[tptacek]

You are not allowed to make arguments that are directly rebutted by the facts. There were drafts of CISPA that were published in which the assets protected by the bill (which defines attacks in terms of the familiar C.I.A. triad) included "IP", which would have included things like the source code to operating system drivers. But the bill that got voted on included a series of amendments, all published, that neutered that language because of exactly that concern.

CISPA is simply not about the interests of rightsholders.

[nitrogen]

CISPA is simply not about the interests of rightsholders.

The commenter to which you are replying did not make that assertion. The mention of IP was an attempt to identify the source of the confusion between cybersecurity and IP rights, not about CISPA specifically. Here's what the parent comment actually claimed:

When I look at what's being proposed I see that the government is using its sovereign power to trade away my right to civil suit against a company in event of a data loss, in exchange to that company for it handing over private information (that very well can include customer information) without a warrant. In big broad, abstract ways this is to my benefit if it improves "cyber security" but it also removes some specific rights I have....

And the civil liability immunity agreement (as I understand it) in CISPA will effectively act as a giant gift that only a sovereign power can grant, we'll offer you protection from being sued if you just hand over business data without a warrant.

Nothing about rightsholders in there.

[tptacek]

The bill is clearly not about rightsholders, so it is intellectually dishonest to suggest that there is a legitimate concern about power grabs by rightsholders in it. "I watch C-SPAN religiously and they're always talking about IP rights" is not a substitute for reading the bill.

[nitrogen]

The sentence you quote is referring to the confusion about the bill, not the bill itself. Again, the OP didn't claim that CISPA was about IP.

[tptacek]

I disagree, but I don't think this subthread is important enough to litigate. If he wants to chime in and say "I absolutely am not saying CISPA is part of a scheme that will increase the powers of rightsholders", I'll apologize for mischaracterizing him.

[Torgo]

I absolutely am not saying CISPA is part of a scheme that will increase the powers of "rightsholders." I don't see that in there. I was referring to the "spying" claim of the parent post of my first response.

My concern is with limiting of my right to civil suit against a corporation, and my fear that the bartering of these rights for information bypasses legal constraints on information collecting by government and law enforcement.

[tptacek]

Do you think it is reasonable that an auto insurance company that operates under DPPA, or a classroom management service that operates under FERPA, or credit agency operating under FCRA, or nationwide bank under RFPA, or for that matter any online service managing information that could be considered stored communications --- do you think it is reasonable that these organizations should incur either the risk of a class action lawsuit or the expense of tens of thousands of dollars of legal review simply in order to push a worm signature or botnet identification or DDOS netflow information to a public clearinghouse? In other words, do you think it is in the public interest for you to retain the right to sue these kinds of companies to vindicate your theoretical privacy interest in network security data shared in good faith?

Thanks to Declan Mccullagh downthread for making my arguments about CISPA more vivid by citing all the privacy regs CISPA interacts with. :)

Oh: by the way: if I understand you correctly, you're not at all concerned that CISPA is a backdoor attempt to enable copyright enforcement, and by rebutting that idea earlier, I mischaracterized your point. I apologize for doing that. CISPA makes me jumpy.