Links
Archives
- June 1999
- August 2001
- December 2001
- September 2002
- April 2003
- June 2003
- December 2003
- January 2004
- February 2004
- March 2004
- April 2004
- May 2004
- June 2004
- July 2004
- August 2004
- September 2004
- October 2004
- November 2004
- December 2004
- January 2005
- February 2005
- March 2005
- April 2005
- May 2005
- June 2005
- August 2005
- November 2005
- December 2005
- January 2006
- February 2006
- April 2006
- May 2006
- June 2006
- July 2006
- August 2006
- September 2006
- October 2006
- December 2006
- January 2007
- February 2007
- March 2007
- April 2007
- May 2007
- June 2007
- August 2007
- September 2007
- October 2007
- November 2007
- December 2007
- January 2008
- February 2008
- March 2008
- April 2008
- May 2008
- June 2008
- July 2008
- August 2008
- September 2008
- October 2008
- December 2008
- January 2009
- February 2009
- March 2009
- April 2009
- June 2009
- July 2009
- August 2009
- September 2009
- October 2009
- November 2009
- December 2009
- January 2010
- February 2010
- March 2010
- April 2010
- May 2010
- June 2010
- July 2010
- August 2010
- September 2010
- October 2010
- November 2010
- December 2010
- January 2011
- February 2011
- March 2011
- April 2011
- May 2011
- June 2011
- July 2011
- August 2011
- September 2011
- October 2011
- November 2011
- December 2011
- January 2012
- February 2012
- March 2012
- April 2012
- May 2012
- June 2012
- July 2012
- August 2012
- September 2012
- October 2012
- November 2012
- December 2012
- January 2013
- February 2013
- March 2013
- April 2013
- May 2013
- June 2013
- July 2013
- August 2013
- September 2013
- October 2013
- November 2013
- December 2013
- January 2014
- February 2014
- March 2014
- April 2014
- September 2014
- November 2014
- December 2014
- January 2015
- March 2015
- July 2015
- November 2015
- January 2016
- August 2016
- October 2016
- November 2016
- December 2016
- January 2017
- February 2017
- May 2017
- July 2017
- August 2017
- September 2017
- August 2018
- September 2018
- October 2018
- November 2018
- December 2018
- January 2019
- March 2019
- April 2019
Richard Lazzara,owner: Shankar Gallery:"Art for the Soul" http://www.shankar-gallery.com, http://www.absolutearts.com/shankargallery/, http://www.clustershot.com/richardlazzara/, http://twitter.com/shankargallery
Monday, December 03, 2012
Cybersecurity Bill FAQ: The Disturbing Privacy Dangers in CISPA and How To Stop It | Electronic Frontier Foundation
This week, EFF—along with a host of other civil liberties groups—are protesting the dangerous new cybersecurity bill known as CISPA that will be voted on in the House on April 23. EFF has compiled an FAQ detailing the how the bill's major provisions work and how they endanger all Internet users' privacy.
UPDATE: The White House released a statement on Tuesday criticizing CISPA and said any cybersecurity bill with information sharing provisions "must include robust safeguards to preserve the privacy and civil liberties of our citizens." The White House declared they would not support a bill that would "sacrifice the privacy of our citizens in the name of security." Below are all the ways CISPA would violate that principle.
- What is "CISPA"?
- Under CISPA, can a private company read my emails?
- What would allow a company to read my emails?
- Under CISPA, can a company hand my communications over to the government without a warrant?
- Under CISPA, what can I do if a company improperly hands over private information to the government?
- What government agencies can look at my private information?
- Can the government use my private information for other purposes besides “cybersecurity” once they have it?
- Can the government use my private information to go after alleged copyright infringers and whistleblower websites?
- Why are Facebook and other companies supporting this legislation?
- What can I do to stop this bill?
