CISPA supporters say that the bill has nothing to do with seeking out people who pirate movies and music, and shouldn’t be looked at as the next SOPA. Although I think the true goals of the CISPA Cybersecurity bill are more innocently motivated, and the overall efforts of the bill should even be applauded, the problem isn’t what the bill contains. CISPA wants to allow business to share information about hackings and cyberthreats with government agencies – to more quickly identify and respond to cyberattacks. Imagine a network of information sharing, where large scale business, the likes of Google, Sony, Microsoft, Yahoo, and AOL (you know them now as Engadget, Joystiq, TechCrunch, Huffington Post, et al…) all actually worked together to protect your privacy. All of that is fine. It’s what CISPA leaves out that frightens me the most. Specifically, CISPA leaves out any language that clearly identifies what it should be used for. One could, quite easily, argue that ‘criminal activities’ and ‘hacking’ can simply be defined as file sharing, and thus your information goes to the government and they can have you arrested. You could be strong-armed to stop using BitTorrent by your ISP (even if you argue that your use is not for illegal purposes), by them saying “quit it, or we’ll sick the feds on you.”
CISPA, like nearly every technology-related bill to date seen on Capitol Hill, has vague language that can be interpreted and bent in many, many ways. It does great things at its core, but could easily be twisted in to making something like MP3 swapping a near-felony, if the ambiguous phrasings of the bill were later left up to interpretation by a judge. We shouldn’t throw it out there and sort through it later; the bills proposed should have cleaner language and specific, targeted purposes. These are laws we’re enacting, after all.
And on over to the Electronic Frontier Foundation’s website and see how they break down CISPA for a better understanding of why it’s important that this bill not be enacted as it is right now.