CDT Statement on U.S. Department of Commerce Cybersecurity Report
Washington — Today, the Department of Commerce Internet Policy Task Force released a paper that is intended to define the contours of appropriate cybersecurity activity for what the report calls the "Internet and Information Innovation Sector" or "I3S." For this I3S sector, the paper contemplates a more voluntary, market based and industry-led approach for cybersecurity as compared to the approach the Administration has outlined for securing critical infrastructure sectors.
CDT applauds the Commerce Department’s multi-stakeholder approach in developing the paper. CDT’s President Leslie Harris said, "We’re pleased that the Administration recognizes that many Internet-based functions and services that consumers use every day should not be defined as part of the 'critical infrastructure' that is subject to a more prescriptive regulatory regime."
"There is still a great deal of work to be done, including developing the contours of the government’s limited role in securing the I3S sector," added Gregory T. Nojeim, Director of CDT’s Project on Security, Freedom and Technology. "Moreover, there remains the huge, unanswered question of what should be the government’s role in securing the Internet itself, whether it is deemed critical or non-critical."