I've been holding back on this for a few days. I've been finishing up a project, and quite frankly, I just didn't want to deal with yet another "Congress is trying to screw us over again" article.
But, surprise!. And apparently, I can't hold back my opinion.
Here's the thing, and in this case, I'm directly addressing those so-called "representatives" we send to Washington theoretically on our behalf. It's a simple concept, so I want you to say it out loud, roll it around in your mouth, and think on it.
The Constitution must not end where the digital domain begins.
That's it. That's the big thought of the week. Say it again for me. Go ahead. You can do it. Repeat after me. The Constitution. Must not end. Where the digital domain begins.
What does that mean? Put simply, we have rights and expectations of rights when we do things online. Just because we're using that internet thing doesn't mean we're giving up what it means to be an American.
And to those who don't think we have any expectation of privacy when we go online, let me ask you this: If you take a poop in a bathroom in a shopping mall, do you expect privacy? Or would you not mind it if the government just recorded all your "functions" because your in a public place? Even our elected representatives who have dalliances in airport bathrooms clearly had some expectation of privacy.
So let's try something else out for size. We Americans don't lose our expectation of privacy just because we use a service to manage our communication.
We Americans expect privacy. Period. It's in the Constitution.
We expect privacy in all our dealings. We expect that unless a judge orders it for probable cause, that the United States Postal Service won't open our letters. We expect that unless a judge orders it for probable cause, that the plain ol' telephone service we use won't be tapped.
We expect privacy. And we expect, in the unusual circumstances that our privacy is being reduced, that a judge has granted that privacy reduction to law enforcement after careful consideration of the law and the situation.
In recent years, however, American lawmakers, law enforcement agencies, and some of my colleagues in the national security apparatus seem to have decided that judicial review is in impediment — it just gets in the way.
In a few, very limited instances, this may be true. Trying to stop events like the recent Boston bombing, when there are mere minutes to prevent a catastrophe, might justify not waiting for a judge to review your case. But those situations are few and far between, and should be the rare exception, not the rule.
The Cyber Intelligence Sharing and Protection Act (CISPA), and a wide variety of other legislation recently beta-tested by Congress, seeks to eliminate the essential judicial check and balance. But it's this judicial check and balance against overly-aggressive, overly-predatory, and overly-opportunistic public servants and corporate interests that has always separated America from de facto oligarchies like the former Soviet Union and 20th century South Africa.
Without a doubt, cybersecurity is absolutely essential as organized criminals, rogue nation states, and international actors target our citizens, infrastructure, and government operations with constant and unyielding ferocity. Certain laws need to be modernized to accommodate our changing world and the new realities inherent in the justifiable siege mentality that comes from being under constant cyberseige.
But America has always had the mandate to protect its citizens and its interests, and it has always tried to walk the fine line balancing protection of our interests with the protection of our rights, especially our privacy.
There are practical issues here as well. The current variation of CISPA allows an almost free-flow of private and personal information through corporate interests to government, as long as that information flow is labeled as necessary to protect against cyberthreats.
CISPA makes two serious mistakes in this regard. It removes judicial oversight, and removes the ability to penalize corporations for overstepping reasonable behavior.
As we've seen with how our bankers have schemed the system, finding loopholes in regulations and conducting themselves in both truly reprehensible and truly irresponsible ways, we can be sure that industries from insurance to collection to healthcare to banking to advertising will all likely find CISPA-supported loopholes to overstep their bounds and abuse their relationships with American citizens.
Not only will we become an America without privacy, we'll become an America without recourse.
It's ironic that just as CISPA is once again winding its way through the twisted and wrong-thinking halls of Congress, that Google (essentially our modern realization of Big Brother) has introduced, a method by which our own citizenry can record and publish life experiences constantly, easily violating the privacy of anyone being glanced at by a Glass wearer.
Of course, the security implications of Glass are mind-boggling as well. The Health Insurance Portability and Accountability Act (HIPAA) violations become almost instant by medical personnel wearing Glass. Any employee looking at a screen while wearing Google Glass could be either augmented, improving productivity, or could be extracting confidential corporate information for sale or other nefarious purposes.
But the difference between CISPA and Glass is that Glass is voluntary and one-on-one. We don't expect our fellow citizens to protect our interests, and if we happen to encounter a Glass-wearer, we can choose to shun him or her, or avoid being within the range of the all-recording Glass eye.
But CISPA is something we can't avoid. With CISPA, online personal information can be sifted, sorted, examined, shared, and apportioned by virtually anyone with access to our online information.
There are loose restrictions about how that information can be gotten, but the restrictions are so loose that we can be sure the huge treasure trove of detailed personal records, from individual email messages to our purchasing history at Amazon and the local supermarket will be used and abused across the spectrum of corporate and government interests.
One concern, of course, isof our online personal information without a warrant by government agencies. Information ostensibly gathered in the interests of deterring cyberthreats may well be used by excessively gung-ho agencies and law enforcement officials to find new people to penalize, fine, and prosecute.
This, of course, could put an even greater burden on our already over-taxed legal system, increase the time it would take for legitimate cases to wind their way through the courts, increase our already over-extended costs for managing the criminal justice system, and unjustly bring a lot of people to justice who are not deserving of prosecution or persecution.
And then there's the issue of all this data just. While some government agencies have good operational cybersecurity protection, others are still just getting the hang of even the most basic of best practices.
A huge database of American personal information would be a very tempting target-rich environment for the very same criminals, rogue nations, and international actors that CISPA is theoretically designed to protect us against.
That's one of the great ironies of this legislation: It may actually worsen the very situation that it's designed to protect against. The House (and possibly the Senate) seems entirely willing to set aside the protections of the Constitution in favor of increased protection against cyberthreats.
But if the reality is that they're selling out our Constitutional protections and sacrificing our privacy, and the net result is we've actually delivered even more damning information into the hands of our enemies, well there can be no polite words for the irresponsible damage Congress is doing to our cherished freedoms and liberties.
America is a great nation because Americans are a great people. That said, history has shown us that the American government has been willing to act against the interests of Americans, often in ways that are mind-bogglingly unconstitutional, brutal, shameful, horrific, and even just plain stupid.
If Congress continues to proceed on the path it's been on these past few years — trying to bypass just cause, judicial review, and due process for the sake of expedience and freedom from oversight — America will no longer be the land of the free and the home of the brave.
So, once again, I must remind our Congressional representatives of this one simple truth: The Constitution must not end where the digital domain begins.