Congress Unknowingly Undermines Cyber-Security Jonathan Band1

Since 9/11, much public attention has focused on the tradeoff between security on the one hand and civil liberties and privacy on the other. We see this conflict every day when we read about the detainment of foreign nationals or the latest homeland security initiative such as the Pentagon’s Total Information Awareness program. We personally experience it when we are searched before we board an airplane. There is, however, another post-9/11 policy conflict that has received far less public attention. This is the growing conflict between cybersecurity and intellectual property. For several years the entertainment industry had argued that the Internet in general and peer-to-peer networks in particular enable intellectual property infringement on an unprecedented scale. Industry representatives claim that this infringement cuts their profits and diminishes their incentive to invest in new products. Accordingly, the entertainment industry has lobbied Congress to adopt a variety of measures aimed at facilitating the enforcement of intellectual property rights. Unfortunately, these measures have the unintended consequence of undermining cybersecurity. For example, in 1998 Congress passed the Digital Millennium Copyright Act. One provision of the DMCA prohibits the circumvention of technological measures that protect access to copyrighted works. The provision’s intent was to impose legal penalties on hackers who penetrated the encryption and other technological measures copyright owners would use to protect their works in the digital environment. As the DMCA was working its way through Congress, technologists pointed out that the bill as drafted could outlaw the research and testing necessary to develop new cybersecurity products. In response, Congress included in the DMCA two narrow exceptions for encryption research and security testing. In the four years since the DMCA’s enactment, it has become increasingly clear that these exceptions are simply too narrow. Computer science professors have found themselves entangled in litigation because of their academic activities, and universities and software companies have had to include attorneys in the research and development process to ensure compliance with the DMCA’s arcane terms. In this way, the DMCA has hindered the development of technologies that can protect computer networks from cyberattacks. Indeed, Richard Clarke, the head of the Jonathan Band is partner in the Washington, D.C. office of Morrison & Foerster LLP and an adjunct professor at the Georgetown University Law Center.

1

White House office of cyberspace security, recently called for the amendment of the DMCA because of its “chilling effect on vulnerability research.” This year, the entertainment industry supported another legislative proposal that would have had an even greater negative impact on cybersecurity than the DMCA. The P2P Piracy Prevention Act of 2002 would have permitted copyright owners to launch denial of service (DoS) attacks on computer users who “shared” copyrighted works over P2P networks. Until now, Internet service providers have assumed that all DoS attacks are unlawful and require an immediate response. The P2P bill would completely undermine this approach. Before responding to a DoS attack, a service provider would have to determine its legitimacy. This, of course, would delay the service provider’s response to serious illegitimate attacks. In the next Congress, the conflict between intellectual property rights and cybersecurity will come into greater focus. The P2P bill probably will be reintroduced. At the same time, a bill amending the DMCA to exempt security research activities from legal liability will also be introduced. These two bills heading in opposite directions will force Congress to confront this issue head-on. Unlike the conflict between security and privacy, the conflict between cybersecurity and intellectual property is completely avoidable. Copyright owners have numerous means at their disposal for protecting their intellectual property without compromising cybersecurity. These include litigation, spoofing, and the development of new business models that discourage infringement. Moreover, copyright owners could promote the development of stronger technological protection measures, which could actually enhance security. These means might be more expensive than those permitted under the DMCA or the P2P bill, but the cost to society of cyberattacks that cripple our critical information infrastructure will be far greater.

Congress Unknowingly Undermines Cyber-Security ... - policybandwidth

Computer science professors have found themselves entangled in litigation because of their academic activities, and universities and software companies have ...
Download PDF
14KB Sizes 2 Downloads 182 Views
Report

