CISPA is Back and I Don't Care Anymore

Cyber Intelligence Sharing and Protection Act which would enter U.S. law if passed, the House of Representatives will be voting on this in the next few days. There are many flaws with this, the EFF has a good FAQ about CISPA. In short it gives power to private companies to share their user's data with 3rd parties whenever they feel like it. This concerns anyone who uses an American company for anything from forums to email and so on.

Obama promised to veto it which could mean he'll actually sign it and say he has some reservations, a bit like with the NDAA.

We Don't All Live in America

There are a few Internet defense organisations based in the U.S.A., many do a brilliant job of gathering informations and breaking them down, investigating and so on. They often will have an option for non-Americans to participate, which is cool. Yet still, the whole thing feels way to America-centric and non-Americans have their own problems too, problems that these organisations do not address unfortunately.

As a non-American, it's perhaps time to stop playing along with American laws/bills and all their protests and petitions. These things just come back over and over again, that's how it works. People invest so much time reading about the new amendments, signing petitions, discussing these things on forums and chatrooms, but in reality it feels more like a big waste of time and energy. Time that could be spent actually doing things.

Actually, Most of Us Do Live in America, Virtually

There are 1 billion active Facebook users (according to Pingdom 2012 in numbers) out of 2.4 billion Internet users. If you want to know what people are thinking and doing, design a law that lets you into the Facebook and you have access to almost 50% of the world's profiles.

Facebook is an American company, if you are a European with a Facebook account then your profile is subject to American law. Even if your data is stored on a server located in Europe. In this case a part of you lives in America.

Facebook is obviously just one example, the same applies to any and every American operated Internet service, so Google, Hotmail, Twitter, Reddit, and so on. Even DuckDuckGo. Within the lot there are some companies that are more or less "good guys", others may be submissive and silent, in the end they are all subject to the Patriot Act and other goodies.

You may be interested in reading Safe Harbor: Why EU data needs 'protecting' from US law.

What Else Can I Do Besides Sign and Tweet ?

CISPA and many of its friends exist only because the overwhelming majority of Interweb users use centralised services. The problem is that almost everyone uses the same communication tools. This makes it easy to design laws that would target them and exploit their already exploited users. And that's what they do.

If the majority of users used their own servers all these laws would be very hard to implement. It would require actual work to start gathering a user's profile, so much that it would probably only happen when it's at least somewhat justifiable.

Running your own server isn't half as complicated as it sounds, I wont go into details here, but there are tools that make it easy (DISS for example, maybe not the best, but I tried at least). The ideal is to do this with friends and provide email services to your family and friends. Cheap and reasonably reliable servers exist and can be found under 20 euros a month even, they could host quite a few users.

All those Internet defense groups should be promoting self hosting, when they do that I will take them seriously.