One Step Forward and Two Steps Back: Possible Changes to CISPA and ECPA on the Horizon

So I am not sure if anyone is still checking out the blog at this point, but since I finally have a minute, I thought that I would post the last couple of articles I found before the semester officially ends. The first one is interesting because it covers how portions of CISPA would create corporate immunity for certain acts of information gathering that would, as of now, mean that they could be held responsible for various torts and statutory violations. What is interesting about this, perhaps more so than the unsurprising notion that corporations would want to immunize themselves from liability as much as possible, is the fact that CISPA would use such loosely defined language in order to define “cyber security threats.”

I find it interesting that, with all the debate over ECPA and its antiquated definitions/application, a bill being proposed in 2013 still suffers from many of the same problems. The exemption seems to leave it up to the company to determine what is, or is not, a cyber security threat. Obviously, this version of the bill did not pass, but this seems to be a troubling pattern in recent arguments over bills like CISPA and SOPA, which use broad terms that would sweep in far too much information, which is troubling for propoenents of internet privacy, and would make obtaining any sort of damages against corporations for information based harms even more difficult than they are now. The article can be found here: http://motherboard.vice.com/blog/cispas-immunity-provision-would-allow-corporate-hacking

The second article I am including is one about some of the proposed changes to ECPA. ECPA has been consistently criticized as being antequated and out of date in terms of its application to modern technology and understanding of advances in notions of privacy and communication as far as things like internet and email go. In particular, the Stored Communications Act portion seems particularly out of date insofar as it fails to protect information and methods of communication that are arguably as important today as landlines were twenty years ago (after all, how many of you guys still have landlines?).

This amendment to ECPA would require disclosure by law enforcement when an individuals email has been accessed as a result of a warrant. Though there are two exceptions (national security “gag order,” and when it would tip off a subject) it seems like a step in the right direction for privacy. After all, unlike when the police come to your door to search your house, many people are unaware of not only what data they consistently send out to the world, but also of whether a search has even taken place. This would at least serve to make such searches more visible. The article can be found here: http://www.zdnet.com/plans-to-end-warrantless-email-searches-pass-senate-committee-7000014527/

Anyways, for those of you still reading (hey Professor!) I hope you have a good summer! I hope you find these articles as interesting as I did, and congratulations to the 3L’s among us.