Cyber-security agreement with broad goals, but few specifics, offers little consolation to U.S. businesses facing constant threats from hackers, LeClairRyan’s Andrew J. Narod writes.
Alexandria, Va. (10/9/15) – The U.S.-China cybersecurity agreement announced on Sept. 25 might be a step in the right direction, but it offers little in the way of specifics geared toward stronger protection of corporate data, according to attorney Andrew J. Narod, a member of LeClairRyan’s Privacy & Data Security practice team.
In “U.S.-China Cyber Deal Big on Promises, Short on Action”—a new post at the national law firm’s InformationCounts.com blog—Narod discusses last month’s state visit by Chinese President Xi Jinping. While President Obama touted both countries’ mutual pledge to never conduct or support cyber crimes, his words had a hollow ring, the attorney writes: “It appears that the agreement is a first step—but only a ceremonial first step in effect—in the ongoing efforts to secure business data from corporate espionage.”
After a spate of cyber attacks allegedly carried out by Chinese hackers, the threat of U.S. sanctions loomed over the meeting. In the end, however, President Obama made clear that he continues to be unsure of whether China is a good-faith partner on cybersecurity, the Alexandria-based Narod writes in the column.
Moreover, the talks appeared to put disproportionate emphasis on the threat to infrastructure such as power grids, banking systems, mobile phone networks and hospitals. “Yet the true economic advantage to be gained in cyber attacks is now primarily in the area of trade secrets theft and business data theft,” Narod comments, “and this area was sparsely addressed between the countries in any meaningful way.”
While the motto for tough, Soviet-era treaties was “trust, but verify,” the U.S.-China cybersecurity deal is something more akin to “hope, and wait-and-see,” Narod observes. “At a practical level, it seems difficult to trust that an agreement with broad goals, but not much detail, will be effective in the near term.”
And that means U.S. businesses must remain as vigilant as ever to combat the ongoing threat of cyber crime, Narod writes. “No high-level agreement between presidents will guarantee that individual actors intend to stop their efforts to profit from data theft,” he writes in the conclusion to the piece. “But, it is a start, and perhaps future negotiations will provide a stronger framework and greater enforcement to deter criminal acts of corporate espionage.”
LeClairRyan offers a full array of legal services related to the information economy. These include cybersecurity risk assessment and incident response; regulatory and compliance counseling; policy/best practices program development; procurement, outsourcing, e-commerce, and information management.
The post is available at http://informationcounts.com
About LeClairRyan
As a trusted advisor, LeClairRyan provides business counsel and client representation in corporate law and litigation. In this role, the firm applies its knowledge, insight and skill to help clients achieve their business objectives while managing and minimizing their legal risks, difficulties and expenses. With offices in California, Colorado, Connecticut, Delaware, Georgia, Maryland, Massachusetts, Michigan, Nevada, New Jersey, New York, Pennsylvania, Texas, Virginia and Washington, D.C., the firm has approximately 380 attorneys representing a wide variety of clients throughout the nation. For more information about LeClairRyan, visit www.leclairryan.com.
