Google helped with CISPA, joins Cybersecurity Theatre

Google helped with CISPA, joins Cybersecurity Theatre

Summary: GOP chair says Google helped with unprecedented snooping bill CISPA, widely opposed by organizations and individuals alike.

SHARE:

One spark of hope to the people and organizations that oppose cyberspying bill CISPA was that in the list of 28 corporate sponsors (including Facebook), Google was nowhere to be seen.

But now CISPA's author Rep. Mike Rogers (R-MI) has bragged that Google had, in fact, quietly worked with the bill's authors behind the scenes.

According to Rogers, chairman of the House Intelligence Committee and number-one fan for the execution of Wikileaks whisteblower Bradley Manning - Google is "very supportive" of CISPA.

CISPA has been nicknamed "SOPA 2" but is more accurately described as a setup to wipe out decades of consumer privacy protections, giving the US government unprecedented access to individuals' online data and communications.

With next week's full vote on CISPA ahead, key pieces are scrambling to find a place to stand on the bill as anti-CISPA anger and outcry increases.

The White House has issued a statement criticizing bills like CISPA, but meekly did not call out the cyberspying bill by name, instead calling it "information sharing legislation."

Now it seems we know where Google stands, too.

It's your information they'll be sharing

CISPA author Rogers, in addition to his Google swaggering, has dismissed concern and reactions to CISPA with little concern for the public or people affected by the bill.

There are dozens of alarming articles from respected media sources, plentiful online campaigns to stop CISPA, activism by the EFF and Center for Democracy and Technology, attacks on pro-CISPA companies by Anonymous, protests by the ACLU and Free Press - Rogers dismisses all of it as nothing more than "turbulence upon landing."

Feeling as though CISPA's passing is in the bag, Rogers has instead focused on how CISPA has pleased and met the needs of companies and corporations that have supported his bill.

CISPA stands for Cyber Intelligence Sharing and Protection Act. The bill primarily protects internet companies that share private data and communications with the government - it promotes digital spying on citizens without a warrant under the guise of cybersecurity.

The spying and communication interception in this instance would be done by government entities such as Homeland Security, because their prowess and nuanced understanding of the internet and concern for citizens' digital rights is like, legendary.

The bill's vague language, in addition to the power it can give Homeland Security entities involved in domain shutdowns to go after sites such as Wikileaks, has had CISPA labeled as a relative to SOPA and PIPA.

I'll add that CISPA's relative cluelessness about the internet and harmful carelessness toward individual protections likely also got it slapped with the early monikker, "son of SOPA."

Cybersecurity: the new moral panic?

CISPA was amended after the first round of public outcry to remove language about intellectual property and attempted a tighter definition of cybersecurity.

The amendments bring deeper concerns to light, as the devil resides in the details.

As CISPA now defines it, cybersecurity threats include efforts to disrupt, degrade, destroy or gain unauthorized access to any system or network, whether privately owned (by a company) or owned by government.

It's clear that with this, they're paving their very own smooth road for criminal takedowns of network hackers.

It's unclear where this gets applied to things like social network Terms of Service.

Some of us also wonder if by "disruptions" they might mean online protests and campaigns that flood networks with traffic - like, ones that could be considered legitimate acts of free speech.

Or the practice in which website, software or network exploits are published online in the interest of public awareness. (It's a widely held, oft-proven belief that a "last resort" to get a security bug fixed is to publish it online.)

Clueless cybersecurity bills: all hail a TSA "security theatre" remix

If CISPA or anything like it passes, I think we're headed ten steps backward. It's starting to eerily sound like what happened with Homeland Security and the TSA all over again, where no terrorists are actually stopped and the system has become synonymous with words like "privacy violation," "theft" and "abuse."

You have to consider what it is that CISPA and bills of its ilk are really trying to stop - and that there is no way to eliminate critical intrusion into networks as long as humans are involved.

Government employees are still going to use their .gov emails on Gawker comments, and will still set their passwords on social networks and apps to password.

People are the exploits in the network. And hackers gotta hack.

Selling out our data - data we don't even have access to ourselves - isn't going to make us any safer. Especially if whatever government entity that grabbed it in a CISPA sweep later gets hacked and compromised.

It's hard to believe that after the powerful displays of opposition and awareness internet citizens demonstrated against SOPA and PIPA that Congress and certain companies could remain ignorant of the groundswell against CISPA.

People that understand what CISPA is, don't want it. How hard is that for our representatives to understand?

Just past tax time here in the United States, it's salt in a wound to see them ignore our do not want of CISPA.

The only kind of "information sharing legislation" the US government should be sleepless about until passing is legislation that protects us from the harm and abuse of having our information shared without our consent. They should be forcing companies to tell us what the hell they're doing with our data - every time they share it, and with whom.

