*This article was first published by the American Bar Association Infrastructure and Regulated Industries in Summer 2019.
Every year, as the calendar turns to June, the legal community looks to the Supreme Court. Eager to get to the Term’s end, the Justices rush to complete all of the outstanding opinions. Since the most difficult and important cases usually take the longest to work out, they are typically the stragglers. June is thus the time when the “blockbuster” opinions are issued—the cases that law professors analyze in their tenure pieces and that law school students study, quite possibly for years to come.
Soon after he took office, President Trump issued Executive Order (EO) 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. Given that the President spent much of his campaign and early Presidency trying to distance his Administration from that of his predecessor, commentators noted a surprising amount of continuity between Trump’s cybersecurity EO and the Obama Administration’s approach to cybersecurity. A focus on critical infrastructure and transparency from publicly traded companies that control it; an emphasis on the public and private sectors working together; reliance on standards promulgated by the National Institute of Standards and Technology; a focus on protecting the Federal Government’s networks, including by taking steps toward using shared infrastructure such as the cloud – EO 13800 builds on existing policies and initiatives in each of these areas and others. (more…)
On May 15, 2018, various media outlets reported that the Trump administration decided to eliminate the position of White House Cybersecurity Coordinator. According to reports, John Bolton, appointed as National Security Adviser effective April 2018, had been instrumental in the decision that the position was no longer necessary based on the reasoning that the role was already addressed by other members of President Trump’s national security staff. The administration’s decision was met with sharp criticism, including from Democrats in Congress such as U.S. Senator Mark R. Warner (D-VA) who called the move “mindboggling” and cybersecurity expert Bruce Schneier, who called it “a spectacularly bad idea.”
On May 8, Georgia Governor Nathan Deal announced that he was vetoing Senate Bill 315 (“SB 315” or “the bill”), cybersecurity legislation that would have expanded the criminalization of “unauthorized computer access” to capture, in addition to traditional hacking, activity that opponents warned is necessary to robust private and public sector cyber defense. In his veto statement, Governor Deal commented that parts of SB 315 “have led to concerns regarding national security implications and other potential ramifications” that caused him to conclude that “while intending to protect against online breaches and hacks, SB 315 may inadvertently hinder the ability of government and private industries to do so.” (more…)