Properly designed cyber threat information sharing is not likely to raise antitrust concerns and can help secure the nation's networks of information and resources, say the Federal Trade Commission and the U.S. Department of Justice in a policy statement issued Thursday.
“Because of the FTC's long experience promoting data security, we understand the serious threat posed by cyber attacks,” said FTC Chairwoman Edith Ramirez in a statement.
“This statement should help private businesses by making it clear that antitrust laws do not stand in the way of legitimate sharing of cyber security threat information,” she said.
“The Department of Justice is committed to doing all it can to protect the security of our nation's networks,” said Deputy Attorney General James M. Cole in the statement. “Through the FBI and the National Security and Criminal divisions, the department plays a critical role in preventing and prosecuting cyber crime.”
“Private parties play a critical role in mitigating and responding to cyber threats, and this policy statement should encourage them to share cyber security information,” he said.
Not the same as sharing business plans
In addition to recognizing that sharing cyber threat information has the potential to improve security, the policy statement also emphasizes that the legitimate sharing of this information “is very different from the sharing of competitively sensitive information such as current or future prices and output or business plans, which may raise antitrust concerns,” said the agencies in their statement.
“Cyber threat information is typically technical in nature and covers a limited type of information and disseminating that information appears unlikely to raise competitive concerns,” the statement said.
View the full policy statement here.