Earlier today, I came across an article from PolitiFact Georgia about a statement made by Michael Opitz, who is running in the Republican primary in GA-11 against Rep. Phil Gingrey. Opitz’s campaign apparently released a YouTube video (which I might add is terribly produced) pointing out that Gingrey voted in favor of Cyber Intelligence Sharing and Protection Act (CISPA) and, by way of voting for the Federal Aviation Administration re-authorization bill, supports allowing unmanned aerial vehicles (UAVs or “drones”) over domestic skies.
Opitz says that this is evidence that Gingrey supports spying on Americans, or, as he puts it, “Big Brother.” Here is what PolitiFact, which gave Opitz a “Mostly False” rating, says on the subject of CISPA:
PolitiFact Georgia asked Opitz for more information on how Gingrey has given the government the power to “electronically spy on you, your family, the average U.S. citizen.”
The video touched on other issues, but since privacy was the ad’s main issue, we’ll focus our inquiry on this subject.
Opitz pointed PolitiFact Georgia to the Cyber Intelligence Sharing and Protection Act, otherwise known as CISPA.
CISPA, or H.R. 3523, gives private companies such as Internet service providers, telecommunication companies, commerce sites and social media networks permission to share certain information with the federal government without a warrant.
In light of other changes in privacy laws and the development of new technologies that can catalog and track personal information, Opitz considers CISPA a big step down the road to tyranny.
“This is George Orwell’s ‘1984’ on steroids,” Opitz said.
CISPA allows corporations to give intelligence agencies information on cyber and national security threats. The information can also be used to stop child exploitation and protect people from bodily harm.
Gingrey co-sponsored CISPA, which passed the House on April 26. It has yet to clear the U.S. Senate. President Barack Obama has threatened to veto the bill.
Opitz said that Gingrey “Gave Government the Power to Electronically Spy on YOU, YOUR FAMILY, the Average US Citizen.”
Opitz’s rhetoric is overheated, and a few of his facts need tweaking. CISPA hasn’t passed the Senate, so if the bill is designed to give the government additional powers, then it hasn’t done it yet. In addition, the bill contains language that supporters say will prevent government spying.
But he does raise a legitimate criticism of CISPA. The bill’s protections may not be enough to keep average Americans safe from Hall and Oates’ private eyes.
Opitz’s statement raises real issues. But he overstates some key points, and it could use a lot more context.
Our rating: Mostly False.
CISPA was brought forward as a “compromise” of sorts after the Stop Online Piracy Act (SOPA) and the PROTECT IP Act (PIPA) failed. There was significant outrage over those two pieces of legislation that prompted many websites, including Wikipedia, to shutdown for a day back in January. Internet activists were, at least temporarily, successful. However, CISPA didn’t receive the same outrage as SOPA and PIPA and did indeed pass the House of Representatives in April.
Honestly, I have no dog in the fight and there is little doubt that Gingrey will easily win his primary challenge next month; however, I take issue with the “Mostly False” rating slapped on Opitz’s statement. But the issues Opitz raised deserve more attention. So would CISPA provide reasonable protections for Americans whose privacy is violated? As Conor Friedersdorf notes, the answer is “no”:
Sponsors of the bill say its purpose is to permit the government and private companies to share information with one another in order to thwart cyberthreats that could imperil national security. For example, say that spies in China were trying to hack into the personal email accounts of various government officials, the server of a hospital, or the database of a “too big to fail” bank. If CISPA is signed into law, these entities and the federal government would be able to share customer data “to identify and obtain cyber threat information,” even if that data is currently unlawful to reveal (thanks to laws passed to ensure that companies don’t share sensitive consumer information with the government).
Civil-liberties groups have various objections to the bill.
The ACLU conjures up a problematic scenario that could happen if it passes. “Imagine you are emailing your doctor from your Gmail account about a medical condition. Your doctor pulls up your medical records from his cloud storage server and sends them your way. Somewhere in that communication, a virus crops up,” staffer Zachary Katznelson writes. “Under CISPA, Google could send your emails, including the electronic copy of your medical records, to the NSA, so they can gather information on the virus. But, Google would be under no obligation whatsoever to scrub out your private details — which have nothing to do with the virus. And now your medical records are in government hands indefinitely — and the government can use them.”
Before the House vote, backers of the bill were considering various amendments to address the concerns of privacy advocates and civil libertarians. The Cato Institute’s Julian Sanchez articulates their mistake. “Instead of indiscriminately adding a cyber-security loophole to every statute on the books, why not figure out which specific kinds of information are useful to security professionals without compromising privacy, figure out which laws raise obstacles to that sharing, and then craft appropriately narrow exemptions?” he writes. “The exceptions could be appropriately narrowly tailored depending on the sensitivity of the information involved.”
In other words, rather than establish the general standard that invoking national security justifies ignoring privacy laws, why not say that everyone enjoys existing privacy protections, except in a very few specific circumstances when very specific types of customer information can be shared? As Scott M. Fulton puts it at Read Write Web, “The privacy of American citizens and the national security of the United States are too important to be left to intentionally vague regulations and legislation.” He goes on to suggest that lawmakers should “stipulate that these are the circumstances in which exceptions must be made to protect vital national security interests. Then, establish an audit trail. State that all transactions must be registered, and the log of those registries may be obtained by public request, pending the approval of a judge.”
And if you do buy into these so-called privacy protections, let’s keep in mind that there have been instances of abuse under the PATRIOT Act, a controversial piece of legislation passed after 9/11. Back in 2007, the Washington Post reported that an audit of 10% of the uses of the law by the FBI produced more than 1,000 instance of abuse to obtain “domestic phone calls, e-mails and financial transactions” of Americans. The FBI later tried to cover their tracks with retroactive subpoenas. By the way, Gingrey voted for re-authorization of the PATRIOT Act earlier this year.
These scenarios would create a situation where privacy protections, such as the Fourth Amendment, could be tossed out the window. That is incredibly problematic. Sure, Opitz may be a bit over the top, but the statement itself is true enough. If Gingrey has his way, given his vote, privacy of Americans could be put at risk with CISPA as a vehicle for potential abuse. And while the White House has said that President Obama would veto the bill, as PolitiFact notes, he would so only because the bill “doesn’t grant the government enough regulatory power over ‘critical infrastructure’ computer networks,” according to Julian Sanchez at the Cato Institute. Whether Opitz’s statement needs more context is irrelevant unless, of course, the meaning of a vote in Congress has somehow changed.