In our latest episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Jason Gull, Senior Counsel in the Computer Crime and Intellectual Property Section (CCIPS) of the Justice Department’s Criminal Division. The CCIPS prosecutes hacking crimes, as well as intellectual property crimes, and provides guidance to the more than 90 U.S. Attorney offices around the country when it comes to prosecuting crimes under the Computer Fraud and Abuse Act (CFAA) and the Digital Millennium Copyright Act (DMCA).
In the conversation, Jason sheds light on the evolution of the DMCA, including the 1996 intellectual property treaties that led to its enactment in 1998, the exceptions built into the statute, and the role of the Library of Congress in reviewing the law every three years. Jason, Jen and Alex dive into the DMCA’s triennial process, including why, and how, provisions and exceptions are submitted and maintained.
The 2024 review process is underway, and potential new or amended exemptions have been submitted. On October 19, the Copyright Office issued a Notice of Proposed Rulemaking, which indicates that the existing exemption for security research will be renewed, along with several other exemptions relating to computer programs that may be of interest to security professionals (see pages 7-11). The notice also advised that new or expanded exemptions have been organized into seven classes for further review, including a petition for Generative AI research. If you’re interested in that topic, or any of the others being proposed, you can get involved and have your say. The Copyright Office is accepting comments and evidence, as detailed here.
In addition to the above, this week’s episode features Alex’s updates from Singapore International Cyber Week, and he also highlighted Singapore’s Cybersecurity Labeling Scheme for Medical Devices sandbox, which medical device manufacturers are invited to join. Jen covered some recent research from Lloyd’s on the potential cost and impact of a large scale cyber attack against payments systems.
Our Mystery Trivia Master this week is the wonderful Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology and Executive Director of the Ransomware Task Force.
Check out the newest Distilling Cyber Policy episode on Spotify, Apple or Google. As always, if you would like to submit cyber policy trivia, or have topic ideas for upcoming episodes, please email info@centerforcybersecuritypolicy.org
Read Next
The U.S. and UN Cybercrime Convention: Progress, Concerns, and Uncertain Commitments
The U.S. issued an updated position seeking to move forward the UN Convention Against Cybercrime, a treaty intended to improve the global community’s ability to combat evolving cybercrime threats.
The Counter Ransomware Initiative with Hamish Hansford (DCP S2 E8)
In the latest Distilling Cyber Policy, Alex Botting and Jen Ellis are joined by our second-ever Australian guest: Hamish Hansford, the Deputy Secretary of Cyber and Infrastructure Security Group at the Australian Department of Home Affairs.
Counter Ransomware Initiative Adds Private Sector Members
Earlier this month, more than 68 countries and organization members met for the fourth annual International Counter Ransomware Initiative (CRI), which included the addition of a public-private advisory panel.
