The cybersecurity consultant who filed a lawsuit against the United States government over its Cybersecurity Information Sharing Act (CISA) has claimed that the government was trying to intimidate him into signing a document that would allow the U.S. government to access his emails.
The former chief technology officer for the government’s National Cybersecurity and Communications Integration Center (NCCIC) has accused the government of withholding information on the cyber threat posed by North Korea’s nuclear weapons program from his former employer, American Enterprise Institute (AEI).CISA, which was signed into law by President Donald Trump in March, was meant to enable government agencies to share information about cyber threats with each other and foreign governments, but the CISA legislation also provides for civil suits against companies that violate the law.CISA allows companies to share cybersecurity threat information with the government if they identify a cyber threat.
However, the CSCI is not allowed to share the information with outside entities, as is the case with the FBI’s National Security Agency (NSA) or the Department of Homeland Security’s Cybersecurity Coordinator, Michael Chertoff.
In his complaint against the CIC, Matthew J. Fuchs said he was told in June 2016 by a senior government official that he was “not permitted to share any information about North Korea with anyone outside of NCCIC.”
Fuchs alleged that he had been “misled” by CIC officials who said that he could only share information with his employer if he agreed to a secret agreement with the U-S.
Government to give the government “all of the sensitive and confidential information that I already have.”
He also alleged that the CNCI officials told him that the only way to get this information would be through a secret “cybersecurity agreement” that was to be signed by the CISCIC officials, and that “it was not even clear that the agreement had been signed.”CISCIC is a private cyber security firm that Fuchs claims has “failed to protect our network, customers and colleagues.”
In a blog post published on Friday, Fuchs also claimed that he is seeking unspecified damages from the government.
He said that his complaint was filed in the Eastern District of Virginia, where a judge granted a preliminary injunction last month blocking the implementation of CISA, while a hearing was scheduled for this week on whether to extend the injunction.
In an email, a spokesperson for the CCCI said that Fuch’s lawsuit was dismissed because he did not file a claim within three months of being contacted by the agency.