We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

CISPA Monitoring Bill: Changes Proposed, but Unlikely to Pacify Critics

The legislation would allow the U.S. government and businesses to more easily share information about cyberattacks.

Lawmakers are proposing changes to the Cyber Intelligence Sharing and Protection Act, or CISPA, that would help prevent the government and businesses from running amok with personal data.

CISPA is an amendment to the National Security Act of 1947 that would allow the U.S. government and businesses to more easily share information about cyberattacks. The government would be able to share what it knows about security threats with businesses, including Web services such as Facebook. Those businesses would be able to share their own information with the government, though doing so would not be mandatory.

(RELATED: Just the Facts on CISPA)

Critics, such as the Electronic Frontier Foundation and American Civil Liberties Union, have argued that the bill's broad language opens the door for censorship -- for instance, by defining intellectual property theft as a type of cyberattack -- and doesn't put any limits on the sharing of personal data. Also, the bill supersedes any other privacy laws, and information sharing would be exempt from the Freedom of Information Act.

CISPA's proposed changes are unlikely to allay those concerns. None of the bill's amendments or proposed changes would narrow the definition of a cyberattack, nor would they place restrictions on what kinds of information may be shared. (In the latest amendment, approved changes are highlighted in green, and proposals are highlighted in yellow.)

Proposed changes would, however, add more liability for the government and restrictions for businesses. In one proposed amendment, the government would be liable for monetary damages if it willfully misuses shared information. In another, businesses would be prohibited from sharing cyber threat information with outside entities besides other approved businesses and government agencies.

In addition, a pair of amendments approved last week call for an annual review -- but still no Freedom of Information Act disclosure -- of information sharing, and spell out that companies can't make quid-pro-quo deals with the government, where they only get information if they share back.

Civil liberties groups are hoping to drum up the same type of citizen outrage over CISPA that forced the anti-piracy bills SOPA and PIPA into hiding last January. This week, 20 groups are participating in "Stop Cyber Spying Week" in protest of the bill. But this time around, advocacy groups don't have the backing of the tech community. Among the bill's supporters: Facebook, Microsoft and the wireless trade group CTIA, of which Google is a member.

Follow Jared on Twitter, Facebook or Google+ for even more tech news and commentary.

IDG UK Sites

Samsung Galaxy S6 release date, features and specs rumours: When will the Galaxy S6 come out?

IDG UK Sites

Why people aren't upgrading to iOS 8: new features are for power users, not the average Joe

IDG UK Sites

Free rocket & space sounds: NASA launches archive of interstellar audio on SoundCloud

IDG UK Sites

iPad Air 2 review: Insanely fast and alarmingly thin. Speed tests, camera tests, beautiful...