The Department of Justice (DOJ) is pushing back on Kaspersky Lab’s lawsuit claiming that Congress acted unlawfully in its decision to ban products from the Russian-based global cybersecurity firm.
The DOJ challenged the lawsuit in a motion on Monday, arguing the case should be dismissed because the action taken by Congress was a legal move to protect U.S. national security.
The global cybersecurity firm alleges that it is being unfairly singled out by the U.S. government, damaging its reputation and hurting its business without providing proof of wrongdoing.
The DOJ, however, maintains that the decision to remove the anti-virus products from government systems was well-supported by lawmakers and cybersecurity experts who fear the company's ties to Moscow could pose a security risk.
“By the time this legislation reached the floor, there was broad agreement among lawmakers and cybersecurity officials in the executive branch that the security risks posed by the use of Kaspersky products and services were intolerably high, and strong bipartisan support for taking preventive action against those risks,” the DOJ argued in court documents filed Monday.
In seeking to dismiss the case, the government also says Kaspersky’s argument that Congress failed to properly “test” their security risk claim is moot because “Congress is not required to ‘test’ anything before it legislates.”
The U.S. government and Congress made the decision last year to remove Kaspersky Lab’s products from government computer systems amid growing concerns about Russian efforts to sow discord and interfere in the 2016 election.
The software company has repeatedly maintained that it operates independently of the Kremlin, describing the U.S. government’s assertions last year as "completely unfounded." U.S. policymakers maintain that removing the anti-virus software gets rid of a vulnerability that Russia could have exploited in the future.
“It reflects, rather, the response of Congress and the President to an entirely legitimate national security concern about the government’s current and future use of products or services that could make U.S. networks vulnerable to Russian cyber intrusion,” the court filing states.
Although Congress mandated the software be removed in its annual defense policy bill, the Department of Homeland Security had already issued a directive last September ordering civilian agencies to expunge Kaspersky products from their systems by a December deadline.
The government separately filed a motion this week seeking to toss out Kaspersky’s lawsuit against Homeland Security for its ban, arguing in part that Kaspersky does not have a legal basis to challenge the Trump administration’s ban on its products because, even if reversed, Congress’s ban would remain in effect.
In earlier court filings, DHS said its decision was based in part on information already available in the public domain, like newspaper reports and congressional testimonies.