Many privacy advocates are emboldened by the threat by the Whitehouse to veto CISPA. However, a careful read of the Whitehouse memo on CISPA reveals that many of the core problems that the Whitehouse has with CISPA are not, necessarily, civil liberties concerns. In several places the Whitehouse states that their objections to CISPA rise from the view that CISPA places too many constraints on information sharing. The administration does start off by stating that they want to require that irrelevant personal information be removed from data shared under CISPA. The Administration, however, remains concerned that the bill does not require private entities to take reasonable steps to remove irrelevant personal information when sending cybersecurity data to the government or other private sector entities.
This is an important civil liberties concern with CISPA. However, it isn't the only one. The Whitehouse then goes on to complain that another problem they have with CISPA is that it allows private companies to place constraints on how the government will use the information that has been shared. Intra-governmental sharing and use should not be subject to undue restrictions by the private sector companies that originally share the information.
This is an obvious reference to the following section of CISPA: USE AND PROTECTION OF INFORMATION- Cyber threat information shared in accordance with paragraph (1)-- ‘(A) shall only be shared in accordance with any restrictions placed on the sharing of such information by the protected entity or self-protected entity authorizing such sharing, including appropriate anonymization or minimization of such information and excluding limiting a department or agency of the Federal Government from sharing such information with another department or agency of the Federal Government in accordance with this section;
I think this section speaks volumes about the way that our government puts the interests of institutions before those of individuals. If I, as an individual person, enter into a contract with a company and share my personal information with them under that contract, no term of that contract can constrain that company from sharing that information with the government under CISPA. However, under the current text of CIPSA, that company can constrain the government's use of that information when the company shares the information with the government. The government has to uphold the company's terms, but no one has to uphold my terms. The problem that the Obama Whitehouse has is that the government would have to uphold the company's terms. They want fewer restrictions regard... [ Read More (0.2k in body) ] |