The price of freedom, it is said, is eternal vigilance. That has been demonstrated once again in the ongoing legal struggle over privacy on the Internet. The celebration and congratulations among the people who united to defeat SOPA, the “Stop Online Piracy Act“, the last proposed draconian legislation aimed at protecting copyright and intellectual property, had not even ended before another such bill was proposed.
This one is called CISPA, the “Cyber Intelligence Sharing and Protection Act“, which indicates it’s a somewhat different beast than SOPA, directed against hackers rather than file-sharers. (You can download a PDF of the actual bill, H.R. 3523, here.) It’s not quite SOPA risen like a zombie from the grave, but it is written in such ambiguous language that many privacy advocates consider it even more insidious and potentially harmful.
CISPA, opponents claim, allow “cyber entities” such as ISPs, social networks, and cell phone and other service providers, to circumvent Internet privacy laws. It allows the government to monitor online communications if it suspects any kind of cybersecurity threat to be involved. And since the bill does not really define cybersecurity, that leaves the door wide open, allowing virtually anyone to be spied on for any reason.
Not only the government is given this power. If a cyber entity thinks a threat is involved, it can take action. The only safeguard built in is that it cannot be done for “unfair competitive advantage”. All that’s required is that they claim to act in “good faith”. So, if like Google, their belief is they intend to do no evil, they should in the clear even if they stomp all over you in the process.
Under CISPA, your email could be read by the government, your Internet access provider, cell phone provider, social networking website. Web content can be filtered and even Internet access shut down.
Included in the bill is a clause indicating the sort of threat it’s aimed at: “theft or misappropriation of private or government information, intellectual property, or personally identifiable information.”
This means it’s not only aimed at Chinese hackers spying on companies, or someone stealing your financial information, but copyright violations as well. This, as the Electronic Freedom Foundation warns, is “a little piece of SOPA” that means a provider could block access to file-sharing sites such as The Pirate Bay, and the vagueness about “misappropriation of private or government information” means that access to Wikileaks or even the New York Times could be blocked.
It’s no wonder that the bill has been endorsed by huge companies including AT&T, IBM, Microsoft, Verizon, and Facebook. It gives them even more power to spy freely on their customers without consequences.
But groups like the Electronic Freedom Foundation and others who fought SOPA and PIPA successfully before, strongly oppose the bill. Yet, as CISPA is not the first proposed badly-written law to address Internet security and intellectual property, it will doubtless not be the last.
It’s important to remember that the struggle is not completely one sided. There is a need for security and protection of intellectual property as well as freedom. There are gains and losses on both sides, and the global picture is complex, shifting constantly, and quite muddled. The challenge is to find the right balance.
Even as this is going on, for instance, in Australia, the high court defied major studios and recently upheld a lower courts’ ruling that ISPs had not authorized and are not responsible for customers downloading copyrighted materials. Both sides in the case conceded that the copyright system was essentially broken. Moreover, the court itself admitted that ISPs are not even capable of filtering out such materials.
On the same day, however, a German court ruled that YouTube is responsible for making sure uploaded videos to the popular site are not violating copyright. YouTube may be ordered to pay royalties for such material and stiff fines if it happens. And the court said it must install filters to prevent copyright violations. How this is to be done remains to be seen.
It’s a confusing picture, but the struggle over privacy vs. property will determine the form of the online world of the future as much as technology will. Count on SWCP and this blog to keep you up to date on these matters which affect us all.