Responding to a petition signed by over 100,000 people on the White House’s We The People website, the Obama Administration has issued clarifying remarks on its stance towards CISPA. The President does not support the version of CISPA that the House of Representatives passed earlier this month. And as the Senate is expected to put forth its own version of the bill, Obama hopes to provide guidance for any new legislation.
According to Obama’s official response, the Administration will only stand by information-sharing legislation that embody “three key principles.”
1. “minimizing information that can be used to identify specific individuals.” This means erring on the side of discretion regarding the personal information of users/clients especially if that data is irrelevant to a specific cyber attack.
This, of course, is uncomfortably vague. Without the need for warrants, how will government agencies and private companies decide what is relevant information and what is not?
2. “new information should enter the government through a civilian department rather than an intelligence agency.” Here, Obama would like to see that the data collected under the protection of CISPA is gathered not by the NSA or the CIA but through civilian channels, like the Department of Homeland Security.
A longstanding American axiom: the CIA should not be able to spy on US citizens.
3. “Any new legislation ought to provide legal clarity for companies…But it should not provide broad immunity for businesses and organizations.” The Administration is hoping to guard against “unwarranted disclosure of personal information,” as well as practices that would “likely to cause damage to third parties.”
This last principle hopes to rid the legislation of dangerously broad language that would embolden companies to needlessly turn over damning personal data.
Somini Sengupta reports in the New York Times
The current statute requires a warrant for e-mails that are less than six months old. But it lets the authorities gain access to older communications — or bizarrely, e-mails that have already been opened — with just a subpoena and no judicial review.
The law governs the privacy of practically everything entrusted to the Internet — family photos stored with a Web service, journal entries kept online, company documents uploaded to the cloud, and the flurry of e-mails exchanged every day. The problem is that it was written when the cloud was just vapor in the sky.
“Google has for the first time agreed to legally binding changes to its search results after an antitrust investigation by European regulators,” writes Claire Cain Miller of the New York Times .
After a two-year inquiry, the European Commission has accepted Google’s proposed settlement, according to two people briefed on the agreement who spoke anonymously because the proposal was not yet public.
Google will not have to change the algorithm that produces its search results, the people said. Under the proposal, Google agrees to clearly label search results from its own properties, like Google Plus Local or Google News, and in some cases to show links from rival search engines.
“It’s no secret that under the Electronic Communications Privacy Act, the feds can easily obtain archive copies of emails. When it comes to spying on emails or Gchat in real time, however, it’s a different story, writes Ryan Gallagher of Slate.
From the perspective of law enforcement, the data that passes through email, cloud services and chat is difficult to monitor in real time. As Gallagher notes, “That’s because a 1994 surveillance law called the Communications Assistance for Law Enforcement Act only allows the government to force Internet providers and phone companies to install surveillance equipment within their networks.” For newer forms of communication, the FBI’s spying power is restricted.
Gallagher summarizes a recent speech by the FBI’s general counsel, Andrew Weissmann, and reports that the agency will push a proposal this year to expand their “Internet spy powers.”