Seems to me that if the government wants to backdoor collecting my communication and data by going through companies I conduct business with, those companies should at least be required to tell me (and have some sort of due process).

Companies like Google and its new congressional cronies need to listen to us, get their hands off the internet and our data, and step up for the people that gave them this power.

They need to step up if they truly value their own privacy and control of their own data.

They need to do it for those of us that care about keeping the internet intact, for this includes contextual control of our privacy.

For those of us whose livelihoods and families depend on it.

For those whose lives depend on its free-flowing access to information, and the vital protections of anonymity.

For those who found the freedom to learn without judgement in the online space - and it has kept them sane, connected and even helped them to stay alive. And maybe even let them make something great.

Yeah, don't listen to us.

Et tu, Google?

Image via Tech Broiler.

Topics: Government US, Data Centers, Google, Government, Legal, Security, Social Enterprise

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

10 comments
Log in or register to join the discussion
  • The part you left out...

    is that Google was working behind the scenes to remove the teeth from the bill. The myopic idiots in Congress don't realize the extent of their own bills. They have one particular goal in mind and don't realize how the new laws will be misused to target other, inappropriate areas. So companies like Google step in and pull the teeth out of the bills.
    branciforte3241
    • I do not agree. Companies like Google step in to ensure

      that the sharpest teeth in the bill are their own.Google is hardly a benevolent entity, as we have seen in the last 18 months.
      Tim Cook
      • That's actually not true

        According to the interview with the Hill that this article was written based on, Google was working to protect user's privacy and limit restriction of the internet. Mike Rogers himself said this, not Google. Perhaps zdnet should avoid resorting to sensationalism to get additional views and present facts as they actually are.

        Also, how exactly has Google demonstrated a lack of benevolence in the last 18 months?
        laifuthegreat
      • Please elaborate

        Yes, what exactly do you think you have seen in the last 18 months?
        branciforte3241
  • googles only interest is the unrestrianed ability to do whatever it wants

    with your data. To be able to collect it, mine it, and sell it at will to anyone at anytime. They will make any bargain they feel they need to to ensure that remains the case. That said you are sorely mistaken if you think Homeland, NSA, DIA, or any of a bazillion other goverment agencies isn't incredibly adept at all things internet related, vastly better than google. Same if you think they haven't stopped any terrorists doing it. More than you can count on all your fingers and toes
    Johnny Vegas
    • nope

      Google has never sold information to an outside party.
      branciforte3241
      • That depends...

        on your definition of "sold." Or, perhaps on your definition of "never." Or, perhaps on your definition of "party."

        Perhaps you would be interested in buying some property in Florida?
        pwatson
  • Master Joe Says...The Real "Monsters"

    For all the concern people express over things Microsoft did over a decade ago, my concerns lie more in the present, with companies like Google, Facebook, and Apple. For anyone who thinks Google's input into this bill was for the benefit of the online community, I can only hope that you stop taking whatever caused you to lose touch with reality in such a big way and open your eyes to the fact that, just like any company or corporation that "helps" Washington, it is only about suiting their own interests.

    The truth is, government laws don't work well with the Internet because the Internet is an ever-changing, agile landscape, whereas government is a slow, reactive entity. I actually wrote a paper for my Information warefare class, as a grad student at Carnegie Mellon University, which did propose a draft for an international set of laws that would both help to prevent cybercrime, but would also limit what the government of all participating nations could and could not do to govern the Internet. Until a strong set of boundaries and restrictions are in place, I'd rather see no government involvement in online affairs than any at all because they have no clue what they're doing.

    The government in the US was created as a way to represent the desires of teh masses. Unfortunately, the vast majority of us don't have millions of dollars, didn't go to an Ivy League school, and do tell the truth, at least sometimes. The last thing anyone who appreciates the freedoms afforded by online communities and web sites should want is a bunch of clueless lawyers and career politicians muddying the waters of one of the greatest inventions of modern times. SOPA and PIPA had to go, and so does CISPA. Unfortunately, this time around, the players who supported our protest of the other two are supporting this bill, which means the voices of the masses will have to be that much louder to make a difference.

    --Master Joe
    SteelCityPC
  • Why is Google and Facebook supporting CISPA?

    There's a good reason. CISPA provides one monster carrot to those who "voluntarily" participate, and that's complete and total immunity from ever being sued for failing to safeguard the privacy of your users.

    See http://www.iSights.org/2012/04/cispas-good-faith-carrot-needs-no-stick.html
    isights
  • If i were Google

    It would seem to me that if Google would share information to the government of its users it would result in disaster for them. It may just send them below the land of AOL and Yahoo if there is a mass exitus of its users. It will be interesting to see which bait Google bites, us or them (government).
    beastofsteel