About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

14 Pitt. J. Tech. L. & Pol'y 293 (2013-2014)
A Voluntary Cybersecurity Framework Is Unworkable - Government Must Crack the Whip

handle is hein.journals/pittjtlp14 and id is 317 raw text is: A Voluntary Cybersecurity Framework Is Unworkable- Government Must Crack the Whip Robert Gyenes* INTRODUCTION On Black Friday, parents line up at the door of their local department store hoping to grab that hot item ticket for their eager kids. Six months later, they apply for a car loan and find that their credit has been ruined. Why? Because two months before Black Friday an employee at an air conditioning and refrigeration firm outside of Pittsburgh opened an email he shouldn't have.2 The email contained malware that stole the authentication credentials of the air conditioning and refrigeration firm, which was one of Target's contractors.3 As a direct result of the successful breach, 110 million credit card numbers, from some of the nation's largest retailers, were stolen during one of the busiest shopping seasons. Due to the economic loss doctrine, companies face little risk of liability for the injuries resulting from their failure to prevent cyber-intrusions.' Pure economic loss by a consumer without any physical injury is difficult to pursue in court.6 This immunity from liability from economic loss due to cyber-intrusions provides no incentive for corporations to voluntarily take the costly measures necessary to prevent such a massive breach.' Consequently, the response to the Black Friday * Robert Gyenes is a student at the University of Pittsburgh School of Law and J.D. Candidate, Class of 2015. ' Chris Isidore, Target: Hacking hit up to 110 million customers, CNN MONEY (Jan 11, 2014, 6:20 PM), http://money.cnn.com/2014/01/10/news/companies/target-hacking/. 2 Dan Goodin, Epic Target hack reportedly began with malware-based phishing e-mail: Attack hit contractor two months before the compromise of 40 million payment cards, ARS TECHNICA (Feb. 12, 2014, 4:00 PM), http://arstechnica.com/security/2014/02/epic-target-hack-reportedly-began- with-malware-based-phishing-e-mail/. 3id. Isidore, supra note 1. Nathan Alexander Sales, Regulating Cyber-Security, 107 Nw. U. L. REV. 1503, 1557 (2013). 6id. Id. at 1555-57. Journal of Technology Law & Policy Volume XIV - Spring 2014 * ISSN 1087-6995 (print) 2164-80OX (online) DOI 10.5195/tlp.2014.146 * htntlp law.pitt edu 293

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most