Thursday, April 26, 2012

Is CISPA Really A Remedy Or A Bad Idea?

United States is taking cyber security very seriously. However, in its zest to ensure cyber security, US is willing to forgo procedural safeguards against any possible misuse of any crucial information involved in the process.

Take the example of Cyber Intelligence Sharing and Protection Act (CISPA). One of the provisions in the proposed CISPA allows private companies to share cyber security data with each other and with the government notwithstanding any other provision of law.

Laws and Procedure already exist in US according to which Information can be shared when issues of Cyber Security are involved, informs Praveen Dalal, managing partner of Perry4Law. However, CISPA is intimidating in the sense that it drastically expands the nature of data that can be shared, informs Dalal.

At present, the US government's ability to share data on its citizens is fairly restricted, insomuch as the various agencies must demonstrate cause and need. Further, CISPA is also silent about the restrictions imposed upon agencies like the CIA or NSA who could use the information they gather in most liberal manner.

Meanwhile, the White House threatened to veto the CISPA if Congress approves it in its current form. Through a Statement of Administration Policy on Cyber Intelligence Sharing and Protection Act (CISPA), the Obama administration said CISPA treats domestic cyber security as an intelligence activity whereas it should be a civilian one.

It also repeals important provisions of electronic surveillance law without instituting corresponding privacy, confidentiality, and civil liberties safeguards, and does not address the protection of critical infrastructure systems.