Tag Archives: Cyberespionage

Virtual Checkpoints and Cyber-Terry Stops: Digital Scans To Protect the Nation’s Critical Infrastructure and Key Resources

The cybersecurity risks to the nation’s critical infrastructure and key resources are significant and increasing every day. While a sound legal basis exists for the government to use computer intrusion detection technology to protect its own networks, critical infrastructure and key resources, primarily owned by the private sector, are governed by a different set of constitutional principles and laws. This article explores the potential for a new cybersecurity exception to the Fourth Amendment’s warrant and individualized suspicion requirements. By viewing cybersecurity through a protective Fourth Amendment lens, as opposed to a criminal, intelligence, or military lens, fairly well established legal frameworks from the physical world can be applied to cyberspace to enable the government to use technology to identify malicious digital codes that may be attacking the nation’s critical infrastructure and key resources without running afoul of the Fourth Amendment.
The article argues that reasonable and limited digital scans at virtual checkpoints in cyberspace, which are binary and do not initially expose the contents of the communications to human review, and “cyber-Terry stops,” are a constitutional and effective way to minimize the cybersecurity risks to the nation. The article proposes that Congress consider and enact sensible new legislation that will specifically enable the government to take remedial and other protective actions in cyberspace within the constitutional framework that has enabled this nation to prosper.

Foundational Questions Regarding the Federal Role in Cybersecurity

During the last two years of the Bush administration, the senior leadership at the U.S. Department of Homeland Security (DHS) spent substantial time and effort in first helping to craft, and then attempting to implement, Homeland Security Presidential Directive 23/National Security Presidential Directive 54 (HSPD 23/NSPD 54), Cyber Security and Monitoring.

A Comparative Study of the Information Security Policies of Japan and the United States

This article describes the information security policies and institutions of the Japanese government and draws attention to comparable policies and institutions of the U.S. government. We begin with a discussion of Japan’s cybersecurity system. In Part II, we examine a particular type of information security policy, namely, cryptography policy, as a special example of how the different systems operate. Japan has implemented a cryptography policy that draws extensively on the Organization for Economic Cooperation and Development (OECD) Cryptography Policy Guidelines. These guidelines are discussed to highlight issues that might emerge in the future in cryptography and merit attention at an international level. Part III analyzes anti-bot policy. Bots, an increasing concern on the Internet, break into an individual user’s PC and remotely control it. Bots pose a real problem for many nations, and there is clearly a need for multinational cooperation. This article concludes by suggesting that all involved parties must determine the appropriate extent of lawful access to communications. Moreover, cooperation in eliminating bots provides a good opportunity for Japan and the United States to lead an international effort.