If you want to read what the ECPA says, here's one relevant portion: 18 USC 2511 (2)(a)(i).
Whether it carves any exception into the ECPA privacy protections for wholesale disclosure to 3rd parties as tptacek claims looks debatable. What's not debatable is that that exception does not grant immunity from any other laws if you disclose information to a 3rd party.
If tptacek had cited something supporting his position then there could be a real discussion. As it is, all I can do is say his argument looks wrong, Facebook and EFF also apparently think his argument is wrong, but since I'm not a legal expert on ECPA and related laws, I can't say for sure that there isn't some more obscure provision of ECPA that does say what he's saying.
What's the law you think Facebook would be violating by sharing potentially PII-encumbered data with another service provider incident to anything they could claim was a legitimate investigation?
In other words: in the world we're in now, pre-CISPA, what's the specific legal risk you think is preventing Facebook from sharing data?
It's certainly not the ECPA! The ECPA, like I've pointed out repeatedly, specifically carves out an exception for service providers sharing information, and makes no mention of anonymizing that data (ironically, it's CISPA that brings anonymization into the picture).
You yourself make a not-invalid point, that ECPA doesn't prohibit sharing but also doesn't shield providers from claims under other laws. I agree that if CISPA is worth keeping, the language around immunity should be tightened --- oh wait, it just was in the latest draft! --- but again:
For CISPA's sharing immunity to be a meaningful threat, you'd have to cite some statute that could reasonably threaten (again, say) Facebook for sharing information during an investigation.
Finally, I know it's annoying that I keep saying this, but: providers already share information about attacks, and it's not all anonymized or particularly carefully targeted. I have firsthand knowledge of what they used to do a few years ago, and understand that sharing has only increased since then.
Whether it carves any exception into the ECPA privacy protections for wholesale disclosure to 3rd parties as tptacek claims looks debatable. What's not debatable is that that exception does not grant immunity from any other laws if you disclose information to a 3rd party.
If tptacek had cited something supporting his position then there could be a real discussion. As it is, all I can do is say his argument looks wrong, Facebook and EFF also apparently think his argument is wrong, but since I'm not a legal expert on ECPA and related laws, I can't say for sure that there isn't some more obscure provision of ECPA that does say what he's saying.