The ABA Cybersecurity Handbook by Jill D. Rhodes
Author:Jill D. Rhodes
Language: eng
Format: epub
Publisher: American Bar Association
Published: 2013-06-05T16:00:00+00:00
I. Government Data: A Problem of Growing Insecurity
Government data systems suffer an array of vulnerabilities and are subject to a variety of threats that range from accidental data loss to advanced persistent threats, often state-sponsored, dangerous, and highly sophisticated. While classified government computers have their own specialized networks and are generally not connected to the Internet at all, even such “air-gapped” systems have suffered major security breaches. Perhaps the most famous such breach was the massive disclosure of classified State Department cables and other classified information by the organization WikiLeaks in collaboration with major newspapers including the New York Times and the Guardian.76 Government lawyers should think of what the colorful founder of WikiLeaks, Julian Assange—not to mention lone hackers, criminal groups, or foreign governments—might do with the data whenever they are tempted to become complacent about the security or to trust such matters entirely to information technology professionals.
However, cybersecurity threats—and data breaches of all kinds—are not a problem limited to the Department of Defense, the CIA, or other “three-letter” agencies handling national security matters. Many government agencies handle data that poses unique confidentiality concerns, such as grand jury data,77 information protected by court order,78 taxpayer return information,79 health records,80 and asylum applications or other confidential immigration information81—the list goes on and on. While the US lacks a comprehensive privacy or security regime such as the regime that prevails in Europe,82 the patchwork of sector-specific privacy rules and practices are extensive enough that it is a safe bet that a public sector institution will usually have at least some legal responsibility to safeguard virtually any data that is personally identifiable. Even data that does not contain obvious personal identifiers may be covered. Research on differential privacy shows that data that has been scrubbed of such direct personal identifiers can often be “reidentified” with relative ease.83
Therefore, lawyers must avoid blithely assuming that they need not worry about security because they believe their organizations do not possess national security information or other information subject to specific legal requirements, or even because they think their clients’ data do not contain names, Social Security numbers, or other obvious personal identifiers. Rather, lawyers should assume there are potential legal ramifications for a failure to take reasonable steps to secure their organization’s nonpublic data. Of course, taking such steps is simply good government. Even aside from special considerations, data breaches and cyber intrusions in the public sector may affect very large segments of the population, as the data in government hands is typically broader in scope than that held by even very large law firms.
Unfortunately, the issue goes well beyond the by-now-familiar scenario of a data breach caused by mistake, inadvertence, or carelessness, such as the posting of confidential information on public websites or the compromise of unencrypted data through the theft or loss of laptops or removable media. There are almost certainly many government systems that are compromised in which neither users nor systems administrators may know it. Today, data exfiltration is not merely the
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2522)
Dawn of the New Everything by Jaron Lanier(2442)
Blockchain: Ultimate Step By Step Guide To Understanding Blockchain Technology, Bitcoin Creation, and the future of Money (Novice to Expert) by Keizer Söze(2143)
Alibaba by Duncan Clark(1757)
Owning Bitcoin: The Illustrated Guide to Security, Privacy, and Potential by Apodaca Richard(1720)
Foundations of Blockchain by Koshik Raj(1650)
Significant Zero by Walt Williams(1632)
The Mastermind by Evan Ratliff(1598)
Bitcoin: The Basics of Blockchain and Investing in Cryptocurrency by K. Connors(1564)
Attack of the 50 Foot Blockchain by David Gerard(1433)
The Bitcoin Standard: The Decentralized Alternative to Central Banking by Saifedean Ammous(1425)
Mastering Blockchain by Imran Bashir(1424)
Bitcoin: The Ultimate Guide to the World of Bitcoin, Bitcoin Mining, Bitcoin Investing, Blockchain Technology, Cryptocurrency (2nd Edition) by Ikuya Takashima(1420)
Shaping the Fourth Industrial Revolution by Klaus Schwab & Nicholas Davis & Satya Nadella(1358)
Dawn of the New Everything: Encounters with Reality and Virtual Reality by Jaron Lanier(1332)
Turing's Cathedral by George Dyson(1329)
Cryptocurrency by Neil Hoffman(1326)
The Bitcoin Guidebook by Ian DeMartino(1294)
Bill Gates by Michael Becraft(1265)