Responding to a petition signed by over 100,000 people on the White House’s We The People website, the Obama Administration has issued clarifying remarks on its stance towards CISPA. The President does not support the version of CISPA that the House of Representatives passed earlier this month. And as the Senate is expected to put forth its own version of the bill, Obama hopes to provide guidance for any new legislation.
According to Obama’s official response, the Administration will only stand by information-sharing legislation that embody “three key principles.”
1. “minimizing information that can be used to identify specific individuals.” This means erring on the side of discretion regarding the personal information of users/clients especially if that data is irrelevant to a specific cyber attack.
This, of course, is uncomfortably vague. Without the need for warrants, how will government agencies and private companies decide what is relevant information and what is not?
2. “new information should enter the government through a civilian department rather than an intelligence agency.” Here, Obama would like to see that the data collected under the protection of CISPA is gathered not by the NSA or the CIA but through civilian channels, like the Department of Homeland Security.
A longstanding American axiom: the CIA should not be able to spy on US citizens.
3. “Any new legislation ought to provide legal clarity for companies…But it should not provide broad immunity for businesses and organizations.” The Administration is hoping to guard against “unwarranted disclosure of personal information,” as well as practices that would “likely to cause damage to third parties.”
This last principle hopes to rid the legislation of dangerously broad language that would embolden companies to needlessly turn over damning personal data.