA Is the Cybersecurity Bill CISPA?

Back in January, thousands of websites and their hordes of loyal users rose up against two overreaching anti-piracy bills — the Stop Online Piracy Act in Congress and its House counterpart the Protect IP Act — killing the laws’ Hollywood-backed momentum. But just three months later, a similar battle is brewing between civil-liberties advocates online and those again aiming to regulate the Wild West of the Internet, this time joined by allies like Facebook and Microsoft. At the heart of the new fight is the Cyber Intelligence Sharing and Protection Act (CISPA), which would allow private companies and American intelligence agencies to share user information more easily (i.e., without the court orders required now). While it’s not aiming at piracy exactly, critics worry that “cyber threats” can be defined quite broadly.

Although those on both sides of the issue are still toying with the specifics of the law, a version of the bill could pass in the House of Representatives as soon as this week. But consider the cavalry alerted.

In addition to Facebook and Microsoft, supporters of CISPA include powerful tech players like the Information Technology Industry Council and the Software and Information Industry Association, while groups opposed are led by the American Civil Liberties Union and the Center for Democracy and Technology.

The main concern from those against the law is that companies and the government would be able to share user information tied loosely to any threat without fearing consequences. As explained by Talking Points Memo, one version of the bill includes an “exemption from liability,” meaning “no civil or criminal cause of action shall lie or be maintained in Federal or State court” if companies and the government acted in “good faith.” The bill’s primary sponsor, Representative Mike Rogers (R-MI), told TPM that it was Democrats in the House backing the section on liability.

Even if the bill makes it through phase one, it would still require approval from the Senate and the White House, which expressed some vague concerns about cybersecurity legislation last week. A National Security Council spokesperson said that “while information sharing legislation is an essential component of comprehensive legislation to address critical infrastructure risks, information sharing provisions must include robust safeguards to preserve the privacy and civil liberties of our citizens.” An Obama official was more frank today, telling the Guardian that the administration opposes the bill without “necessary protections for individuals.”

A separate cybersecurity bill by Senators Joe Lieberman and Susan Collins has more privacy protections and has been endorsed by the White House, but doesn’t include such widespread backing in Congress. CISPA’s more than 100 sponsors are a bipartisan group, but crucially do not include web-icon Ron Paul, who remains intensely opposed to the legislation, as he was to SOPA and PIPA earlier in the year. In a statement and YouTube video yesterday, he warned, “CISPA is Big Brother writ large.”

His base is listening, and opposition will only grow if the law starts clearing political hurdles: A petition against the bill is three quarters of the way to one million signatures, and as of Tuesday afternoon, the top two posts on outrage-machine Reddit were about CISPA. How many times an amplified online response can affect the political process in the face of powerful lobbying interests remains to be seen, but so far in this case, it looks like they have the energy to give it another go.

The Internet vs. the CISPA Cybersecurity Bill