CTA Warns Against Imposing FISMA Requirements on Cyber Mark Registries
CTA advised that the FCC not require that registry operators in the cyber trust mark program meet Federal Information Security Modernization Act (FISMA) or comparable commercial standards. Representatives from CTA met with FCC Public Safety Bureau staff. “Certification to FISMA…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
standards is a lengthy process and incurs a high cost to bring the entity into compliance and to earn certification,” CTA said in a filing Wednesday in docket 23-239. Adopting that standard, as the bureau suggests, “may prevent most or all prospective Lead Administrator and Cyber Label Administrator (CLA) candidates from participating,” the group said. In a June public notice, the bureau tentatively concluded that the FISMA requirements should “attach to the Lead Administrator and CLAs, who both collect and maintain information and operate information systems on behalf of the FCC” and sought comment on that conclusion. CTA also said program participants “need specific guidance on how manufacturers can use the Mark on certified products, including details like placement, border, colors and other ‘branding’ elements that are commonly associated with a protected mark.”