On CISPA, Obama and Congress Still Don’t Get It
The Obama administration has hardly been a consistent defender of digital privacy. Recall, for example, its support for the reauthorization of the Patriot Act, or its position—unanimously rejected by the Supreme Court in U.S. v. Jones—that we should have no expectations of privacy in public. Recently, however, the administration gave friends of digital privacy a reason to dance in the chat rooms: On April 25, Obama threatened to veto the Cyber Intelligence Sharing and Protection Act (CISPA), the dreadful cyber security bill that would have allowed Internet companies to share private emails and web browsing records with the NSA.
But while this was a real success for online privacy activists, it’s far too early to declare victory. There is another cyber security bill currently being considered by the Senate. This is one is nearly as bad as CISPA—and not only is Obama unlikely to threaten another veto, the administration has already indicated its support.
The idea behind CISPA isn’t inherently objectionable. No one denies that an effective approach to cyber security could allow telecommunications and Internet service providers to share information about cyber-threats with the government. But although it’s possible to design an information sharing program that protects privacy as well as security, the leading bills that have been considered by the House and Senate do no such thing.