Welcome to eWhite House Watch
Where Technology, Privacy, and Politics Collide

Cyber Policy Updates Written By La...

Cyber Policy Updates Written By Law Students

eWhite House Watch features concise updates on cyber policy issued by the Office of the President of the United States (POTUS). Monitored and written primarily by law students, each eWHW cyber policy update is presented in an easy-to-scan format that includes links to POTUS announcements, federal and state proposed legislation, breaking news, updates, cyber policy committee reports, and more.

Technology + Privacy + Politics

Technology + Privacy + Politics

Striking the proper balance of benefits between technological advances and privacy protection has always posed challenges. Today, the challenges are even greater as technology significantly outpaces privacy protections; and the need for greater recognition of this reality and honest public discourse is more pressing than ever. eWhite House Watch monitors the cyber agenda so you can be informed and partake in the debate.

New to the Cyber World?

New to the Cyber World?

Visit our special feature, Origins: The White House Cyber Agenda for details on the current administration's Comprehensive National Cybersecurity Initiative. Learn More

Companion Blog: eLessons Learned

Companion Blog: eLessons Learned

The creator of eWhite House Watch also created eLessons Learned with a similar vision in mind: To provide readers with useful and timely information about how technology impacts our legal system and our lives in a way that is easy to understand. Learn More



Administration Releases Federal Information Security Modernization Act (FISMA) Annual Report to Congress

Today the Administration released the Fiscal Year 2016 FISMA Annual Report to Congress.  The Office of Management and Budget (OMB) publishes this report annually and in accordance with the Federal Information Security Modernization Act of 2014, Pub. L. No. 113-283, § 3553 (Dec. 18, 2014) (codified at 44 U.S.C. § 3553). OMB obtained information from the Department of Homeland Security (DHS) and Chief Information Officers and Inspectors General from across the Executive Branch to compile this report. This report primarily includes Fiscal Year 2016 data reported by agencies to OMB and DHS on or before November 13, 2016 in accordance with 44 U.S.C. § 3553.

Read More

President Trump’s Preliminary Cyber Focus

President Trump's second Week of Action included meeting with cyber security experts during a “listening session” with cyber security experts to help fulfill his campaign promise of securing America against cyber threats. Later in the month, White House National Economic Council Director announced Senior Staff appointments including that of Grace Koh who will serve as Special Assistant to the President for Technology, Telecom, and Cyber-Security Policy. Koh previously served as Deputy Chief Counsel to the Subcommittee on Communications and Technology of the Energy and Commerce Committee in the U.S. House of Representatives. READ MORE

White House’s All-Inclusive Cybersecurity Directive – What does it all mean?

By Sarah Austin   On Tuesday, July 26 The White House unveiled a new policy directive specifying how the federal government will react to growing and rapidly evolving cyberthreats.   The new directive implements principles from February’s Cybersecurity National Action Plan. Most importantly, it reinforces the White House’s policy that cybersecurity is a team effort.   Under the new directive, the FBI will be responsible for coordinating the response to an immediate threat, and the Department of Homeland Security will be responsible for managing the effects after an attack occurs. The directive will also require the U.S. Departments of Justice and Homeland Security to keep an updated list of contact information to assist those impacted by a cyberattack and report it to the proper authorities.  

Read More

Never Waste A Good Breach! — Lessons Learned at the 2016 NetDiligence Cyber Risk and Privacy Liability Forum

By Sarah Austin and George K. Sarris     NetDiligence held its annual Cyber Risk and Privacy Liability Forum on June 6-8th in Philadelphia.  The event primarily focused on providing practical advice for cybersecurity insurance brokers, attorneys and Chief Information Security Officers (CISOs). eWhite House Watch was invited to cover the forum as part of the NetDiligence Press Corps.   On June 6th, the event opened with a session called “Cyber Claims & Loss Updates” where leading experts in cybersecurity insurance discussed the types of claims being covered, examination costs, and claims notice and handling. The panel discussed how policyholders of cyber insurance can improve their methods of dealing with privacy and notice issues after a breach. The panel stated that within the risk pool, only twenty-percent to thirty percent of organizations at risk are covered.  This is largely due to the misconception that breaches are targeted. Chris Novak, the co-founder and Managing Principal of the Verizon Investigative Response Unit, emphasized that recent studies indicate that the “majority of the breaches are opportunistic and not targeted.” Further, the panel discussed how the security industry has not reached the level of maturity needed to combat cybersecurity risks.  For example, the industry struggles to “patch” IOT devices after they are breached.

Read More

IAPP 2016 Global Privacy Summit Recap

The IAPP held its annual Global Privacy Summit in Washington DC between April 3rd and 6th.  Drawing more than 3,500 attendees, the IAPP said it was the largest summit they had ever put on, and to their knowledge the largest of its type in the world. eWhite House Watch had the opportunity to attend the conference as part of the press corps.  As it has in years past, the conference combined fascinating opportunities to hear about cutting edge issues in privacy law with great opportunities to connect with privacy professionals from around the globe.   The conference drew some of the best speakers and biggest names in the privacy community.  For example, one of the keynote speakers was Brad Smith, Microsoft’s Chief Legal Officer and President.  Mr. Smith’s theme was that this is the best of times and the worst of times for privacy in America.  “Privacy is one of the defining issues of our time.”  With everything being connected, we can all benefit from the use of big data, advances in human centered technology, and vast networks of people and computers.  But, hacks like the one Sony experienced, and concerns regarding encryption’s role in the Paris attacks, are just a few examples of the challenges facing privacy professionals.  He emphasized that there is no single answer and that the private sector and governments need to work together to draw proper lines that protect people’s privacy while also providing for their safety.  In short, there is a lot of work to do, but Mr. Smith emphasized that “Privacy should be a cause worth embracing.”

Read More

President Obama’s Budget Proposal Seeks $19 Billion to Launch Cybersecurity National Action Plan

President Obama presented his final annual budget proposal to Congress on Tuesday, which included a $19 billion request to support the launch of his new Cybersecurity National Action Plan (CNAP). The $19 billion request reflects a $5 billion increase in current spending. The President insists that this investment will ensure that Americans will have the tools to protect themselves online, companies will be able to protect their operations and information from hackers, and the government will be able to defend itself against cyber attacks. Some highlights of the CNAP include:   • $3.1 billion to form the Information Technology Modernization Fund, which will rebuild the federal government’s aging computer systems.   • The formation of the Commission on Enhancing National Cybersecurity, comprised of top business and technical non-government employees and thinkers, who will advise the government on the newest technical solutions and the best cybersecurity practices to protect privacy and public safety.

Read More