By: Jonathan Klein
Just two weeks after the Egyptian government threatened to cut off access to the web, in mid-January millions of Internet users realized their worst fears: they couldn’t load sites that played pivotal roles in their lives. Across the world, bloggers took to the Internet to express outrage over Internet censorship, quickly raising visibility about the issue.
This wasn’t the scene on the day the Egyptian government shut down its citizens’ access to the Internet, and by extension, much of the outside world. Instead, this was the day Internet heavyweights including Wikipedia, Google, and Reddit blacked out their websites in protest of SOPA.
Wikipedia’s now-infamous black screen was perhaps the darkest, yet most visible, symbol of the digital world’s fight against the Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA), legislation intended to protect intellectual property in the online domain. SOPA, the House bill, and its Senate companion died a quick death on January 18, when hundreds of thousands of constituents called their representatives and urged Congress to shut down the bills.
The swift and powerful response caught Capitol Hill off guard. The original cyber security legislation had relatively few sponsors, but most members of Congress hadn’t actually taken a public position by the morning on January 18.
By afternoon, that had changed. Facing phones ringing off the hook and up to ten times the normal volume of emails, many members spoke out publicly against the legislation, essentially guaranteeing the bills would never reach the full House or Senate for a vote.
Despite the apparent victory of grassroots Internet activists, the battle over cyber security legislation isn’t over yet. Congress began consideration on Thursday of HR 3523, the Cyber Intelligence Sharing and Protection Act (CISPA), which attempts to tackle the serious problem of Internet crime.
Many college students (and a number of adults) remember the attack on Sony’s PlayStation network last year that shut down the network for 23 days. Although the company’s damage estimate of $171 million is significant, that figure pales in comparison to the total cost of defending computer systems against cyber attacks. A 2009 McAfee study estimated that computer crimes cost companies nearly $1 trillion every year – but that figure doesn’t include hidden and public sector costs, such as the amount defense contractors and the Pentagon spend every year to defend their networks.
Cyber crimes are a costly problem for government and businesses. If anything, Congress’ repeated attempts to pass cyber security legislation underscore the importance of the issue. However, each time Congress brings a new bill up for a vote, the response from constituents and concerned interest groups remains largely the same: vote against [Insert name of cyber security legislation here].
The reflexive opposition to any sort of digital information reform highlights the growing importance of the Internet. In a world where almost everything we do revolves around the Internet (and where college students sometimes spend 10 or more hours each day on social media sites), concerns about government’s authority to monitor the web must be taken seriously.
However, this grassroots opposition to legislation that might curtail individual access to certain websites has recently morphed into something else – a deep-seated distrust of any legislation that would impact the Internet in any capacity.
Take CISPA, for example. In contrast to the original SOPA/PIPA bills (“which allow the government to shut down the Internet”), CISPA facilitates voluntary information sharing, mostly among the private sector. Although privacy advocates argue the bill would give the government more authority to collect information from the private sector, the reality is that it could actually do the opposite. The bill would establish mechanisms allowing the federal government to share existing threat information with private companies, among other things. At least that’s the argument advanced by advocates of the bill.
The opponents’ response is more concise: #CongressTMI. Originally packaged with a “lolcats” photo on an ACLU blog post, the popular hashtag encapsulates real concerns about the government’s role in handling the “threat” information it collects. Privacy watchdogs, such as the ACLU, are right to raise red flags over the bill’s vague language, which permits the government to use threat information “either for cyber security or the protection of U.S. national security.” Ultimately, CISPA’s sponsors amended the bill Thursday before to strengthen its privacy protections, alleviating some of the concerns raised by the ACLU, the Center for Democracy and Technology (CDT), and others.
Even as “cyber security week” draws to a close, many Hill insiders remain unsure whether CISPA and other digital security reforms will even make it to the President’s desk. CISPA passed the House in a mostly party-line vote of 248-168, and the Senate will likely vote on the issue in coming weeks. Regardless of the vote’s outcome, the escalating tensions over cyber security pose serious political risks to Congress and President Obama.
Should Obama veto the Republican-backed CISPA, as the White House indicated he might, the Obama administration might face a major backlash if “hacktivists” mount a digital attack intended to embarrass him (something history suggests is well within the realm of possibility). Congress faces the same type of threat. With multiple bills coming to the House and Senate floors this month, a widely-publicized cyber attack would be particularly damaging if Congress fails to pass meaningful reforms.
Ultimately, many Americans are vowing to closely monitor the debate on Capitol Hill, but it’s unclear whether the newest round of privacy-oriented amendments will eventually garner the approval of key interest groups such as the ACLU. One thing is clear; Republicans and Democrats in Congress are praying the continuing fight over cyber security won’t end in a black eye – or a black screen.