What is ‘cybersecurity law’?
May 15, 2015
Orin Kerr originally posted 5-14-15
Cybersecurity has become a big deal. Corporations have begun to worry about cybersecurity risks. In response, some major law firms have recently established or significantly bolstered practice groups in cybersecurity law.
If you look closely, though, there isn’t much clarity about what ‘cybersecurity law’ actually means. In this post, I thought I would explain what I think of as the field of cybersecurity law.
In my view, cybersecurity law spans four basic topics:
(1) The law governing steps that potential or actual victims of Internet intrusions can take in response to potential or actual intrusions
(2) The law governing liability for computer intrusions, both for the perpetrator and the victim
(3) The regulatory law of computer security
(4) Special issues raised by government network offense and defense