A global cybersecurity expert believes the Homeland Security bill pass by the House of Representatives this week will apply to law firms
Bloombergs reported that Jeroen Plink, managing director of cybersecurity consulting firm Glasswall Solutions and former U.S. chief executive officer of the Practical Law Co, who said he expected law firms would be able to share information on detected malware. “Most things are too sensitive,” including all information protected by attorney-client privilege, he said in a telephone interview.
The House passed the National Cybersecurity Protection Advancement Act (H.R. 1731) on Wednesday, which encourages companies to share information on cyberthreats with other companies and/or the Department of Homeland Security, by providing the companies with liability protection. Any data sharing would be voluntary.
The liability waiver provision seeks to address concerns that U.S. companies face liability risks, such as shareholder or customer lawsuits, when they voluntarily disclose cybersecurity-related information.
The bill would require that cyberthreat data be scrubbed twice to strip out personally identifying information — once by the company and once by DHS. Nonetheless, Plink said law firms will be “very, very careful” when deciding whether to share any cyberthreat data.
The Senate Intelligence Committee passed a similar measure, which is expected to receive a full vote this Spring.
[table id=9 /]