[Jakarta, LttW] On October the 27th, 2015, the US Senate passed into law, by a significant voting majority, a controversial bill called the Cybersecurity Information Sharing Act (CISA). Proponents of the bill argue that it is “vital to the security of the American People”, while opponents are adamant that the bill is a violation of privacy of not only US citizens but also of international users of US-based Internet-based services.
So what exactly is CISA? Well at its core, to put it simply, CISA makes it formally legal for the US Federal Government to obtain any digital data hosted by US-based Internet-services companies, so long as it concerns US national security interests, without a court-issued warrant–granted, that is, under condition that the data be given by the private company fully voluntarily to their government. And furthermore, any private US company that does so are legally protected under US law and may not be prosecuted for any privacy violation under US law. The legal details are of course not as simple and clear-cut as this, but this understanding is an adequate baseline for our discussion.
Here we are once again confronted with the reality of how there are conflicts of interests between nations and groups of people, with matters that concern National Security faced Sovereignty and Privacy Rights. The bill had been proposed by members of the US Senate in order to combat international terrorism, and also to protect US national security. But on the other hand the sovereignty of other nations–and, perhaps even more, so the privacy rights of US citizens–must also be given at least equal amount of respect. And furthermore, even without this legal law in the United States of America, the USA has long has the technical and de-facto practical ability, to peek into and sneak into any International data that has been stored on US computer servers. So one might even ask: is it even really important whether or not these sorts of invasion on sovereignty and privacy, is even legal at all?