Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Cybersecurity and Information Sharing: Legal Challenges and Solutions

Cybersecurity and Information Sharing: Legal Challenges and Solutions, Andrew Nolan, Legislative Attorney. March 16, 2015.
“Over the course of the last year, a host of cyberattacks has been perpetrated on a number of high profile American companies. The high profile cyberattacks of 2014 and early 2015 appear to be indicative of a broader trend: the frequency and ferocity of cyberattacks are increasing, posing grave threats to the national interests of the United States. While considerable debate exists with regard to the best strategies for protecting America’s various cyber-systems and promoting cybersecurity, one point of general agreement amongst cyber-analysts is the perceived need for enhanced and timely exchange of cyber-threat intelligence both within the private sector and between the private sector and the government. Nonetheless, there are many reasons why entities may opt to not participate in a cyber-information sharing scheme, including the potential liability that could result from sharing internal cyber-threat information with other private companies or the government. More broadly, the legal issues surrounding cybersecurity information sharing— whether it be with regard to sharing between two private companies or the dissemination of cyber-intelligence within the federal government—are complex and have few certain resolutions. In this vein, this report examines the various legal issues that arise with respect to the sharing of cybersecurity intelligence, with a special focus on two distinct concepts: (1) sharing of cyber-information within the government’s possession and (2) sharing of cyber-information within the possession of the private sector. With regard to cyber-intelligence that is possessed by the federal government, the legal landscape is relatively clear: ample legal authority exists for the Department of Homeland Security (DHS) to serve as the central repository and distributor of cyber-intelligence for the federal government. Nonetheless, the legal authorities that do exist of ten overlap, perhaps resulting in confusion as to which of the multiple sub-agencies within DHS or even outside of DHS should be leading efforts on the distribution of cyber-information within the government and with the public. Moreover, while the government has wide authority to disclose cyber-intelligence within its possession, that authority is not limitless and is necessarily tied to laws that restrict the government’s ability to release sensitive information within its possession.”

US leads upward trend in arms exports, Asian and Gulf states arms imports up

“The United States has taken a firm lead as the major arms exporter globally, according to new data on international arms transfers published today by Stockholm International Peace Research Institute (SIPRI). Overall, the volume of international transfers of major conventional weapons grew by 16 per cent between 2005–2009 and 2010–14. The volume of US exportsContinue Reading

How to opt out of unwanted communications

Vox – How to opt out of everything from credit card offers to group texts – 9 useful tips and resources, with the last not actually achievable – reclaiming your online privacy from government surveillance.

Constitution Annotated

Via Congress.gov – “The Constitution of the United States of America: Analysis and Interpretation (popularly known as the Constitution Annotated) contains legal analysis and interpretation of the United States Constitution, based primarily on Supreme Court case law. This regularly updated resource is especially useful when researching the constitutional implications of a specific issue or topic.Continue Reading

RAND – A Database of U.S. Security Treaties and Agreements

RAND – “Treaties and agreements are powerful foreign policy tools that the United States uses to build and solidify relationships with partners and to influence the behavior of other states. As a result, the overall U.S. portfolio of treaties and agreements can offer insight into the distribution and depth of U.S. commitments internationally, including itsContinue Reading

White House Office of Administration Not Subject to FOIA Regulations

Removal of Published Rules To Align Published Policy with Current Sources of Law – A Rule by the Administration Office, Executive Office of the President on 03/17/2015. Final rule. “The Executive Office of the President, Office of Administration, is removing regulations from the Code of Federal Regulations related to the status of records created andContinue Reading

The Intercept – TSA’s Secret Behavior Checklist to Spot Terrorists

Jana Winter and Cora Currier – The Intercept: “Fidgeting, whistling, sweaty palms. Add one point each. Arrogance, a cold penetrating stare, and rigid posture, two points. These are just a few of the suspicious signs that the Transportation Security Administration directs its officers to look out for — and score — in airport travelers, accordingContinue Reading

The Productivity of Working Hours

The Productivity of Working Hours, John Pencavel, April 2014. Stanford University and Institute for the Study of Labor, Bonn – Germany. “Observations on munition workers, most of them women, are organized to examine the relationship between their output and their working hours. The relationship is nonlinear: below an hours threshold, output is proportional to hours;Continue Reading

Assigning More Students to Their Top Choices: A Tiebreaking Rule Comparison

Ashlagi, Itai and Nikzad, Afshin and Romm, Assaf I, Assigning More Students to Their Top Choices: A Tiebreaking Rule Comparison (March 2015). Available for download at SSRN: http://ssrn.com/abstract=2585367 “School choice districts that implement stable matchings face various design issues that impact students’ assignments to schools. We study properties of the rank distribution of students withContinue Reading

How the Volcker Rules Became an 8 Billion Annual Business

Via AmericanBanker.com, John Heltman (free to non-subscribers): “The Office of the Comptroller of the Currency — one of the five regulatory agencies that had to write and implement the Volcker Rule — estimated the cost of compliance at just under $1 billion when it conducted a cost-benefit analysis of the proposal back in 2011. AContinue Reading

Even more unwanted software protection via the Safe Browsing API

Google Online Security Blog: ” Deceptive software disguised as a useful download harms your web experience by making undesired changes to your computer. Safe Browsing offers protection from such unwanted software by showing a warning in Chrome before you download these programs. In February we started showing additional warnings in Chrome before you visit aContinue Reading

Detekt – free tool that scans your Windows computer for traces of commercial surveillance spyware

Via FastCoExit: “Spyware like FinFisher contributes to a multi-billion dollar business. But until last week, activists had few ways to defend themselves, aside from the well-placed bit of duct tape over the computer camera and rigorous digital hygiene practices. That’s why Amnesty International, Privacy International, Digitale Gesellschaft, and the Electronic Frontier Foundation rolled out aContinue Reading