Skip to content

Category Archives: Cybersecurity: Legislation

Relevant Passages of President Obama’s State of the Union Address

By
Tuesday, January 20, 2015 at 9:32 PM

The following are the passages of tonight’s State of the Union address that seem to me most relevant to the Lawfare readership: Tonight, for the first time since 9/11, our combat mission in Afghanistan is over.  Six years ago, nearly 180,000 American troops served in Iraq and Afghanistan.  Today, fewer than 15,000 remain.  And we salute the courage . . .
Read more »

What David Cameron Doesn’t Get

By
Tuesday, January 20, 2015 at 10:30 AM

Last week British Prime Minister David Cameron gave an extraordinary speech in which he urged the the banning of private communications, that is communications to which the government could not listen into when legally authorized to do so. Cameron is not the first government official to do so; GCHQ Director Robert Hannigan urged the same . . .
Read more »

The Administration’s Cyber Proposals — Information Sharing

By
Friday, January 16, 2015 at 3:56 PM

As part of the run-up to the State of the Union address next week, the Administration has been releasing publicly some of its policy proposals.  One of the most notable suite of proposals involved new legislation relating to cybersecurity.  The transmittal letters and section-by-section analyses can be downloaded from the OMB website.  The White House . . .
Read more »

President Obama’s New Cybersecurity Legislative Proposal

By
Tuesday, January 13, 2015 at 3:51 PM

The White House has released an overview of the proposal previewed in today’s Washington Post which you can read here or below: Since the start of his Administration, when he issued the Cyberspace Policy Review — the first top-to-bottom, Administration-wide review of cybersecurity — President Obama has led efforts to better prepare our government, our economy, . . .
Read more »

On the Sony Hack

By
Friday, December 19, 2014 at 1:28 PM

I’ve written two essays on the Sony hack, one for the Wall Street Journal, and the other for Vice Motherboard. The former opens: Earlier this month, a mysterious group that calls itself Guardians of Peace hacked into Sony Pictures Entertainment’s computer systems and began revealing many of the Hollywood studio’s best-kept secrets, from details about unreleased . . .
Read more »

The 2014 Cato Institute Surveillance Conference

By
Tuesday, December 16, 2014 at 8:00 PM

Last Friday, the Cato Institute held an all-day conference to explore the questions raised by the growth of government surveillance, the revelations of NSA activities by Edward Snowden, and how these newly disclosed technologies should be regulated by the Fourth Amendment and federal law. Ben took part in the conversation on the second panel, which included Charlie . . .
Read more »

Cyber Supply Chain Security

By
Tuesday, December 2, 2014 at 11:30 AM

There are many ways to think about enhancing cybersecurity.  One, for example, is the prospect of software liability, which would, drive safer code. Another, interesting take on the problem has just been offered by Representative Ed Royce, the Chairman of the House Committee on Foreign Affairs — a proposal that he dubs the “Cyber Supply . . .
Read more »

CISA Boom Bah …

By
Tuesday, July 22, 2014 at 4:53 PM

Sorry, I just couldn’t resist the title which does not reflect my true feelings about CISA, the Cybersecurity Information Sharing Act of 2014.  Approved earlier this month by the Senate Intelligence Committee, this bill awaits Senate floor action.  In the current environment, I think its legislative prospects are modest (though perhaps we might see it . . .
Read more »

Bits and Bytes

By
Monday, June 30, 2014 at 11:56 AM

While the rest of the world is watching the Supreme Court’s final decision day of the year, it’s been a busy time in the cyber world as well.  Herewith seven (!) bits and bytes of interest, in no particular order: Facebook’s Psych Experiment.  You’ve no doubt read that Facebook manipulated news feeds as an experiment. . . .
Read more »

Feinstein-Chambliss Cybersecurity Info Sharing Bill

By
Tuesday, June 17, 2014 at 3:18 PM

The Chair and Vice-Chair of the Senate Select Committee on Intelligence, Senators Feinstein and Chambliss have introduced a draft cybersecurity information sharing bill.  Early coverage of the bill from Inside Cybersecurity is here.  My own quick analysis: The requirement to remove personally identifying information from shared cyber threat information is both critical to securing buy . . .
Read more »

