Facebook Responds to Outrage With Continued CISPA Support

Updated

ACTA and the Flava Works case weren't the only things overshadowed by the recent SOPA and PIPA battle. There's also the nefarious CISPA, or the Cyber Intelligence Sharing and Protection Act, an amendment to he National Security Act of 1947 that updates that law to include provisions covering cybercrime. CISPA very broadly defines cybercrime as "vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from either 'efforts to degrade, disrupt, or destroy such system or network'; or 'theft or misappropriation of private or government information, intellectual property, or personally identifiable information", which seems sufficiently vague as to cover almost all online activity, including this article. Its practical effect would be to empower the government to collect an absurd amount of private data with the cooperation of corporate entities, and as an added bonus the bill contains almost no oversight as to how such data would be used.

Critics rightly note that the law would almost certainly be used to punish people accused by copyright holders of infringement, or domestic online activists, rather than to go after spies or other organized criminal actors. So naturally, as with SOPA, PIPA and ACTA, a wide coalition of business interests are totally in favor of it. What makes things interesting is that Facebook, which formally opposed SOPA and PIPA (after plenty foot-dragging) has come out in favor of CISPA. This has predictably not made Facebook customers happy, and an increasingly vocal group has organized to convince the company to back down, most notably with an online petition that has spread very quickly on Facebook. Perhaps learning from the way consumers revolted against PIPA and SOPA, Facebook has formally responded to that petition by confirming that its support for CISPA is contradictory to - no, wait, sorry, by continuing to support CISPA.

A statement was made on Friday by Facebook Vice President-U.S. Public Policy Joel Kaplan that confirmed the company's continued support. "More than 845 million people trust Facebook with their information," Kaplan said, "and maintaining that trust is at the core of everything we do. Keeping the site secure to protect our users and their information requires a combination of technological innovations; around-the-clock coverage from our dedicated staff; and relationships within the broader security community."

"A successful defense against bad actors also requires that we have timely information about cyber threats. One challenge we and other companies have had is in our ability to share information with each other about cyber attacks. When one company detects an attack, sharing information about that attack promptly with other companies can help protect those other companies and their users from being victimized by the same attack. Similarly, if the government learns of an intrusion or other attack, the more it can share about that attack with private companies (and the faster it can share the information), the better the protection for users and our systems."

He added that "Importantly, HR 3523 would impose no new obligations on us to share data with anyone –- and ensures that if we do share data about specific cyber threats, we are able to continue to safeguard our users’ private information, just as we do today." This rather optimistic assessment assumes the bill's vaguer points do not leave a door open for further encroachment on consumer privacy, and the recent behavior of the US Congress when it comes to online issues suggests a tendency to taking a mile for every inch offered. But it does seem Facebook's official position will remain that CISPA isn't SOPA, PIPA or ACTA. The bill left committee in December, 2011 but overshadowed by the SOPA and PIPA debate, it has yet to be debated and no vote is scheduled. Hopefully things stay thusly.