Cybersecurity: Crime and Espionage

Executive Order on Cyber Sanctions

By Paul Rosenzweig
Wednesday, April 1, 2015, 2:00 PM

President Obama has, today, issued an executive order entitled, "Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities."  On first glance it looks like a strong step in the right direction.

The EO is notable not just for what it does, but for how it characterizes the malicious cyber activity.  It is particularly welcome that assaults are now a "national emergency."  It is worth reflecting that this precise language is an essential trigger for the laws invoked -- happily, it does not mean that the infrastructure of the United States is about to crumble.  Some may complain that in using this phrase the President is overstating the case somewhat -- and that may be a fair criticism, on its own terms.  But within the legal context in which the EO arises, the use of "national emergency" is reflective, I think, of the seriousness with the Administration views the problem -- and that's a good thing.

The other good, meta-thing that is going on here is that the Administration is reinforcing the view that its response to cyber maliciousness is not constrained to the cyber domain.  Cyber events require a "whole of government" response -- and this EO builds on that concept by invoking the property-blocking authority of the Department of the Treasury.

The order itself has several useful components to it:

  • First, the order requires the blocking of property for any person (either an individual or entity) that does significant cyber damage to critical infrastructure;
  • It also blocks the property of anyone using cyber capabilities to cause "a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain."
  • Notably, these two provisions, working together, would seem to NOT directly address the Sony hack, as Sony would not be critical infrastructure; nor was the hack for competitive advantage or private gain ... or at least it would seem not to be so;
  • Second, the order also blocks property of those found to "be responsible for or complicit in, or to have engaged in, the receipt or use for commercial or competitive advantage or private financial gain, or by a commercial entity, outside the United States of trade secrets misappropriated through cyber-enabled means."
  • This portion of the order, if seriously implemented, would have huge implications -- it, in effect is an order to freeze the assets of any foreign (i.e. Chinese) company found here in the US that uses stolen American intellectual property for commercial advantage.  Taken to its logical conclusion, we might see the seizure of Alibaba's new data center in Silicon Valley.
  • Third, the order uses immigration authority to restrict the entry into the United States of any individual engaged in or having contributed to the malicious cyber attack.  Again, if used aggressively this could have far reaching implications for many foreign executives who will no longer be able to travel to the US.

In the end, what is most notable about the order is how strongly the US is flexing its economic muscle.  If access to US markets is of value, the Administration is signalling, strongly, that continued access may be conditioned on good cyber behavior.  The proof, as they say, will be in the pudding -- are these just words on paper or part of a real enforcement effort?  Only time will tell, but this is a good first step.