Fighting cyber espionage, legally

Stewart Baker

Attorney and former Department of Homeland Security official Stewart Baker argues that a digital rule of law could be surprisingly effective.

Attorney and former Department of Homeland Security official Stewart Baker thinks so. The world might be friendlier to a digital rule of law than is commonly supposed, Baker asserted at a Dec. 4 breakfast sponsored by the American Bar Association. He pointed to Chinese President Xi Jinping's willingness to agree to international cyber accords and anti-hacking crackdowns within the People's Liberation Army as recent examples

Instead of going after the Chinese government, American companies and agencies could instead look to foreign firms.

"[Suing the Chinese government] is probably not your best bet anyway because the Chinese government will just, you know, stay offshore and thumb its nose at you," Baker said. "You're trying to dry up the market for cyber espionage rather than stop the cyber espionage directly, which is, that's what deterrence is all about."

Lawsuits, in other words, could help kill the cyber espionage market.

Baker said the Computer Fraud and Abuse Act, the Uniform Trade Secrets Act and Section 337 of the Smoot-Hawley Tariff Act all contain provisions related to stolen trade secrets that American firms could use to block foreign goods from the American marketplace.

Foreign firms are interested in stolen intellectual property so they can sell goods based on it, Baker noted. If they can't sell those goods in the world's biggest economy, they'll be a lot less keen on IP theft.

"These are potentially enormously valuable tools in the hands of the private sector," Baker said, predicting a major goods-blocking lawsuit from an American company against a foreign firm within the next five years.

The feds have a role to play, too, he said, calling on intelligence agencies to help scout foreign networks for stolen data. Targeted sanctions through the Office of Foreign Asset Control at Treasury also can help punish and dissuade hackers, Baker added.

What of the problems of attribution, and the threat of retaliation?

We have "remarkable" attribution capabilities by this point, Baker said, echoing the claims of those peeved in the private sector who want a more aggressive hack-back approach.

Retaliation, at least as concerns China, may not be a serious threat, he noted, as President Xi is "selling out" Chinese hackers in the interest of cementing internal control and assuaging world concerns.

Earlier this month, China claimed to have arrested the hackers responsible for the Office of Personnel Management breach, an intrusion Americans long suspected was state-sponsored, but which the Chinese government is now blaming on criminals.

Baker asserted that, all things considered, robust international legal action is the preferred way forward on cyber threats. The current de facto cyber defense model, emphasizing protecting networks rather than punishing and dis-incentivizing hackers, runs counter to the very principles of the law and civilized society, he noted.

It's as if the world was a town plagued by muggers, he said, and instead of arresting the criminals, the town's police chief told pedestrians to wear body armor to protect themselves.

"That chief of police wouldn't last a day with a plan like that," Baker said.

About the Author

Zach Noble is a staff writer covering digital citizen services, workforce issues and a range of civilian federal agencies.

Before joining FCW in 2015, Noble served as assistant editor at the viral news site TheBlaze, where he wrote a mix of business, political and breaking news stories and managed weekend news coverage. He has also written for online and print publications including The Washington Free Beacon, The Santa Barbara News-Press, The Federalist and Washington Technology.

Noble is a graduate of Saint Vincent College, where he studied English, economics and mathematics.

Click here for previous articles by Noble, or connect with him on Twitter: @thezachnoble.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.