Developmental Milestones/Developments to Date:
Current Assessment/State of the Field:
Fox, Jeffery C. “What is an Executive Order?” ThisNation, http://www.thisnation.com/question/040.html
- “Executive Orders have been used by every chief executive since the time of George Washington. Most of these directives were unpublished and were only seen by the agencies involved. In the early 1900s, the State Department began numbering them; there are now over 13,000 numbered orders.”
- Executive Orders in general.
Supreme Court of the United States, DOW CHEMICAL CO. v. UNITED STATES, BY AND THROUGH ADMINISTRATOR, ENVIRONMENTAL PROTECTION AGENCY, No. 84-1259, 476 U.S. 227, Decided May 19, 1986.
- The an unsuccessful challenge to a warrantless aerial surveillance technique, the U.S. Supreme noted that,
- “Congress has vested in EPA certain investigatory and enforcement authority, without spelling out precisely how this authority was to be exercised in all the myriad circumstances that might arise in monitoring matters relating to clean air and water standards. When Congress invests an agency with enforcement and investigatory authority, it is not necessary to identify explicitly each and every technique that may be used in the course of executing the statutory mission.” P. 233.
Ferguson, James, R., “Biological Weapons and US Law,” JAMA Aug 6, 1997, p. 357, v. 278, no. 5.
Gilligan, Major Matthew J., “Opening the Gate?: An Analysis of Military Law Enforcement Authority Over Civilian Lawbreakers On and Off the Federal Installation” MILITARY LAW REVIEW, Volume 161, September 1999.
- “Military commanders have the inherent authority and duty to maintain law and order on military installations and to guarantee the security of the occupants thereon.”
- “Congress has specifically granted to military law enforcement officials statutory arrest authority over service members for violations of the Uniform Code of Military Justice.”
- The Posse Comitatus Act “prohibits using military personnel to execute civil laws unlss authorized by the Constitution or an Act of Congress.”
- Exceptions to the Posse Comitatus Act include the Military Purpose Doctrine and a service member assisting as a private citizen
Murrey, Thomas W. “Khobar Tower’s Aftermath: The Development of Force Protection,” October 25, 2000. http://www.airpower.maxwell.af.mil/airchronicles/cc/Murrey.html
- “Prior to the Khobar Towers bombing, military members rarely heard the words “force protection”. “Anti-terrorism” was the expression used to describe the measures taken to prevent terrorist attacks. After the Khobar Towers, the term “force protection” became familiar to every military member located overseas. In every operational mission that takes place today, force protection is an overriding concern that often dictates how the mission is performed, where military personnel live, and how military personnel conduct themselves on and off duty.”
- “The Department of Defense definition of force protection is: “the security program designed to protect soldiers, civilian employees, family members, facilities, and equipment, in all locations and situations, accomplished through planned and integrated application of combating terrorism (antiterrorism and counterterrorism), physical security, operations security, personal protective services, and supported by intelligence, counterintelligence, and other security programs.”
- “The very first issue in establishing a force protection program is determining who is responsible for establishing and administering this “security program designed to protect”. For personnel located overseas, the responsibility belongs to either the Secretary of State or the Secretary of Defense.”
- “Another complex issue regarding force protection responsibility involves contractors hired by the Department of Defense. Oftentimes, contract employees will accompany United States forces on contingency operations and provide services ranging from food services to computer support to engineering support. For example, the engineering firm of Brown and Root provided support to deployed United States forces in contingency operations in Somalia and Bosnia. Contractors will oftentimes eat, work and live alongside deployed military personnel. The question is “who provides force protection for these contractors?”
- “When DoD personnel are assigned to an overseas location, they must abide by the laws of the United States as well as the laws of the host nation. A force protection program must operate within the same restraints. Multilateral and bilateral international agreements create the framework within which overseas force protection programs must operate. All actions to combat terrorism outside the United States must comply with applicable Status of Forces Agreements, international agreements, and memoranda of understanding.”
Gostin, Lawrence O, “SARS: How effective is the state and local response?“, Hearing before the Permanent Subcommittee on Investigations, May 2003, pgs 36-38.
- “The CDC, the Department of Health and Human Services, and the Institute of Medicine have recommended the reform of public health laws due to the fact that these laws are extremely out of date.”
- “Some of these laws date back to the 19th and early 20th century and as a result they have a number of serious problems.”
- “These laws have ineffective powers for novel infectious diseases.”
- “Some of these laws may even be in violation constitutional laws because most of these laws were passed before the Supreme Court’s modern constitutional era.”
- “With these laws being so outdated, we do not have clear criteria for action or procedural due process.”
- “These laws are also inconsistent, and in the midst of dealing with an epidemic it will be hard to work with other states when every state has different laws.”
- “After September 11th, the CDC asked the Center for Law and the Public’s Health to draft an emergency powers act which is known as the Model State Emergency Health Powers Act.
- “This act has taken a role as a checklist that twenty-two States and the District of Columbia use.
- “We still need more states to adopt this act or we will run into serious conflicts.”
- “A public heath law is currently being drafted that would apply to SARS and any other infectious diseases.”
- “The Board on Health Promotion and Disease Prevention came out with a report called “The Future of the Public’s Health in the 21st Century” which states that public health infrastructures have major issues to tackle.”
- “These places have insufficient laboratory structures, workforce development, surveillance capacity, and data systems.”
- “The reason for this is that the US spends less than 5 percent of its health dollars on public heath.”
Benjamin D. Kern, “101 Whacking, Joyriding and War-Driving: Roaming use of Wi-Fi and the Law” November, 2004, Santa Clara Computer and High Technology Law Journal Last Checked January 7, 2012. http://www.mcguirewoods.com/news-resources/publications/technology_business/Whacking_Joyriding_and_War_Driving.pdf
- “’Whackers’ …will be defined as users who intentionally access a Wi-Fi network for destructive, malicious, theft or espionage purposes.”
- “Roaming Wi-Fi users include “joyriders” that use an open Wi-Fi connection to access the Internet,…”
- “’War-drivers,’ who scan, locate, and map Wi-Fi access points, and accidental users, who unintentionally connect to a Wi-Fi network.”
- “The term “hacker” is popularly used in the media to refer to a malicious computer or network user, although use of the term in technology circles is considerably more nuanced.”
- “A “whacker” is a hacker that uses wireless technology.”
- “Laws applicable to roaming Wi-Fi use will facilitate and encourage roaming, while deterring destructive behavior and providing remedies to any network operator injured by a malicious or destructive user.”
- “Several men pled guilty to violations of the CFAA and other statutes after accessing credit card information stored in the computer systems of Lowe’s hardware store by accessing a store’s open Wi-Fi network from the parking lot of the store.”
- “Internet-related legislation has clarified that those who provide access to the Internet to third-parties are not liable for the acts of these third-parties.”
- “The Digital Millennium Copyright Act (“DMCA”) and Communications Decency Act (“CDA”) both include safe harbors that clarify that Internet service providers are not liable for content transmitted through their services, potentially including all of the types…”
- “Pre-DMCA case law makes clear that network operators that do not have knowledge of the content passing through their networks have little danger of being liable for copyright infringement.”
