Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybersecurity

CRS – Transatlantic Relations in 2018

Transatlantic Relations in 2018. January 10, 2018. IN10847. “As the second year of the Trump Administration begins, a degree of uncertainty lingers over transatlantic relations. The U.S.-European partnership could face challenges in 2018. Following the election of President Trump, numerous European officials and analysts expressed concern about the future trajectory of U.S.-European relations, particularly the U.S. commitment to NATO, the European Union (EU), and the multilateral trading system. Although the Trump Administration has not altered or withdrawn from the fundamental aspects of the transatlantic relationship, many European leaders appear uneasy with key parts of the Trump Administration’s “America First” foreign policy and some question whether the United States will remain a reliable partner in 2018. Many European policymakers harbor concerns about Trump Administration policies on a range of international challenges, from relations with Russia, China, and the Middle East to issues such as global migration, the role of multilateral organizations, and free trade. Some European officials also are wary about the Administration’s commitment to the 2015 multilateral nuclear deal with Iran and have urged the United States to continue to support the deal. U.S. decisions to withdraw from the Paris climate agreement and to recognize Jerusalem as the capital of Israel have become irritants in the relationship. Some Europeans consider President Trump to be ambivalent about the EU and the U.S. security umbrella for Europe. The Trump Administration’s views on a proposed U.S.-EU free-trade agreement (the Transatlantic Trade and Investment Partnership, or T-TIP) remain unclear, and the Administration has yet to nominate a U.S. ambassador to the EU. The Trump Administration continues to urge NATO allies to shoulder more of the burden for European security and increase their defense spending. Others note, however, that President Trump has reaffirmed the U.S. commitment to NATO’s “Article 5” mutual defense clause and the Administration’s FY2018 budget proposal requested a 40% increase in funding for the U.S. European Reassurance Initiative (since renamed the European Deterrence Initiative, or EDI), which seeks to strengthen the U.S. military presence in Central and Eastern Europe. At the same time, the EU faces several internal challenges, including negotiating the United Kingdom’s withdrawal from the EU (“Brexit”), addressing rule-of-law concerns in Poland and Hungary, and managing the migration and Catalan crises. Such issues are consuming a good deal of the EU’s attention and could limit its ability to work with the United States on shared foreign-policy concerns. Despite the potential challenges to transatlantic relations in 2018, most European governments view close political and economic ties with the United States as a cornerstone of their foreign and security policies. Many European policymakers hope to preserve the existing strong partnership with the United States on issues such as cooperative approaches to decisionmaking, support for multilateral institutions, security, countering terrorism, promoting cybersecurity, and resolving the Ukraine crisis.”

Report to President on Enhancing Resilience of Internet and Communications Ecosystem Against Botnets and Distributed Threats

“This draft report responds to the May 11, 2017, Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. That order called for “resilience against botnets and other automated, distributed threats,” directing the Departments of Commerce and Homeland Security to “lead an open and transparent process to identify and promote action by appropriate… Continue Reading

Law, Metaphor and the Encrypted Machine

Gill, Lex, Law, Metaphor and the Encrypted Machine (2017). Available at SSRN: https://ssrn.com/abstract=2933269 – “The metaphors we use to imagine, describe and regulate new technologies have profound legal implications. This paper offers a critical examination of the metaphors we choose to describe encryption technology in particular, and aims to uncover some of the normative and legal… Continue Reading

U.S. Army Concept for Cyberspace and Electronic Warfare Operations 2025-2040

The U.S. Army Concept for Cyberspace and Electronic Warfare Operations 2025-2040, CRS report via FAS. “TRADOC Pamphlet 525-8- 6, The U.S. Army Concept for Cyberspace and Electronic Warfare Operations expands on the ideas presented in TRADOC Pamphlet 525-3- 1, The U.S. Army Operating Concept: Win in a Complex World (AOC). This document describes how the… Continue Reading

Bill Would Establish Cybersecurity Inspections, Impose Mandatory Penalties, and Compensate Consumers for Stolen Data

“United States Senators Elizabeth Warren (D-Mass.) and Mark Warner (D-Va.) today introduced the Data Breach Prevention and Compensation Act to hold large credit reporting agencies (CRAs) – including Equifax – accountable for data breaches involving consumer data. The bill would give the Federal Trade Commission (FTC) more direct supervisory authority over data security at CRAs,… Continue Reading

What is the U.S. Digital Registry?

“Whether for access to emergency, financial or education public services, users need to trust they are engaging with official U.S. government digital accounts. To help prevent exploitation from unofficial sources, phishing scams, or malicious entities, the U.S. Digital Registry serves as a crowdsource resource for agencies, citizens, and developers to confirm the official status of… Continue Reading

DHS Handbook for Safeguarding Sensitive PII

Handbook for Safeguarding Sensitive PII Privacy Policy Directive 047-01-007, Revision 3. Published by the DHS Privacy Office. December 4, 2017. This Handbook provides best practices and DHS policy requirements to prevent a privacy incident involving PII/SPII during all stages of the information lifecycle: when collecting, storing, using, disseminating, or disposing of PII/SPII. This handbook explains:… Continue Reading

Tech giants responding to massive chip vulnerability alert

Just saying – don’t throw away all the paper and the books ok. Via Axios: “A nasty series of vulnerabilities affecting decades of chip processors from Intel and others is the root of the broadest security hole to date, affecting nearly all computers, smartphones and servers. Companies including Apple, Amazon, Microsoft and Google are scrambling… Continue Reading

ABA Journal – A strategy for defeating cyberthreats to lawyers

ABA Journal: ” Every week brings news of major new cyberattacks—the stealing of personal information from Equifax and the federal Office of Personnel Management, the Petya and WannaCry ransomware worms, the Russian hacking of the Democratic National Committee’s emails, to name a few. Indeed, the cyberthreat from criminals, hacktivists and state actors is growing. The… Continue Reading

Normative Challenges of Identification in the Internet of Things: Privacy, Profiling, Discrimination, and the GDPR

Wachter, Sandra, Normative Challenges of Identification in the Internet of Things: Privacy, Profiling, Discrimination, and the GDPR (December 6, 2017). Available at SSRN: https://ssrn.com/abstract=3083554 “In the Internet of Things (IoT), identification and access control technologies provide essential infrastructure to link data between a user’s devices with unique identities, and provide seamless and linked up services.… Continue Reading

WaPo – Extensive interviews illuminate rejection of Russia’s threat to US national security

The Washington Post – Doubting the intelligence, Trump pursues Putin and leaves a Russian threat unchecked: “Nearly a year into his presidency, Trump continues to reject the evidence that Russia waged an unprecedented assault on a pillar of American democracy and supported his run for the White House. Interviews with more than 50 U.S. officials… Continue Reading

S.177 – Data Security and Breach Notification Act of 2015

“Data Security and Breach Notification Act of 2015 – Requires the Federal Trade Commission (FTC) to promulgate regulations requiring commercial entities, nonprofit and for-profit corporations, estates, trusts, cooperatives, and other specified entities that own or possess data containing personal information (covered entities), or that contract to have a third-party maintain or process such data for… Continue Reading