US legal framework for information sharing about cyberincidents is stalled

the reason is that it isn't seperated from the more overal discussion about information sharing with the intelligence and securityservices and as such is part of the global discussion about surveillance, democracy and what is a security threat

these things are much clearer in cybersecurity and it is necessary that such discussions and agreements are seperate from discussions about terrorism, subversion and surveillance

they should talk about ddos, hacking attemps, botnets, phishing attacks and so on

source article that follows

On information sharing, Representatives Rogers and Ruppersberger pushed for passage in the lame-duck session of a bill to permit sharing of cyber threat information between the private sector and the government. Rogers and Ruppersberger’s bill on the issue, the Cyber Threat Information Sharing & Protection Act (“CISPA”), passed the House in April 2013, but drew a veto threat from the White House and generated broad public opposition due to privacy concerns about the businesses providing Internet users’ information to the government. A Senate information sharing bill, the Cybersecurity Information Sharing Act, has prompted similar concerns. Proponents of cyber threat information sharing see it as crucial to facilitating increased security for U.S. systems and networks, but such information sharing has been pulled into the broader debate about surveillance reform and the flow of information to the intelligence community. The failure of the USA FREEDOM Act earlier this week substantially dims the chances for information sharing legislation until the new Congress.

The comments are closed.