- “The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (“CAN-SPAM”) clarifies that liability for spam sent by a user of an open Wi-Fi network would rest with the user, not the network operator.”
- “Whether or not the CDA, DMCA, and CAN-SPAM Acts expressly apply to all materials that may be transmitted through an open Wi-Fi network, courts have recognized that Congressional intent to absolve service providers has been very broad.”
- “The Computer Fraud and Abuse Act of 1986 (“CFAA”) prohibits unauthorized access to a computer or network in a number of specific situations.”
- “To violate the most widely applicable provisions of the CFAA, a user must intentionally access a network without authorization, and must either obtain information or cause damage and a loss exceeding a threshold amount.”
- “Many state statutes, as well as the CFAA, prohibit intentional unauthorized access, but do not clarify what level of mens rea applies to the unauthorized nature of the user’s access.”
- “Most states have statutes that prohibit intentional, unauthorized access to, or use of, computer networks.”
- “Current federal and state laws may apply to the use of Wi-Fi networks for whacking activities, and to roaming use of open Wi-Fi networks for purposes of accessing the Internet, and, at least in California, to war-driving.”
- “A lack of clarity and consistency among existing laws threatens to have a chilling effect on this important direction of future growth for the Internet.”
Enhorn v Sweden (2005) 41 EHRR 30 (56529/00)
- “In 1994 it was discovered that the applicant, a homosexual, was infected with the HIV virus and that he had transmitted it to a young man. A medical officer issued instructions to the applicant designed to prevent him from spreading the disease. In February 1995, finding that he had failed to comply with those instructions, the Court ordered that he be kept in compulsory isolation in a hospital for up to three months. Thereafter, orders to prolong his detention were issued every six months until December 2001. Since the applicant absconded several times, his actual deprivation of liberty lasted almost one-and-a-half years.”
- “The applicant complained that the compulsory isolation orders and his involuntary placement in hospital had deprived him of his liberty in violation of Art.5(1) of the Convention”
- “Held, unanimously that there had been a violation of Art.5(1);”
- “The compulsory isolation orders and the applicant’s involuntary placement in hospital constituted a “deprivation of liberty” within the meaning of Art.5(1).”
- “Since the purpose of the applicant’s detention was to prevent him from spreading the HIV infection, Art.5(1)(e) was applicable.”
- “The expressions “lawful” and “in accordance with a procedure prescribed by law” stated the obligation to conform to the substantive and procedural rules of national law. It was particularly important to comply with the principle of legal certainty. The conditions for deprivation of liberty had to be clearly defined and the law had to be foreseeable in its application. Furthermore, a deprivation of liberty had to be free from arbitrariness, necessary in the circumstances and in accordance with the principle of proportionality.”
- “The applicant’s detention had a basis in Swedish law. In the light of the relevant statutory provisions, the national courts considered that he had not voluntarily complied with the measures needed to prevent the virus from spreading; that there was reasonable cause to suspect that, if released, he would fail to comply with the instructions issued by the medical officer; and that such non-compliance would entail a risk of the infection spreading.”
- “The essential criteria when assessing the lawfulness of detention “for the prevention of the spreading of infectious diseases” were whether the spreading of the disease would have been dangerous for public health or safety, and whether detention of the person infected was the last resort in order to prevent the spreading of the disease, because less severe measures had been considered and had been found to be insufficient to safeguard the public interest. When these criteria were no longer fulfilled, the basis for the deprivation of liberty ceased to exist.”
- “Since the HIV virus was dangerous for public health and safety, the first criterion was fulfilled.”
- “As to whether the applicant’s detention had been the last resort in order to prevent the virus spreading, the Government had not provided any examples of less severe measures which might have been considered but which had been found to be insufficient to safeguard the public interest.”
- “Despite being at large for most of the period from February 16, 1995 until December 12, 2001, there was no indication that during this time the applicant had transmitted the HIV virus to anybody, or that he had had sexual intercourse without first informing his partner about his infection, or that had not used a condom, or indeed that he had had any sexual relationship at all. Although he had infected the young man with whom he had first had sexual contact in 1990, this had only been discovered in 1994 after he had become aware of his own infection. There was no indication that he had transmitted the virus deliberately or through gross neglect.”
- “The applicant’s compulsory isolation had not been a last resort in order to prevent him from spreading the HIV virus. Moreover, by extending the order for his compulsory isolation over almost seven years, with the result that he had been involuntarily detained in hospital for almost one-and-a-half years, the authorities had not struck a fair balance between the need to ensure that the HIV virus did not spread and the applicant’s right to liberty. Accordingly, there had been a violation of Art.5(1)”
Lichtblau, Eric, “Bush renews call to extend patriot act” NYT, Feb. 15, 2005, A12.
Law, Patriot Act
Federal Food,Drug,and Cosmetic Act, “Authorization for Medical Products for Use in Emergencies” March, 2005 http://www.fda.gov/RegulatoryInformation/Legislation/FederalFoodDrugandCosmeticActFDCAct/FDCActChapterVDrugsandDevices/ucm110779.htm
- “A determination by the Secretary of Homeland Security that there is a domestic emergency, or a significant potential for a domestic emergency, involving a heightened risk of attack with a specified biological,chemical,radiological,or nuclear agent or agents”;
- A determination by the Secretary of Defense that there is a military emergency,or a significant potential for a military emergency,involving a heightened risk to United States military forces of attack with a specified biological,chemical,radiological,or nuclear agent or agents”; or
- A determination by the Secretary of a public health emergency under section 319 of the Public Health Service Act that effect,or has a significant potential to affect,national security,and that involves a specified biological,chemical,radiological,or nuclear agent or agents,or a specified disease or condition that may be attributable to such agent or agents.”
Ronald M. Atlas, “Biosecurity concerns: Changing the face of academic research,” Chemical Health & Safety, May/June 2005.
- “Biosecurity concerns are starting to exceed those of biosafety.”
Reitze, Arnold, Jr., “Emergency Response and Planning Requirements Applicable to Unpermitted Air Pollution Releases,” 2005 B.Y.U.L. Rev. 1075, P. 1184.
