Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

CRS – Stealing Trade Secrets and Economic Espionage

Stealing Trade Secrets and Economic Espionage: An Overview of the Economic Espionage Act, Charles Doyle, Senior Specialist in American Public Law. August 19, 2016.

“Stealing a trade secret is a federal crime when the information relates to a product in interstate or foreign commerce, 18 U.S.C. 1832 (theft of trade secrets), or when the intended beneficiary is a foreign power, 18 U.S.C. 1831 (economic espionage). Section 1832 requires that the thief be aware that the misappropriation will injure the secret’s owner to the benefit of someone else. Section 1831 requires only that the thief intend to benefit a foreign government or one of its instrumentalities. Offenders face lengthy prison terms as well as heavy fines, and they must pay restitution. Moreover, property derived from the offense or used to facilitate its commission is subject to confiscation. The sections reach violations occurring overseas, if the offender is a United States national or if an act in furtherance of the crime is committed within the United States. Depending on the circumstances, misconduct captured in the two sections may be prosecuted under other federal statutes as well. A defendant charged with stealing trade secrets is often indictable under the Computer Fraud and Abuse Act, the National Stolen Property Act, and/or the federal wire fraud statute. One indicted on economic espionage charges may often be charged with acting as an unregistered foreign agent and on occasion with disclosing classified information or under the general espionage statutes. Finally, by virtue of the Defend Trade Secrets Act (P.L. 114-153), Section 1831 and 1832 are predicate offenses for purposes of the federal racketeering and money laundering statutes. P.L. 114-153 ( S. 1890) dramatically increased EEA civil enforcement options when it authorized private causes of action for the victims of trade secret misappropriation. In addition, the EEA now permits pre-trial seizure orders in some circumstances, counterbalanced with sanctions for erroneous seizures.”

BYU – Why We Disregard Security Warnings

BYU Marriott School News – “Software developers listen up: if you want people to pay attention to your security warnings on their computers or mobile devices, you need to make them pop up at better times. A new study from BYU, in collaboration with Google Chrome engineers, finds the status quo of warning messages appearing… Continue Reading

Information Security: Agencies Need to Improve Controls over Selected High-Impact Systems

Information Security: Agencies Need to Improve Controls over Selected High-Impact Systems, GAO-16-501: Published: May 18, 2016. Publicly Released: Jun 21, 2016. “In GAO’s survey of 24 federal agencies, the 18 agencies having high-impact systems identified cyber attacks from “nations” as the most serious and most frequently-occurring threat to the security of their systems. These agencies… Continue Reading

A Few Easy Steps Everyone Should Take to Protect Their Digital Privacy

Via ACLU – “Much of the privacy protection we need in today’s world can’t happen without technological and legislative solutions, and the ACLU will continue leading the fight for digital security and privacy through our litigation and advocacy efforts. But there are simple steps that everyone can take to improve their digital privacy. While there… Continue Reading

Judicial Conference Committee seeks to implement wider law enforcement surveillance

Follow up to Supreme Court expands surveillance powers of intelligence agency via EFF – With Rule 41, Little-Known Committee Proposes to Grant New Hacking Powers to the Government – The government hacking into phones and seizing computers remotely? It’s not the plot of a dystopian blockbuster summer movie. It’s a proposal from an obscure committee… Continue Reading

Supreme Court expands surveillance powers of intelligence agency

Via The Intercept: “The Supreme Court on approved [April 28, 2016] changes that would make it easier for the FBI to hack into computers, including those belonging to victims of cybercrime. The changes will take effect in December, unless Congress adopts competing legislation. Previously, under the federal rules on criminal procedures, a magistrate judge couldn’t… Continue Reading

DoD tests public key infrastructure for DTIC secure website access

SecureIDNews:  “The federal government’s use of user IDs and passwords for access to its applications could soon give way to more secure PKI-based credentials if more government entities follow the lead of the U.S. Department of Defense. The Defense Department is leveraging PKI to better protect its information systems, with the intent of making access… Continue Reading

Reminder – no more IE support for versions prior to 11

Via Microsoft for Business – “What is end of support? Beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical supports and security updates. Internet Explorer 11 is the last version of Internet Explorer, and will continue to receive security updates, compatibility fixes, and… Continue Reading

Operationalizing Cybersecurity Due Diligence: A Transatlantic Comparative Case Study

Shackelford, Scott and Russell, Scott, Operationalizing Cybersecurity Due Diligence: A Transatlantic Comparative Case Study (January 12, 2016). South Carolina Law Review, 2016. Available for download at SSRN: http://ssrn.com/abstract=2714529 “Although much work has been done on applying the law of warfare to cyber attacks, far less attention has been paid to defining a law of cyber… Continue Reading

CRS – The Federal Cybersecurity Workforce

The Federal Cybersecurity Workforce: Background and Congressional Oversight Issues for the Departments of Defense and Homeland Security. Kathryn A. Francis, Analyst in Government Organization and Management; Wendy Ginsberg Analyst in American National Government. January 8, 2016. “The federal cybersecurity workforce is responsible for protecting U.S. government systems and networks against cyber threats and attacks. Federal… Continue Reading

Search Engine Backed by Internet-Wide Scanning

“Censys is a search engine that enables researchers to ask questions about the hosts and networks that compose the Internet. Censys collects data on hosts and websites through daily ZMap and ZGrab scans of the IPv4 address space, in turn maintaining a database of how hosts and websites are configured. Researchers can interact with this… Continue Reading

Google – An Empirical Analysis of Email Delivery Security

Neither Snow Nor Rain Nor MITM…An Empirical Analysis of Email Delivery Security “The SMTP protocol is responsible for carrying some of users’ most intimate communication, but like other Internet protocols, authentication and confidentiality were added only as an afterthought. In this work, we present the first report on global adoption rates of SMTP security extensions,… Continue Reading