Summary: An amendment to CISPA failed to pass. This now means major tech and Web companies will be disallowed under law to promise to protect your privacy.
Major technology and Web companies — not limited to Google, Facebook, Twitter and Microsoft — will not be allowed to promise to protect users’ privacy should CISPA pass Congress.
For those out of the loop, CISPA will allow private sector firms to search personal and sensitive user data of ordinary U.S. residents to identify this so-called “threat information”, and to then share that information with each other and the US government — without the need for a court-ordered warrant.
Under a new amendment voted on earlier today in the U.S. House [PDF], U.S. companies would have been able to keep their privacy policies intact and their promises valid, including terms of service, legally enforceable in the future.
But the Republicans narrowly failed to get it through by a 5-8 vote to reject the amendment.
According to CNET’s Declan McCullagh, Rep. Pete Sessions (R-TX), who chairs the House Rules Committee, urged his colleagues to reject the amendment. And they did. All Republican members of the committee voted against, despite a unanimous show of support from the Democratic membership.
It would have allowed companies to make promises to their customers not to voluntarily share their data with other private firms or the U.S. government under the law, which would have been legally valid and enforceable in court.
It means that those who signed up to services under the explicit terms that data would not be shared — with perhaps the exception of the U.S. government if a valid court order or subpoena is served — would no longer have such rights going forward.
The amendment would have weakened CISPA’s position. Now it gives these private firms watertight legal immunity under CISPA to share their customer and user data with other firms and the U.S. government, by being “completely exonerated from any risk of liability,” according to Rep. Jared Polis (D-CO) speaking to our sister site CNET.
This gives private sector firms the right to hand over private user data, while circumventing existing privacy laws, such as emails, text messages, and cloud-stored documents and files, with the U.S. government and its law enforcement and intelligence agencies.
Today, the White House threw its weight behind a threat that would see CISPA, known as its full title as the Cyber Intelligence Sharing and Protection Act, vetoed by President Obama should it pass his desk.
A vote on CISPA will go ahead on the House floor either on April 17 or April 18.