Rethinking Active Defense: A Comparative Analysis of Proactive Cybersecurity Policymaking

44 Pages Posted: 3 Jan 2019 Last revised: 13 Mar 2019

See all articles by Scott Shackelford

Scott Shackelford

Indiana University - Kelley School of Business - Department of Business Law; Harvard Kennedy School Belfer Center for Science & International Affairs; Center for Applied Cybersecurity Research; Stanford Center for Internet and Society; Stanford Law School

Danuvasin Charoen

National Institute of Development Administration (NIDA) - NIDA Business School

Tristen Waite

Maurer School of Law

Nancy Zhang

Maurer School of Law

Date Written: December 18, 2018

Abstract

Although one segment of the proactive cybersecurity debate—e.g., hack back—has long been derided as a policy option carrying with it great risks of escalation, among other concerns, elements within the U.S. Congress and abroad are actively pushing to give companies a freer hand at defending themselves against cyber attackers. This Article compares several of these efforts, focusing on the so-called Graves bill in the United States with the experiences of China, Singapore, Thailand, Australia, and the G7. Given the Republican National Committee’s 2016 embrace of active defense principles, even as some firms like FireEye have begun to publicly admit to hacking back, the time has come to take a fresh look at the implications of this regulatory trend for both business integrity and international security.

Keywords: cybersecurity, active defense, proactive cybersecurity, China, Singapore, Australia, privacy, cyber risk insurance

Suggested Citation

Shackelford, Scott J. and Charoen, Danuvasin and Waite, Tristen and Zhang, Nancy, Rethinking Active Defense: A Comparative Analysis of Proactive Cybersecurity Policymaking (December 18, 2018). University of Pennsylvania Journal of International Law, 2019. Available at SSRN: https://ssrn.com/abstract=3303407 or http://dx.doi.org/10.2139/ssrn.3303407

Scott J. Shackelford (Contact Author)

Indiana University - Kelley School of Business - Department of Business Law ( email )

Bloomington, IN 47405
United States

Harvard Kennedy School Belfer Center for Science & International Affairs ( email )

79 JFK Street
Cambridge, MA 02138
United States

Center for Applied Cybersecurity Research ( email )

Wylie Hall 105
100 South Woodlawn
Bloomington, IN 47405
United States

Stanford Center for Internet and Society ( email )

Palo Alto, CA
United States

Stanford Law School ( email )

Stanford, CA 94305
United States

Danuvasin Charoen

National Institute of Development Administration (NIDA) - NIDA Business School ( email )

118 Moo3, Serithai Rd.
Klong-chan, Bangkapi
Bangkok, Bangkok 10240
Thailand

Tristen Waite

Maurer School of Law ( email )

211 S. Indiana Avenue
Bloomington, IN 47405
United States

Nancy Zhang

Maurer School of Law ( email )

211 S. Indiana Avenue
Bloomington, IN 47405
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
58
rank
356,125
Abstract Views
398
PlumX Metrics
!

Under construction: SSRN citations while be offline until July when we will launch a brand new and improved citations service, check here for more details.

For more information