Do you think it is reasonable that an auto insurance company that operates under DPPA, or a classroom management service that operates under FERPA, or credit agency operating under FCRA, or nationwide bank under RFPA, or for that matter any online service managing information that could be considered stored communications --- do you think it is reasonable that these organizations should incur either the risk of a class action lawsuit or the expense of tens of thousands of dollars of legal review simply in order to push a worm signature or botnet identification or DDOS netflow information to a public clearinghouse? In other words, do you think it is in the public interest for you to retain the right to sue these kinds of companies to vindicate your theoretical privacy interest in network security data shared in good faith?

Thanks to Declan Mccullagh downthread for making my arguments about CISPA more vivid by citing all the privacy regs CISPA interacts with. :)

Oh: by the way: if I understand you correctly, you're not at all concerned that CISPA is a backdoor attempt to enable copyright enforcement, and by rebutting that idea earlier, I mischaracterized your point. I apologize for doing that. CISPA makes me jumpy.