- “CAA section 112(r)(1) includes a general duty clause that imposes on owners and operators of stationary sources handling extremely hazardous substances a general duty in the same manner and to the same extent as section 654 of Title 29 [OSH Act] to identify hazards which may result from such releases using appropriate hazard assessment techniques, to design and maintain a safe facility taking such steps as are necessary to prevent releases, and to minimize the consequences of accidental releases which do occur. n865”
- ”… It places a burden of prevention and minimization on owners or operators without regulatory action by the EPA, and it prevents shifting of liability to the government because of the EPA’s approval of risk management plans. n867”
- ”…The clause imposes three obligations: (1) identify hazards from potential accidental release; (2) design and maintain a safe facility in taking the necessary steps to prevent release; and (3) minimize damage from actual accidental releases. n868 The general duty clause itself does not prescribe how these measures will be achieved. n869 The clause is performance-based; it places the burden on those using these substances to demonstrate safe practices regarding accidental releases. n870” …
- ”Because the general duty clause is based on the OSH Act, n873 the case law construing the Act, including the decisions of the Occupational Safety and Health Review Commission, are applicable. n874 Importantly, however, only the EPA and DOJ can enforce the general duty clause. n875 States, even with delegation of risk management programs, cannot enforce the clause. n876”
- p. 1187 ” The DOJ was to review the effect of Clean Air Act (CAA) regulations on the prevention of chemical releases, including those that may be released as a result of chemical activity. It also was to develop, test, and validate a protype vulnerability assessment methodology to assess the security of chemical facilities against terrorist and criminal acts. n887 On May 30, 2002, nearly two years late, the DOJ submitted its interim report. It was based on a study of only eleven of the 15,000 chemical manufacturing facilities subject to the CAA’s RMP provisions; therefore, the study cannot be generalized to the industry as a whole. The DOJ determined the report’s release would pose a threat to national security, and, based on the CAA (42 U.S.C. 7412(r)(7)(H)(xi)(III)), it would not make the report public. n888 On May 6, 2002, the EPA’s Administrator was given the authority in an administrative order to classify as “secret” any information that might pose a national security risk. n889 The legislation establishing the Department of Homeland Security (DHS) exempts from public disclosure information about physical and cybersecurity for information submitted voluntarily to DHS. n890”
- P.1190 “The CAA section 112(r), both the general duty clause and section 112(r)(7)(A), could be used to deal with terrorist threats. However, it is not clear that an intentional targeting of a facility or a population was intended to be covered by section 112(r)’s planning requirements; nor is it clear that the general duty clause, which is [*1191] based on OSHA’s general duty clause, was ever intended for use as a homeland security measure. A legislative fix is needed, but it has been a difficult task to develop a comprehensive bill that a majority in Congress would support. To date, only narrowly focused legislation has been enacted.”
Enemark, Christian, “United States biodefense, international law, and the problem of intent,” Politics and the Life Sciences, July 19, 2006, vol. 24, no. 1-2, p. 32.
- Transparency, Ethics, Policy, Biodefense having paradoxical effect of increasing likelihood of attack, BWC
Guilfoyle, Douglas, “Maritime Interdiction of Weapons of Mass Destruction,” JOURNAL OF CONFLICT & SECURITY LAW, 2007, Volume 12, No.1, pages 1-36.
- Maritime law enforcement- stop and search a vessel at sea “potentially seizing cargo and arresting persons aboard.”
- flag vessels enforced by their states, flag-state consent
- “a coastal state can enforce its criminal law against ships bound for, or leaving, its internal waters.”
- “so long as the acts of a vessel situated within the contiguous zone produce an infringement of a coastal state’s customs, fiscal, sanitary, and immigration laws within the territorial sea, ‘control’ could be asserted to punish those acts.”
- “In 1992, the Security Council identified the ‘proliferation of all WMD’ as a ‘threat to international peace and security.’”
Song, Yann-Huei, “The U.S.-Led Proliferation Security Initiative and UNCLOS: Legality, Implementation, and an Assessment”, Ocean Development & International Law, 38: 101-145 (2007).
- “UNCLOS, which is considered ‘[a] Constitution for the Oceans,’… has been praised as the most comprehensive political and legislative work ever undertaken by the United Nations.” (pg.102)
- “There is nothing in UNCLOS that explicitly prohibits the possession or transportation of ‘WMD, their delivery systems, and related materials’ by a foreign-flagged vessel.” (pg115)
- “‘PSI requires participating countries to act consistent with national legal authorities and relevant international law and frameworks,’ which includes the law reflected in the Law of the Sea Convention.’” (pg.113)
- “Three major factors should be considered in determining if a PSI interception is permissible under international law: first, the nature of the cargo transferred or transported by the intercepted vessel; second, the location where the interception action takes place; and third, the nationality of the intercepted vessel.” (pg.114)
- “In order to legally intercept WMD-related cargos, PSI participating countries must present reasonable evidence showing that the WMD-related cargoes are being transferred or transported to and from ‘states and non-state actors of proliferation concern’ and will be used for nonpeaceful purposes.” (pg.115)
- “An interdiction is legal under UNCLOS if the vessel that is being interdicted flies the flag of the interdicting country or flies the flag of a state that consents to the interdiction.” (pg.118)
- “It would also be legal for a PSI participating country to stop a vessel flying no flags or more than one flag in its national waters or international waters.” (pg.118)
- “Interdictions can be undertaken in different maritime zones, including internal waters, territorial sea, archipelagic waters, contiguous zone, straits used for international navigations, EEZs, and the high seas.” (pg.116)
- “There are other international treaties, regimes, and frameworks that can be relied on if interdiction actions against suspect vessels that carry or transport ‘WMD, their delivery systems, and related materials’ to and from ‘states and non-states of proliferation concern’ are necessary.” (pg.125)
- “The United States maintains that the PSI Statement of Interdiction Principles are consistent with the UN Security Resolution 1540, operative paragraph 10 which ”’calls upon” all States, in accordance with their national legal authorities and legislation and consistent with international law, to take cooperative action to prevent illicit trafficking in nuclear, chemical or biological weapons, their means of delivery, and related materials.’” (pg.113)
- “The legality of an interdiction action must be examined on a case-by-case basis.” (pg.122)
Lorine A. Hughes, Gregory J. DeLone, “Viruses, Worms, and Trojan Horses: Serious Crimes, Nuisance, or Both?“, Social Science Computer Review, Volume 25 Number 1, Spring 2007 78-98
- “Computers also may play a role in “creating a unique environment in which unauthorized activities can occur, or where the computer creates unique forms of assets subject to abusive acts.””
- ” As in the legendary tale about the hollow wooden horse that the Greeks used to smuggle their soldiers into Troy, a Trojan horse is a destructive program that masquerades as a legitimate file or application to gain entry to a computer (or, more recently, mobile phone, personal digital assistant, or gaming device).”
- “Because “there is no centralized database that collects information on the damage that viruses [and other types of malware] cause” (Taylor et al., 2005, p. 119), it is impossible to say with any certainty whether the effects of these programs constitute a major threat or have been largely overblown by the media and other doomsayers.”
- “Reports and press releases from the major antivirus companies—including McAfee, Sophos, Symantec, and Trend Micro—reveal a substantial increase in the number and complexity of malware attacks.”
- “Prosecutions of computer malware writers under the act have been relatively rare, mainly because of the “burden and complexity of the government’s case” (Montana, 2000, p. 58), the traditionally narrow focus of the law on information stored on federal interest computers, and the existence of legislative loopholes stemming from vague terminology (Baker, 1993; Colombell, 2002; Davis, 1994; McCall, 1988).”
- “On one hand, the data reveal that most threats are not widely distributed, do not cause significant damage, and are fairly easy to contain and remove.”
- “On the other hand, however, the most prevalent actions performed by existing malware tend to be among the most serious in terms of their ability to release information, provide unauthorized computer access, destroy data, and result in financial losses.”
- “Local, national, and global efforts to increase user awareness of the potential dangers of cyberspace and how best to avoid them nevertheless can coexist with innovative legal and law enforcement strategies to fight cybercrimes, including the development of incentive structures and programs for actions undertaken to benefit the common good (see Powell, 2005).”
