Posted by Kalyani M. on May 20, 2013
CISPA, or the Cyber Intelligence Sharing and Protection Act, is a bill that sets a dangerous precedent for the ongoing erosion of online privacy. Presented as an urgent solution to the threat of hacking and cyber attacks, this controversial piece of legislation’s most recent rewrite is still full of loopholes that throw personal privacy out the window.
Under its current wording, CISPA would open to the door to warrantless governmental monitoring of your online activity. The private sector would be able to legally search and seize sensitive user information including emails, health records, search history, and even banking information. In this broad violation of American cyber privacy, employers in the United States could even require employees to disclose their social media passwords.
CISPA’s legal standing is still shaky, but having passed the US House of Representatives, privacy advocates are up in arms in an ongoing battle to protect sensitive data from prying eyes. The problem with the proposed legislation is that the federal government and businesses could freely share user data without having to ever deal with the normal legal process of acquiring a warrant. This loophole around anti-trust and classification laws would leave your private and sensitive data open to hacking and data mining from other third parties, as there are no rules requiring companies to delete or secure financial or health records before sharing them with the feds.
If signed into law, American citizens, normally accustomed to due process, would have their private records and information open to data mining, spying, and quasi-legal investigations. This new violation of privacy would undermine centuries of precedent of guaranteed security against warrantless search and seizures. For some reason, while a physical file would require a warrant to obtain, some companies and sectors of the government don’t seem to think that online files should be awarded the same security.
Luckily for you and your data, advocates for online privacy have gained enough public attention and support to sway the senate. And according to recent news, the Senate may not have enough votes take up the House-passed piece of legislation with vocal critics like Senator Jay Rockefeller (D-W. Va.), chairman of the Senate Committee on Commerce, Science, and Transportation, coming out against the bill’s lack of privacy protections. And even President Obama has lately reiterated his 2012 claim that he would issue a presidential veto, should CISPA ever come to his desk.
Fighting Back With the Right to Know Act
But don’t rest too easy just yet, as CISPA’s advocates in both the government and private sector are sure to come back in no time with the next iteration of legalized privacy violations. Instead of passively waiting for the next fight for online privacy and due process in the digital era, groups like the ACLU of Northern California and the Electronic Frontier Foundation have been joined by privacy advocates to help pass the Right to Know Act (AB 1291). This proposed bill would grant the public access to any personal data that companies store on them or share with others. If passed, California residents would be able to request their user files, as well as a list of any other companies with which their user data was shared. Regardless of whether or not a company was online or offline, this transparency bill would grant unprecedented citizen access to information on how their user data is being stored and trafficked.
So even if a bill like CISPA passed, under the proposed protections of the Right to Know Act, Californians could keep one step ahead with knowledge of which companies indulge in shady data mining and sharing. With awareness of which companies systematically violate user privacy by exploiting their data for profit, online users can make more informed consumer decisions. And with the knowledge that users will be watching their every move, companies will be much less likely to engage in the rampant storing and selling of supposedly private consumer data that sadly marks the current state of the market.
Protecting Your Data in the Meantime
As privacy advocates and informed consumers keep watch on the latest developments regarding CISPA and the California Right to Know Act, you can still keep your files and private data safe from the eyes of legal snoops. Instead of waiting for legislation and governmental protections, make the switch to an encrypted cloud storage and sharing service like SpiderOak to keep your sensitive files, documents, and photos truly safe from any prying eyes.
Currently, even without CISPA, private companies like Google openly engage in the mining and selling of user data and the outdated Electronic Communications Privacy Act of 1986 allows governmental agencies to read your email without a signed warrant. The only way to get around this loophole in online privacy is to proactively protect your sensitive files, from emails to financial documents and health records.
Most cloud storage and sharing services only protect users with encrypted passwords, which are still vulnerable to savvy hackers. And of course, governmental agencies from the Department of Defense to the IRS are still able to request user data without a warrant. But with SpiderOak, users can store and share sensitive files without ever worrying about cyber spying from hackers, companies, or even the government.
SpiderOak’s server has “zero-knowledge” of your data, which means that only users have readable access to their files, making this service private and anonymous. No one but the user has access to their password, so even if requested by the government to hand over your files or retrieve your password, the company wouldn’t even be able to.