[ebbv]

And the erosion of privacy protection in the name of "security" continues unabated.

The problem with CISPA is we don't need it. I'm not a libertarian (I want single payer universal health care, for example), but I am fully against the PATRIOT Act, FISA abuse and the numerous other things done in the name of security since 9/11.

The reason 9/11 happened was not a lack of security or intelligence; we had those. It was failure to act on the information we had.

We shouldn't be putting more power in the hands of intelligence agencies which have no public oversight. I understand the need for those agencies, but I think they should be as small as possible. Things like CISPA seem to be based on an opposite view; giving them as much power as possible.

EDIT:

Also the notion that you can learn everything you need to know about these bills by reading the bill itself is so myopic as to be comical.

[tptacek]

You could say exactly this set of things about any bill ever. Not one phrase in this comment binds in any way onto CISPA. You literally could have written it 8 years ago, saved it in a tfile in your home directory, and just copy/pasted it into this thread no matter what the bill said.

If you think the real meaning of the bill has nothing to do with the text of the bill, that the text of the bill doesn't matter, just give up. CISPA is tiny compared to ECPA; if you think CISPA has holes a truck could drive through, give a close read to SCA. If you believe the government is going to use milk safety regulations to prosecute movie pirates, just let them pass whatever, and skip the arguments.

[ebbv]

> You could say exactly this set of things about any bill ever.

No, I couldn't. There are unfortunately a lot of bills I could have said that about (and I mentioned some of them), but not literally any bill ever.

In fact, most bills are not about granting more power to intelligence agencies at the cost of privacy protections.

But thanks for sticking to your role as mindless CISPA defender. You play it well.

EDIT:

> If you think the real meaning of the bill has nothing to do with the text of the bill, that the text of the bill doesn't matter, just give up.

I didn't say that and obviously didn't mean that.

I also couldn't give a shit about movie pirates. I buy my entertainment. That's the bonus of being a full grown adult with a career.

But I do care about the erosion of privacy law for no benefit whatsoever, and in fact, what I see as a detriment; continuing to grow the intelligence industry which has no public oversight. That's a Bad Idea(tm).

[loumf]

You probably don't care if you can convince tptacek, but to random people following along (who you might be able to convince), calling tptacek mindless undermines your goal.

[ebbv]

I'm not really concerned. I mostly post comments because I have all these thoughts in my head and I want to let them out.

I called him "mindless CISPA defender" because based on his comments on the subject, that seems like an accurate description.

And in my specific case he seemed to pay no attention whatsoever to what I brought up and replied with a handful of boilerplate responses that didn't really apply to what I was saying. So, that seemed pretty much like a mindless automaton to me.

[Terretta]

tptacek has a dog in this hunt. I'd say his comments here are quite mindful of that.

[tptacek]

That is news to me.

[declan]

I disagree: I think ebbv's analogy is fair, and talking about CISPA (designed to encourage .com->.gov/.mil data flows) as akin to the Patriot Act (designed to increase .com->.gov data flows) and FISA (designed to regulate .com->.gov data flows) is appropriate.

So is asking about unintended consequences of legislation that's touted as accomplishing one thing but will be far broader. CISPA's sponsors say it's necessary to respond to the real threat of Chinese military hackers, but of course the legislation isn't limited to that.

If there are a series of related and bad bills, offering the same general criticisms of them is reasonable. If you're pro-choice and are upset by state efforts to ban abortion, then you can use similar language ("fully against..." "we shouldn't be putting more power in the hands...") to talk about bills in Arkansas, Colorado, Mississippi, North Dakota, Kansas, etc.

Of course a more detailed discussion involves going into more depth and talking about the differences between each state's anti-abortion proposals.

[trhtrsh]

Since we already have a track-record of the government granting retroactive immunity for illegal acts by ISPs, why do we need CISPA at all?

Why not just have the Feds or whoever call up Google and say "Look, this is really important information, as I'm sure you agree, so let's solve the problem, and if any technicalities were violated along the way, we'll get them excused by the overwhelming benefit of your actions" ?

[declan]

ebbv: You're right that you can't learn everything about legislation by reading it in isolation.

You generally need to read it side-by-side with the law it's amending. You need to read any amendments, and the rejected amendments. You need to read caselaw on point so you're aware of how courts have interpreted certain terms. You need to read existing laws in the same area. To the extent that courts will consider it, you need to read the legislative history, floor debate, and committee reports. Ideally you'd want to talk to a lawyer specializing in this area. Obviously the shorter the law, the less all this is necessary, but the text of the law tends to be merely a starting point.