Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
When President Donald Trump took office earlier this year, cybersecurity policymakers and leaders held high hopes for executive-level policy action around cybersecurity. The administration announced in January it would convene experts to propose cybersecurity within 90 days. Despite missing the plan's self-imposed deadline, Trump did sign a well-received executive order in May calling for enhancements to cybersecurity standards and workforce training.
Those hopes took a potential hit last month, as eight Obama-era appointees to Trump's 28-member National Infrastructure Advisory Council (NIAC) resigned in protest to a wide set of actions from Trump that, according to the group , “have threatened the security of the homeland.” The resignation letter they submitted also criticizes Trump for having paid “insufficient attention” to cybersecurity concerns around critical infrastructure, namely election-related infrastructure.
Fortune reports that former Office of Science and Technology Policy chief of staff Christin Dorgelo and U.S. chief data scientist D.J. Patil are among those who resigned.
Joe Whitley, shareholder at Baker, Donelson, Bearman, Caldwell & Berkowitz and chairman of the firm's government enforcement and investigations group, doesn't think the resignations will have much impact on the cybersecurity policy the administration is likely to put forward. “I don't know that they'll be any real change in the posture of the positions that the committee takes,” he said.
William Carter, a technology policy fellow at the Center for Strategic and International Studies, generally agreed with Whitley. “I'm not sure that will have a huge impact on policymaking,” Carter said of the resignations. “The members that resigned were largely Obama-era appointees. They were people that frankly I don't think the administration listened to particularly closely when they were on the council anyway.”
James Melendres, co-chairman of the cybersecurity, data protection and privacy practice group at Snell & Wilmer, noted that while the resignations may not change much of the council's substance, they're not likely to accelerate policy enactments either. “I think everyone agrees that the resignations are not going to advance the ability of the administration to make policy. Whether or not they truly change the shape or the arc of what this administration elects to do going forward remains to be seen,” he said.
The council was originally formed under President George W. Bush in 2001 as a means to provide private-sector input on the security of public infrastructure. President Barack Obama extended the council's functioning through the end of 2017 by executive order.
Melendres sees the council as part of a broader federal effort to open lines of communication to the private sector around cybersecurity policy. “The federal government, the DOJ [Department of Justice] and the FBI [Federal Bureau of Investigation] in particular have really made an effort to establish a public-private partnership with regards to cybersecurity, both for the purposes of sharing threat indicators but also in terms of providing advice with regards to cybersecurity standards,” he explained.
The resignations could be seen as part of a broader deterioration of the relationship between Trump's administration and company executives, especially in light of similar mass resignations from CEOs and other business leaders from Trump's Manufacturing Jobs Initiative and Strategy and Policy Forum. Trump disbanded both groups via Twitter shortly after those resignations were announced.
Melendres said that the potential disruption of the working relationship between the administration's agencies and the business community around cybersecurity policy development could create some roadblocks for meaningful cybersecurity policy.
“To me it is an issue, because any time we are disrupting the nexus between the government and the private sector, we're really doing ourselves harm, because we do need for there to be coordination and collaboration and information sharing working both ways,” Melendres said.
“I saw firsthand that it was very helpful and necessary particularly for the DOJ to have productive working relationships with the private sector, that's true across the government. If that's disrupted, which I imagine it will be given these resignations, that is setting us back,” Melendres added.
Carter said that despite appearances, the mass departure from NIAC doesn't speak to the ongoing collaboration around cybersecurity between the government and private sector happening a little further away from the Trump limelight: through the administration's bureaucratic agencies.
“There's really a lot of active engagement still particularly at the agency level and the director level within companies. That's where a lot of the actual benefit comes in,” Carter noted.
As per the charges of inaction on cybersecurity mentioned in the resignees' letter, the administration has yet to announce the cybersecurity plan it promised back in January. U.S. Sen. John McCain, R-Arizona, this week also criticized the administration's failure to address cybersecurity concerns, according to reports by the Washington Times, noting that despite the administration's promise to propose cyber policy within 90 days of taking office, “we still have not seen a plan.”
Both Carter and Whitley, however, find the concerns of cybersecurity inaction from the Trump administration more reflective of broader partisan concerns. “That had less to do with cybersecurity than political differences,” Carter said.
Whitley found the partisan tinge of the resignations somewhat confusing, given that the council deals with what he believes to be a fairly bipartisan issue. “U.S. infrastructure and protecting it are issues that transcend politics to some extent, but if someone has a personal concern about what the president is doing, they're free to exercise their constitutional rights to not participate in that organization,” he noted.
Carter qualified that while the broad ideals around cybersecurity policy — such things as protection of critical infrastructure and international collaboration — tend to be fairly bipartisan, discussions of cybersecurity policy implantation get into issues such as liability, regulation, privacy and freedom of speech, issues that tend to stoke more partisan concerns.
“At the high level, there's a bipartisan agreement and a desire to do more. When you get down to the implementation and how to make these things a reality, you get into much more fraught issues,” Carter noted.
*****
Gabrielle Orum Hernández writes for Legaltech News, an ALM sibling of this newsletter. Contact Gabrielle Orum Hernandez at [email protected].
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
In a profession where confidentiality is paramount, failing to address AI security concerns could have disastrous consequences. It is vital that law firms and those in related industries ask the right questions about AI security to protect their clients and their reputation.
During the COVID-19 pandemic, some tenants were able to negotiate termination agreements with their landlords. But even though a landlord may agree to terminate a lease to regain control of a defaulting tenant's space without costly and lengthy litigation, typically a defaulting tenant that otherwise has no contractual right to terminate its lease will be in a much weaker bargaining position with respect to the conditions for termination.
The International Trade Commission is empowered to block the importation into the United States of products that infringe U.S. intellectual property rights, In the past, the ITC generally instituted investigations without questioning the importation allegations in the complaint, however in several recent cases, the ITC declined to institute an investigation as to certain proposed respondents due to inadequate pleading of importation.
Practical strategies to explore doing business with friends and social contacts in a way that respects relationships and maximizes opportunities.
As the relationship between in-house and outside counsel continues to evolve, lawyers must continue to foster a client-first mindset, offer business-focused solutions, and embrace technology that helps deliver work faster and more efficiently.