CISPA stands for The Cyber Intelligence Sharing and Protection Act, a cybersecurity bill written by Rep. Mike Rogers (R-MI) and Dutch Ruppersberger (D-MD) (H.R. 3523). The bill purports to allow companies and the federal government to share information to prevent or defend from cyberattacks. However, the bill expressly authorizes monitoring of our private communications, and is written so broadly that it allows companies to hand over large swaths of personal information to the government with no judicial oversight—effectively creating a “cybersecurity” loophole in all existing privacy laws. Because the bill is so hotly debated now, unofficial proposed amendments are also being circulated and the actual bill language is in flux.
Under CISPA, can a private company read my emails?
Yes. Under CISPA, any company can “use cybersecurity systems to identify and obtain cyber threat information to protect the rights and property” of the company. This phrase is being interpreted to mean monitoring your communications—including the contents of email or private messages on Facebook.
Right now, well-established laws, like the Wiretap Act and the Electronic Communications Privacy Act, prevent companies from routinely monitoring your private communications. Communications service providers may only engage in reasonable monitoring that balances the providers' needs to protect their rights and property with their subscribers' right to privacy in their communications. And these laws expressly allow lawsuits against companies that go too far. CISPA destroys these protections by declaring that any provision in CISPA is effective “notwithstanding any other law” and by creating a broad immunity for companies against both civil and criminal liability. This means companies can bypass all existing laws, as long as they claim a vague “cybersecurity” purpose.
What would allow a company to read my emails?
CISPA has such an expansive definition of "cybersecurity threat information" that many ordinary activities could qualify. CISPA is not specific, but similar definitions in two Senate bills provide clues as to what these activities could be. Basic privacy practices that EFF recommends—like using an anonymizing service like Tor or even encrypting your emails—could be considered an indicator of a “threat” under the Senate bills. As we have stated previously, the bills’ definitions “implicate far more than what security experts would reasonably consider to be cybersecurity threat indicators—things like port scans, DDoS traffic, and the like.”
A more detailed explanation about what could constitute a “cybersecurity purpose” or “cyber security threat indicator” in the various cybersecurity bills can be read here.
Under CISPA, can a company hand my communications over to the government without a warrant?
Yes. After collecting your communications, companies can then voluntarily hand them over to the government with no warrant or judicial oversight whatsoever as long is the communications have what the companies interpret to be “cyber threat information” in them. Once the government has your communications, they can read them too.
Under CISPA, what can I do if a company improperly hands over private information to the government?
Almost nothing. CISPA would affirmatively prevent users from suing a company if they hand over their private information to the government in virtually all cases. A broad immunity provision in the proposed amendments gives companies complete protection from user lawsuits unless information was given to the government:
(I) intentionally to achieve a wrongful purpose;
(II) knowingly without legal or factual justification; and
(III) in disregard of a known or obvious risk that is so great as to make it highly probably that the harm of the act or omission will outweigh the benefit.As Techdirt concluded, “no matter how you slice it, this is an insanely onerous definition of willful misconduct that makes it essentially impossible to ever sue a company for wrongly sharing data under CISPA.” This proposed immunity provision is actually worse than the prior version of the bill, under which companies could be sued if they acted in “bad faith.”
UPDATE: The most current version has switched back to the standard giving companies immunity as long as they act in "good faith" - still a very weak standard that would leave users with no recourse in virtually all cases.
What government agencies can look at my private information?
Under CISPA, companies can hand “cyber threat information” to any government agency, which then passes that information to the Department of Homeland Security (DHS). Once it’s in DHS’s hands, the bill says that DHS can then hand the information to other intelligence agencies, including the National Security Agency, at its discretion.
Can the government use my private information for other purposes besides “cybersecurity” once they have it?
Yes. When the bill was originally drafted, information could be used for all other law enforcement purposes besides “regulatory purposes.” A new amendment narrows this slightly. Now—even though the information was passed along to the government for only cybersecurity purposes—the government can use your personal information for either cybersecurity or national security investigations. And as long as it can be used for one of those purposes, it can be used for any other purpose as well.
Can the government use my private information to go after alleged copyright infringers and whistleblower websites?
Up until last Friday the answer was yes, and now it’s changed to maybe. In response to the overwhelming protest from the Internet community that this bill would become a backdoor for SOPA 2, the bill authors have proposed an amendment that rids the bill of any reference to “intellectual property.”
