In case you hadnt noticed, theres a huge outcry going on around the Internet right now regarding CISPA. The Cyber Intelligence Sharing and Protection Act of 2011, which has yet to be debated before the full House, is being called everything from the Son of SOPA to a dangerous invasion of First Amendment rights. In fact, it is neither.
SOPA, the Stop Online Piracy Act, caused furious protests by Internet companies, Web users at large and First Amendment advocates claiming that the proposed legislation would stifle free speech and give law enforcement excessive powers to shut down Websites without judicial review. Public opposition has effectively stalled SOPA in Congress.
Unfortunately it does not appear that the people currently ranting on Reddit and elsewhere have actually read the proposed CISPA legislation. Had they done so, theyd have found that CISPA is in fact focused on national security and the theft of classified and R&D information. Note that the copy of the bill in the link is the marked-up version including amendments under consideration. Changes in markup are in green, and amendments are in yellow.
The current text of CISPA is also online, as are an amendment that would prevent any quid-pro-quo forcing of information sharing and one that adds a reporting requirement. Note that the amendments are written by the sponsors of the bill, so their incorporation into the final draft is certain.
Once youve read through the bill, its clear that this law is intended to allow the intelligence community to share information with private companies that have been attacked or are at risk of being attacked. What this means is that those who should be most worried are the teams of Chinese hackers and other state-sponsored attackers who are waging a constant war against U.S. interests and intellectual property by breaking into computer systems to steal secrets.
These attacks have been happening for some time, and while a few companies have managed to thwart them, as when Lockheed Martin beat off a Chinese attack, the fact is that such attacks persist, and theyre not aimed at just the giants of the defense industry, but also at companies such as Google. And the attacks have been successful.
Aircraft maker Boeing was reportedly attacked, and the information gathered was used by the Chinese government in the development of its own passenger aircraft. Such attacks are relentless and unlike in the U.S. and Western Europe, theyre not just for military advantage. These attacks, while carried out by the military in their respective countries are really as much commercial attacks as they are for military intelligence.