Abstract

http://ssrn.com/abstract=2135618
 


 



Creating a 'Circle of Trust' to Further Digital Privacy and Cybersecurity Goals


Jay P. Kesan


University of Illinois College of Law

Carol M. Hayes


University of Illinois College of Law

August 18, 2014

Illinois Public Law Research Paper No. 13-03
Illinois Program in Law, Behavior and Social Science Paper No. LBSS13-04

Abstract:     
Cyberattacks loom over the technological landscape as a dire threat to Internet commerce, information security, and even national security. Meaningfully improving cybersecurity and ensuring the resilience of systems will require cooperation between members of the private sector and the government. To this end, we propose a framework that creates a circle of trust for the sharing of information about threats and solutions. To emphasize the importance of cooperation to enhance cyber defense, this Article presents a case study of two items: the proposed legislative regime of the Cyber Intelligence Sharing and Protection Act, and President Obama’s Executive Order 13,636 with its emphasis on a Cybersecurity Framework that would establish voluntary cybersecurity standards. Through application of our circle of trust framework, we hope to provide a solution that balances the sometimes competing concerns of privacy and cybersecurity.

Our secondary focus is whether such a program should emphasize voluntary or mandatory compliance. A proper balance between the two approaches could improve the dynamics between the public and private sectors in a way that increases respective levels of trust. The Executive Order and CISPA both use a voluntary approach. Under each system as currently proposed, firms could choose to follow the program, but compliance is not mandatory and there is no penalty for noncompliance. However, mandatory programs with effective enforcement mechanisms are likely to result in higher levels of compliance than purely voluntary programs in many situations. We urge that government intervention in the free market should be kept at a low level, but because cybersecurity issues can have implications for national security, we believe that some degree of mandatory regulation would be beneficial.

We believe that cybersecurity can be enhanced without creating a Big Brother world, and encourage the development of a circle of trust that brings the public and private sectors together to resolve cybersecurity threats more effectively. It is vital that these issues be addressed soon while there is still a chance to prevent a catastrophic cyber event. It would be ill-advised to rely solely on executive power or on legislation that is quickly drafted and enacted after an emergency. A careful, deliberative process aimed at protecting cybersecurity and civil liberties would ultimately be the most beneficial approach, and these steps must be taken now, before the emergence of a cybersecurity crisis that causes us to suspend reason.

Number of Pages in PDF File: 89

Keywords: Cybersecurity, legislation, technology law, cyberlaw, privacy, intersectoral cooperation, public-private partnerships

working papers series





Download This Paper

Date posted: August 25, 2012 ; Last revised: August 24, 2014

Suggested Citation

Kesan, Jay P. and Hayes, Carol M., Creating a 'Circle of Trust' to Further Digital Privacy and Cybersecurity Goals (August 18, 2014). Illinois Public Law Research Paper No. 13-03; Illinois Program in Law, Behavior and Social Science Paper No. LBSS13-04. Available at SSRN: http://ssrn.com/abstract=2135618 or http://dx.doi.org/10.2139/ssrn.2135618

Contact Information

Jay P. Kesan (Contact Author)
University of Illinois College of Law ( email )
504 E. Pennsylvania Avenue
Champaign, IL 61820
United States
217-333-7887 (Phone)
217-244-1478 (Fax)
HOME PAGE: http://www.jaykesan.com
Carol M. Hayes
University of Illinois College of Law ( email )
504 E. Pennsylvania Avenue
Champaign, IL 61820
United States
Feedback to SSRN


Paper statistics
Abstract Views: 1,355
Downloads: 381
Download Rank: 44,596

© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo6 in 0.344 seconds