Feeds

US House of Representatives passes CISPA by 288-127

Co-sponsor dismisses opponents as '14 year-olds tweeting'

Top three mobile application threats

The Cyber Intelligence Sharing and Protection Act (CISPA) has been approved by the US House of Representatives, despite a last-minute gaffe from its co-sponsor.

The 288-127 vote saw an increased majority from CISPA's first passage last April, with a broadly bipartisan turnout. CISPA was filibustered in the Senate but resurrected this year by Rep. Mike Rogers (R-MI), chairman of the House Intelligence Committee, and "Dutch" Ruppersberger, a Maryland democrat whose congressional district covers the home of the NSA in Fort Meade.

The legislation sets up as framework for federal government agencies to share information on security threats with private companies in order to help protect their systems. In return, private companies can choose to hand over user information (anonymized or not) to the government for "cybersecurity purposes" with full legal indemnity, whatever their terms and conditions say.

"CISPA is a poorly drafted bill that would provide a gaping exception to bedrock privacy law," EFF senior staff attorney Kurt Opsahl said in a statement. "While we all agree that our nation needs to address pressing Internet security issues, this bill sacrifices online privacy while failing to take common-sense steps to improve security."

Despite opposition, however, the bill looked to be an increasingly done deal as the vote approached. On Monday, 36 new congressional co-sponsors decided to add official support, and IBM said that it had flown in lobbying muscle to help push for CISPA.

"We're going to put our shoe leather where our mouth is," Chris Padilla, vice president of governmental affairs at IBM, told The Hill. "The message we're going to give [lawmakers] is going to be a very simple, clear message: support the passage of CISPA."

The technology industry broadly approves of CISPA, in that it might do some good and limits their liability, just in case. Facebook has been a vocal supporter, saying that the bill clarifies a lot of things and puts it under no onus to share its user's data with the government if it doesn’t want to. Of course, if it changes that view, it's unlikely the customers would be able to find out about it.

During the debate, Representative Rogers said that Silicon Valley CEOs supported him and opponents of were "people on the internet, a 14 year-old tweeter in the basement," just like his nephew who gave him aggravation for sponsoring the bill.

"Once you understand the threat, and you understand how the mechanics of it works, and you understand that people are not monitoring the content of your emails, most people go 'Got it, I'm in'," he said.

This prompted a flood of angry tweets from the vast majority of CISPA opponents who are over 14, live successful lives (many in the fields of security, computing and law), but who presumably don't count.

CISPA isn't in force yet. The Senate still has to pass legislation, and shows no sign of doing so. Even then, the President has sort-of threatened to veto the legislation as it stands.

"The Administration recognizes and appreciates that the House Permanent Select Committee on Intelligence (HPSCI) adopted several amendments to H.R. 624 in an effort to incorporate the Administration's important substantive concerns," the White House said in a statement.

"However, the Administration still seeks additional improvements and if the bill, as currently crafted, were presented to the President, his senior advisors would recommend that he veto the bill."

We shall see if he takes that advice. ®

Bootnote

Calling opponents names is an increasingly essential part of politics in America these days. To see how politicians can use the rapier rather than the cudgel in debate El Reg suggests checking out Wednesday's performance by New Zealand MP Maurice Williamson, a man who describes C++ coding as just below sex in terms of pleasure.

SANS - Survey on application security programs

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.