Skip to main content

All you need to know about Washington’s big cybersecurity push

CISPA
Image used with permission by copyright holder

The war over cyber war has sparked up once again. Last week, Washington saw not one but two major cybersecurity moves in the U.S. capital. On Tuesday, President Obama signed an executive order that gives federal agencies greater authority to share ‘cyber threat’ information with the public sector, a move the president touted in his State of the Union address. The same day, Reps. Mike Rogers (R-MI) and Dutch Ruppersberger (D-MD) reintroduced the Cyber Intelligence Sharing and Protection Act (CISPA), a hotly contested bill that passed the House last year, but died in the Senate.

Given the often vague nature of cybersecurity, the denseness of proposed legislation and executive orders, and the passion for these issues on both sides, some dispassionate clarification is due. Here’s a busy person’s guide to Washington’s big cybersecurity push.

What does President Obama’s executive order do?

Obama’s executive order aims to bolster cybersecurity protections for the nation’s ‘critical infrastructure’ networks – electrical grids, dams and other power stations, water supply companies, air traffic control, and financial institutions – through increased sharing of information. Specifically, it authorizes the government to provide companies that run critical infrastructure networks with “cyber threat information.”

“It is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats,” the executive order reads.

The executive order also calls for the federal government to draft recommendations for ways in which critical infrastructure providers can protect themselves from cyber attacks. Companies would not, however, be required to abide by these recommendations. It will also clarify which government agencies will take part in cybersecurity efforts.

Read the full executive order here.

Does anybody think this is bad?

Not really. Pro-business think tank the Heritage Foundation praises parts of the order, but also says it’s too broad in scope, meaning it may rope in businesses that don’t really need to be involved (“like agriculture”). Heritage also worries that it won’t do a very good job of increasing sharing, and believes it may lead federal agencies to increase their regulatory reach.

Privacy advocates, however, believe the executive order strikes the right balance between increased security and protections for personal liberty, as it only allows sharing in one direction: from the government to businesses – a key distinction, as we’ll see further on.

“Two cheers for cybersecurity programs that can do something besides spy on Americans,” wrote the ACLU.

The biggest complaint concerns Obama’s use of executive orders in general, which critics say circumvents the checks and balances of our government. True as that may be, a public executive order is seen by some experts as better than one that’s kept a secret, as many have been in the past.

What does CISPA do?

Like Obama’s cybersecurity order, CISPA’s primary aim is to increase the sharing of cyber threat information (or CTI, as the cool kids call it). Unlike Obama’s order, however, CISPA allows the sharing of information in both directions – from government to business, and vice versa. Sharing is not required by the law, but it is allowed.

CISPA also provides broad legal immunity to companies that collect and share CTI with the federal government, as long as they do so “in good faith” – which might mean businesses can’t be sued or charged with crimes for collecting and sharing CTI under CISPA. Furthermore, CISPA shields the shared CTI from transparency mechanisms, like the Freedom of Information Act (FOIA).

Read the full text of CISPA here: PDF.

Does anyone think this is bad?

You betcha. Privacy advocates are particularly peeved by this bill because they fear it will let the government get its mitts on our private communications; because we won’t know what of our information is being shared, they say; and because it may take away our power to punish companies that collect and share the information they have on us.

“Our concern from day one has been that these combined power and immunity provisions would override existing privacy laws like the Wiretap Act and the Stored Communications Act,” wrote the Electronic Frontier Foundation (EFF). “Worse, the law provides immunity ‘for decisions made based on’ CTI. A rogue or misguided company could easily make bad ‘decisions’ that would do a lot more harm than good, and should not be immunized.”

As soon as CISPA’s return was announced a last week, a variety of Internet-centric civil liberties groups, including Demand Progress, Fight for the Future, EFF, Avaaz, ACLU, and Free Press, launched petitions against CISPA. On Thursday, Demand Progress and Fight for the Future delivered more than 300,000 signatures to the House Intelligence Committee in protest of CISPA. And more than 1 million people have signed anti-CISPA petitions so far.

CISPA co-sponsors, Reps. Rogers and Ruppersberger, are doing everything they can to tamp down concern over CISPA, arguing that the bill is not about spying on citizens, and that increased sharing of CTI between the public and private sectors is an no-brainer way to combat cyber threats.

On the business side, U.S. Telecom, a lobbyist group from Internet service providers; CTIA, the wireless industry’s lobbying arm; and AT&T have all come out in favor of CISPA – but we should expect far more support from the private sector. Last time around, hundreds of companies directly or indirectly (through their lobbying groups) voiced support for the bill, including tech giants like Facebook and IBM.

Why is this happening all happening now?

Because the people in our government are convinced cyber attacks are a serious problem, and getting worse. According to a December report from the Department of Homeland Security, cyber attacks on oil pipelines and electricity providers has risen 52 percent over last year. And the National Intelligence Estimate recently indicated that the U.S. is, as the Washington Post tells it, the “target of a massive, sustained cyber-espionage campaign that is threatening the country’s economic competitiveness.”

All of this comes in front of the backdrop of sustained hacks of The New York Times, Wall Street Journal, Washington Post, and Bloomberg News by Chinese hackers – high-profile attacks which put cybersecurity concerns more firmly in the public mind.

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
How to deactivate your Instagram account (or delete it)
A person holding a phone with the Instagram app open on it.

Oh, social media. Sometimes it’s just too much, folks. If you’re finding yourself in a position where shutting down your Instagram account for a period of time sounds good, Meta’s powers that be have made it pretty simple to deactivate your Instagram account. It’s also quite easy to completely delete your Instagram, although we wouldn’t recommend this latter option if you plan on returning to the platform at a later date.

Read more
How to clear cookies
A person uses a tablet with an HP laser printer in an office.

Cookies are a convenient way to experience the parts of the internet you frequently visit. One can think of these non-edible artifacts as digital breadcrumbs for info you may not want to remember every time. But when your computer is tasked with remembering too many of these trail-markers, it can really slow down your machine. Regardless of the browser you’re using, it’s a good idea to clear your cookies every once in a while.

Read more
Best Buy Memorial Day sale: early TV, laptop, and appliance deals
Digital Trends Best Buy Prime Day Deals Alt

While Memorial Day is still several days away, there are a lot of excellent early Memorial Day deals you can pick up right now from Best Buy. That includes everything from the best TVs, the best Phones, the best Air Fryers, and even the best smart home devices out there, so you have a huge variety of deals to pick from. Of course, there is an overwhelming number of options out there, which is why we've scoured Best Buy for our favorite deals in various categories and collected them all below, so be sure to check out everything in detail.

Best Best Buy Memorial Day TV Deals

Read more