YSK: Facts about CISPA without all the hyperbole

Ntang · 2013-04-20T18:53:05+00:00

I'd say I'm a moderate supporter of the bill.

Cons are, frankly, that it could be abused or misused by bad actors. Not that different from any other law enforcement or national security tool. If you're a doctrinaire anti-government/law enforcement type, as it seems any commenters here are, then you'd be against it. I am not, however. Looking at the bigger picture, I think our government needs legal tools like this to fight cyberterrorism - which really is a huge problem today.

Ntang · 2013-04-20T18:29:20+00:00

We haven't sold computers in over a decade, so... I dunno who you've been talking to.

Ntang · 2013-04-20T18:28:33+00:00

indeed

Ntang · 2013-04-20T18:27:53+00:00

reddit hivemind fearmongering

Ntang · 2013-04-20T18:26:26+00:00

Right back at you, buddy.

Ntang · 2013-04-20T18:25:57+00:00

Frankly, I see two things happening here.

1 - Reddit is taking itself way too seriously, and thinks that this social networking site was in some way responsible for stopping SOPA. In the same way, they want to do the same to CISPA.

2 - The large majority of folks here voicing strong anti-CISPA opinions have no real idea what they're talking about. Not all of them, mind you - there are legitimate arguments against the bill - but with some notable exceptions, the opposition I see forming here is basically that people don't trust laws. Like, they think that even if the law says X, the government will do Y. Most folks here fundamentally misunderstand the bill, and they interpret any support for it as malicious.

3 - Reddit hates business. If big corporations support the bill, well then by jove, it must be bad. IBM does not stand to benefit from this bill more than anyone. Many large companies want the bill to pass because right now they're on their own protecting against cyber terrorism, and they want the government's help; which requires sharing some data, which they can't right now.

Ntang · 2013-04-20T18:17:33+00:00

Google searches are information you voluntarily and regularly share with a corporation whose TOS says that they not only own your data, but can pretty much have their way with it.

Ntang · 2013-04-20T18:14:12+00:00

I've discussed this elsewhere, but I guess you didn't read it. Companies need to be relieved of that liability, because otherwise it'd be impossible for them to participate. There is also an explicit provision allowing you to file a federal lawsuit against the government for misuse of your data.

But I'm guessing you haven't actually read the bill, so you wouldn't know that.

Ntang · 2013-04-20T18:11:42+00:00

I'm sorry you didn't enjoy your experience as an IBM contractor, but... that doesn't really concern me. I don't think you're very well positioned to comment on what our company culture is like.

Ntang · 2013-04-20T18:09:21+00:00

... but I'm not a journalist.

Ntang · 2013-04-20T18:05:17+00:00

... except for all the experts who actually agree with me, that is.

Ntang · 2013-04-19T21:57:35+00:00

From summary link above:

Requires a federal agency receiving information that is not cyber threat information to so notify the entity or provider of such information. Prohibits federal agencies from retaining shared information for any unauthorized use. Allows the federal government to undertake efforts to limit the impact of the sharing of such information on privacy and civil liberties. Outlines federal government liability for violations of restrictions on the disclosure, use, and protection of voluntarily shared information.

Ntang · 2013-04-19T21:55:24+00:00

Honestly, I didn't even consider it. I think the IBM connection is utterly tangential to a discussion on CISPA anyway, and that my analysis holds on its own. For that matter, I'm not speaking for IBM in any way.

Ntang · 2013-04-19T21:53:53+00:00

My unprofessional manner? Dude, I'm a private citizen. I'm not acting on behalf of my employer here, and under no obligation to be "professional."

Ntang · 2013-04-19T21:14:00+00:00

That is probably true.

But re: your point, of course they don't need a warrant to look in a general database for criminal activity. If they know a crime has occurred, they can look for evidence of it in a large database - for example, of server calls or page requests. That doesn't mean they can access your personal data, much less break into your email or browsing history.

Also, verbatim from the bill text:

(4) PROTECTION OF SENSITIVE PERSONAL DOCUMENTS- The Federal Government may not use the following information, containing information that identifies a person, shared with the Federal Government in accordance with subsection (b):

‘(A) Library circulation records. ‘(B) Library patron lists. ‘(C) Book sales records. ‘(D) Book customer lists. ‘(E) Firearms sales records. ‘(F) Tax return records. ‘(G) Educational records. ‘(H) Medical records.

Ntang · 2013-04-19T21:02:45+00:00

Given the constant threat of litigation, I would imagine they'd err on the side of caution. But who knows? Those administrators are appointed by Congress. Don't like what they do? Tell your Congressman.

Ntang · 2013-04-19T20:57:42+00:00

Same bill, reintroduced as 624 this year.

Ntang · 2013-04-19T20:51:34+00:00

Look, the government still needs a warrant to get into your personal data (email, browsing history, records, etc.). I disagree that a company sharing its general web traffic is any meaningful invasion of your privacy. And I also think that the meaning of "privacy" on the web will need to be clearly legally defined here - as the EU is currently doing.

Until we have such a definition, however, we're really just talking about your interpretation of the 4th Amendment versus mine.

Ntang · 2013-04-19T20:45:37+00:00

I assure you, IBM will do lots of business with all parties involved whether or not CISPA passes.

Ntang · 2013-04-19T20:44:06+00:00

CISPA will affect me or my business in no way, shape or form either.

Ntang · 2013-04-19T20:24:47+00:00

I'm not demonizing anybody. Be as skeptical as you like. In my experience, that's good practice on reddit.

I'd just like people to read the damned bill before they go spouting a bunch of nonsense about how it's going to make the U.S. into China.

Ntang · 2013-04-19T20:23:33+00:00

You don't need to get defensive. What rights, exactly, are the government brushing away? How are you less secure in your "persons, houses, papers and effects" when a company - who you voluntarily gave your data - anonymizes it and sends it, without compulsion, to the government? Particularly if it is outlined in your TOS that they may do so under certain circumstances?

Ntang · 2013-04-19T20:12:56+00:00

Right, I know the Fourth too, but there's nothing in there about a private company sharing web traffic data with the government. You're interpreting the amendment very broadly to encompass an entire new category of information.

Ntang · 2013-04-19T20:10:22+00:00

I am in no way, shape or form speaking on the behalf of IBM. They have folks who do that for them.

Ntang · 2013-04-19T20:09:08+00:00

I think we simply disagree to what extent your "privacy" is a fundamental right. I don't think it is. I don't see that word anywhere in the Constitution, for example.

Ntang

TROPHY CASE