Recommend Documents

Congress Unknowingly Undermines Cyber-Security ... - policybandwidth
Computer science professors have found themselves entangled in ... Until now, Internet service providers have assumed that all DoS attacks are unlawful and require an ... This, of course, would delay the service provider's response to serious ...
special national congress - SACP
Over the past 21 years since our major 1994 democratic break- through, the ..... that exhibit any ambition for, or degree of, national sovereign capac- ity in the face ...... In contrast, and notably, manufacturing in the automotive indus- try surviv
congress participants -
Name. Family Name Affiliation. Title/Profession. E-mail. Zerinum. Abebe. Addis Ababa University, Ethiopia ... [email protected]. Gianfranco. Costanzo.
congress participants -
Loredana. Bonazzoli. S. Gallicano Institute (IRCCS), Rome, Italy ... Paul. Buxton. British Avoc Dermatology Institute Southampton,. UK ... [email protected].
special national congress - SACP
tions (Media 24's effective gobbling up of the public broadcaster is the ... 10. African Communist | June 2015. Americans call “popular protagonism”) the chances of consolidating ... SACP, especially the financial sector campaign, which must be a
The 52nd Annual Congress
Jul 15, 2017 - NibrasAlhamadani (AAU). Abdel Hameed Youssef (Egypt). Abdulnaser Shunaigat (Jordan). Ahmed Shokeir (Egypt). Ahmed Shoma (Egypt). Aly Abdelkarim (Egypt). Bedeir Ali-El-Dein (Egypt). Hassan Abdel Latif (Egypt). Hisham Hammouda (Egypt). M
Congress-Info.pdf
The Lebanese Communist Party held its congress on April 22-23-24, 2016 ... including the Arab Left Meeting and the International Meeting of Communist and ...
congress -Candidate.pdf
d+l;/ @! ut] lgjf{rg x'g] lhNnfsf] juL{s/0f_. @)&$ d+l;/ @! ut] x'g] lhNnfx¿ ... Ë != uf]ljGb 9'+ufgf. @= ljho ;DjfxfDj] ... congress -Candidate.pdf. congress -Candidate.pdf.
Condo Congress Flyer - gpcma
E-Mail Address. Registrant 2. Please choose one: I am a condo or community association manager. I live in a condo or community association. Breakout ...
Condo Congress Flyer - gpcma
E-Mail Address. PLEASE MAKE ADDITIONAL COPIES IF NECESSARY. For more information, please contact us at: WEB: www.philagcci.org. EMAIL: ...
congress list.pdf
pkk|d'v /lxdf vft'g. 2 dxfu9LdfO{ g=kf= k|d'v pk]Gb|k|;fb ofbj clx/. pkk|d'v tf/fb]jL sfg'. 3 b]jtfn uf=kf= cWoIf xl/nfn /fo ofbj -jRr' jfjf_. pkfWoIf nfnd'gL b]jL. 4 ;'j0f{ uf=kf= cWoIf /fh]zk|;fb ofbj. pkfWoIf /fdtLb]jL ofbj. If]q g+= #. 1 km]6f uf
cybersecurity professional - ISACA
With CSX, business leaders and cyber professionals can obtain the .... work with senior management to maximize organizational .... Like ISACA on Facebook:.
Cybersecurity - CUE.pdf
Ongoing safety resources to mitigate cybersecurity threats ... denial of service (DDoS) attack. which stops electronic ... Page 4 of 27. Cybersecurity - CUE.pdf.
Cybersecurity - Snell & Wilmer
Sep 30, 2016 - 25% of all of the data breaches that we hear about and ... when there is a data breach or cyber. DANIELLE ... no matter how small or large, can.
congress - prakadana pathrika.pdf
congress - prakadana pathrika.pdf. congress - prakadana pathrika.pdf. Open. Extract. Open with. Sign In. Main menu. Displaying congress - prakadana ...
Cybersecurity - Snell & Wilmer
Sep 30, 2016 - the last ten or fifteen years. Let's start ... and social engineering. To level set the ... it will help harden your networks ... (UAT) into a unique all-STEM institution that marries the best ..... part of larger systematic campaign.
african national congress -
Feb 12, 2009 - remained in the ANC and continued to serve the people of South Africa as. Minister of Education. Such decisions and steadfastness taught us a ...
Chapter 11: Congress
Electing Congress. High approval for own representatives… high distrust of other members of Congress. High retention rate for incumbents in Congress. ○. Incumbents have humongous advantage in Congressional elections. •. Chapter 11: Congress. Th
Cybersecurity Incident Checklist.pdf
Cybersecurity Incident Checklist.pdf. Cybersecurity Incident Checklist.pdf. Open. Extract. Open with. Sign In. Main menu. Displaying Cybersecurity Incident ...
kerala science congress -
online in the format prescribed in the Kerala Science Congress website. A review panel ... carries a Certificate of Merit and cash prize of Rs. 10,000/-. Awardees ...
until 2014 - World Uyghur Congress
one-year anti-terror campaign initiated back in May in response to a deadly incident in Urumqi that left 43 dead. .... strong trade and diplomatic ties to. China. .... The right to operate Uyghur language schools has been largely supplanted by the.
until 2014 - World Uyghur Congress
The United States, the UK, Canada, Germany, Australia and Italy, .... 14 http://www.economist.com/blogs/analects/2014/01/more-violence-East Turkestan ...... science professor from Hong Kong University of Science and Technology, argued.
Congress-Candidate-Final.pdf
jL b]jL d08n. 2 x+;'k'/ g=kf= k|d'v –. pkk|d'v –. 3 cf}/xL uf=kf= cWoIf a|xDb]j ofbj ... Page 3 of 9. Main menu. Displaying Congress-Candidate-Final.pdf. Page 1 of 9.