Liability and the Cybersecurity Bill
In an earlier post about the information sharing provisions of the cybersecurity bill pending in the Senate I highlighted the issue of liability protection and the preemption of State law, musing that those provisions might prove controversial with those who wanted to retain traditional rights of action in State courts.
Well, other people have the opposite concern. Gus Coldebella, the former Acting General Counsel of the Department of Homeland Security, thinks that the
Published by The Lawfare Institute
in Cooperation With
In an earlier post about the information sharing provisions of the cybersecurity bill pending in the Senate I highlighted the issue of liability protection and the preemption of State law, musing that those provisions might prove controversial with those who wanted to retain traditional rights of action in State courts.
Well, other people have the opposite concern. Gus Coldebella, the former Acting General Counsel of the Department of Homeland Security, thinks that the liability provisions don't go far enough and need to be fixed. Here's the gist of it from the introduction:
[The bill] doesn’t sufficiently tamp down potential legal liability for private entities, and in some cases increases it, creating an insurmountable disincentive for companies to voluntarily share cyber information. It leaves owners of critical infrastructure subject to civil litigation and outsized damages if an attack happens, even when they fully comply with the Act’s mandates. Before the Act comes out of beta, Congress should debug its liability protection provisions.
The entire article is worth a read. More fodder for consideration as the bill moves forward.
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.