The bill previously defined “cyber threat intelligence” and “cybersecurity purpose” to include “theft or misappropriation of private or government information, intellectual property, or personally identifiable information.” Now the text reads:
(B) efforts to gain unauthorized access to a system or network, including efforts to gain such unauthorized access to steal or misappropriate private or government information
But it is important to remember that this proposed amendment is just that: proposed. The House has not voted it into the bill yet, so they still must follow through and remove it completely.
A more detailed explanation of how this provision could be used for copyright enforcement and censoring whistleblower sites like WikiLeaks can be read here.
What can I do to stop the government from misusing my private information?
CISPA does allow users to sue the government if they intentionally or willfully use their information for purposes other than what is described above. But any such lawsuit will be difficult to bring. For instance, the statute of limitations for such a lawsuit is two years from the date of the actual violation. It’s not at all clear how an individual would know of such misuse if it were kept inside the government.
Moreover, suing the government where classified information or the “state secrets privilege” is involved is difficult, expensive, and time consuming. EFF has been involved for years in a lawsuit over Fourth Amendment and statutory violations stemming from the warrantless wiretapping program run by the NSA—a likely recipient of “cyber threat information.” Despite six years of litigation, the government continues to maintain that the “state secrets” privilege prevents the lawsuit from being heard.
Given that DHS is notorious for classifying everything—even including their budget and number of employees—they may attempt to prevent users from finding out exactly how this information was ever used. And if the information is in the hands of the NSA and they claim “national security,” then it would get even harder.
In addition, while CISPA does mandate an Inspector General should issue a report to Congress over the government’s use of this information, its recommendations or remedies do not have to be followed.
Why are Facebook and other companies supporting this legislation?
Facebook and other companies have endorsed this legislation because they want to be able to receive information about network security threats from the government. This is a fine goal, but unfortunately CISPA would do far more than that—it would eviscerate existing privacy laws by allowing companies to voluntarily share users’ private information with the government.
Facebook released a statement Friday saying that they are concerned about users’ privacy rights and that the provision allowing them to hand user information to the government “is unrelated to the things we liked about HR 3523 in the first place.” As we explained in our analysis of Facebook’s response: the “stated goal of Facebook—namely, for companies to receive data about cybersecurity threats from the government—does not necessitate any of the CISPA provisions that allow companies to routinely monitor private communications and share personal user data gleaned from those communications with the government.” Read more about why Facebook should withdraw support from CISPA until privacy safeguards are in place here.
What can I do to stop this bill?
It’s vital that concerned Internet users tell Congress to stop this bill. Use EFF’s action center to send an email to your Congress member urging them to oppose this bill.
We’re also joining other civil liberties organizations in Stop Cyber Spying Week, a week of action to protest CISPA. The goal of this week of action is simple: get Congress to back off of any cybersnooping legislation that sacrifices the civil liberties of Internet users. We’ve set up a dedicated Twitter tool to help Internet users tweet messages to their Congressional representatives opposing CISPA.
Want to do more to help us fight back against this cyberspying legislation? Click here for more suggestions.
toolbar powered by Conduit |
TWITTER ME @ SHANKARGALLERY
YOU CAN FOLLOW ALL THE STREAMS OF MY ART HERE AT MY TWITTER ->->
BUY RICHARD LAZZARA ART HERE HELP SUPPORT THIS ARTIST
PLEASE TAKE A FEW MOMENTS TO ENJOY MY SLIDE SHOW BY RICHARD LAZZARA, ARTIST, BOULDER, COLORADO. USA.
VISIT MY HOME WEBSITE STARTED AUGUST 1999 & ENJOY 'THE SITE TO SEE', BASED ON MY BOOK "YOG MOUNTAIN - RIVERS TO SEA"
www.flickr.com
|
Stumble It!
