Back to News & Commentary

From POLITICO: The Privacy Risks of CISPA

cyber security
cyber security
Michelle Richardson,
Legislative Counsel, ACLU Washington Legislative Office
Share This Page
April 9, 2013

Reports of significant data breaches make headlines ever more frequently, but lost in the cloak and dagger stories of cyberespionage is the impact proposed cybersecurity programs can have on privacy. The same Internet that terrorists, spies and criminals exploit for nefarious purposes is the same Internet we all use daily for intensely private but totally innocuous purposes.

Unfortunately, in their pursuit to protect America's critical infrastructure and trade secrets, some lawmakers are pushing a dangerous bill that would threaten Americans' privacy while immunizing companies from any liability should that cyberinformation-sharing cause harm.

This week, the House Intelligence Committee will mark up the Cyber Intelligence Sharing and Protection Act, a bill that creates an exception to all privacy laws on the books so that companies holding our private and sensitive information can share it with each other and the government for cybersecurity purposes. This could include the content of chats and emails and people's online browsing histories. There is no requirement that companies even attempt to remove personally identifiable information before sharing cyberthreat data nor any requirement that the government minimize and protect that data when it is collected. CISPA grants companies liability protection not only for sharing the information but also for using it however they see fit, including aggressive countermeasures, like hacking into an adversary's computer. It's an unmitigated and unaccountable mess for Internet users' private data.

Finish reading "The Privacy Risks of CISPA" at POLITICO.

Learn more about CISPA and other civil liberty issues: Sign up for breaking news alerts, follow us on Twitter, and like us on Facebook.

Learn More About the Issues on This Page