Back to News & Commentary

CISPA: It Ain't Cyber-Pretty

Zachary Katznelson,
Senior Staff Attorney, ACLU National Security Project
Share This Page
April 25, 2012

Tomorrow, the House of Representatives is scheduled to begin debating the Cyber Intelligence Sharing and Protection Act, authored by Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.). In the name of cybersecurity, the legislation threatens to blow a hole through every privacy law on the books and allow companies to share customers’ private information with the US military. It’s not pretty.

Think for a minute about all the things in your life that are kept on computers, but you would like to keep private. How about your medical records? Your banking and financial records? What about your education or library records? How about the things you bought on Amazon last year? Or those love letters you emailed? Or the political opinions you share with close friends? Do you think the bureaucrats and spies at the National Security Agency have any right to gather that information on you, when you’ve done absolutely nothing wrong? What if we tell you that once the NSA has the information, it can keep it forever, share it with whomever it deems necessary, and that no court will be able to look over the NSA’s shoulder and keep it in check? Yet that is exactly the scheme envisioned by the champions of CISPA. Does Congress really think our Founding Fathers would support this?

The Constitution was drafted to ensure the government doesn’t interfere with our fundamental right to live our lives in peace. Over the years, various executive branch abuses have prompted Congress to pass dozens of laws to protect our privacy. If someone is reasonably suspected of wrongdoing, we have no objection to their being investigated. But, a judge needs to make sure the government has things right before an investigation moves forward.

CISPA’s sponsors don’t seem to want it that way. Here’s how CISPA’s scheme might work: imagine you are emailing your doctor from your Gmail account about a medical condition. Your doctor pulls up your medical records from his cloud storage server and sends them your way. Somewhere in that communication, a virus crops up. Under CISPA, Google could send your emails, including the electronic copy of your medical records, to the NSA, so they can gather information on the virus. But, Google would be under no obligation whatsoever to scrub out your private details — which have nothing to do with the virus. And now your medical records are in government hands indefinitely — and the government can use them for all sorts of unrelated purposes like the undefined “national security.”

If Reps. Rogers and Ruppersberger had penned the famous sonnet by Elizabeth Browning, perhaps it would have opened instead: “How can we violate your privacy? Let us count the ways …”

Not exactly words to woo by, are they?

The ACLU is joining with the Electronic Frontier Foundation and others to push back. We’re fighting to keep the private lives of innocent Americans just that — private, even as we support reasonable steps to increase computer network security. Please join us and contact Congress today!

Stay tuned the rest of this week — and beyond — for more on cybersecurity.

Learn more about cybersecurity: Sign up for breaking news alerts, follow us on Twitter, and like us on Facebook.

Learn More About the Issues on This Page