On March 2, 2023, the White House released its National Cybersecurity Strategy (the Strategy). The Strategy sets out ambitious goals for the federal government to hold countries accountable for irresponsible behavior in cyberspace and to

Continue Reading White House Releases National Cybersecurity Strategy: Key Takeaways for the Private Sector

On April 1, 2015, President Obama issued an executive order declaring “cyber-enabled malicious activities” a national emergency due to the “increasing prevalence and severity” of such attacks originating from or directed by persons outside the United States.1 The executive order gives the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, the power to impose economic sanctions on certain designated individuals and entities that have been directly or indirectly involved in malicious cyberattacks against U.S. networks, critical infrastructure, as well as those involving the theft of economic resources or personal and financial information, or the misappropriation of trade secrets.
Continue Reading President Obama Creates New Sanctions Regime to Combat Foreign Cyberthreats

ThinkstockPhotos-469750754-webOn October 17, 2014, the White House released its plans for a “BuySecure Initiative” in an executive order entitled “Improving the Security of Consumer Financial Transactions.” The initiative aims to push the market toward adopting more secure payment methods and to reduce the burden on consumers seeking to remediate identity theft incidents. The White House simultaneously published a fact sheet explaining the impetus for the action, the changes proposed in the order, and the potential downstream effects from the steps outlined.
Continue Reading Recent Executive Order to Push for Security of Consumer Financial Transactions, Identity Theft Remediation

In January 2014, President Barack Obama charged his counselor John Podesta with looking at: (a) how the challenges inherent in big data are being confronted in the public and private sectors; (b) whether the United States can forge international norms on how to manage big data; and (c) how the United States can continue to promote the free flow of information in ways that are consistent with both privacy and security. Two reports were published on May 1, 2014, in response to this charge, one focusing on policy and big data (the “Policy Report”)1 and the other complementing and informing the Policy Report with a focus on technology and big data (the “Technology Report”).2

Both reports acknowledge that there is no one definition of “big data.” However, big data is differentiated from data historically collected about individuals (“small data”3) in two ways: big data’s quantity and variety, as well as the scale of analysis that can be applied to big data. And, while both reports view big data as potentially providing great benefits to the economy, society, and individuals, they also identified its potential to cause significant harm.
Continue Reading President’s Counselor Makes Recommendations on Privacy and Other Values in Big Data Age