When the controversial CISPA bill was first introduced last year, Facebook issued a lengthy blog post in support of the legislation, but the social network no longer appears to be as big a fan.
Congress needs to “give companies like ours the tools we need to protect our systems and the security of our users’ information,” Joel Kaplan, vice president of U.S. public policy at Facebook, wrote last year. The company’s name also appeared on a list of firms supporting CISPA, alongside Microsoft, Verizon, AT&T, and more.
But as CNET noted, Facebook’s name no longer appears on the list of firms that support the recently re-introduced CISPA.
What’s the big deal? The Cyber Intelligence Sharing and Protection Act (CISPA) would allow for voluntary information-sharing between private companies and the government in the event of a cyber attack. Last year, backers argued that it’s necessary to protect the U.S. against cyber attacks from countries like China and Iran, but opponents said that it would allow companies to easily hand over users’ private information to the government.
The House passed CISPA in April 2012, but efforts to get it passed in the Senate before the end of the last session were unsuccessful. In July, several top senators unveiled a revised version of cyber-security legislation they had been trying to get passed for years, which incorporated some elements of CISPA, but it didn’t pass.
Rep. Mike Rogers – chairman of the House Permanent Select Committee on Intelligence – and ranking C.A. Dutch Ruppersberger re-introduced the exact same bill last month.
When asked today whether it still supports CISPA, Facebook essentially said it supports the idea of bill, but backed away a bit from the full support it gave about a year ago.
“Protecting the private information people share on Facebook is the foundation of our service, and we support efforts to improve our ability to protect that information from cyber attack,” a Facebook spokeswoman said. “We are encouraged by the continued attention of Chairman Mike Rogers and Ranking Member Dutch Ruppersberger to this important issue and we look forward to working with both the House and the Senate to find a legislative balance that promotes government sharing of cyber threat information with the private sector while also ensuring the privacy of our users.”
To be fair, Facebook is not the only firm that has dropped its support, based on the list provided by the House Intelligence Committee. Also missing from the new list are Microsoft and CTIA, the wireless industry trade association (Verizon and AT&T remain).
In in April 2012 blog post, Facebook acknowledged that some people had privacy-related concerns regarding CISPA.
“The concern is that companies will share sensitive personal information with the government in the name of protecting cybersecurity,” Kaplan wrote at the time. “Facebook has no intention of doing this and it is unrelated to the things we liked about [CISPA] in the first place – the additional information it would provide us about specific cyber threats to our systems and users.”
Last month, Facebook disclosed that its systems were “targeted in a sophisticated attack,” though user data was not compromised. The social network is just one of many companies that have made similar disclosures lately, including Apple, Evernote, Microsoft, Zendesk, and Jawbone.
The fight over CISPA, meanwhile, continues. Recently, an anti-CISPA petition posted to the White House’s We the People website received the 100,000 e-signatures required for an official administration response.
“[CISPA] creates broad legal exemptions that allow the government to share ‘cyber threat intelligence’ with private companies, and companies to share ‘cyber threat information’ with the government, for the purposes of enhancing cybersecurity,” the petition reads. “The problems arise from the definitions of these terms, especially when it comes to companies sharing data with the feds.”
The White House already threatened to veto CISPA back in April 2012 because it “departs from longstanding efforts to treat the Internet and cyberspace as civilian spheres.” We’ll have to wait and see if it veers from that position in its response to the petition.
Mozilla, as well as various privacy-rights groups, penned a letter to the House this week that encouraged members to vote against CISPA.
At this point, there has been no action on CISPA in the House.