U.S. Promises Not to Sue Companies for Discussing Hacks

Federal agencies are encouraging businesses to work together to thwart hackers.

A person claiming to speak for activist hacker group Anonymous is seen issuing a warning throught a video circulated online to 'go to war' with the Singapore government over recent Internet licensing rules on November 1, 2013.
National Journal
Brendan Sasso
Add to Briefcase
Brendan Sasso
April 10, 2014, 11:18 a.m.

The Obama ad­min­is­tra­tion wants com­pan­ies to work to­geth­er to battle hack­ers.

The Justice De­part­ment and the Fed­er­al Trade Com­mis­sion is­sued a form­al policy state­ment Thursday, as­sur­ing busi­nesses that they will not face fed­er­al law­suits for shar­ing in­form­a­tion with each oth­er about at­tacks on their com­puter sys­tems.

Com­pan­ies have been nervous that dis­cuss­ing in­form­a­tion about hack­ers could run afoul of an­ti­trust laws, which re­strict the abil­ity of busi­nesses to co­ordin­ate with each oth­er. The laws are in­ten­ded to pre­vent com­pan­ies from stifling com­pet­i­tion and in­flat­ing prices.

But the policy doc­u­ment is­sued Thursday states that shar­ing cy­ber­se­cur­ity in­form­a­tion such as in­cid­ent re­ports, ma­li­cious code, or alerts is “highly un­likely” to vi­ol­ate the an­ti­trust laws. Of­fi­cials said that com­pan­ies with ques­tions about any par­tic­u­lar busi­ness prac­tice can con­tact the fed­er­al agen­cies for guid­ance.

Speak­ing at a press con­fer­ence, Deputy At­tor­ney Gen­er­al James Cole said the massive data breach at Tar­get is “just an­oth­er re­mind­er of how far-reach­ing the cy­ber­threat has be­come.” He said the ad­min­is­tra­tion’s guid­ance “lets every­one know that an­ti­trust con­cerns should not get in the way of shar­ing cy­ber­se­cur­ity in­form­a­tion.”

Bill Baer, the head of the Justice De­part­ment’s An­ti­trust Di­vi­sion, said the policy state­ment is an “an­ti­trust no-brain­er,” and he ex­plained that “as long as com­pan­ies don’t dis­cuss com­pet­it­ive in­form­a­tion like pri­cing and out­put when shar­ing cy­ber­se­cur­ity in­form­a­tion, they’re OK.”

He ac­know­ledged that the state­ment won’t af­fect private an­ti­trust law­suits, but he noted that the courts of­ten de­fer to the leg­al in­ter­pret­a­tions of the an­ti­trust agen­cies.

Rand Beers, a White House ad­viser, ar­gued that it is crit­ic­al that com­pan­ies con­tinu­ally as­sess their net­works and share in­form­a­tion about the latest at­tacks. Oth­er­wise, a single vir­us can quickly spread through en­tire in­dus­tries, he warned.

The of­fi­cials said the guid­ance will help com­pan­ies re­spond to vul­ner­ab­il­it­ies, such as the re­cently dis­covered “Heart­bleed” bug, which has un­der­mined se­cur­ity on much of the Web.

The policy state­ment is the Obama ad­min­is­tra­tion’s latest ef­fort to bol­ster cy­ber­se­cur­ity, which of­fi­cials say is one of the most ser­i­ous na­tion­al se­cur­ity is­sues.

Pres­id­ent Obama urged Con­gress to pass com­pre­hens­ive cy­ber­se­cur­ity le­gis­la­tion in 2012 that would have set se­cur­ity stand­ards for crit­ic­al in­fra­struc­ture (such as banks and power com­pan­ies) and en­cour­aged cy­ber­se­cur­ity in­form­a­tion shar­ing. Re­pub­lic­ans blocked the bill, warn­ing it would im­pose un­ne­ces­sary reg­u­la­tions on busi­nesses.

Obama is­sued an ex­ec­ut­ive or­der in early 2013 that cre­ated vol­un­tary guidelines to help crit­ic­al in­fra­struc­ture op­er­at­ors pro­tect their sys­tems. But the in­form­a­tion-shar­ing por­tion of the le­gis­la­tion had re­mained largely un­ad­dressed.

Obama ad­min­is­tra­tion of­fi­cials in­sisted Thursday that Con­gress must still pass cy­ber­se­cur­ity le­gis­la­tion. FTC Chair­wo­man Edith Ramirez urged law­makers to em­power her agency to fine com­pan­ies for in­ad­equate data se­cur­ity, and to set a na­tion­al stand­ard re­quir­ing com­pan­ies to no­ti­fy con­sumers in the event of a data breach.

Cole said le­gis­la­tion is still needed to al­low the gov­ern­ment and private sec­tor to share in­form­a­tion with each oth­er. He also pushed for tough­er pen­al­ties for hack­ers and ex­pan­ded au­thor­ity to seize serv­ers and In­ter­net do­mains.

What We're Following See More »
INDICTMENTS NOT PROOF OF COLLUSION
Rosenstein Holds Presser On Russian Indictments
2 days ago
THE DETAILS
Source:
CONTRADICTS TRUMP’S DENIALS
U.S. Indicts 13 Russian Nationals For Election Interference
2 days ago
THE LATEST

The indictment, filed in the District of Columbia, alleges that the interference began "in or around 2014," when the defendants began tracking and studying U.S. social media sites. They "created and controlled numerous Twitter accounts" and "purchased computer servers located inside the United States" to mask their identities, some of which were stolen. The interference was coordinated by election interference "specialists," and focused on the Black Lives Matter movement, immigration, and other divisive issues. "By early to mid-2016" the groups began supporting the campaign of "then-candidate Donald Trump," including by communicating with "unwitting individuals associated with the Trump Campaign..."

Source:
“QUEEN FOR A DAY”
Gates Said to Be Finalizing a Plea Deal
2 days ago
THE LATEST

"Former Trump campaign adviser Rick Gates is finalizing a plea deal with special counsel Robert Mueller's office, indicating he's poised to cooperate in the investigation, according to sources familiar with the case. Gates has already spoken to Mueller's team about his case and has been in plea negotiations for about a month. He's had what criminal lawyers call a 'Queen for a Day' interview, in which a defendant answers any questions from the prosecutors' team, including about his own case and other potential criminal activity he witnessed."

Source:
ZERO-FOR-TWO
Another Defeat for Immigration Legislation in the Senate
3 days ago
THE LATEST

"The Senate on Thursday rejected immigration legislation crafted by centrists in both parties after President Trump threatened to veto the bill if it made it to his desk. In a 54-45 vote, the Senate failed to advance the legislation from eight Republican, seven Democratic and one Independent senators. It needed 60 votes to overcome a procedural hurdle. "

Source:
DISPUTE ASSERTION OF EXECUTIVE PRIVILEGE
House Intel Panel Could Charge Bannon with Contempt
3 days ago
THE LATEST

"The House Intelligence Committee has scheduled a Thursday meeting to hear testimony from Steve Bannon—but it's an open question whether President Donald Trump's former chief strategist will even show up. The White House sent a letter to Capitol Hill late Wednesday laying out its explanation for why Trump's transition period falls under its authority to assert executive privilege, a move intended to shield Bannon from answering questions about that time period." Both Republicans and Democrats on the committee dispute the White House's theory, and have floated charging Bannon with contempt should he refuse to appear.

Source:
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login