Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

CISPA: FAQ on What it is and Why it's Still Dangerous

https://www.eff.org/cybersecurity-bill-faq



This FAQ includes what I think are very misleading statements about CISPA; for instance, CISPA is clearly not intended to enforce copyright, and includes provisions that no copyright advocate would have accepted were that the purpose of the law. For instance, CISPA, unlike any other statute in the US Code, specifically exempts ToS violations from the purview of the statute.


There are many laws that were intended for x and subsequently used for Y. This is the whole problem with not watching the policce and prosecutors and trusting them to do public good. They have their own career goals and personal failings getting in the way of public goods.


tptacek, you've given some of the more informed comments on this thing. Could you put together a primer on what you think of the bill?


Not intended to but might/will be used to ?


Reread my comment: the bill contains measures that make it difficult to use the act to defend copyright. If it's a backdoor SOPA (the venn diagram between those two acts are two adjacent disconnected circles), why does it do that?


'Backdoor SOPA?' Those are your words, not the EFF's, and they're concerned about a lot of this legislation besides the abuse by copright holders.

Anyways, I believe you're referring to this section: 'Does CISPA do enough to prevent abuse of the law for copyright enforcement?'

Here's the relevant text from that section:

CISPA’s definition of "cyber threat information" includes information directly pertaining to a threat to "confidentiality." But what does confidentiality mean? The definition encompasses measures designed for preserving "authorized restrictions on access," including means for protecting "proprietary information." "Proprietary information" is not defined, and could be read to include copyrighted information. For example, one type of restriction on access that is designed to protect proprietary information is digital rights management (DRM).

The problem here is the vagueness of the language. As others as have pointed out, the concern is not so much about intent of the language, but abuse of the vagueness to strongly serve the interests' of copyright holders over the general public.


Please read the bill, not just EFF's summary of the bill. To be covered under CISPA, the information must be stored or transmitted on a protected system, and whatever the violation is, it can't be either a consumer terms of service agreement or a consumer licensing agreement.

Additionally, published content isn't confidential.


...published content isn't confidential.

Unless you happen to increment a public-facing URL in a numeric fashion...


No, that wouldn't do it.

There are just easier ways to string someone up for copyright infringement if you really wanted to than CISPA.


I've read the bill, but I'm not a lawyer, so maybe I misunderstood.

Could you please point out the text of the bill that you're describing here?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: