FTC and DOJ Issue Antitrust Policy Statement on Sharing Cybersecurity Information


On April 10, 2014, the Federal Trade Commission (FTC) and Department of Justice (DOJ) issued a policy statement clarifying that the Agencies "do not believe that antitrust is – or should be – a roadblock to legitimate cybersecurity information sharing." But while the policy statement may help to alleviate some concerns that private sector organizations have voiced regarding obstacles to information sharing, it may not go far enough to encourage substantially more. In addition, it does not provide liability protection or a "safe harbor," which has been a primary driver of corporate support for some information sharing legislation to date. Nonetheless, the policy statement could be an important step towards achieving a truly robust cyber-threat sharing ecosystem. In combination with the criteria set out in a 2000 Business Review Letter by DOJ, the policy statement can help entities form the outline of a compliant information sharing program.

Acknowledging that the sharing of information about cybersecurity threats (such as incident or threat reports, indicators, threat signatures, and alerts) can bolster the collective security of networks, the Agencies begin by noting that some private organizations may not be sharing information that could be useful to others out of concern over antitrust enforcement. However, they emphasize that cyber-threat information sharing generally would not raise concerns under the Agencies' "rule of reason" analysis. In applying that analysis, the Agencies focus on "whether the relevant agreement likely harms competition by increasing the ability or incentive profitably to raise price above or reduce output, quality, service, or innovation below what likely would prevail in the absence of the relevant agreement."

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Topics:  Cybersecurity, DOJ, FTC, Information Sharing, Privately Held Corporations, Safe Harbors

Published In: Antitrust & Trade Regulation Updates, General Business Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Venable LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »