Kaspersky Lab announced yesterday that it is appealing in federal court the Department of Homeland Security’s (DHS) decision on Binding Operational Directive 17-01 banning the use of the company’s products in federal agencies.
The company asserts that DHS’s decision is unconstitutional and relied on subjective, non-technical public sources such as uncorroborated and often anonymously sourced media reports, related claims and rumors. Furthermore, DHS has failed to provide the company adequate due process to rebut the unsubstantiated allegations underlying the Directive and has not provided any evidence of wrongdoing by the company.
Kaspersky claims that its willingness to cooperate with DHS’s review has been well documented, given the company’s longstanding commitment to transparency, the trustworthy development of its technologies and services, and cooperation with governments and the global IT security industry to combat cyber threats. Kaspersky officials in Washington, D.C. reached out to DHS in mid-July, offering to provide information or assistance concerning the company, its operations, or its products. In mid-August, DHS confirmed receipt of the company’s letter but replied with a notification regarding the issuance of Binding Operational Directive 17-01 on September 13, 2017.
DHS’s actions have caused undue damage to both the company’s reputation in the IT security industry and its sales in the U.S, Kaspersky claims, adding that the federal government’s ruling has called into question the company’s fundamental principles of protecting its customers and combatting cyber threats, regardless of their origin or purpose. In filing its appeal, Kaspersky hopes to protect its due process rights under the U.S. Constitution and federal law and repair the harm caused to its commercial operations, its U.S.-based employees, and its U.S.-based business partners.
“Because Kaspersky Lab has not been provided a fair opportunity in regards to the allegations and no technical evidence has been produced to validate DHS’s actions, it is in the company’s interests to defend itself in this matter. Regardless of the DHS decision, we will continue to do what really matters: make the world safer from cybercrime,” said Eugene Kaspersky, CEO of Kaspersky Lab.
To reaffirm its commitment to trust, transparency, and accountability, Kaspersky Lab launched its Global Transparency Initiative on October 23, 2017 to include an independent review of the company’s source code, software updates and threat detection rules; an independent review of internal processes to verify the integrity of the company’s solutions and processes; three transparency centers by 2020, in Asia, Europe and the U.S.; and increased bug bounty rewards up to $100k per discovered vulnerability in Kaspersky Lab products. More information on the Global Transparency Initiative can be found here.
Global Cyber Security Report reported on the DHS ban earlier in September.