Kudus to RedState.com on this. They even give Representative Justin Amash a nod.
Despite what CISPA’s sponsors argue, the bill’s immunity provision doesn’t just nullify outdated privacy laws that arguably restrict how private companies run, and defend, their businesses; it provides blanket immunity from any conceivable liability, including for breaches of contract. Thus, in the name of clearing statutory barriers, CISPA would prevent private companies from making enforceable privacy promises to their users by contract or in a terms of service. These promises might include not sharing certain kinds of information with the government or simply de-identifying what is shared. But CISPA’s blanket immunity discourages private companies from competing on, or innovating in, privacy protection.
More profoundly, CISPA’s immunity language—”notwithstanding any provision of law”—violates a basic principle of the rule of law in a free society: private companies and individuals should be free to form voluntary arrangements beyond the strictures of federal law.