Microsoft backs off CISPA support: Does it matter?


The Cyber Intelligence Sharing and Protection Act (CISPA) may have easily passed the House of Representatives last week, but it appears that support for the controversial cybersecurity bill is beginning to crumble. Over the weekend, Microsoft, long considered a CISPA supporter, told CNet that it now has concerns about the bill regarding personal privacy.

As Declan McCullagh reports:

In response to queries from CNET, Microsoft, which has long been viewed as a supporter of the Cyber Intelligence Sharing and Protection Act, said this evening that any law must allow “us to honor the privacy and security promises we make to our customers.”

Microsoft added that it wants to “ensure the final legislation helps to tackle the real threat of cybercrime while protecting consumer privacy.”

While this is far from an outright condemnation of the bill, it is clear that Microsoft shares some of the concerns about CISPA that privacy advocates have been expressing for months. It is also a significant change in Microsoft’s position (pdf), which was that it “applauded” the bill’s leadership for drafting the legislation.

Depending on who you talk to, the primary complaints about CISPA, which allows the government and businesses to more easily share “cyber threat intelligence” with each other, are as follows:

First, CISPA removes any liability from companies that share information with the federal government, as long as the data is somehow related to a number of categories, including “cybersecurity” or “national security.” Both of these categories remain overly broad, for some critics.

Second, CISPA allows the National Security Agency, and other government organizations that lack clear public oversight, to access the information, which remains one of two primary complaints of the Center for Democracy & Technology, a leader in the fight against CISPA.

Third — and this is the one area Microsoft likely has beef with — CISPA would supersede all other laws. Because of this, it is not possible for companies to offer any real privacy protection for their users whatsoever, since businesses could simply override any privacy policy anytime they like by sharing user data with the government. Nothing about that provision would allow Microsoft to “honor the privacy and security promises” it makes to its customers — at least, not in any legal way.

Now, it is important to note that CISPA does not require anyone to sharing anything. Microsoft could simply say, “We are never going to turn any cyber threat intelligence over to the government,” and in doing so maintain users’ privacy expectations. It could even strip all of the data it shares of any personally identifiable details, like name, IP address, or anything else it fears might cause customers to rebel. It could — but it wouldn’t be legally required to do so, and therein lies the problem: CISPA removes current protections for individual privacy while failing to replace them with anything equally robust.

Another problem is that CISPA has overwhelming support from the business community. Given Microsoft’s high profile, it’s possible that other companies will back off as well. (Though there’s no evidence that they have done so yet.) But if they don’t, the pro-CISPA camp will remain vast and powerful.

Regardless, it is encouraging to see Microsoft moving in this direction. And I hope other companies will follow suit. As I’ve mentioned before, it is highly unlikely that CISPA will make it through the Senate without undergoing some serious changes. And the provision in CISPA that allows companies to ignore all existing laws could possibly be stripped from the legislation.

All that said, CISPA remains highly problematic for a number of reasons, as mentioned above. But the bill’s passage by the House appears to have only incited more opposition to the bill, not less — and none of it has to do with Microsoft, at least not yet.

CISPA is expected to go before the Senate sometime in May.

The views expressed here are solely those of the author and do not reflect the beliefs of Digital Trends.


In the age of Alexa and Siri, Cortana’s halo has grown dim

In a sea of voice assistants, Cortana has become almost irrelevant. The nearly five-year-old voice assistant is seeing little love from consumers, and here’s why it is dead.
Emerging Tech

Watch the fearsome DroneHunter X3 pluck rogue UAVs out of the sky

How do you stop enemy drones in their tracks? DroneHunter X3 is a new autonomous anti-drone technology which outruns and then captures rogue drones in midair. Check it out in action.
Movies & TV

The best movies on Netflix in March, from Buster Scruggs to Roma

Save yourself from hours wasted scrolling through Netflix's massive library by checking out our picks for the streamer's best movies available right now, whether you're into explosive action, witty humor, or anything else.
Movies & TV

The best shows on Netflix right now (April 2019)

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.

The 100 best Android apps turn your phone into a jack-of-all-trades

Choosing which apps to download is tricky, especially given how enormous and cluttered the Google Play Store has become. We rounded up 100 of the best Android apps and divided them neatly, with each suited for a different occasion.
Home Theater

How the headphone jack helps Samsung out-Apple the king

Samsung’s latest flagship phones and wearables unveiled at the Galaxy Unpacked event had plenty of exciting new tech. But one of the most useful features Samsung revealed is also the oldest: The mighty headphone jack.
Smart Home

Alexa may be everywhere, but it’s Google’s Assistant I want in my home. Here’s why

The Amazon Alexa may have the Google Home beat in quantity of skills and compatibility with other products, but does that really matter when Alexa falls flat for day-to-day conversation?

Age of Empires II thrives 20 years later. Here's what Anthem could learn from it

Age Of Empires II is approaching its 20th birthday. It has a loyal following that has grown over the past five years. New always-online games like Anthem would love to remain relevant for so long, but they have a problem. They're just not…

Devil May Cry is Fantastic, but I still want a DmC: Devil May Cry sequel

Capcom's Devil May Cry 5 is one of the best games of 2019 and a welcome return for the series, but its success should not discount just how wonderful Ninja Theory's DmC: Devil May Cry really was.

DMC 5’s greatness is a reminder of all the open world games that wasted my time

Devil May Cry 5 modernizes the stylish action combat while retaining its storied PS2 roots. More so, though, it reminded me that we could sure use more linear, single player games to combat the sea of open world games.

Don't get the hype over Fortnite? Let us change your mind

Fortnite arrived very quietly but after launching Battle Royale mode it became a cultural phenomenon. Today, Fortnite is one of the most content prolific online games and it's starting to change the meta.

Hey Google, why did you kill off Allo, your best messaging app in years?

Allo, Google's messaging app, has shut down. I convinced my closest friends and family to switch to the app two-and-a-half years ago when it debuted, and we've been using it since. With its death, I'm feeling pain and sadness.

Apple’s new iPads are hardly new at all. Don’t waste your money

It has taken Apple four years to get around to updating the iPad Mini line, but the new iPad Mini is virtually identical to its predecessor. It’s joined by a confusing iPad Air with no obvious target audience. Is Apple just trying to sell…
Home Theater

There isn’t a single good reason to buy Apple’s new AirPods

After nearly a three-year wait, Apple has finally announced a new version of its popular true wireless headphones, the AirPods. We had high hopes for vast improvements, but that's not what we got.