Defining Cybersecurity Law
47 Pages Posted: 16 Aug 2018
Date Written: March 1, 2018
Abstract
The U.S. legal system lacks a consistent definition of the term “cybersecurity law.” This Article aims to fill that gap by defining “cybersecurity law.” Although “cybersecurity” is a commonly used term in legal circles, no scholarship has stepped back to define exactly what “cybersecurity law” is and the goals of statutes and regulations that aim to promote “cybersecurity.” By defining the scope and goals of this new legal field, policymakers can then examine how lawmakers could improve existing laws. Part II of this Article briefly describes the cybersecurity challenges that the United States faces by examining the cyberattack on Sony Pictures Entertainment. Part III broadly examines current cybersecurity threats to the United States and defines “cybersecurity law” as a legal framework that “promotes the confidentiality, integrity, and availability of public and private information, systems, and networks, through the use of forward-looking regulations and incentives, with the goal of protecting individual rights and privacy, economic interests, and national security.” Part IV of this Article explains the current U.S. legal regime for cybersecurity and concludes that many of the most prominent cybersecurity laws only address a small portion of the broader legal framework. Part V examines the gaps in current U.S. cybersecurity law and suggests which areas of cybersecurity law policymakers could better address.
Keywords: cybersecurity
Suggested Citation: Suggested Citation