Debates

Do the Candidates Even Realize We Just Passed New Cybersurveillance Laws?

More bumbling around tech privacy issues

|

I considered using a picture of Trump, even though he's not in this blog post, just for the possible page views.
FBN

Privacy and surveillance issues did not play as much of a role in Thursday's debate as they did in the last one, where Sens. Ted Cruz, Marco Rubio, and Rand Paul had a big scrap over how much data the National Security Agency (NSA) should be allowed to collect. Rand, very notably, wasn't there last night, and Cruz was caught up in several other fights over his immigration positions, his loan reporting error, his (sigh) birth citizenship, and the New Yorkness of New York.

The privacy vs. security question was asked of Rick Santorum and Carly Fiorina in the undercard debate and Jeb Bush in the main debate. While phrased differently, each question was essentially the same–to what extent should the federal government be able to draft tech companies to serve as providers of data for national security purposes?

The most interestingly libertarian response came from Santorum, actually. Quick, somebody go tell him he sounded like a libertarian and watch him freak out. He argued that the federal government should not attempt to force tech companies to work them and instead pursue voluntary cooperation. He went also went further and explained that the problem isn't on the private side but due to poor operations, bureaucratic blame-shifting, and lack of accountability on the government side.

Fiorina said she disagreed with Santorum, but strangely, trotted out her familiar story of how she voluntarily assisted the NSA by providing a bunch of equipment (which I'm assuming the government paid for, so it's odd to act like this was some sort of favor) when she was head of Hewlett-Packard. Given that she has said at previous debates that the tech industry "wants" to assist government in fighting terrorism, it's strange for her to argue that the government should force companies' hands while still using an example of voluntary cooperation.

She also, incidentally, repeated that Congress should pass legislation to encourage sharing about cybersecurity threats between private industry and the federal government. She was referring to the Cybersecurity Information Sharing Act (CISA), but was apparently unaware that it was rechristened the Cybersecurity Act of 2015, stuffed into the last omnibus spending bill, and actually passed and became law in December. So the candidate with all the tech credentials isn't even aware of the state of tech law.

In the main debate, the moderators mentioned Apple CEO Tim Cook's attitude that private communication on Apple devices should remain private unless law enforcement serves a warrant. Bush was asked whether he agreed or if he would "try to convince" Cook otherwise.

Here's Bush's response (transcript via Washington Post):

[T]he problem today is there's no confidence in Washington, D.C. There needs to be more than one meeting, there needs to complete dialogue with the large technology companies. They understand that there's a national security risk. We ought to give them a little bit of a liability release so that they share data amongst themselves and share data with the federal government, they're not fearful of a lawsuit.

We need to make sure that we keep the country safe. This is the first priority. The cybersecurity challenges that we face, this administration failed us completely, completely. Not just the hacking of OPM, but that is—that is just shameful. 23 million files in the hands of the Chinese? So it's not just the government—the private sector companies, it's also our own government that needs to raise the level of our game.

We should put the NSA in charge of the civilian side of this as well. That expertise needs to spread all across the government and there needs to be much more cooperation with our private sector.

NEIL CAVUTO: But if Tim cook is telling you no, Mr. President.

BUSH: You've got to keep asking. You've got to keep asking because this is a hugely important issue. If you can encrypt messages, ISIS can, over these platforms, and we have no ability to have a cooperative relationship —

CAVUTO: Do you ask or do you order?

BUSH: Well, if the law would change, yeah. But I think there has to be recognition that if we—if we are too punitive, then you'll go to other—other technology companies outside the United States. And what we want to do is to control this.

We also want to dominate this from a commercial side. So there's a lot of balanced interests. But the president leads in this regard. That's what we need. We need leadership, someone who has a backbone and sticks with things, rather than just talks about them as though anything matters when you're talking about amendments that don't even actually are part of a bill that ever passed.

"We should put the NSA in charge of the civilian side of this as well." When he said this last night I joked on Twitter that I was stroking out and declared that this was the worst debate response of the evening. But given time to parse Bush's always-awkward answers, I realize now that he meant just the civilian side of the federal government, not the entire private sector's cybersecurity.

