U.S. Promises Not to Sue Companies for Discussing Hacks

Federal agencies are encouraging businesses to work together to thwart hackers.

A person claiming to speak for activist hacker group Anonymous is seen issuing a warning throught a video circulated online to 'go to war' with the Singapore government over recent Internet licensing rules on November 1, 2013.
National Journal
Brendan Sasso
Add to Briefcase
Brendan Sasso
April 10, 2014, 11:18 a.m.

The Obama ad­min­is­tra­tion wants com­pan­ies to work to­geth­er to battle hack­ers.

The Justice De­part­ment and the Fed­er­al Trade Com­mis­sion is­sued a form­al policy state­ment Thursday, as­sur­ing busi­nesses that they will not face fed­er­al law­suits for shar­ing in­form­a­tion with each oth­er about at­tacks on their com­puter sys­tems.

Com­pan­ies have been nervous that dis­cuss­ing in­form­a­tion about hack­ers could run afoul of an­ti­trust laws, which re­strict the abil­ity of busi­nesses to co­ordin­ate with each oth­er. The laws are in­ten­ded to pre­vent com­pan­ies from stifling com­pet­i­tion and in­flat­ing prices.

But the policy doc­u­ment is­sued Thursday states that shar­ing cy­ber­se­cur­ity in­form­a­tion such as in­cid­ent re­ports, ma­li­cious code, or alerts is “highly un­likely” to vi­ol­ate the an­ti­trust laws. Of­fi­cials said that com­pan­ies with ques­tions about any par­tic­u­lar busi­ness prac­tice can con­tact the fed­er­al agen­cies for guid­ance.

Speak­ing at a press con­fer­ence, Deputy At­tor­ney Gen­er­al James Cole said the massive data breach at Tar­get is “just an­oth­er re­mind­er of how far-reach­ing the cy­ber­threat has be­come.” He said the ad­min­is­tra­tion’s guid­ance “lets every­one know that an­ti­trust con­cerns should not get in the way of shar­ing cy­ber­se­cur­ity in­form­a­tion.”

Bill Baer, the head of the Justice De­part­ment’s An­ti­trust Di­vi­sion, said the policy state­ment is an “an­ti­trust no-brain­er,” and he ex­plained that “as long as com­pan­ies don’t dis­cuss com­pet­it­ive in­form­a­tion like pri­cing and out­put when shar­ing cy­ber­se­cur­ity in­form­a­tion, they’re OK.”

He ac­know­ledged that the state­ment won’t af­fect private an­ti­trust law­suits, but he noted that the courts of­ten de­fer to the leg­al in­ter­pret­a­tions of the an­ti­trust agen­cies.

Rand Beers, a White House ad­viser, ar­gued that it is crit­ic­al that com­pan­ies con­tinu­ally as­sess their net­works and share in­form­a­tion about the latest at­tacks. Oth­er­wise, a single vir­us can quickly spread through en­tire in­dus­tries, he warned.

The of­fi­cials said the guid­ance will help com­pan­ies re­spond to vul­ner­ab­il­it­ies, such as the re­cently dis­covered “Heart­bleed” bug, which has un­der­mined se­cur­ity on much of the Web.

The policy state­ment is the Obama ad­min­is­tra­tion’s latest ef­fort to bol­ster cy­ber­se­cur­ity, which of­fi­cials say is one of the most ser­i­ous na­tion­al se­cur­ity is­sues.

Pres­id­ent Obama urged Con­gress to pass com­pre­hens­ive cy­ber­se­cur­ity le­gis­la­tion in 2012 that would have set se­cur­ity stand­ards for crit­ic­al in­fra­struc­ture (such as banks and power com­pan­ies) and en­cour­aged cy­ber­se­cur­ity in­form­a­tion shar­ing. Re­pub­lic­ans blocked the bill, warn­ing it would im­pose un­ne­ces­sary reg­u­la­tions on busi­nesses.

Obama is­sued an ex­ec­ut­ive or­der in early 2013 that cre­ated vol­un­tary guidelines to help crit­ic­al in­fra­struc­ture op­er­at­ors pro­tect their sys­tems. But the in­form­a­tion-shar­ing por­tion of the le­gis­la­tion had re­mained largely un­ad­dressed.

Obama ad­min­is­tra­tion of­fi­cials in­sisted Thursday that Con­gress must still pass cy­ber­se­cur­ity le­gis­la­tion. FTC Chair­wo­man Edith Ramirez urged law­makers to em­power her agency to fine com­pan­ies for in­ad­equate data se­cur­ity, and to set a na­tion­al stand­ard re­quir­ing com­pan­ies to no­ti­fy con­sumers in the event of a data breach.

Cole said le­gis­la­tion is still needed to al­low the gov­ern­ment and private sec­tor to share in­form­a­tion with each oth­er. He also pushed for tough­er pen­al­ties for hack­ers and ex­pan­ded au­thor­ity to seize serv­ers and In­ter­net do­mains.

What We're Following See More »
SHUTDOWN LOOMING
House Approves Spending Bill
14 hours ago
BREAKING

The House has completed it's business for 2016 by passing a spending bill which will keep the government funded through April 28. The final vote tally was 326-96. The bill's standing in the Senate is a bit tenuous at the moment, as a trio of Democratic Senators have pledged to block the bill unless coal miners get a permanent extension on retirement and health benefits. The government runs out of money on Friday night.

HEADS TO OBAMA
Senate Approves Defense Bill
15 hours ago
THE LATEST

The Senate passed the National Defense Authorization Act today, sending the $618 billion measure to President Obama. The president vetoed the defense authorization bill a year ago, but both houses could override his disapproval this time around.

Source:
ANTI-MINIMUM WAGE INCREASE
Trump Chooses Hardee’s/Carl’s Jr CEO as Labor Sec
17 hours ago
BREAKING
BUCKING THE BOSS?
Trump Cabinet Full of TPP Supporters
17 hours ago
WHY WE CARE

"President-elect Donald Trump railed against the Trans-Pacific Partnership on his way to winning the White House and has vowed immediately to withdraw the U.S. from the 12-nation accord. Several of his cabinet picks and other early nominees to top posts, however, have endorsed or spoken favorably about the trade pact, including Iowa Gov. Terry Branstad, announced Wednesday as Mr. Trump’s pick for ambassador to China, and retired Marine Gen. James Mattis, Mr. Trump’s pick to head the Department of Defense."

Source:
WWE WRESTLING OWNER
Trump to Nominate Linda McMahon to Head SBA
1 days ago
THE LATEST
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login