Democracy & Elections

On Cyber, Not a Peep from the President

Timothy Edgar
Wednesday, January 13, 2016, 1:49 PM

Last night, President Obama reassured lawmakers eager to return to the presidential campaign (“some of you are antsy to get back to Iowa”) that he would make his final State of the Union “a little shorter.” He promised to “go easy on the traditional list of proposals for the year ahead.” Still, three issues were striking by their absence – cybersecurity, surveillance, and encryption.

Published by The Lawfare Institute
in Cooperation With
Brookings

Last night, President Obama reassured lawmakers eager to return to the presidential campaign (“some of you are antsy to get back to Iowa”) that he would make his final State of the Union “a little shorter.” He promised to “go easy on the traditional list of proposals for the year ahead.” Still, three issues were striking by their absence – cybersecurity, surveillance, and encryption.

In past years, Obama has sounded increasingly urgent warnings of malicious cyber attacks on critical infrastructure. This year, not a peep – not even to comment on controversial legislation Congress passed just last month to encourage cyber information sharing. Apparently, Obama feels his administration has done all it can to improve cybersecurity.

On surveillance and privacy, Obama also demurred. Obama’s second term has been dominated by the fallout over the Snowden revelations. The president has implemented big reforms on transparency for intelligence and privacy rules for foreign citizens. Congress has ended bulk collection of American telephone records.

Little has been done, however, to reform the NSA’s PRISM and related programs that rely on section 702 of the Foreign Intelligence Surveillance Act (FISA), which expires at the end of next year. Just a few months ago, European objections to these programs resulted in the demise of the safe harbor agreement on transfer of personal data. Although the safe harbor agreement is vital to transatlantic commerce, it would appear that Obama is content to let a new president decide whether to make changes to section 702. It appears the next round of surveillance reform won’t happen until 2017.

Encryption is another dog that didn’t bark. Obama seems happy to stick with his current approach. He will continue to allow FBI director Jim Comey to raise alarms about “going dark” and jawbone communications providers into permitting law enforcement access, but his administration will not propose legislation to require back doors. Given the fallout from the Paris attacks, this may the best possible outcome for those of us who believe that exceptional access would weaken security and privacy for everyone.

In that vein, Obama’s silence on cybersecurity, surveillance and encryption may be prudent. According to Gideon’s Law, “No man’s life, liberty or property are safe while the Legislature is in session.”** It is a conservative sentiment that Obama may privately share with some of his fiercest critics, now on their way back to Iowa.

**NB: This quote is sometimes wrongly attributed to Mark Twain. It belongs to Gideon J. Tucker, a New York lawyer, politician, and newspaper editor of the mid-Nineteenth Century.


Timothy H. Edgar teaches cybersecurity and digital privacy at Brown University and Harvard Law School. He is the author of Beyond Snowden: Privacy, Mass Surveillance and the Struggle to Reform the NSA. He served as a privacy official in the National Security Staff and in the Office of the Director of National Intelligence, and was a legislative counsel for the American Civil Liberties Union.

Subscribe to Lawfare