My StumbleUpon Page
My StumbleUpon Page
Lijit Search
See shankargallery on photoblog.com
richardlazzara is on shutterchance.com
shankargallery is on fotolog.com
Artmajeur International Online Art Gallery
Artmajeur International Online Art Gallery
Art SALE by Richard Lazzara on absolutearts.com
View Richard Lazzara's profile
EXPERIENCE MY ART AT MY ART PLOT on RICHARDLAZZARA.MYARTPLOT.COM
Richard Lazzara on Faves
Created with Paul's flickrSLiDR.
Check out LiveJournal.com! It's Free!
Check out LiveJournal.com! It's Free!
Check out LiveJournal.com! It's Free!
About The Artist by Richard Lazzara on shankar-gallery.com
Richard Lazzara
Art for the Soul
Shankar Gallery
Boulder, Colorado, 80304 US |
Work: 303-447-9606
shankar@shankar-gallery.com
| |
Visit MyBlogLog To See All My Blog Log Pages ! |
Lingams by Richard Lazzara on shankar-gallery.com.com
Yatra by Richard Lazzara on shankar-gallery.com
Nada Series by Richard Lazzara on shankar-gallery.com
Maha Samadhi by Richard Lazzara on shankar-gallery.com
Contact Us by Richard Lazzara on shankar-gallery.com
Black Kala by Richard Lazzara on shankar-gallery.com
Advaita Miniatures by Richard Lazzara on shankar-gallery.com
Sumi-e Doors by Richard Lazzara on shankar-gallery.com
Yog Mountain Rivers To Sea by Richard Lazzara on shankar-gallery.com
Yantra by Richard Lazzara on shankar-gallery.com
Mandala by Richard Lazzara on shankar-gallery.com
www.shankar-gallery.com/contact.html www.shankar-gallery.com richardlazzara.slide.com/ www.absolutearts.com/portfolios/s/shankargallery/ art.la-passerelle.net/art_pages/richard_lazzara/links.htm www.artmajeur.com/shankargallery/ www.flickrticker.com/?username=shankargallery/ www.photoblog.com/shankargallery>See My Photos on Photoblog.com www.fotolog.com/shankargallery> READ ABOUT Richard Lazzara on www.whohub.com/richardlazzara/ BEHANCE My Profile in BEHANCE on www.behance.net/shankargallery WOOLOO me at WOOLOO on www.wooloo.org/shankargallery Ovations Please see my OVATION.TV site community.ovationtv.com/shankargallery It's an artfaceoff with Richard Lazzara on richardlazzara.artfaceoff.com Hear My HUMBLE VOICE Of Art on www.humblevoice.com/richardlazzara take the DEVIANTART path SEE MY ART at shankargallery.deviantart.com Just give me your CreativeShake on www.creativeshake.com/richardlazzara/ BUY MY ART GIVE ME YOUR OFFER ON en.artoffer.com/richardlazzara/ You are on MY ART PLOT vi$it www.myartplot.com/users/richardlazzara/plot.mhtml RICHARD THE ARTIST is the Best out of Many on saatchi-gallery is RICHARD LAZZARA www.saatchi-gallery.co.uk/yourgallery/artist_profile/a/503.html IT IS MY ART SPACE on www.myartspace.com/artistInfo.do?populatinglist=home&subscriberid=vw0mb5gc49qebni1 Richard Lazzara is VISIONARY on www.visionarygallery.com/artists/shankargallery/index.php/ Italian Artist Richard Lazzara is on www.babelearte.it/tipoartista.asp?arid=357&lid=ita/ Richard Lazzara is on www.mirolcentre.com/mirol/art/exhibition_richard_lazzara.htm/ Richard Lazzara is on www.hometownartgallery.com/Gallery/ArtistView.aspx?Artist=d098ac41-14e7-4e75-b0bd-94f97ce6881e&Gallery=3d2e0cdc-66d3-4d9d-8ece-8a962c1e48cc Follow Me on shankargallery.artlog.com/ see my PICURETRAIL on www.picturetrail.com/photos/shankargallery/
Favorite Links by Richard Lazzara on shankar-gallery.com
Art for the Soul by Richard Lazzara on absolutearts.com
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.