CCIA Calls for Prompt Agency Action on Cybersecurity Ruling

File Under: 2006, Cybersecurity

Oct 27, 2006

Washington, D.C. – Our nation’s computer security providers and professionals should not be forced to wait any longer for the federal government to dispel ambiguities about their legal ability to counter cybersecurity threats, the Computer & Communications Industry Association said today.

A ruling expected from the Librarian of Congress today would have decided whether computer security providers and professionals were allowed to "circumvent" digital locks designed to protect copyrighted works from piracy – often called "digital rights management" (DRM) – if those digital locks "threaten critical infrastructure and potentially endanger lives." The Librarian’s ruling will be based o­n a recommendation by the U.S. Copyright Office.

By law, the ruling was required today, but the U.S Copyright Office now advises that the Register of Copyrights had recommended to the Librarian of Congress that the Librarian temporarily extend the deadline. A notice o­n the Office website states that "[i]t is anticipated that this extension will be in effect for no more than a few weeks."

CCIA requested such an exemption to the controversial Digital Millennium Copyright Act (DMCA) in late 2005. If CCIA’s request for an exemption is rejected, computer security providers and professionals would continue to risk legal penalties – possibly even criminal sanctions – under the DMCA if they break digital locks while attempting to protect critical network infrastructure.

"This problem was presented to the government last year," CCIA Senior Counsel for Litigation and Legislative Affairs Matthew Schruers said. "We cannot delay any longer; those who safeguard our network infrastructure need to know whether copyright law trumps cybersecurity."

In a March hearing before the Copyright Office, CCIA argued that copyright law should not threaten critical infrastructure, and petitioned for an exemption to the DMCA’s blanket prohibition against circumventing DRM if DRM creates cybersecurity risks.

Based o­n today’s notice, a decision may be expected in November or December. CCIA calls for a decision o­n this issue as soon as possible.


About CCIA

CCIA is an international, nonprofit association of computer and communications industry firms, representing a broad cross section of the industry. CCIA is dedicated to preserving full, fair and open competition throughout our industry. Our members employ more than 600,000 workers and generate annual revenues in excess of $200 billion.