Microsoft backs off CISPA support: Does it matter?


The Cyber Intelligence Sharing and Protection Act (CISPA) may have easily passed the House of Representatives last week, but it appears that support for the controversial cybersecurity bill is beginning to crumble. Over the weekend, Microsoft, long considered a CISPA supporter, told CNet that it now has concerns about the bill regarding personal privacy.

As Declan McCullagh reports:

In response to queries from CNET, Microsoft, which has long been viewed as a supporter of the Cyber Intelligence Sharing and Protection Act, said this evening that any law must allow “us to honor the privacy and security promises we make to our customers.”

Microsoft added that it wants to “ensure the final legislation helps to tackle the real threat of cybercrime while protecting consumer privacy.”

While this is far from an outright condemnation of the bill, it is clear that Microsoft shares some of the concerns about CISPA that privacy advocates have been expressing for months. It is also a significant change in Microsoft’s position (pdf), which was that it “applauded” the bill’s leadership for drafting the legislation.

Depending on who you talk to, the primary complaints about CISPA, which allows the government and businesses to more easily share “cyber threat intelligence” with each other, are as follows:

First, CISPA removes any liability from companies that share information with the federal government, as long as the data is somehow related to a number of categories, including “cybersecurity” or “national security.” Both of these categories remain overly broad, for some critics.

Second, CISPA allows the National Security Agency, and other government organizations that lack clear public oversight, to access the information, which remains one of two primary complaints of the Center for Democracy & Technology, a leader in the fight against CISPA.

Third — and this is the one area Microsoft likely has beef with — CISPA would supersede all other laws. Because of this, it is not possible for companies to offer any real privacy protection for their users whatsoever, since businesses could simply override any privacy policy anytime they like by sharing user data with the government. Nothing about that provision would allow Microsoft to “honor the privacy and security promises” it makes to its customers — at least, not in any legal way.

Now, it is important to note that CISPA does not require anyone to sharing anything. Microsoft could simply say, “We are never going to turn any cyber threat intelligence over to the government,” and in doing so maintain users’ privacy expectations. It could even strip all of the data it shares of any personally identifiable details, like name, IP address, or anything else it fears might cause customers to rebel. It could — but it wouldn’t be legally required to do so, and therein lies the problem: CISPA removes current protections for individual privacy while failing to replace them with anything equally robust.

Another problem is that CISPA has overwhelming support from the business community. Given Microsoft’s high profile, it’s possible that other companies will back off as well. (Though there’s no evidence that they have done so yet.) But if they don’t, the pro-CISPA camp will remain vast and powerful.

Regardless, it is encouraging to see Microsoft moving in this direction. And I hope other companies will follow suit. As I’ve mentioned before, it is highly unlikely that CISPA will make it through the Senate without undergoing some serious changes. And the provision in CISPA that allows companies to ignore all existing laws could possibly be stripped from the legislation.

All that said, CISPA remains highly problematic for a number of reasons, as mentioned above. But the bill’s passage by the House appears to have only incited more opposition to the bill, not less — and none of it has to do with Microsoft, at least not yet.

CISPA is expected to go before the Senate sometime in May.

The views expressed here are solely those of the author and do not reflect the beliefs of Digital Trends.


Logitech’s newest headsets sound as good as they look, but they’re not perfect

Logitech's G935 and G432 bring style and impressive sound to the table. They boast leatherette earpads, positional 3D sound, and 50mm drivers, Logitech has become a formidable adversary for competitors, but the company's new headsets aren't…

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.

Edit, sign, append, and save with six of the best PDF editors

Though there are plenty of PDF editors to be had online, finding a solution with the tools you need can be tough. Here are the best PDF editors for your editing needs, no matter your budget or operating system.
Movies & TV

The best shows on Netflix right now (March 2019)

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Movies & TV

The best movies on Netflix in March, from Buster Scruggs to Roma

Save yourself from hours wasted scrolling through Netflix's massive library by checking out our picks for the streamer's best movies available right now, whether you're into explosive action, witty humor, or anything else.

Debunking Dark Mode: Here’s why it won’t improve your laptop’s battery life

Dark Mode is known to improve battery life for certain devices, like a smartphone with an OLED screen. Does that apply to laptops, as well? To find out we tested two laptops, one running Windows and one running MacOS.

In the age of Alexa and Siri, Cortana’s halo has grown dim

In a sea of voice assistants, Cortana has become almost irrelevant. The nearly five-year-old voice assistant is seeing little love from consumers, and here’s why it is dead.

EA is losing out on the true potential of Titanfall studio with ‘Apex Legends’

Apex Legends is a solid battle royale game, but one can’t shake the feeling that its creation was dictated by Respawn’s new owners: Electronic Arts. In the process, the studio’s soul could be lost.

The 'Anthem' demo's crash landing raises more questions than answers

Bioware bravely allowed gamers to see a large chunk of 'Anthem' over two demo weekends, but it backfired. Lackluster missions, performance issues, and muddled messaging over micro-transactions leaves the game with an uphill battle.

Apex Legends proves battle royale is no fad. In fact, it’s just getting started

Apex Legends came out of nowhere to take the top spot as battle royale in 2019, and it now looks as if it'll be the biggest game of the year. Its sudden success proves the battle royale fad still has plenty of life left in it.
Home Theater

Apple is arming up to redefine TV just like it did the phone

Curious about what Apple's answer to Netflix will be? Us too. So we combed through some patents, and looked at the landscape, to come up with a bold prediction: Apple's streaming service will be way bigger than anyone thinks.
Home Theater

How the headphone jack helps Samsung out-Apple the king

Samsung’s latest flagship phones and wearables unveiled at the Galaxy Unpacked event had plenty of exciting new tech. But one of the most useful features Samsung revealed is also the oldest: The mighty headphone jack.

Age of Empires II thrives 20 years later. Here's what Anthem could learn from it

Age Of Empires II is approaching its 20th birthday. It has a loyal following that has grown over the past five years. New always-online games like Anthem would love to remain relevant for so long, but they have a problem. They're just not…

Devil May Cry is Fantastic, but I still want a DmC: Devil May Cry sequel

Capcom's Devil May Cry 5 is one of the best games of 2019 and a welcome return for the series, but its success should not discount just how wonderful Ninja Theory's DmC: Devil May Cry really was.