Social Security Act: Authority to Waive Requirements During National Emergencies. 2009
- “Sanctions and penalties that arise from the noncompliance with the following requirements as promulgated under the authority of section 264c of the Health Insurance Portability and Accountability Act of 1996”:
- Section 164.522 of such title relating to the patient’s right to request privacy restrictions;and the patient’s right to request confidential communications.
- Certification of Congress- The Secretary shall provide a certification and advance written notice to the Congress at least two days before exercising the authority under this section with respect to an emergency area.
- “Emergency area;emergency period-An “emergency area” is a geographical area in which, and an emergency period is the period during which there exists-
An emergency or disaster declared by the President pursuant to the National Emergencies Act or the Robert T. Stafford Disaster Relief and Emergency Act and a public health emergency declared by the Secretary pursuant to section 319 of the Public Health Services Act.
S v H.S.E. (2009) IEHC 106 (11th February 2009) Judgement of Edwards J
- “The patient (was) alleged to be detained unlawfully at the Mercy University Hospital, an institution operated by the (H.S.E), in purported pursuance of an order made by (the H.S.E.) pursuant to s. 38 of the Health Act, 1947…which provides for the detention and isolation of a person suffering from an infectious disease who is a probable source of infection.”
- “the patient’s detention, although initially unlawful, became lawful once she was delivered into the custody of the staff at the Mercy University Hospital who were directly authorised by the s. 38 order to isolate her there in a specialised negatively pressurised room.”
- “The key criterion is the need to ensure “effective” isolation. The section expressly provides that the power may only be invoked in cases where the patient cannot be effectively isolated in their own home. It is implicit in the section that the legislature intended that the power should be invoked sparingly and that it should not be resorted to save where absolutely necessary. It is difficult to conceive of any circumstances where it would be necessary to invoke the power save in the case of patient non co-operation with a proposed regime of isolation. Even in a case where a patient’s home is physically, or otherwise, unsuitable to provide effective isolation, it would be unnecessary to invoke the s. 38 power of detention in the case of a co-operative patient. He or she could simply be admitted to, and isolated within, a hospital or other suitable place on a voluntary basis.”
- “The power created by section 38 supports an important public interest objective, namely, it assists in safeguarding against the spread of particular infectious diseases amongst the general population by facilitating, where necessary, the compulsory effective isolation of a person who is suffering from such a disease.”
- “While it might be desirable that the section should contain more specific safeguards towards the defence and vindication of a detainee’s personal rights, the absence of such safeguards does not, of itself, render the section unconstitutional. A detainee may have recourse at any time to the High Court within the context of Article 40.4.2˚ of the Constitution for the purpose of seeking an inquiry into the lawfulness of his or her detention.”
- “The combination of (i) such safeguards as already exist within the section, (ii) the presumption that the section will be operated constitutionally, and (iii) the existence of a readily accessible remedy for the person affected if it is not in fact operated constitutionally, provides an adequate level of protection for the personal rights of detainees. I therefore dismiss the claim of constitutional invalidity.”
Health & Human Services & U.S. Department of Agriculture, Co-Chairs, “Report of the Trans-Federal Task Force on Optimizing Biosafety and Biocontainment Oversight,” July 2009. http://www.hhs.gov/aspr/omsph/biosafetytaskforce/index.html
- “At the October 4 , 2007, House Committee on Energy and Commerce, Subcommittee on Oversight and Investigations hearing entitled ‘Germs, Viruses, and Secrets: The Silent Proliferation of Bio-Laboratories in the United States.’ the Department of Health and Human Services (HHS) announced the formation of the Trans-Federal Task Force on Optimizing Biosafety Oversight 9the ‘Task Force’).” p. 4.
- “The purpose of the Task Force is to propose options and recommendations to improve bioafety and biocontainment oversight of research activities at high and maximum containment research laboratories in the United States through a comprehensive review of mechanisms by which individual research 9local0 institutions and the Federal Government can ensure safe working conditions.” p. 156.
- “The Task Force envisions effective, comprehensive, local (institutional) and Federal oversight that protects laboratory workers, public health agriculture, and the environment, without hindering the progress of science.” p. 156.
- “there are four areas of concern, which include lapses in biosafety, lack of timely reporting of incidents, and lack of Federal oversight for research involving pathogens that are neither select agents nor recombinant DNA agents.” p. 4.
- “The issues of biosafety and personnel reliability, although related to laboratory biosafety and biocontainment, are not the focus of this report but are being addressed by a Federal Working Group established by Executive Order 13486, ”Strengthening Laboratory Biosecurity in the United States’” p. 5.
- “Recommendations 1.1: Identify or establish a Federal entity to coordinate biosafety and biocontainemtn activities, and to ensure comprehensive and effective Federal oversight for all high and maximum containment research facilities and activities in all sectors. …” p. 10.
- “… 2.2: Support the development of an accreditation system for biosafety/biocontainment management programs at high and maximum containment research institutions.” p. 10.
- N.B. “The term ‘high and maximum containment’ is used in this report to describe biosafety level 3 (BSL-3) and BSL-4 laboratories and equivalent containment facilities…” p. 4.
- “3.1: Establish national, position-specific training standards and core competencies in biosafety and biocontainemnt for all research, managerial, and support personnel at high and maximum containment research laboratories in all sectors.” p.11
- “4.1: Establish: (1) a new voluntary, non-punitive incident reporting system for high and maximum containment research laboratories…””
- “5.1: Develop comprehensive biocontainment guidelines comparable to those of the BMBL to cover research, including high and maximum containment research, on plant, livestock, and other agriculturally significant pests and pathogens.” p. 11.
- “6.1: Require … proper installation of and preventive and ongoing maintenance programs for biosafety and biocontainment infrastructure and equipment.” p. 12.
- “7.1: Develop and maintain a robust program of applied biosafety and biocontainemnt research to create additional and update exisiting evidence-based practices and technologies.” p. 12.
- “8.1: Develop comprehensive strategies to improve public communication, outreach, and transparency about biosafety and biocontainment issues and activities at high and maximum containment research facilities.” p. 12.
Committee on Laboratory Security and Personnel Reliability Assurance Systems for Laboratories Conducting Research on Biological Select Agents and Toxins, National Research Council of The National Academies, Report Released September 30, 2009. http://www.nap.edu/catalog.php?record_id=12774
- “The Committee was asked to consider the appropriate framework of laboratory security and personnel reliability measures that will optimize benefits, minimize risk, and facilitate the productivity of research.”
- ”Recommendation” 1: “…personnel with access to select agents and toxins should receive training in scientific ethics and dual-use research.”
- ”Recommendation” 2: “… a Biological Select Agents and Toxins Advisory Committee (BSATAC) should be established. … [to]… Promulgate guidance of the Select Agent Program; … Promote harmonization of regulatory policies and practices.”
- ”Recommendation” 3: “The list of select agents and toxins should be stratified in risk groups according to the potential use of the agent as a biothreat agent, …mechanisms for the timely inclusion or removal of an agent or toxin from the list are necessary and should be developed.”
- ”Recommendation” 4: “Because biological agents have an ability to replicate, accountability is best achieved by controlling access to archived stocks and working materials. …[as opposed to] counting the number of vials.”
- ”Recommendation” 5: The appeals process for Security Risk Assessments should be broadened beyond mere checks for factual errors.
- ”Recommendation” 6: “… define minimum cross-agency physical security needs.”
- ”Recommendation” 7: Dedicated funding should support an independent evaluation of the Select agent Program to assess benefits and consequences of the program.
- ”Recommendation” 8: “Inspectors of select agent laboratories should have scientific and laboratory knowledge and experience, as well as appropriate training in conducting inspections specific to BSAT research. Inspector training and practice should be harmonized across federal, state, local, and other agencies.”
- ”Recommendation” 9: A separate category of support should be allocated for BSAT research due to the costs of security.
Doyle, Michael, “Agriculture Department chemist successfully fights guilt-by-association,” January 19, 2010, Mc Clatchy, Suits & Sentences Blog, available at http://blogs.mcclatchydc.com/law/2010/01/agriculture-department-chemist-successfully-fights-guiltbyassociation.html Last checked august 11, 2012.
- ”Going about his everyday business in a Midwestern office of the Food Safety and Inspection Service, Poett applied to obtain certain toxic chemicals. But in August 2006, the FBI informed Poett’s supervisors that he was deemed to be a ‘restricted person’ who ‘has involvement with an organization that engages in domestic or international terrorism or international crimes of violence.’”
- ”Poett filed Freedom of Information Act requests to get to the bottom of it all. As Poett ultimately determined, the FBI’s career-crimping determination stemmed from his past, passing involvement with a group called the Irish Northern Aid Committee in America, also known as Noraid. Way back in 1992, Poett had written the British ambassador to the United States, saying he regretted the possibility that ‘the funds others and I have solicited may have fallen into the wrong hands’ and adding that he would ‘pray for the peaceful resolution between the British and Irish People.’”
- ”Kollar-Kotelly noted Monday that the government determined that ‘the FBI no longer reasonably suspects Plaintiff of knowing involvement with an organization that engages in domestic or international terrorism or with any other organization that engages in intentional crimes of violence and that Plaintiff is now eligible for access to select agents or toxins.’”
Markoff, John, “Google Asks Spy Agency for Help With Inquiry Into Cyberattacks” February 5, 2010, New York Times, http://www.nytimes.com/2010/02/05/science/05google.html. last checked 12/10/11
- ”Google has turned to the National Security Agency for technical assistance to learn more about the computer network attackers who breached the company’s cybersecurity defenses last year, a person with direct knowledge of the agreement said Thursday.”
- ”By turning to the N.S.A., which has no statutory authority to investigate domestic criminal acts, instead of the Department of Homeland Security, which does have such authority, Google is clearly seeking to avoid having its search engine, e-mail and other Web services regulated as part of the nation’s “critical infrastructure.”
- ”Systems designated as critical infrastructure are increasingly being held to tighter regulatory standards.”
- ”On Jan. 12, Google announced a ‘new approach to China,’ stating that the attacks were ‘highly sophisticated’ and came from China.”
- ”At the time, it gave few details about the attacks other than to say that a theft of its intellectual property had occurred and that a primary goal of the attackers had been to gain access to the Gmail accounts of Chinese human rights activists.”
- ”A number of computer security consultants who worked with other companies that experienced attacks similar to those of Google have stated that the surveillance system was controlled from a series of compromised server computers based in Taiwan.”
- ”An N.S.A. spokeswoman said, ‘N.S.A. is not able to comment on specific relationships we may or may not have with U.S. companies,’ but added, the agency worked with “a broad range of commercial partners’ to ensure security of information systems.’
- ”’This is the other side of N.S.A. — this is the security service that does defensive measures,’ said the specialist, James A. Lewis, a director at the Center for Strategic and International Studies. ‘It’s not unusual for people to go to N.S.A. and say ‘please take a look at my code.’ ‘ ”
- ”On Thursday, the organization [Electronic Privacy Information Center] filed a lawsuit against the N.S.A., calling for the release of information about the agency’s role as it was set out in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 , a classified 2008 order issued by President George W. Bush dealing with cybersecurity and surveillance.”
- ”The relationship that the N.S.A. has struck with Google is known as a cooperative research and development agreement, …. These were created as part of the Federal Technology Transfer Act of 1986 and are essentially a written agreement between a private company and a government agency to work together on a specific project.”
- ”In addition to the N.S.A., Google has been working with the F.B.I. on the attack inquiry,…”
Cybersecurity, BioHacker, Law Enforcement, China, Taiwan, Classified, Law, Homeland Security
Andreson, Teresa, “Bill Will Launch Review of Anthrax Investigation,” http://www.securitymanagement.com/news/bill-will-launch-review-anthrax-investigation-006828, SECURITY MANAGEMENT, February 26, 2010.
- “An amendment to the 2010 Intelligence Authorization Act (H.R. 2701) will require that the government investigate and issue a report on the anthrax attacks of 2001 to determine whether the attacks originated from outside the United States.”
- “The investigation will be conducted by the Inspector General and, according to the act, will include raw intelligence and should attempt to establish whether there is any credible evidence to connect the anthrax attacks to a foreign entity.”
- “”This investigation was botched at multiple points, which is why reexamining it is so important,”Holt commented while introducing the amendment, . Given that the samples of the strain of anthrax that was used in the attacks may have been supplied to foreign laboratories, we think it is prudent to…examine whether or not evidence of a potential foreign connection to the attacks was overlooked, ignored, or simply not passed along to the FBI.””
Neuman, William, “In E. Coli Fight, Some Strains Are Largely Ignored,” NYT, May 26, 2010, http://www.nytimes.com/2010/05/27/business/27bugs.html?scp=1&sq=e.%20coli&st=cse, last checked June 23, 2010.
- “But as everyone focused on controlling that particular bacterium, known as E. coli O157:H7, the six rarer strains of toxic E. coli were largely ignored.”
- “Collectively, those other strains are now emerging as a serious threat to food safety. In April, romaine lettuce tainted with one of them sickened at least 26 people in five states, including three teenagers who suffered kidney failure.”
- “For three years, the United States Department of Agriculture has been considering whether to make it illegal to sell ground beef tainted with the six lesser-known E. coli strains, which would give them the same outlaw status as their more famous cousin. The meat industry has resisted the idea, arguing that it takes other steps to keep E. coli out of the beef supply and that no outbreak involving the rarer strains has been definitively tied to beef.”
- “‘This is something that we really have to look at,’ said Senator Kirsten Gillibrand, Democrat of New York, who plans to introduce a bill that would pre-empt the Agriculture Department by declaring a broad range of disease-causing E. coli to be illegal in ground beef and requiring the meat industry to begin testing for the microbes.”
- “Part of the problem is that so little is known about the rarer E. coli strains, which have been called the “big six” by public health experts. (The term refers to the fact that, after the O157 strain, these six strains are the most virulent of a group of related E. coli.) Few food companies test their products for the six strains, many doctors do not look for them and only about 5 percent of medical labs are equipped to diagnose them in sick patients.”
