In a surprise vote last night, House Republicans overwhelmingly chose to ram through a massive Internet spying bill that will enable corporations to share their network users’ personal information with the National Security Agency (NSA) for “cybersecurity” purposes.
The Cyber Intelligence Protection and Sharing Act (CISPA) was originally set for a vote on Friday, but House Speaker John Boehner (R-OH) moved it up to Thursday night amid a partisan jostle with President Barack Obama, who is expected to veto the bill if it ultimately lands on his desk.
The final vote came down nearly along party lines, with 42 Democrats joining the 206 Republican majority to pass the bill. Just 28 Republicans joined the 140 Democrats who voted against CISPA.
A flurry of amendments were also added to the bill on Thursday night, ostensibly to limit what information can be shared and how it can be used. Those provisions did not dislodge leading critics’ concerns about the bill, and actually appear to have grown the data the NSA may collect to include information about violent threats made online and the distribution of child pornography. Other amendments supported by the bill’s critics were shut out by House Republicans.
The Center for Democracy and Technology (CDT), which worked to oppose CISPA, said their members are “disappointed that House leadership chose to block amendments on two core issues we had long identified – the flow of information from the private sector directly to NSA and the use of that information for national security purposes unrelated to cybersecurity.”
The center, along with other leading critics, have voiced concerns that vague language in CISPA could give private companies and future governments carte blanche to spy on citizens. Even an amendment to clarify these definitions fell short, and did not strip out language that defines “cyber threat intelligence” as pertaining to “theft or misappropriation of private or government information” and “intellectual property.”
Critics also pointed out that the definition of “cybersecurity,” though amended to specifically remove violations of website terms of service, still remains vague. Another term, “cybersecurity systems,” also troubles the bill’s critics, as it remains completely undefined and could be construed to even include the copy protection on DVD discs or other anti-piracy software.
“Such momentous issues deserved a vote of the full House,” the CDT added in a statement. “We intend to press these issues when the Senate takes up its cybersecurity legislation.”
The Electronic Frontier Foundation (EFF) also condemned the House’s rush to pass a bill the group sees as deeply flawed.
“Hundreds of thousands of Internet users spoke out against this bill, and their numbers will only grow as we move this debate to the Senate. We will not stand idly by as the basic freedoms to read and speak online without the shadow of government surveillance are endangered by such overbroad legislative proposals,” Rainey Reitman, EFF’s activism director, added in a statement.
Though CISPA easily cleared the House, it will have a more difficult trek through the Senate, where two competing bills aim to accomplish these same ends. The Cybersecurity Act of 2012, proposed by Sen. Joe Lieberman (I-CT) and widely supported by Democrats, would empower the Department of Homeland Security to require that major tech firms maintain a minimum level of network security.
The Strengthening and Enhancing Cybersecurity by Using Research, Education, Information and Technology Act of 2012 (SECURE IT), introduced by Sen. John McCain (R-AZ) and widely supported by Republicans, would essentially do the same thing as CISPA. Privacy advocates like the American Civil Liberties Union have warned that McCain’s bill, much like CISPA, is a “privacy nightmare” that will “result in the military substantially monitoring the domestic, civilian Internet.”
[Photo: Gage Skidmore, via Wikimedia Commons.]