Cyber Threat Information and the Antitrust Canard
Those of us who tried to do big things in government have learned to be grateful for small things. Yesterday, the Justice Department’s Antitrust Division and the Federal Trade Commission jointly declared, “they do not believe that antitrust is---or should be---a roadblock to legitimate cybersecurity information sharing.” The business press immediately jumped on this as a giant step forward, removing a big impediment to the sharing of cyber threat information among private parties.
Published by The Lawfare Institute
in Cooperation With
Those of us who tried to do big things in government have learned to be grateful for small things. Yesterday, the Justice Department’s Antitrust Division and the Federal Trade Commission jointly declared, “they do not believe that antitrust is---or should be---a roadblock to legitimate cybersecurity information sharing.” The business press immediately jumped on this as a giant step forward, removing a big impediment to the sharing of cyber threat information among private parties. In fact, when it comes to that kind of sharing, “antitrust” was always a red herring. Threat reports, indicators, malware signatures, and the like are highly technical and have nothing to do with prices, terms of sale, territories, or other price- and output-related subjects that can create antitrust concerns. The Antitrust Division reached this conclusion in a business review letter 14 years ago, and both agencies say that analysis then “remains very current” now. Any competent antitrust counsel has known this all along. Any counsel who worried about it could have sought a business review letter from the Division and would have received the same advice.
So what explains the persistence of the antitrust roadblock to information sharing? Corporate counsel are an understandably conservative lot. In their release yesterday, the agencies noted that some companies “have been counseled that sharing of information among competitors may raise antitrust concerns.” Insofar as it was true, that advice in these circumstances was beyond conservative. It was unsound.
In other cases, “antitrust” was simply an excuse for companies’ not sharing threat information they did not want to share. In one industry I’m familiar with, executives from several top-tier competitors all told me they believed their threat information gave them a competitive advantage. That could not logically be true for all of them. In any case, even among highly capable companies, the knowledge that comes from sharing cyber threat information is enormously greater than any single competitor can achieve acting alone.
Yesterday’s public release was welcome, but given the persistence of the antitrust canard, I tried to get the Division to issue such a statement about five years ago while I was the national counterintelligence executive. Too bad it took so long.
Joel F. Brenner specializes in cyber and physical security, data protection and privacy, intelligence law, the administration of classified information and facilities, and the regulation of sensitive cross-border transactions. He was Senior Counsel at the National Security Agency, advising Agency leadership on the public-private effort to create better security for the Internet. From 2006 until mid-2009, he was the head of U.S. counterintelligence under the Director of National Intelligence and was responsible for integrating the counterintelligence activities of the 17 departments and agencies with intelligence authorities, including the FBI and CIA and elements of the Departments of Defense, Energy, and Homeland Security. From 2002 – 2006, Mr. Brenner was NSA’s Inspector General, responsible for that agency’s top-secret internal audits and investigations. He is the author of America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare.