U.S. Promises Not to Sue Companies for Discussing Hacks

Federal agencies are encouraging businesses to work together to thwart hackers.

A person claiming to speak for activist hacker group Anonymous is seen issuing a warning throught a video circulated online to 'go to war' with the Singapore government over recent Internet licensing rules on November 1, 2013.
National Journal
Brendan Sasso
Add to Briefcase
Brendan Sasso
April 10, 2014, 11:18 a.m.

The Obama ad­min­is­tra­tion wants com­pan­ies to work to­geth­er to battle hack­ers.

The Justice De­part­ment and the Fed­er­al Trade Com­mis­sion is­sued a form­al policy state­ment Thursday, as­sur­ing busi­nesses that they will not face fed­er­al law­suits for shar­ing in­form­a­tion with each oth­er about at­tacks on their com­puter sys­tems.

Com­pan­ies have been nervous that dis­cuss­ing in­form­a­tion about hack­ers could run afoul of an­ti­trust laws, which re­strict the abil­ity of busi­nesses to co­ordin­ate with each oth­er. The laws are in­ten­ded to pre­vent com­pan­ies from stifling com­pet­i­tion and in­flat­ing prices.

But the policy doc­u­ment is­sued Thursday states that shar­ing cy­ber­se­cur­ity in­form­a­tion such as in­cid­ent re­ports, ma­li­cious code, or alerts is “highly un­likely” to vi­ol­ate the an­ti­trust laws. Of­fi­cials said that com­pan­ies with ques­tions about any par­tic­u­lar busi­ness prac­tice can con­tact the fed­er­al agen­cies for guid­ance.

Speak­ing at a press con­fer­ence, Deputy At­tor­ney Gen­er­al James Cole said the massive data breach at Tar­get is “just an­oth­er re­mind­er of how far-reach­ing the cy­ber­threat has be­come.” He said the ad­min­is­tra­tion’s guid­ance “lets every­one know that an­ti­trust con­cerns should not get in the way of shar­ing cy­ber­se­cur­ity in­form­a­tion.”

Bill Baer, the head of the Justice De­part­ment’s An­ti­trust Di­vi­sion, said the policy state­ment is an “an­ti­trust no-brain­er,” and he ex­plained that “as long as com­pan­ies don’t dis­cuss com­pet­it­ive in­form­a­tion like pri­cing and out­put when shar­ing cy­ber­se­cur­ity in­form­a­tion, they’re OK.”

He ac­know­ledged that the state­ment won’t af­fect private an­ti­trust law­suits, but he noted that the courts of­ten de­fer to the leg­al in­ter­pret­a­tions of the an­ti­trust agen­cies.

Rand Beers, a White House ad­viser, ar­gued that it is crit­ic­al that com­pan­ies con­tinu­ally as­sess their net­works and share in­form­a­tion about the latest at­tacks. Oth­er­wise, a single vir­us can quickly spread through en­tire in­dus­tries, he warned.

The of­fi­cials said the guid­ance will help com­pan­ies re­spond to vul­ner­ab­il­it­ies, such as the re­cently dis­covered “Heart­bleed” bug, which has un­der­mined se­cur­ity on much of the Web.

The policy state­ment is the Obama ad­min­is­tra­tion’s latest ef­fort to bol­ster cy­ber­se­cur­ity, which of­fi­cials say is one of the most ser­i­ous na­tion­al se­cur­ity is­sues.

Pres­id­ent Obama urged Con­gress to pass com­pre­hens­ive cy­ber­se­cur­ity le­gis­la­tion in 2012 that would have set se­cur­ity stand­ards for crit­ic­al in­fra­struc­ture (such as banks and power com­pan­ies) and en­cour­aged cy­ber­se­cur­ity in­form­a­tion shar­ing. Re­pub­lic­ans blocked the bill, warn­ing it would im­pose un­ne­ces­sary reg­u­la­tions on busi­nesses.

Obama is­sued an ex­ec­ut­ive or­der in early 2013 that cre­ated vol­un­tary guidelines to help crit­ic­al in­fra­struc­ture op­er­at­ors pro­tect their sys­tems. But the in­form­a­tion-shar­ing por­tion of the le­gis­la­tion had re­mained largely un­ad­dressed.

Obama ad­min­is­tra­tion of­fi­cials in­sisted Thursday that Con­gress must still pass cy­ber­se­cur­ity le­gis­la­tion. FTC Chair­wo­man Edith Ramirez urged law­makers to em­power her agency to fine com­pan­ies for in­ad­equate data se­cur­ity, and to set a na­tion­al stand­ard re­quir­ing com­pan­ies to no­ti­fy con­sumers in the event of a data breach.

Cole said le­gis­la­tion is still needed to al­low the gov­ern­ment and private sec­tor to share in­form­a­tion with each oth­er. He also pushed for tough­er pen­al­ties for hack­ers and ex­pan­ded au­thor­ity to seize serv­ers and In­ter­net do­mains.

What We're Following See More »
19 FACE-TO-FACE MEETINGS
Latest Count: 12 Trump Campaign Staffers Had Contact with Russians
1 days ago
THE LATEST
AT ISSUE: COMEY FIRING, SESSIONS’S RECUSAL
Mueller Seeks Documents from DOJ
4 days ago
THE LATEST

Special counsel Robert Mueller "is now demanding documents from the department overseeing his investigation." A source tells ABC News that "Mueller's investigators are keen to obtain emails related to the firing of FBI Director James Comey and the earlier decision of Attorney General Jeff Sessions to recuse himself from the entire matter."

Source:
MULVANEY SAYS PROVISION ISN’T A DEALBREAKER
Trump May Be OK with Dropping Mandate Repeal
4 days ago
THE LATEST

"President Donald Trump would not insist on including repeal of an Obama-era health insurance mandate in a bill intended to enact the biggest overhaul of the tax code since the 1980s, a senior White House aide said on Sunday. The version of tax legislation put forward by Senate Republican leaders would remove a requirement in former President Barack Obama’s signature healthcare law that taxes Americans who decline to buy health insurance."

Source:
FRANKEN JUST THE BEGINNING?
Media Devoting More Resources to Lawmakers’ Sexual Misconduct
4 days ago
THE LATEST

"Members of Congress with histories of mistreating women should be extremely nervous. Major outlets, including CNN, are dedicating substantial newsroom resources to investigating sexual harassment allegations against numerous lawmakers. A Republican source told me he's gotten calls from well-known D.C. reporters who are gathering stories about sleazy members."

Source:
STARTS LEGAL FUND FOR WH STAFF
Trump to Begin Covering His Own Legal Bills
6 days ago
THE DETAILS
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login