In his awkwardness, he does recognize the big issue of trying to force back doors into encryption, even if he can't articulate it properly. If you force encryption services based in America to provide back doors, guess which country will stop being a source of encryption services?

Bush, like Fiorina, also seems to be unaware that we just passed federal legislation that provides liability protection for businesses that share their cybersecurity data.

He also, like many politicians who talk about encryption back doors, simply doesn't engage in the very serious concern that it's not possible to create a back door that only the government can use, or that only the American government could use, and the implications for citizen privacy and cybersecurity. Heck, the cynic in me thinks that there is an understanding of this flaw and that's actually the real reason for the liability protection. The government wants access to this information so badly that they're willing to compromise its own citizens' privacy and security to do so, and they're willing to remove one important tool (lawsuits) that citizens have in response to protect themselves.

NEXT: The GOP's Two Man Race Between Trump and Cruz Will Leave a Lot of People Out

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. So there’s a lot of balanced interests.

    You know, a lot of in’s, a lot of out’s, a lot of what have you’s.

  2. He argued that the federal government should not attempt to force tech companies to work them and instead pursue voluntary cooperation.

    Does anyone else find it a bit incoherent to talk about “voluntary cooperation” with an institution that can basically force your compliance at any time?

    1. It’s no more incoherent than when some local mafioso shows up at your shop and explains how you are welcome to voluntarily contribute a monthly payment to them in exchange for which they’ll see to it that nothing happens to the nice business you’ve got there.

      1. BUSH: You’ve got to keep asking. You’ve got to keep asking because this is a hugely important issue. If you can encrypt messages, ISIS can, over these platforms, and we have no ability to have a cooperative relationship

        You give us encryption keys and we won’t levy a 45% tariff on iphones produced in China. See us cooperate?

  3. There wasn’t enough brainpower on that stage to successfully fold a paper airplane.

  4. Shackford, this is trivial. We need to be talking about Carson’s desire to bring internet comments in line with “our” Judeo Christian values.

    You know, you go to the Internet, you start reading an article, and you go to the comment section, you cannot go five comments down before people are calling each other all manner of names. Where did that spirit come from in America? It did not come from our Judeo-Christian roots. I can tell you that. And wherever it came from, we need to start once again, recognizing that there is such a thing as right and wrong.

    I presume Judeo Christian morality on the internet involves rendering unto Ben Carson all your data.

    1. Maybe Carson is trying to lure Trump supporters by copying his strategy of yammering about kulturkampf bullshit that the President has zero control over.

      1. He certainly makes for a solid more-affable-but-less-entertaining Trump knockoff.

    2. before people are calling each other all manner of names. Where did that spirit come from in America? It did not come from our Judeo-Christian roots.

      Mr. Carson obviously wasn’t reading up on Protestant-Catholic polemics, including what was written about the Irish immigrants in the 19th century by Protestant-controlled media.

      1. damn protestants

  5. Wait, Ben Carson is still running? I thought he dropped out after Trump outed him for never stabbing a guy

  6. “The government wants access to this information so badly that they’re willing to compromise its own citizens’ privacy and security to do so, and they’re willing to remove one important tool (lawsuits) that citizens have in response to protect themselves.”

    Wouldn’t they be comprising the government’s own security too? I mean, you have people like Clinton using commercial systems for their government work. Those systems will then have the backdoors built right into them. Or does the government think it’s somehow going to actually stop government employees from doing work on commercial systems.

  7. There is also the completely Missed point in all of this is that even with a back door provided by tech companies a nefarious user can still use their own encryption on top of it.

    Like gun control and so many other things it only makes things worse for law abiding citizens while not actually addressing the problem their over-reaching is supposedly addressing.

    1. right the govt absolutely cannot keep up with people figuring out ways to break the laws. they never really have been – the whole idea of law enforcement is happening after the fact, for the most part. i think i commented on some article on here about how technological improvement is accelerating itself, and i dont imagine that makes it any easier for LE either. of course at some point the current incarnation of the “dark web” will get hacked or shut down or something, but, also of course, afterwards people will figure out some other way around the law in a similar manner.

Please to post comments

Comments are closed.