- “A physiological quirk of E. coli O157 makes it easy to test for in the lab, and many types of food are screened for it. The other E. coli strains are much harder to identify and testing can be time-consuming.”
- “Earthbound Farm, the nation’s largest producer of organic salad greens, is one of the few companies that does screen for the full range of toxic E. coli, and it has found a worrisome incidence of the rarer strains. Out of 120,000 microbial tests last year, about one in 1,000 showed the presence of unwanted microbes, mostly the six strains.”
- “The O157 strain of E. coli is a frightening bug, causing bloody diarrhea and sometimes kidney failure, which can be fatal. Some of the six strains cause less severe illness, but others appear to be just as devastating as the O157.”
- “The toxic E. coli bacteria originate in the guts of cattle, putting the beef industry on the front line.”
- “The beef industry now routinely tests for the O157 strain, but there is no regular testing for the other six strains.”
- “The agency, [FDA] which regulates produce, is waiting for Congress to pass a law that would greatly expand its food safety authority.”
Meier, Barry, “Supreme Court to Consider Vaccine Case,” NYT http://www.nytimes.com/2010/10/12/health/12vaccine.html?_r=1&scp=2&sq=vaccination&st=cse last checked 10/27/2010, October 11, 2010.
- “At issue is whether a no-fault system established by Congress about 25 years ago to compensate children and others injured by commonly used vaccines should protect manufacturers from virtually all product liability lawsuits.”
- “The law was an effort to strike a balance between the need to provide care for those injured by vaccines, some of them severely, and the need to protect manufacturers from undue litigation.”
- “Under the 1986 National Childhood Vaccine Injury Act, such claims typically proceed through an alternative legal system known as “vaccine court.” Under that system, a person is compensated if their injury is among those officially recognized as caused by a vaccine. That person, or their parents, can choose to reject that award and sue the vaccine’s manufacturer, but they then face severe legal hurdles created by law to deter such actions.”
- “Federal data shows that $154 million was paid in fiscal 2010 to 154 claimants involved in vaccine court proceedings. That figure was significantly higher than in preceding years and reflected several unusually high awards, officials involved in the program said.”
- “In the five preceding fiscal years, an average of $68 million in compensation was paid out on an annual basis, federal data indicates. A compensation fund is financed by an excise tax on vaccinations.”
- “The case to be heard on Tuesday involves an 18-year-old woman, Hannah Bruesewitz, who suffered seizures when she was 6 months old and subsequently suffered developmental problems, her parents say, after receiving a type of D.T.P. vaccine that is no longer sold. The D.T.P. vaccine protects against three potentially deadly childhood diseases: diphtheria; pertussis, which is also known as whooping cough; and tetanus.”
- “Initially, Ms. Bruesewitz’s parents brought a claim on her behalf to the vaccine court, but the severe injuries that she reportedly suffered were removed from the list of those that qualified for compensation a month before the case was heard. An administrative judge in vaccine court subsequently rejected her claim, so her parents filed a product liability lawsuit against Wyeth, a Pfizer unit that had acquired the vaccine’s manufacturer, Lederle Laboratories.”
- “The Supreme Court review revolves around the narrow question of whether Congress in passing the Vaccine Act intended to bar lawsuits against vaccine manufacturers based on so-called design defect claims. A vaccine design defect claim essentially asserts that the manufacturer should have sold a different vaccine, which plaintiffs say would have been safer than the one used.”
- “James M. Beck, a lawyer in Philadelphia who defends makers of drugs and medical devices, said in a phone interview that a ruling in favor of the Bruesewitzes would allow hundreds of lawsuits asserting a link between vaccines and autism to go forward. ‘If these cases go forward, it will make it economically unfeasible for anyone to make vaccines in this country,’ said Mr. Beck.”
Green, Bruce, “Thinking About White-Collar Crime and Punishment,” American Bar Association, Fall, 2010. http://www.americanbar.org/content/dam/aba/migrated/sections/criminaljustice/PublicDocuments/cJfa10_chair.authcheckdam.pdf Last Checked 4/4/12.
- “The objective was to promote certainty and fairness by eliminating unwarranted sentencing disparities, while remaining true to the purposes of punishment and drawing on developing knowledge about how people behave.”
- “But in 2005, the Supreme Court held in United States v. Booker that they were less than legally binding, although district courts must still consult them and take account of them in sentencing.”
- “Sentencing is hard, and perhaps it is particularly hard in white-collar cases, where the goals of criminal punishment pull judges in opposite directions. Incapacitation of white-collar defendants is rarely necessary to protect the public and does nothing to rehabilitate them. However, imprisonment in white-collar cases is assumed to be a necessary deterrent to others who might engage in similar lawbreaking.”
- “One must wonder when the interest in retribution is enough in itself to justify putting a white-collar offender behind bars for many years.”
- “The Sentencing Commission identified more than 20 characteristics of defendants that many or most district judges consider relevant not only to choosing a sentence within the guidelines range but to whether to impose a sentence that departs or varies from that range. These included the defendant’s mental, emotional, or physical condition, employment record and family responsibilities, civic service, and prior good works.”
- “A collection of judicial reasoning might aid the commission in refining the guidelines, particularly insofar as a consensus emerges behind particular reasoning. But more importantly, making judges’ reasoned decisions broadly available would contribute toward the ongoing “common law” of federal sentencing, thereby promoting greater fairness and consistency.”
Overbye, Dennis, “Physicist’s Jailing Is Veiled in Mystery,” NYT March 14, 2011, http://www.nytimes.com/2011/03/15/world/europe/15physicist.html Last checked March 24, 2011.
- “When Adlène Hicheur, a French-Algerian physicist working on antimatter at CERN’s enormous particle collider outside Geneva, was arrested on Oct. 8, 2009, on suspicion of conspiring with an Algerian branch of Al Qaeda, fears of doomsday plots rippled through the tabloid press.”
- “Last fall, the Swiss government closed its investigation of Dr. Hicheur, saying it had found no evidence of wrongdoing, but in France, Dr. Hicheur’s detention was extended. Last month, it was extended again, by four months. Press officers for France’s interior minister, Claude Guéant, did not respond to telephone and e-mail requests for comment on the case.”
- “So, more than 500 days after his arrest, Dr. Hicheur, now 34, remains in preventive detention in a Paris prison without having been charged with any crime. Nor, say his lawyers and his family, has any evidence been produced that he did anything more than browse Islamic political Web sites. No trial has been scheduled.”
- “After months of silence, Dr. Hicheur’s family and colleagues have recently begun to speak out, urging his release. The issue, they say, is a simple matter of human rights. The long incarceration has turned Dr. Hicheur’s life into a Kafka novel, they say, and is endangering his physical and mental health, as well as his career and his family.”
- “Under French law, a person suspected of terrorist connections can be held in “provisional detention” for up to four years, depending on the nature of the alleged offense, without being charged or tried. Dr. Hicheur could be detained for up to two years, according to his lawyer, Dominique Beyreuther-Minkov.”
