CISPA: what it is and what you need to know

CISPA is back with new bill text summary
There's more to CISPA than meets the eye

CISPA stands for the Cyber Intelligence Sharing Protection Act, and it also stands as one of the most controversial pieces of legislation of 2013.

That's because it's a cybersecurity bill that calls for government and private companies to share information with each other, putting privacy advocates on edge.

Formally known as H.R. 624, CISPA 2013 was authored by House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Dutch Ruppersberger (D-Md.). It's is a lengthy 27-page bill with important context below its executive summary.

However, its most basic intent is for the intelligence community and private sector tech and telecom firms to swap information on cyber threats.

The argument for CISPA

With every passing day, there is a greater need for CISPA, or at least something with the protections it offers, it's backers contend. That's because U.S. businesses - "job creators" - are being targeted by what this cybersecurity bill's authors call "nation-state actors."

Rogers and Ruppersberger specifically cite China, Iran and Russia for cyber exploitation and theft.

The result, according to legislators, is a loss of valuable trade secrets and sensitive customer information. Putting it bluntly, the committee behind CISPA declares that "this rampant industrial espionage costs American jobs."

A country like China, dubbed the world's most active and persistent perpetrator of cyber economic espionage by CISPA's authors, is said to have taken illegally acquired information from U.S. companies like client lists, merger and acquisition data, pricing information, and the results of research and development efforts.

Meanwhile, Rogers and Ruppersberger note that U.S. companies often hit legal barriers when attempting to share threat information with the government, or even other companies experiencing similar attacks.

The impeded data exchange goes both ways, according to the congressmen, as the government, privy to cybersecurity information, hits its own red tape when it could give relevant companies the heads-up.

The problem with CISPA

Protecting American jobs as well as the nation's cyber infrastructure sounds all well and good on tax-payer funded paper. But CISPA opponents see the bill as the latest way for government to overreach and overshare the personal information of American citizens - without having to get a warrant to do so.

Privacy advocates call CISPA an attack on the Fourth Amendment and put it in line with Stop Online Piracy Act (SOPA) and PROTECT IP Act (PIPA) that were dismissed from the legislative process after online protests in 2011 and 2012.

The White House threatens to veto CISPA

CISPA 2.0 would given the federal government broad spying powers, say privacy advocates

Under the CISPA-cious eye

In the case of CISPA, opponents see it as a broadly defined bill that fails to compel private companies to expunge irrelevant personal information from the data handed over to the government. Worse, in their eyes, is that scrutinized American citizens may never know that they are under the suspicious eye of the federal government.

Challenging the undue reading of emails and text messages isn't addressed by this transparency-lacking version of CISPA, according to its detractors. Instead, the bill gives immunity to tech companies for their part in the data-sharing cooperative.


This is technically the second version of CISPA, and has become known as CISPA 2.0, especially by those on a campaign against the cybersecurity bill. The first attempt at the legislative process was in April 2012 when it was voted on by the U.S. House of Representatives. It passed in a 248-168 vote.

Despite claiming to have been passed with "bipartisan" support, CISPA's authors never saw their bill make it through the Senate. The 112th Congress adjourned at the start of 2013. The House Intelligence Committee has re-introduced a new version of CISPA in the current session of Congress.

CISPA sponsors

CISPA was drawn up by the U.S. House Intelligence Committee, which oversees the various intel communities that are in charge of foreign relations and national security. This includes 16 agencies from the CIA and Department of Homeland Security, as well as the Department of Energy and Department of Treasury.

Matt Swider