Yesterday afternoon, I tweeted my unhappiness about Microsoft backing CISPA. By last night, they had clarified their position. Declan McCullagh reported last night:
Microsoft is no longer as enthusiastic about a controversial cybersecurity bill that would allow Internet and telecommunications companies to divulge confidential customer information to the National Security Agency.
The U.S. House of Representatives approved CISPA by a 248 to 168 margin yesterday in spite of a presidential veto threat and warnings from some House members that the measure represented “Big Brother writ large.” (See CNET’s CISPA FAQ.)
In response to queries from CNET, Microsoft, which has long been viewed as a supporter of the Cyber Intelligence Sharing and Protection Act, said this evening that any law must allow “us to honor the privacy and security promises we make to our customers.”
Microsoft added that it wants to “ensure the final legislation helps to tackle the real threat of cybercrime while protecting consumer privacy.”
Read more on the CNET.
But how much have they really walked back from what supporters of CISPA viewed as their support? And will they come out and say what privacy and security protections any final bill needs to have to get their endorsement? I’ve read the statement they sent CNET a few times but it doesn’t actually say what Microsoft thinks is missing:
Microsoft has previously stated support for efforts to improve cyber security, and sharing threat information is an important component of those efforts. Improvements to the way this information is shared would help companies better protect customers, and online services in the United States and around the world from criminal attack. Microsoft believes that any proposed legislation should facilitate the voluntary sharing of cyber threat information in a manner that allows us to honor the privacy and security promises we make to our customers.
Legislation passed by the House of Representatives yesterday is a first step in this legislative process. Since November, there has been active, constructive dialogue to identify and address concerns about the House bill, and several important changes were incorporated. We look forward to continuing to work with members of Congress, consumer groups, the civil liberties community and industry colleagues as the debate moves to the Senate to ensure the final legislation helps to tackle the real threat of cybercrime while protecting consumer privacy.
So… will they put actual pressure/lobbying efforts into ensuring that any Senate bill does contain strong privacy protections?
If they do, I may even forgive them for Millenium.