Cybersecurity

Cyber Threat Information and the Antitrust Canard

By Joel Brenner
Friday, April 11, 2014, 10:42 PM

Those of us who tried to do big things in government have learned to be grateful for small things.  Yesterday, the Justice Department’s Antitrust Division and the Federal Trade Commission jointly declared, “they do not believe that antitrust is---or should be---a roadblock to legitimate cybersecurity information sharing.” The business press immediately jumped on this as a giant step forward, removing a big impediment to the sharing of cyber threat information among private parties. In fact, when it comes to that kind of sharing, “antitrust” was always a red herring. Threat reports, indicators, malware signatures, and the like are highly technical and have nothing to do with prices, terms of sale, territories, or other price- and output-related subjects that can create antitrust concerns. The Antitrust Division reached this conclusion in a business review letter 14 years ago, and both agencies say that analysis then “remains very current” now.  Any competent antitrust counsel has known this all along. Any counsel who worried about it could have sought a business review letter from the Division and would have received the same advice.

So what explains the persistence of the antitrust roadblock to information sharing?  Corporate counsel are an understandably conservative lot.  In their release yesterday, the agencies noted that some companies “have been counseled that sharing of information among competitors may raise antitrust concerns.”  Insofar as it was true, that advice in these circumstances was beyond conservative.  It was unsound.

In other cases, “antitrust” was simply an excuse for companies’ not sharing threat information they did not want to share.  In one industry I’m familiar with, executives from several top-tier competitors all told me they believed their threat information gave them a competitive advantage.  That could not logically be true for all of them. In any case, even among highly capable companies, the knowledge that comes from sharing cyber threat information is enormously greater than any single competitor can achieve acting alone.

Yesterday’s public release was welcome, but given the persistence of the antitrust canard, I tried to get the Division to issue such a statement about five years ago while I was the national counterintelligence executive.  Too bad it took so long.

Topics: