Microsoft Takes A Step Back From CISPA

After giving CISPA supporters a pat on the back late last year, Microsoft has officially revoked its support of the controversial internet bill that passed the  U.S. House of Representatives just this week. Some more troubling parts of the bill caused Microsoft to revoke its support for the current version, citing the need to deliver on privacy promises to its customers. With its retraction of support the company has joined the ranks of CISPA doubters, including President Barack Obama, who has already threatened to veto the bill should it ever reach his desk. In a statement sent to CNET yesterday evening, Microsoft recognized the importance of improving both cyber security and the way intelligence is shared across the internet, but the company stressed that the sharing of information should, however, be voluntary. A much debated stipulation within the bill allows the government to surpass current cyber protection laws in order to obtain personal information from anyone it deems to be a threat.

Notwithstanding any other provision of law, a self-protected entity may, for cybersecurity purposes — (i) use cybersecurity systems to identify and obtain cyber threat information to protect the rights and property of such self-protected entity; and (ii) share such cyber threat information with any other entity, including the Federal Government.

The super-law potential to violate a suspect’s privacy, alluded to in this clause, is what many who rally against CISPA are most concerned over. In its statement Microsoft pointed to this involuntary sharing of information to be directly at odds with the privacy and security promises made to its customers. Though Microsoft has begun to distance itself from this bill, it has not completely ruled out supporting an amended version, calling CISPA in its current form “a first step in this legislative process.”

We look forward to continuing to work with members of Congress, consumer groups, the civil liberties community and industry colleagues as the debate moves to the Senate to ensure the final legislation helps to tackle the real threat of cybercrime while protecting consumer privacy.

With a huge corporation like Microsoft recognizing the violation of rights involved in the bill, and distancing itself from them at a crucial time as the Senate vote approaches, hopefully more companies will recognize the negative implications CISPA holds for their customers.