Net Neutrality Explained

By
Tuesday, June 3, 2014 at 4:00 PM

The topic of net neutrality (i.e. the question of whether or not all content on the network should be transmitted equally or whether some content providers can pay a premium to have their content transmitted at a faster pace than general) is not one that Lawfare readers will regularly concern themselves with.  Nonetheless, it bears . . .
Read more »

At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues

By
Monday, May 5, 2014 at 1:17 PM

The Computer Science and Telecommunications Board (CSTB) of the National Academies is pleased to announce the release of a report entitled At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues in prepublication form.  The final book version of the report will be available in a few weeks, and a PDF of that final . . .
Read more »

Three Speeches on Cybersecurity by Dan Geer

By
Thursday, April 3, 2014 at 3:00 PM

Cyber security maven Dan Geer has given three speeches in the last six months that are worth a read: (a) APT in a World of Rising Interdependence, given last month at the NSA; (b) We Are All Intelligence Officers Now, given at the RSA Conference in February; and (c) Trends in Cyber Security, given at NRO last November. . . .
Read more »

Snowden Disclosures and Norms of Cyber-Attacks

By
Thursday, March 20, 2014 at 11:00 AM

Secrecy—of the sort that typically shrouds cyber-defense and cyber-attack capabilities and doctrine—complicates the development of international norms.  Secrecy makes it difficult to engage in sustained diplomacy about rules.  Officials can talk about them at high levels of generality, but can’t get very specific, and it’s therefore hard to reach agreement.  Secrecy makes it difficult to . . .
Read more »

The Health Exchange Security and Transparency Act of 2014

By
Saturday, January 11, 2014 at 5:36 PM

So … what are we to make of the Health Exchange Security and Transparency Act of 2014?  As readers may be aware, the bill was proposed by the Republican majority of the House of Representatives and passed that body last week with 67 Democrat votes 291-122.   Democratic leadership opposed the bill as a subterfuge for . . .
Read more »

Part III: The Diamond Buried Deep in the Surveillance Review Group Report

By
Friday, January 3, 2014 at 2:00 PM

What follows is the last in a short, three-post assessment of selected aspects of the surveillance review group report. In this post, I highlight what is, in my view, the most productive of the review group’s many observations, from a national security perspective. Not surprisingly, given the composition and expertise of the review group members, . . .
Read more »

Assessing the Review Group Recommendations: Part III

By
Tuesday, December 31, 2013 at 5:54 PM

In Parts I and II of this series, I focused on the Review Group recommendations from Chapter III of the group’s report. Starting in this post, I turn to the recommendations of Chapter IV, which deal with collection under Section 702 and other authorities directed at non-US persons. This is, to my mind, one of the . . .
Read more »

The Meaning of the Cyber Revolution

By
Monday, December 16, 2013 at 3:00 PM

That is the title of a recent essay in International Security by Lucas Kello, a post-doctoral fellow at the Kennedy School at Harvard.  The essay is a rare effort to understand how international relations theory, and social science more generally, should apply to cyber war.  From the introduction: The article makes three main arguments.  First, . . .
Read more »

FTC Seeks New Privacy Authority

By
Wednesday, December 4, 2013 at 12:33 PM

Lawfare readers will recall that I earlier blogged about the Federal Trade Commission’s case against Wyndham Hotels.  Under the mantle of its consumer protection mandate, the FTC has sought to impose civil penalties against those companies who do not adequately protect the personal information of consumers.  Wyndham is challenging that authority, arguing that the FTC . . .
Read more »

Cyber and the NDAA

By
Wednesday, November 27, 2013 at 2:14 PM

Congress is in recess now (that’s why it’s so quiet here in Washington) and when they return the first order of business for the Senate is to take up the 2014 NDAA.   The bill, authorizing activities of the Department of Defense, is one of the few bills that routinely gets a full hearing in the . . .
Read more »