Justice reassures ISPs on information-sharing
- By Mark Rockwell
- May 12, 2014
The Department of Justice has moved to reassure Internet service providers and private industry about what it believes "information sharing" in federal communications law means in the fight against cyberattack and intrusion.
As the number and severity of cybercrimes and attacks against private and public institutions grow, ISPs and private industry have become increasingly concerned about their legal obligations and protections in providing threat information to the federal government.
In a seven-page white paper released May 9, DOJ spelled out its views on whether the Stored Communications Act restricts Internet service providers and other private network operators from voluntarily sharing aggregated data with the government.
The 1986 law bars ISPs from voluntarily giving customer information to federal agencies. But the white paper's bottom line is that the act does not preclude companies from providing aggregate data to the government if those records do not contain specific, detailed information on customers.
"We understand that the private sector would benefit from a better understanding of whether the electronic communications statutes that the Department of Justice routinely interprets and enforces prohibit them from voluntarily sharing useful cybersecurity information with the government," said the paper.
The report said that companies have expressed a desire to share information with the government, "but have had questions about exactly what information may lawfully be shared" and what is restricted.
Taking too broad a view of those restrictions is bad for everybody, according to the DOJ.
"Overly expansive views of what information is prohibited from voluntary disclosure could unnecessarily prevent the sharing of important information that would be used to enhance cybersecurity, thereby thwarting opportunities to address a substantial challenge facing our modern society," the white paper said.
Mark Rockwell is a staff writer covering acquisition, procurement and homeland security. Contact him at firstname.lastname@example.org or follow him on Twitter at @MRockwell4.