Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

<b><i>Online Exclusive</b></i> Controversial Cybersecurity Bill Passes in House

By Todd Ruger
April 24, 2013

Congress is once again pushing forward on a controversial bill to bolster the nation's cybersecurity, which could end up changing how law firms and their clients respond to online threats.

The House passed the Cyber Intelligence Sharing and Protection Act (CISPA) on April 18, sending the legislation to the Senate. The bill would allow 'cybersecurity entities' ' an intentionally broad term that includes law firms and business that they represent ' to share cyber threat information with the intelligence community.

In return, the bill addresses some key concerns of law firms about turning over information about attacks to the government, says Jerry Ferguson, a co-chairman of Baker & Hostetler's national privacy and data-protection practice.

For instance, the bill would protect the information from being disclosed in public records requests under the Freedom of Information Act, and provides some liability protection from civil or criminal cause of actions for those sharing cyberthreat information in good faith.

Larger law firms and smaller sophisticated firms are significant repositories of clients' important information and are targets of cyberattacks. 'It's already started, the hackers are now looking for soft targets,' Ferguson says. 'They're looking at companies that do business with the Fortune 50 and seeing if the information can be obtained there.'

Senate Democrats and the White House have already objected to the bill, while privacy groups have warned that it would erode privacy by allowing companies to turn over personal information to the government.

'This bill undermines the privacy of millions of Internet users,' Rainey Reitman, Electronic Frontier Foundation's activism director, said in a written statement. 'Hundreds of thousands of Internet users opposed this bill, joining the White House and Internet security experts in voicing concerns about the civil liberties ramifications of CISPA.'

Because of that, the bill will probably be debated for several months, and law firms will be watching closely for the effect on clients, Ferguson says. He doesn't see the legislation becoming law in current form, but that it could if the Senate insists on greater civil liberties protections. 'I think it's going to go through a lot of negotiation before it lands on the president's desk, if it gets that far.'

The bill is now pending before the Senate Intelligence Committee.

[UPDATE: According to an April 25 report in US News, CISPA will not be taken up for a vote by the Senate.'"We're not taking [CISPA] up,”'a representative of the U.S. Senate Committee on Commerce, Science and Transportation'says. “Staff and senators are divvying up the issues and the key provisions everyone agrees would need to be handled if we're going to strengthen cybersecurity. They'll be drafting separate bills.”'Sen. Jay Rockefeller (D-WV), chairman of the committee, said the passage of CISPA was “important,” but said the bill's “privacy protections are insufficient.” See, ACLU: CISPA Is Dead (For Now), Us News.]


Todd Ruger is a Reporter for The National Law Journal, an ALM affiliate of Internet Law & Strategy.

Congress is once again pushing forward on a controversial bill to bolster the nation's cybersecurity, which could end up changing how law firms and their clients respond to online threats.

The House passed the Cyber Intelligence Sharing and Protection Act (CISPA) on April 18, sending the legislation to the Senate. The bill would allow 'cybersecurity entities' ' an intentionally broad term that includes law firms and business that they represent ' to share cyber threat information with the intelligence community.

In return, the bill addresses some key concerns of law firms about turning over information about attacks to the government, says Jerry Ferguson, a co-chairman of Baker & Hostetler's national privacy and data-protection practice.

For instance, the bill would protect the information from being disclosed in public records requests under the Freedom of Information Act, and provides some liability protection from civil or criminal cause of actions for those sharing cyberthreat information in good faith.

Larger law firms and smaller sophisticated firms are significant repositories of clients' important information and are targets of cyberattacks. 'It's already started, the hackers are now looking for soft targets,' Ferguson says. 'They're looking at companies that do business with the Fortune 50 and seeing if the information can be obtained there.'

Senate Democrats and the White House have already objected to the bill, while privacy groups have warned that it would erode privacy by allowing companies to turn over personal information to the government.

'This bill undermines the privacy of millions of Internet users,' Rainey Reitman, Electronic Frontier Foundation's activism director, said in a written statement. 'Hundreds of thousands of Internet users opposed this bill, joining the White House and Internet security experts in voicing concerns about the civil liberties ramifications of CISPA.'

Because of that, the bill will probably be debated for several months, and law firms will be watching closely for the effect on clients, Ferguson says. He doesn't see the legislation becoming law in current form, but that it could if the Senate insists on greater civil liberties protections. 'I think it's going to go through a lot of negotiation before it lands on the president's desk, if it gets that far.'

The bill is now pending before the Senate Intelligence Committee.

[UPDATE: According to an April 25 report in US News, CISPA will not be taken up for a vote by the Senate.'"We're not taking [CISPA] up,”'a representative of the U.S. Senate Committee on Commerce, Science and Transportation'says. “Staff and senators are divvying up the issues and the key provisions everyone agrees would need to be handled if we're going to strengthen cybersecurity. They'll be drafting separate bills.”'Sen. Jay Rockefeller (D-WV), chairman of the committee, said the passage of CISPA was “important,” but said the bill's “privacy protections are insufficient.” See, ACLU: CISPA Is Dead (For Now), Us News.]


Todd Ruger is a Reporter for The National Law Journal, an ALM affiliate of Internet Law & Strategy.

This premium content is locked for Entertainment Law & Finance subscribers only

  • Stay current on the latest information, rulings, regulations, and trends
  • Includes practical, must-have information on copyrights, royalties, AI, and more
  • Tap into expert guidance from top entertainment lawyers and experts

For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473

Read These Next
Major Differences In UK, U.S. Copyright Laws Image

This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.

The Article 8 Opt In Image

The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.

Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

Legal Possession: What Does It Mean? Image

Possession of real property is a matter of physical fact. Having the right or legal entitlement to possession is not "possession," possession is "the fact of having or holding property in one's power." That power means having physical dominion and control over the property.

The Anti-Assignment Override Provisions Image

UCC Sections 9406(d) and 9408(a) are one of the most powerful, yet least understood, sections of the Uniform Commercial Code. On their face, they appear to override anti-assignment provisions in agreements that would limit the grant of a security interest. But do these sections really work?