CISPA, the Fourth Amendment, and you

National Constitution Center

Overshadowed by congressional action on guns and immigration is an Internet privacy bill that could affect most Americans, without them knowing it, on a daily basis.

Cyber Intelligence Sharing and Protection Act (or CISPA) is making its way through Congress, and it’s passed a House vote on Thursday.

The final vote in the House was 248-168, as 42 Democrats voted for the bill, while 28 Republicans voted against it.

And like gun control, it’s far from a done deal after the House passes CISPA. It would need Senate approval, and President Barack Obama has indicated he’ll possibly veto CISPA if it comes to his desk.

Both sides of Congress would need to muster a two-thirds majority vote to override the president’s veto, which would seem unlikely in the current political atmosphere of Washington.

At the heart of CISPA is a Fourth Amendment issue.

The amendment reads:

“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

CISPA is designed to let the federal government work with private companies to fight hackers and cybercriminals in and outside of the United States. As part of the effort to detect cyber threats, private companies could voluntarily share with the government data about Internet users.

The sharing could be done in “real time” as the cybercops try to defeat and track down the evildoers. Companies could also share data among themselves as part of the effort.

There are major drawbacks about the legislation, say CISPA’s critics. The privacy provisions for consumers, they claim, are vague or nonexistent. The government and companies can’t look at your personal data, such as medical records and tax returns, if they are part of the “data dump” that is shared in real time. But the law doesn’t require that companies excise, or edit out, that information in the transfer process.

Another criticism is that a warrant isn’t needed for the government to obtain that information. And companies that share your information won’t be held legally liable for sharing that information, a practice that seemingly conflicts with privacy policies on existing websites.

CISPA’s biggest critic in Congress is a representative from Colorado, Jared Polis. The Democrat told the House on Wednesday, “This is the biggest government takeover of personal information that I’ve seen during my time here in Congress.”

Mike Rogers, a Republican representative from Michigan and the House Intelligence Committee chairman, is leading the CISPA effort, along with Dutch Ruppersberger, a Democrat from Maryland.

Rogers believes the measure is long needed. “People were stealing their identities, their accounts, their intellectual property, and subsequent to that, their jobs,” he recently said. “[Web users] began to question the value of getting on Internet and using [it] for commercial purposes. Their trust in the free and open Internet … was at risk.”

He has also stressed that participation in CISPA is voluntary for companies.

The Intelligence Committee also released a five-page document to counter what it calls “myths” about CISPA, including how much personal data would be shared with the government—which it says would be a rare occurrence.

The American Civil Liberties Union, however, calls CISPA “fatally flawed.”

“The core problem is that CISPA allows too much sensitive information to be shared with too many people in the first place, including the National Security Agency,” it says.

Unlike SOPA, the failed legislative attempt last year to halt online piracy, large tech companies are supporting the efforts to get CISPA passed.

At one time, Facebook and Microsoft had signed on to support CISPA, but now they are reportedly backing away. Google appears to be on the fence about the issue.

Major communications and utilities companies support CISPA, according to a list released by the House.

Last year, the House passed a similar CISPA bill, only to see it die in the Senate. Last August, a successful filibuster blocked CISPA from getting to the floor for a vote. Both libertarians and liberals had issues with the bill, and there were disagreements about which government agencies would be involved with CISPA.

The tea party-aligned group FreedomWorks is on record, again, as opposing CISPA on Fourth Amendment grounds.

“There are grave Fourth Amendment concerns with CISPA. The bill would override existing privacy laws to allow companies to share ‘cyber threat information’ with the federal government without making any reasonable effort to strip out any personal information from the file,” the group said in a statement.

The Electronic Frontier Foundation also has Fourth Amendment concerns.

“As it stands, CISPA is dangerously vague, and should not allow for any expansion of government powers through a series of poorly worded definitions.  If the drafters intend to give new powers to the government’s already extensive capacity to examine your private information, they should propose clear and specific language so we can have a real debate,” the EFF said on its website.

Scott Bomboy is the editor-in-chief of the National Constitution Center.

Recent Constitution Daily Stories
Constitution Check: Is the hunger strike at Guantanamo Bay beyond court review?
Benjamin Franklin’s last days, funeral, and a U.S. Senate slight
Background checks defeated in key Senate vote

View Comments (640)