Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,322
- Points
- 113
The uncertainty of the laws has put critical US infrastructure at risk.
The Biden administration, seeking to protect vital U.S. infrastructure from hackers, is facing a major setback following a U.S. Supreme Court ruling that could hamper plans to strengthen cybersecurity. The court's decision is reported by Wired.
The Biden administration's strategy has been based on leveraging existing laws and flexibly interpreting them to incorporate cybersecurity aspects. The courts were expected to take the agencies opinion into account based on the Chevron doctrine. However, in June, the Supreme Court, considering the case Loper Bright Enterprises vs. Raimondo, overturned the Chevron doctrine. Now courts must independently interpret laws without giving significant weight to the opinion of agencies.
Such a decision could undermine the plans of many agencies that demand better cybersecurity for critical infrastructure, including hospitals, water supplies, and power plants. For example, current regulations aimed at protecting cloud platforms, securing pipelines and airports, and improving reporting on major cyber incidents may be challenged by the corporate sector.
One of Biden's most significant and vulnerable regulations is the requirement that critical infrastructure organizations report cyberattacks within 72 hours and ransom payments within 24 hours. However, the business community criticized the proposed rule for being too strict. Criticism focused on the definitions of "covered entity", "covered incident" and the list of information to be reported, which, according to the companies, were formulated more broadly than the law intended.
The Supreme Court can be the scene of many lawsuits challenging such rules. The Senate Homeland Security Committee said the proposed rule is too broad and needs more clarity. Federal agencies such as the Transportation Security Administration (TSA) and the Department of Health and Human Services (HHS) may also face lawsuits over their claims.
Agencies must now review their strategies in light of the new court rulings. A CISA official said the agency is still evaluating the court's decision and its potential impact on regulatory actions. However, experts predict that the changes will be moderate, as agencies will try to minimize their reactions within the legal council. Experts agree that the problem requires active congressional intervention. If Congress wants agencies to be able to demand improvements in cybersecurity, it is necessary to pass new laws that provide the appropriate authority.
The Loper Bright Enterprises vs. Raimondo case arose when fishing companies challenged a National Marine Fisheries Service (NMFS) rule requiring them to pay for on-board surveillance services, arguing that this was not required by the Magnuson-Stevens Act. In the course of the proceedings, the case called Chevron's principle into question, so the Supreme Court overturned Chevron, ruling that determining the ambiguity of laws should be the prerogative of courts, not agencies.
Chevron's ban is seen as a move to limit the power of federal agencies over court decisions. The incident was described as a "shock to the legal system" with serious implications for regulatory practices and the balance of power between branches of government.
Source
The Biden administration, seeking to protect vital U.S. infrastructure from hackers, is facing a major setback following a U.S. Supreme Court ruling that could hamper plans to strengthen cybersecurity. The court's decision is reported by Wired.
The Biden administration's strategy has been based on leveraging existing laws and flexibly interpreting them to incorporate cybersecurity aspects. The courts were expected to take the agencies opinion into account based on the Chevron doctrine. However, in June, the Supreme Court, considering the case Loper Bright Enterprises vs. Raimondo, overturned the Chevron doctrine. Now courts must independently interpret laws without giving significant weight to the opinion of agencies.
Such a decision could undermine the plans of many agencies that demand better cybersecurity for critical infrastructure, including hospitals, water supplies, and power plants. For example, current regulations aimed at protecting cloud platforms, securing pipelines and airports, and improving reporting on major cyber incidents may be challenged by the corporate sector.
One of Biden's most significant and vulnerable regulations is the requirement that critical infrastructure organizations report cyberattacks within 72 hours and ransom payments within 24 hours. However, the business community criticized the proposed rule for being too strict. Criticism focused on the definitions of "covered entity", "covered incident" and the list of information to be reported, which, according to the companies, were formulated more broadly than the law intended.
The Supreme Court can be the scene of many lawsuits challenging such rules. The Senate Homeland Security Committee said the proposed rule is too broad and needs more clarity. Federal agencies such as the Transportation Security Administration (TSA) and the Department of Health and Human Services (HHS) may also face lawsuits over their claims.
Agencies must now review their strategies in light of the new court rulings. A CISA official said the agency is still evaluating the court's decision and its potential impact on regulatory actions. However, experts predict that the changes will be moderate, as agencies will try to minimize their reactions within the legal council. Experts agree that the problem requires active congressional intervention. If Congress wants agencies to be able to demand improvements in cybersecurity, it is necessary to pass new laws that provide the appropriate authority.
The Loper Bright Enterprises vs. Raimondo case arose when fishing companies challenged a National Marine Fisheries Service (NMFS) rule requiring them to pay for on-board surveillance services, arguing that this was not required by the Magnuson-Stevens Act. In the course of the proceedings, the case called Chevron's principle into question, so the Supreme Court overturned Chevron, ruling that determining the ambiguity of laws should be the prerogative of courts, not agencies.
Chevron's ban is seen as a move to limit the power of federal agencies over court decisions. The incident was described as a "shock to the legal system" with serious implications for regulatory practices and the balance of power between branches of government.
Source
