Skip to content

Category Archives: Cybersecurity: Legislation

Groundhog Day in the Senate

By
Friday, March 13, 2015 at 4:18 PM

One of my favorite movies has always been Bill Murray’s Groundhog Day.  Besides the great acting from Murray (and co-star Andie MacDowell) it’s a wonderful exposition of the definition of insanity — doing the same thing over and over again expecting a different result. By that definition, you have to wonder about the sanity of . . .
Read more »

What We Must Do about Cyber

By
Tuesday, March 10, 2015 at 3:00 PM

Last week Amy Zegart noted the rapid rise of cyber in the DNI Annual Threat Assessment. As she observed, Cyber is listed as threat number 1 but it’s only been number 1 since 2012, suggesting just how fast the cyber threat landscape is changing. As late as 2009, cyber appeared toward the very end of . . .
Read more »

The New White House Information Sharing Executive Order

By
Wednesday, February 18, 2015 at 8:30 AM

Last Friday, as part of the Cybersecurity summit at Stanford, President Obama announced a new information sharing initiative, and issued an Executive Order that was tied to the initiative.  The EO will, in the end, do some modest good, but not nearly enough to really stem the tide.  Put prosaically, my best sense is that . . .
Read more »

Live: Bob Litt Speaks at Brookings on Intelligence and Surveillance Reform

By
Wednesday, February 4, 2015 at 11:58 AM

At the top of the hour, Robert S. Litt, General Counsel at the Office of the Director of National Intelligence will speak at the Brookings Institution. His address is expected to examine what has been done so far to implement the directives announced in President Obama’s January 2014 speech at the Department of Justice as . . .
Read more »

Relevant Passages of President Obama’s State of the Union Address

By
Tuesday, January 20, 2015 at 9:32 PM

The following are the passages of tonight’s State of the Union address that seem to me most relevant to the Lawfare readership: Tonight, for the first time since 9/11, our combat mission in Afghanistan is over.  Six years ago, nearly 180,000 American troops served in Iraq and Afghanistan.  Today, fewer than 15,000 remain.  And we salute the courage . . .
Read more »

What David Cameron Doesn’t Get

By
Tuesday, January 20, 2015 at 10:30 AM

Last week British Prime Minister David Cameron gave an extraordinary speech in which he urged the the banning of private communications, that is communications to which the government could not listen into when legally authorized to do so. Cameron is not the first government official to do so; GCHQ Director Robert Hannigan urged the same . . .
Read more »

The Administration’s Cyber Proposals — Information Sharing

By
Friday, January 16, 2015 at 3:56 PM

As part of the run-up to the State of the Union address next week, the Administration has been releasing publicly some of its policy proposals.  One of the most notable suite of proposals involved new legislation relating to cybersecurity.  The transmittal letters and section-by-section analyses can be downloaded from the OMB website.  The White House . . .
Read more »

President Obama’s New Cybersecurity Legislative Proposal

By
Tuesday, January 13, 2015 at 3:51 PM

The White House has released an overview of the proposal previewed in today’s Washington Post which you can read here or below: Since the start of his Administration, when he issued the Cyberspace Policy Review — the first top-to-bottom, Administration-wide review of cybersecurity — President Obama has led efforts to better prepare our government, our economy, . . .
Read more »

On the Sony Hack

By
Friday, December 19, 2014 at 1:28 PM

I’ve written two essays on the Sony hack, one for the Wall Street Journal, and the other for Vice Motherboard. The former opens: Earlier this month, a mysterious group that calls itself Guardians of Peace hacked into Sony Pictures Entertainment’s computer systems and began revealing many of the Hollywood studio’s best-kept secrets, from details about unreleased . . .
Read more »

The 2014 Cato Institute Surveillance Conference

By
Tuesday, December 16, 2014 at 8:00 PM

Last Friday, the Cato Institute held an all-day conference to explore the questions raised by the growth of government surveillance, the revelations of NSA activities by Edward Snowden, and how these newly disclosed technologies should be regulated by the Fourth Amendment and federal law. Ben took part in the conversation on the second panel, which included Charlie . . .
Read more »

