Today, Dutch Ruppersberger (D-MD) re-introduced the Cyber Information Sharing and Protection Act (“CISPA”), a bill that has passed the House of Representatives twice previously, both in 2011 and 2013, and subsequently also twice faced a veto threat from the Administration. We once again urge Congress to reject CISPA. Instead, Congress should pass the Secure Data Act. Unlike CIPSA, it would actually protect user privacy and increase data security.
EFF says the Secure Data Act starts to address the problem of backdoors by prohibiting any agency from “mandate[ing] that a manufacturer, developer, or seller of covered products design or alter the security functions in its product or service to allow the surveillance of any user of such product or service, or to allow the physical search of such product, by any agency.” The legislation only prohibits agencies from requiring a company to build a backdoor. The NSA can still do its best to convince companies to do so voluntarily.
The legislation also doesn’t change the Communications Assistance for Law Enforcement Act (CALEA.) CALEA, passed in 1994, is a law that forced telephone companies to redesign their network architectures to make it easier for law enforcement to wiretap telephone calls. In 2006, the D.C. Circuit upheld the FCC's reinterpretation of CALEA to also include facilities-based broadband Internet access and VoIP service, although it doesn't apply to cell phone manufacturers.