CybersecurityDOJ’s new cyber unit to provide legal guidance on electronic surveillance

The Justice Department is creating a cybersecurity unit within its Computer Crime & Intellectual Property Section (CCIPS) to provide legal guidance on electronic surveillance investigations, Assistant Attorney General Leslie Caldwell said Thursday during a speech at Georgetown University’s law school. The unit will also work with Congress on cybersecurity legislation and focus on cybercrime prevention. “Given the growing complexity and volume of cyberattacks, as well as the intricate rubric of laws and investigatory tools needed to thwart the attacks, the cybersecurity unit will play an important role in this field,” Caldwell said. The Hill reports that DOJ’s CCIPS already prosecutes majority of the department’s cybersecurity cases but the reorganization will “make sure that cybersecurity is receiving the dedicated attention it requires.”

“It is important that we address cyber threats on multiple fronts, with both a robust enforcement strategy as well as a broad prevention strategy,” Caldwell added.

Earlier this week, the FBI issued a five-page “flash” warning to some U.S. business regarding hackers that may use malware to override all data on hard drives of computers. DOJ’s new cybersecurity unit will also coordinate with the private sector on investigating alleged cybercrimes, but Caldwell has not explained how the new unit will work alongside DHS which already has a working relationship with the private sector in which it offers a fee-based cyberthreat-sharing service to selected industries. Firms from eight of the nation’s sixteen main industries- energy, communications, defense, financial, water, chemical, information technology, and transportation- have joined DHS’ Enhanced Cybersecurity Services initiative.

The private sector supports collaboration with the federal government on investigating cybercrime and has been urging Congress to pass the Cybersecurity Information Sharing Act (CISA) to allow businesses to share information on cyber breaches with law enforcement while being protected from certain disclosures and lawsuits. The bill passed the house in July but some opponents and members of the Senate are concerned the bill falls short of restricting the government from gathering personal data on Americans. Proponents expect the new Senate to pass the bill next year. “We would anticipate that (an information sharing bill) would be able to move through the Senate more easily now than before,” said Paul Martino, senior policy counsel at the National Retail Federation, an industry group in favor of a cyber information sharing framework.