- “Nearly 100 scientists, including Jack Steinberger of CERN, winner of a Nobel Prize in Physics, signed a letter to the French president, Nicolas Sarkozy, in December. They wrote, “It seems to us that there is no justification for the prolonged detention, of almost 14 months so far, of Dr. Adlène Hicheur, an internationally recognized scientist, held in much esteem by his colleagues.”
- “The unusual thing about Dr. Hicheur’s case, say his friends and supporters, is that it is happening to a scientist.”
- “After obtaining his Ph.D. under Dr. Lees at the Annecy laboratory, for work done partly at the SLAC National Accelerator Laboratory at Stanford, Dr. Hicheur worked at the Rutherford Appleton Laboratory in Britain and then joined the Laboratory for High Energy Physics at the École Polytechnique Fédérale de Lausanne in Switzerland. There, he is part of a team that operates LHCb, one of the giant particle detectors on CERN’s Large Hadron Collider.”
- “Dr. Hicheur was arrested at his parents’ apartment in Vienne just as he was about to travel to Sétif to meet with a contractor about building a house on land he had recently bought there, and for which he had transferred about $18,000 to Algeria, his brother said. He was also planning to meet with physicists at the University of Sétif as part of a long-range goal to establish research collaborations with physicists in Algeria.”
- “According to news reports, Dr. Hicheur had been under surveillance for a year and had been in Internet contact with Al Qaeda in the Islamic Maghreb, Al Qaeda’s North African affiliate. Shortly after the arrest, a French police official told Le Monde that Dr. Hicheur had planned to attack a military base in Annecy that is home to an elite force that had recently left for Afghanistan. The French authorities have been silent ever since.”
Editors, “U.N. Presses Countries to Enact Anti-WMD Measures” 21 April 2011, GSN http://gsn.nti.org/gsn/nw_20110421_6052.php, Last Checked 21 April 2011.
- “A U.N. Security Council measure adopted without dissent on Wednesday presses governments to comply with a 2004 resolution demanding domestic efforts to prevent ‘nonstate actors’ from obtaining weapons of mass destruction.”
- “The Wednesday declaration renews for one decade the authorization for the Security Council panel charged with overseeing execution of Resolution 1540.”
- “The body aids governments in preparing relevant legislation, overseeing security for potential WMD ingredients and guarding against their transfer to other states, and bolstering police measures and protective efforts at border crossings.”
- “The 2004 resolution requires U.N. states to enact domestic measures to prevent rogue actors from producing, obtaining, or moving weapons of mass destruction, associated goods and their delivery systems.”
- “Wednesday’s Resolution 1977 ‘sharpens the tools’ of the 1540 implementation panel.”
- “The mandate, originally scheduled to lapse on Monday, is now set to remain in effect through April 25, 2021.”
- “All 192 U.N. member nations should meet the requirements of Resolution 1540, and governments that have not submitted a declaration on their efforts to comply with measure should take the step ‘without delay,’ the Security Council stated.”
- “The White House praised the Wednesday resolution and noted a $3 million Obama administration pledge to support committee activities.”
Cooper, Helene, “U.S. Calls for Global Cybersecurity Strategy” 16 May 2011, New York Times. http://www.nytimes.com/2011/05/17/us/politics/17cyber.html
- “The Obama administration on Monday proposed creating international computer security standards with penalties for countries and organizations that fell short.”
- “Officials did not single out any countries in announcing the strategy, several officials said privately that the hope was that the initiative would prod China and Russia into allowing more Internet freedom,…”
- “Cracking down on intellectual property theft and enacting stricter laws to protect computer users’ privacy. “
- ‘“The effort to build trust in the cyberspace realm is one which should be pushed in capitals around the world…”’
- ‘“The White House also promised that the United States would respond to attempted hacking “as we would to any other threat to our country.”’
- “The strategy calls for officials from the State Department, the Pentagon, the Justice Department, the Commerce Department and the Department of Homeland Security to work with their counterparts around the world to come up with standards aimed at preventing theft of private information and ensuring Internet freedom.”
- “The 21st-century threats that we now face to both our national and international security really have no borders.”’
- “The administration released… its new computer security strategy, increasing and clarifying the penalties for computer crimes, and giving the domestic security agency a clear mandate for the protection of the government’s own networks.”
- “That effort was intended to reverse a growing perception that penalties for attacks on government, corporate and personal computers had been relatively small.”
- “The legislation calls for the agency to work with energy companies, water suppliers and financial institutions to rank the most serious threats and find ways to counter them.”
- “The law would also require each business to have an independent commercial auditor assess its plans…”
Homeland Security Newswire, “Government launches cybersecurity plan” 16 May 2011, Homeland Security newswire. http://homelandsecuritynewswire.com/government-launches-cybersecurity-plan
- “Last week the Obama administration unveiled its plan to secure federal computer networks, critical industries, and consumers from cyberattacks.”
- “The plan would require critical infrastructure operators like electric companies and large financial firms to present cybersecurity plans to DHS for approval.”
- ‘“DHS auditors would review the plans with the operators, discuss any shortcomings and “take other action as may be determined appropriate.”’
- “Plans that are deemed insufficient could lead to shutdowns, fines, or other monetary or civil penalties.”
- ‘“DHS will lead government efforts to secure networks with “primary responsibility within the executive branch for information security.”’
- “DHS would also be empowered to set policies and activities for government systems.”
- ‘“Federal authority and leadership would be designated within DHS, which will “develop and conduct risk assessments for federal systems and, upon request, critical information infrastructure.”’
- “If an intrusion is detected, DHS will have the authority to deploy and operate detection and prevention systems on any government network.”
- “DHS will also establish a cybersecurity information sharing center to increase cooperation between all relevant stakeholders including federal, state, and local governments as well as the private sector.”
- “Administration officials say that the proposed law is designed to facilitate cooperation with the private sector and is a signal that no single entity can effectively guard against all cyber security threats.”
- “The legislation was sent to Congress on 12 May and is currently being debated.”
Dilanian, Ken, “A key Sept. 11 legacy: more domestic surveillance“, LA Times, August 29, 2011, http://articles.latimes.com/2011/aug/29/nation/la-na-911-homeland-security-surveillance-20110830
last checked august 27, 2012.
- ”U.S. law enforcement and intelligence agencies now collect, store and analyze vast quantities of digital data produced by law-abiding Americans. The data mining receives limited congressional oversight, rare judicial review and almost no public scrutiny.”
- ”’We are caught in the middle of a perfect storm in which every thought we communicate, every step we take, every transaction we enter into is captured in digital data and is subject to government collection,’ said Fred H. Cate, a professor at the Indiana University Maurer School of Law who has written extensively on privacy and security.”
- ”The National Security Agency, which eavesdrops on foreign targets, once had to get a court-approved warrant to monitor a U.S. citizen’s communications over wires that traverse the United States. Now the agency is free to vacuum up communications by Americans and foreigners alike, as long as the target of the surveillance is a foreigner.”
- ”Officials from the FBI and NSA say they follow strict rules to avoid abuses. But in 2007, the Justice Department’s inspector general found that the FBI had engaged in ‘serious misuse’ of its authority to issue National Security Letters, claiming urgency in cases where when none existed.”