Cyber Supply Chain Security

By
Tuesday, December 2, 2014 at 11:30 AM

There are many ways to think about enhancing cybersecurity.  One, for example, is the prospect of software liability, which would, drive safer code. Another, interesting take on the problem has just been offered by Representative Ed Royce, the Chairman of the House Committee on Foreign Affairs — a proposal that he dubs the “Cyber Supply . . .
Read more »

CISA Boom Bah …

By
Tuesday, July 22, 2014 at 4:53 PM

Sorry, I just couldn’t resist the title which does not reflect my true feelings about CISA, the Cybersecurity Information Sharing Act of 2014.  Approved earlier this month by the Senate Intelligence Committee, this bill awaits Senate floor action.  In the current environment, I think its legislative prospects are modest (though perhaps we might see it . . .
Read more »

Bits and Bytes

By
Monday, June 30, 2014 at 11:56 AM

While the rest of the world is watching the Supreme Court’s final decision day of the year, it’s been a busy time in the cyber world as well.  Herewith seven (!) bits and bytes of interest, in no particular order: Facebook’s Psych Experiment.  You’ve no doubt read that Facebook manipulated news feeds as an experiment. . . .
Read more »

Feinstein-Chambliss Cybersecurity Info Sharing Bill

By
Tuesday, June 17, 2014 at 3:18 PM

The Chair and Vice-Chair of the Senate Select Committee on Intelligence, Senators Feinstein and Chambliss have introduced a draft cybersecurity information sharing bill.  Early coverage of the bill from Inside Cybersecurity is here.  My own quick analysis: The requirement to remove personally identifying information from shared cyber threat information is both critical to securing buy . . .
Read more »

Net Neutrality Explained

By
Tuesday, June 3, 2014 at 4:00 PM

The topic of net neutrality (i.e. the question of whether or not all content on the network should be transmitted equally or whether some content providers can pay a premium to have their content transmitted at a faster pace than general) is not one that Lawfare readers will regularly concern themselves with.  Nonetheless, it bears . . .
Read more »

At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues

By
Monday, May 5, 2014 at 1:17 PM

The Computer Science and Telecommunications Board (CSTB) of the National Academies is pleased to announce the release of a report entitled At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues in prepublication form.  The final book version of the report will be available in a few weeks, and a PDF of that final . . .
Read more »

Three Speeches on Cybersecurity by Dan Geer

By
Thursday, April 3, 2014 at 3:00 PM

Cyber security maven Dan Geer has given three speeches in the last six months that are worth a read: (a) APT in a World of Rising Interdependence, given last month at the NSA; (b) We Are All Intelligence Officers Now, given at the RSA Conference in February; and (c) Trends in Cyber Security, given at NRO last November. . . .
Read more »

Snowden Disclosures and Norms of Cyber-Attacks

By
Thursday, March 20, 2014 at 11:00 AM

Secrecy—of the sort that typically shrouds cyber-defense and cyber-attack capabilities and doctrine—complicates the development of international norms.  Secrecy makes it difficult to engage in sustained diplomacy about rules.  Officials can talk about them at high levels of generality, but can’t get very specific, and it’s therefore hard to reach agreement.  Secrecy makes it difficult to . . .
Read more »

The Health Exchange Security and Transparency Act of 2014

By
Saturday, January 11, 2014 at 5:36 PM

So … what are we to make of the Health Exchange Security and Transparency Act of 2014?  As readers may be aware, the bill was proposed by the Republican majority of the House of Representatives and passed that body last week with 67 Democrat votes 291-122.   Democratic leadership opposed the bill as a subterfuge for . . .
Read more »

Part III: The Diamond Buried Deep in the Surveillance Review Group Report

By
Friday, January 3, 2014 at 2:00 PM

What follows is the last in a short, three-post assessment of selected aspects of the surveillance review group report. In this post, I highlight what is, in my view, the most productive of the review group’s many observations, from a national security perspective. Not surprisingly, given the composition and expertise of the review group members, . . .
Read more »