Ken Dilanian reports on what happened in the House yesterday, where CISPA passed, and what may happen when the bill gets to the Senate, where other cybersecurity bills have been proposed.
Watching the proceedings in the House yesterday was frustrating. The words “privacy” and “civil liberties” were heard frequently – by those who claimed that the bill and proposed amendments adequately protected both and by those who pointed out that the bill failed to adequately address both. Rep. Joe Barton, co-chair of the bi-partisan privacy caucus, noted that the word “privacy” was only mentioned once in the bill – and then only in passing. And Rep. Markey, his co-chair, called CISPA a Cyber Insecurity bill. So if privacy wasn’t addressed in the bill in terms of incorporating protections as to what information businesses could provide to the government with immunity, and if the troublesome “Notwithstanding…” clause was still in the bill – which trumps all other laws and eradicates protections applicable to other laws – why were some speakers saying that there were no problems?
There are none so blind as elected officials who choose not to see. It was disappointing to see some speakers suggest that because the flow of information from the private sector to the government would be voluntary, that was a privacy protection. No, it is not a privacy or civil liberties protection – not when that same flow of information was previously restricted and protected by ECPA and other laws that are now trumped by the “Notwithstanding” language of CISPA.
Some supporters of the bill did acknowledge that it wasn’t perfect when it came to privacy and civil liberties. But then they went ahead and expanded the scope of the bill even more – thereby increasing the problems – by approving an amendment offered by Rep. Quayle that permits usage of information for five purposes instead of the narrower two or three purposes.
How did this happen, you ask? It happened partly because Congress did what it always does – it rushes to pass bad bills. But it also happened because supporters of the bill could stand before their colleagues and the nation say they had met with privacy groups who lauded their progress and who supported the bill. And in all of their references (named and unnamed) to the Center for Democracy and Technology (CDT), some of us cringed because CDT had seemingly made a deal with the sponsors of the bill – a deal that they would back off on their public opposition to the bill advancing to the floor with the understanding that outstanding privacy and civil liberties concerns would be considered as amendments. And so they had issued a statement a few days ago lauding progress on the bill and withdrawing opposition to the bill advancing to the floor. When the rules committee subsequently prevented any of the strong privacy amendments from even being considered during the debate, CDT turned around and said that they opposed the bill and urged members of Congress to vote ‘no’ on the bill. But it was too late on some level. Declan McCullagh picks up that painful part of the story:
The bill’s authors seized on CDT’s statement to argue that the anti-CISPA coalition was fragmenting, with an aide to House Intelligence Committee Chairman Mike Rogers (R-Mich.) sending reporters e-mail this morning, recalled a few minutes later, proclaiming: “CDT Drops Opposition to CISPA as Bill Moves to House Floor.” And the Information Technology Industry Council, which is unabashedly pro-CISPA, said it “applauds” the “agreement between CISPA sponsors and CDT.”
CDT is “no longer opposing it in the House, and that’s an important step for us,” Rogers said on a conference call with reporters yesterday. Speaking more generally about civil liberties groups, Rogers said: “They’re not completely there, but they do like our language. That’s a big gain for us.”
Criticized for their April 24th statement by some of us on Twitter, CDT had responded by asking us what part of “fundamentally flaws” we did not understand in their statement. But events proved our concerns right – CDT’s April 24th statement gave cover to the bill’s sponsors and their “support” was alluded to many times throughout the debate on the House floor. CDT’s subsequent statement opposing the bill was almost uniformly ignored during the debate.
In any event, efforts to protect privacy and civil liberties now focus on what will happen in the Senate. If Senators have learned anything by observing the response to CISPA, hopefully they’ll narrow the bill and incorporate strong civil liberties and privacy protections. And hopefully, they’ll realize that the people who should have a seat at the table are the ACLU and EFF, organizations that truly represent the public without being beholden to industry funding and who would not have made the deal that CDT made.
If CDT was going to screw us, they could have at least bought us dinner first.