Legal Aspects of Full Spectrum Computer Network (Active) Defense

Presented at Black Hat USA 2013, July 31, 2013, 2:15 p.m. (60 minutes)

Full spectrum computer network (active) defense mean more than simply "hacking back." We've seen a lot of this issue lately. Orin Kerr and Stewart Baker had a lengthy debate about it online. New companies with some high visibility players claim they are providing "active defense" services to their clients. But all-in-all, what does this really mean? And why is it that when you go to your attorneys, they say a flat out, "No."

This presentation examines the entire legal regime surrounding full spectrum computer network (active) defense. It delves into those areas that are easily legal and looks at the controversial issues surrounding others. As such we will discuss technology and sensors (ECPA and the service provider exception); information control and management (DRM); and, "active defense" focusing on - honeypot, beacons, deception (say hello to my little friend the Security and Exchange Commission); open source business intelligence gathering (CFAA, economic espionage; theft of trade secrets); trace back and retrieval of stolen data (CFAA).

Past presentations have shown much of what is taken away is audience driven in response to their questions and the subsequent discussion. And, as always, I try to impress upon computer security professionals the importance of working closely with their legal counsel early and often, and of course "Clark's Law" - explain the technical aspects of computer security to your attorneys at a third grade level so they can understand it and then turn around and explain it to a judge or jury at a first grade level.

Presenters:

• Robert W. Clark - US Army Cyber Command   as Robert Clark
  A career military officer and attorney, he has over twenty years of experience within the government having served in numerous challenging positions. He is the former Cybersecurity Information Oversight & Compliance Officer with the Office of Cybersecurity and Communications, Department of Homeland Security and former legal advisor to the Navy CIO; United States Computer Emergency Readiness Team; and, the Army's Computer Emergency Response Team. In these positions he has provided advice on all aspect of computer network operations. He interacts regularly with numerous government agencies and is a past lecturer at Black Hat; DEFCON; Stanford Center for Internet and Society and the Berkman Center for Internet & Society at Harvard University -Four TED-TECH Talks 2011; SOURCE Boston 2010; the iapp; and, the DoD's Cybercrimes Conference. He received his Bachelor's degree from the University of Michigan; his law degree from Michigan State University College of Law; and, his LL.M from the Judge Advocate General's School, United States Army.

Links:

• https://www.blackhat.com/us-13/archives.html#Clark
• https://www.youtube.com/watch?v=D1nYy8t0Wy4
• https://media.blackhat.com/us-13/US-13-Clark-Legal-Aspects-of-Full-Spectrum-Computer-Network-Active-Defense-Slides.pdf

Similar Presentations:

• Black Hat USA 2012 / Legal Aspects of Cyberspace Operations
• DEF CON 14 (2006) / Legal Aspects of Internet & Computer Network Defense - A Year in Review Computer and Internet Security Law 2005-2006
• DEF CON 21 (2013) / Legal Aspects of Full Spectrum Computer Network (Active) Defense