Abstract

http://ssrn.com/abstract=2257078
 


 



When Cyberweapons End Up on Private Networks: Third Amendment Implications for Cybersecurity Policy


Alan Butler


Electronic Privacy Information Center

April 26, 2013

American University Law Review, Vol. 62, p. 1203, 2013

Abstract:     
National security experts have discussed the threat of cyberwarfare for more than twenty years, and there have been a number of high profile cyber attacks over that period. The recent escalation of cyberconflict became clear last year when the New York Times discovered that the United States and Israel had developed and used a worm, known as “Stuxnet,” to disrupt Iranian nuclear facilities. This shot across the bow, along with the recent creation of the U.S. Cybercommand, indicates that the United States has the capability to conduct sophisticated offensive and defensive cyberoperations. Scholars in international law, national security law, and privacy law are now attempting to define the legal rules and boundaries of cyberwarfare. The Obama Administration has also made clear that protecting privacy and civil liberties is a critical component of the U.S. cybersecurity plan. But so far it is unclear what protections will be included.

This article takes a novel approach to identifying necessary civil liberties protections by analyzing U.S. cyberoperations under the Third Amendment. Three types of cyberoperations implicate Third Amendment interests: malware designed to disrupt industrial control systems, cyberespionage tools, and active defense (or “hack-back”) systems. All of these may affect innocent civilian systems, and the Third Amendment prohibits military intrusion into civilian spaces absent consent or legal authorization by Congress.

Based on the principles of the Third Amendment, this article identifies three issues that must be addressed regarding cybersecurity policy: authority, cooperation, and transparency. It concludes that Congress must establish the framework for authorization of cyberoperations that could affect civilian networks; that the private sector has an interest in a public-private collaboration to establish security standards and processes; and that any comprehensive cybersecurity strategy must provide for a transparent, public accountability system to address civil liberties impacts. The Cybersecurity Executive Order is a step in the right direction, but Congress must still establish clear rules governing executive action in this area.

Number of Pages in PDF File: 39

Keywords: cybersecurity, privacy, property, Third Amendment, civil liberties, computer crime

Accepted Paper Series


Download This Paper

Date posted: April 28, 2013 ; Last revised: June 27, 2013

Suggested Citation

Butler, Alan, When Cyberweapons End Up on Private Networks: Third Amendment Implications for Cybersecurity Policy (April 26, 2013). American University Law Review, Vol. 62, p. 1203, 2013. Available at SSRN: http://ssrn.com/abstract=2257078

Contact Information

Alan Butler (Contact Author)
Electronic Privacy Information Center ( email )
1718 Connecticut Avenue
NW Suite 200
Washington, DC 20009
United States
HOME PAGE: http://epic.org
Feedback to SSRN


Paper statistics
Abstract Views: 2,207
Downloads: 216
Download Rank: 77,881

© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo4 in 0.531 seconds