The US Supreme Court’s decision in Loper Bright Enterprises v. Raimondo could significantly impact federal cybersecurity regulations by shifting regulatory approval from agencies to the courts. This ruling may lead to a wave of lawsuits that could ultimately gut the Biden administration’s recent cyber incident reporting requirements and other regulations.
The court’s decision reverses nearly 40 years of regulatory law, as established in the 1984 Chevron case, which instructed lower courts to defer to expert regulatory agencies when interpreting congressional intent. Instead, the Supreme Court now holds that courts are the ultimate arbiters of what governing congressional law says, casting doubt on thousands of federal regulations affecting various aspects of society.