- ”Such letters, a kind of administrative subpoena, are key to the increased surveillance.”
- ”Courts have ruled that the government doesn’t need a search warrant, which requires a judge’s approval, to obtain records held by ‘third parties,’ such as hotels, banks, phone companies or Internet providers.”
- ”So the government has used National Security Letters to get the data, issuing 192,500 of the letters between 2003 and 2006, according to an audit by the Justice Department inspector general. The numbers have dropped sharply since then, but the FBI issued 24,287 National Security Letters last year for data on 14,212 Americans. That’s up from a few thousand letters a year before 2001.”
- ”Unlike a search warrant in a criminal case, obtaining a FISA warrant does not require convincing a judge that there is probable cause to believe a crime was committed. Instead, the government must show probable cause that the target is an agent of a foreign power. Because of the different legal standard, information gathered from FISA warrants tended not to be used in criminal cases a decade ago.”
- ”’Zazi is a very good example of the melding of intelligence authorities and criminal authorities,’ said a senior law enforcement official, speaking on condition of anonymity. ‘We needed to move quickly, and we never could have done it like that’ before Sept. 11.”
- ”The Zazi case revealed another new reality. Earlier this year, the government disclosed it had recorded 43 conversations between Zazi’s codefendant, Adis Medunjanin, and his lawyer, Robert Gottlieb. With rare exceptions, such conversations are off-limits to investigators in criminal cases — unless they obtain a FISA warrant.”
- ”A federal judge later ruled in Mayfield’s favor that provisions of the Patriot Act, allowing the FBI to use FISA to conduct ‘surveillance and searches of American citizens without satisfying the probable-cause requirements of the 4th Amendment,’ were unconstitutional. The ruling was overturned on appeal in 2009.”
- ”Bush gave the NSA the authority to eavesdrop on Americans communicating with foreigners abroad without first obtaining a FISA warrant, deeming the process too slow.”
- “The law also retroactively legalized other forms of surveillance, former intelligence officials say, including “bulk” monitoring that allows the government to intercept all email traffic between America and a range of suspect email addresses in, say, Pakistan.”
- ”The government’s goal is ‘to find the kind of patterns that maybe will lead them to evidence of some kind of terrorist plot, and maybe thereafter they can then zero in on a suspect,’ said Joel Margolis, a regulatory consultant for Subsentio, a Colorado firm that helps telecommunications companies comply with law enforcement requests. ‘It’s just the opposite of what we’ve done in our tradition of law, where you start with a suspect.’”
- ”Merrill, the Internet entrepreneur, was so disturbed by the FBI’s demand for his customer’s records that he became an anonymous plaintiff in a legal challenge to the Patriot Act provisions on National Security Letters. A federal judge in New York ruled parts of the law unconstitutional in 2004 and again in 2007, calling it ‘the legislative equivalent of breaking and entering.’ Last year, Merrill won the right to identify himself as the recipient of a letter, although he is still prohibited from saying much about it. But the FBI withdrew its request for his customer’s data, so higher courts didn’t rule on whether the request itself was constitutional.”
Editors, “Congressional approval of cybersecurity bill looks promising,” Homeland Security Newswire http://www.homelandsecuritynewswire.com/dr20111201-congressional-approval-of-cybersecurity-bill-looks-promising, December 1, 2011.
- “The Obama administration along with the Senate plan to pass a comprehensive cybersecurity bill that was first proposed in May 2011. The bill would make the Department of Homeland Security the primary agency in protecting government networks and the private sector.”
- “The bill now stands at the top of the Senate’s priority list, even among the impending November election and constant budget battles on Capitol Hill.”
- “Under the bill, critical infrastructure operators would be required to develop cybersecurity measures and security plans of action.
Matthew Hay Brown, “Helping businesses defend against cyber threats” 3 December, 2011, baltimoresun http://articles.baltimoresun.com/2011-12-03/news/bs-md-ruppersberger-cyber-20111203_1_cyber-threats-threat-data-business-plans Last check 12/9/2011.
- “Analysts with the National Security Agency see the threats coming at corporate America: viruses, worms and other malware targeting the computer networks that serve the nation’s banks, utilities and businesses.”
- “But the 64-year-old law that established the modern U.S. intelligence community prevents them from sharing the classified details with the private businesses in the cross hairs.”
- ““I’m really concerned that we will have some type of serious attack within the year,” said Rep. C.A. Dutch Ruppersberger, who receives security briefings as the top-ranking Democrat on the House Intelligence Committee.””
- ““Air traffic control systems when the planes are flying. Grid systems for energy. Banks really concern me.””
- “The bill would promote unprecedented cooperation between the government and the private sector by allowing the NSA and other federal agencies to pass classified information to vetted companies so they can defend against disruptions, destruction or the theft of trade secrets, business plans and private information about customers and employees.”
- “But while many agree on the need for greater coordination against cyber threats, some express concern about the potential impact on civil liberties — from government agencies gaining access to personal details about private citizens to the possibility of an information clampdown as threat data is labeled secret.”
- “Estimates of the impact of cyberattacks on the U.S. economy begin in the billions of dollars annually, and analysts say the costs are growing. Web-based attacks nearly doubled from 2009 to 2010, according to Symantec Corp.”
- “The cybersecurity giant also reported encountering more than 286 million unique variants of malware last year.”
- “Private businesses don’t always know when they have been hacked; when they do, they often prefer to keep the information to themselves.”
- “Rogers speaks of an “economic cyberwar” being waged against U.S. businesses by “economic predators, including nation-states.” U.S. officials have identified Russia and China as the most aggressive countries.”
- ““But al-Qaida and other extreme groups could hire some brilliant hackers — and they’re all over the world — and pay them millions of dollars to make an attack.””
- “The Cyber Intelligence Sharing and Protection Act of 2011, introduced Wednesday by Rogers and co-sponsored by Ruppersberger, is one of several proposals to address cybersecurity in the private sector.”
- “The bill would not require private businesses to report cyber threat information to the government.”
- “Ruppersberger says the legislation is aimed at improving communication about malware…”
- ““NSA has this information, and they know that major companies are being attacked, but they’re not allowed to pass classified information…””
- “The National Security Agency referred questions about current communication with the private sector to the Office of the Director of National Intelligence. That office did not respond to requests for comment.”
- “The legislation builds on a pilot program that has allowed sharing between the NSA and selected defense contractors — and helped thwart hundreds of cyberattacks.”
- “Cyberattacks are a global challenge. In a heavily publicized recent case, a South Korean bank lost ATM and online banking service for several days in an attack this year and key financial information was destroyed. South Korean prosecutors blame North Korea.”
- “Closer to home, a Hungarian pleaded guilty in federal court last week to transmitting malicious code to Marriott International Corp. and threatening to reveal confidential information about the company if he were not offered a job maintaining the network.”
- “According to a plea agreement, Attila Nemeth, 26, sent the Bethesda-based hotel chain an email last year containing attachments that included confidential information that had been stored on company computers.”
- ““Intelligence officials “need to share and not expect anything back for quite a while, until the private sector is comfortable that the government really is a partner and not trying to use them as a sensor grid.””