The ICT Supply Chain Risk Management (SCRM) Task Force Information Sharing Working Group (WG1) was created with the purpose of providing considerations about improving the sharing of supply chain risk information (SCRI) among the federal government and private industry to help mitigate threats to the nation’s ICT supply chain. This report, Preliminary Considerations of Paths to Enable Improved Multi-Directional Sharing of Supply Chain Risk Information (SCRI), offers subject matter expert research on legal and policy considerations for private enterprise or government utilization in addressing liability limitations.
In the Task Force’s Year Two Report, WG1 considered seven potential causes of action (i.e., defamation; business or commercial disparagement; fraudulent misrepresentation; and breach of contract) that could impose significant liability upon private entities for the sharing SCRI across or with other private or public entities.
This report includes a proposed updated definition and additional liability protections for consideration as ways to maximize protection for private entities seeking to take part in an SCRI-sharing framework and ultimately, improve the volume and quality of SCRI shared across and among the private and public sector.
Note: The report was provided to the government as the consensus input of non-Federal members and does not reflect the official policy or position of the Federal government or its official representatives. For the spreadsheet, users must download the file in order to complete the fields.
Return to ICT SCRM Task Force.