Earlier this week, President Barack Obama asked Congress to officially sanction a war against the Islamic State, calling it a “grave threat” to America’s security.
Friday at Stanford University, he marshaled support to fight another threat that in our daily lives is more pressing – cyberattacks.
The president correctly pointed out that because so much of America’s future depends on its leadership in the digital world, defending against cyberthreats is vital to our national and economic security. The event was billed as the White House Summit on Cybersecurity and Consumer Protection; that second part – protecting consumers, including their privacy – is just as important.
It’s clear from the growing number of gigantic data breaches at retailers such as Home Depot, insurers such as Anthem and many other companies that hackers are finding and exploiting vulnerabilities in the nation’s computer networks. Identity theft is a never-ending nightmare, more and more of our commerce is done online and business secrets are being stolen. China and North Korea, among others, have armies of hackers. If they ever penetrated our power grid or air traffic control, not to mention defense mainframes, the disruptions could be devastating.
Leading up to the summit, the White House announced the creation of a new cyberthreat agency to coordinate intelligence from the FBI, Department of Homeland Security, National Security Agency and others.
At the close of his keynote speech, Obama signed an executive order encouraging government agencies and private companies to share more information about cybersecurity. He is seeking broader legislation to also modernize law enforcement tools against cybercrime and to enact one federal standard on reporting data breaches to consumers. Under California law, businesses and state agencies must notify residents of breaches and must alert the attorney general’s office when more than 500 people are victims.
Government and business should be able to agree on such reasonable steps. A much tougher issue – one on which business and government aren’t yet on the same page – is encryption and privacy of electronic communications.
Justifiably, tech companies and many Americans were outraged over sweeping surveillance by the National Security Agency revealed by Edward Snowden. While Silicon Valley tech giants aren’t such sticklers for privacy when they’re cashing in on users’ information, they’re trying to reassure customers that they won’t turn over data willingly.
Now, they’re seeking far stronger encryption in phones and email services that companies themselves couldn’t break. But the administration wants the new technologies to keep “back doors” or “keys” so that law enforcement and intelligence agencies can unlock the communications of suspected criminals and terrorists. As we’ve said, the NSA should have to get a warrant for records linked to specific individuals. Still, if intelligence agencies have probable cause about a potential terrorist, they should be able to access their chatter.
This is a complex issue that requires the best minds and real leadership to resolve, so it was only proper that the president came to the Silicon Valley, the birthplace of so many digital advances. Executives from major California corporations – including Apple, Kaiser Permanente, and Pacific Gas and Electric Co. – took part. However understandable their concerns about the NSA, it’s disappointing that the CEOs of three of the biggest names – Facebook, Google and Yahoo – skipped the summit. They were invited but sent their top information security people instead.
When our economy and national security are at stake, business and government need to work together.