Toward a Culture of Cybersecurity Research
74 Pages Posted: 28 Mar 2008 Last revised: 3 Aug 2014
Date Written: 2008
Research being conducted by computer scientists offers great promise in improving cybersecurity threats in the short and long term. Progress in cybersecurity research, however, is beset by a lack of access to data from communications networks. Legally and informally protected individual privacy interests have contributed to the lack of data, as have the institutional interests of organizations that control these data. A modest research exception to federal communications privacy law would remove many of the legal barriers to sharing data with cybersecurity researchers. The basic outline of this exception is simple: allow cybersecurity researchers to obtain access to electronic communications data that the communications privacy laws would otherwise forbid, without the consent of the individuals who are parties to those communications. This reform would pose minimal risks to individuals' communications privacy interests
while countering many of the non-legal objections that network providers have to sharing data.
Keywords: cybersecurity, privacy, information security
Suggested Citation: Suggested Citation