Will Obama's Successor Carry on Cybersecurity Mission?

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jimmy H. Koo

March 28 — President Barack Obama recently proposed a sweeping $19 billion federal cybersecurity effort designed to boost the nation's digital defenses, but it is unclear whether the next U.S. president will address cybersecurity issues with the same fervor as Obama.

The Obama administration would certainly like to leave a firm legacy of elevating cybersecurity to national security status, and it appears the five remaining major party candidates in the 2016 presidential race may prioritize the issue the same way.

For the next president, addressing cybersecurity will entail multiple layers of issues, according to Craig Spiezle, executive director, founder and president of the Online Trust Alliance, an Internet consumer trust nonprofit group that closely monitors, among other Web matters, how politicians operate online. In addressing cybersecurity, the next president will have to address: national security and how to deal with terrorist threats; how to bolster the nation's cybersecurity defenses; and how to secure consumer data and information, Spiezle told Bloomberg BNA.

Presidential Candidates Plans on Cybersecurity

Norma M. Krayem, senior policy adviser at Holland & Knight LLP in Washington and the co-chair of the firm's Data Protection and Cybersecurity Group, agreed. Cybersecurity is a “national security issue and foreign policy issue, as well an economic security issue,” Krayem told Bloomberg BNA. “This is probably the first presidential campaign where the topic of cybersecurity is, and does, need to be addressed in any candidate's platform,” she said.

The recent battle between Apple Inc. and the Federal Bureau of Investigation over accessing data on the iPhone used by one of the San Bernardino, Calif., attackers has highlighted the issues of encryption, cybersecurity and privacy. According to Krayem, however, these issues have already been hot topics for the past few years, due to the “increasing impact” of data breaches on everyday citizens.

The Apple-FBI debate is “just keeping the issues at the forefront,” she said.

Among the presidential candidates remaining at the time of this writing—Former Secretary of State Hilary Clinton and Sen. Bernie Sanders (Vt.) for the Democratic Party and Sen. Ted Cruz (Texas), Gov. John Kasich (Ohio) and Donald Trump for the Republican Party—Trump and Cruz have sided with the FBI, according to the Washington Post. During a February Republican debate, Kasich offered that Obama should mediate a solution by locking Apple Chief Executive Officer Tim Cook in a room to hash out a way to resolve their differences.

On the Democratic side, both Clinton and Sanders have expressed support for consumer privacy but also acknowledged the government's compelling interests in unlocking the phone.

Analysis of the campaign websites for the presidential candidates shows that most of the candidates view cybersecurity as a multi-layered issue. However, analysis also shows that most of the candidates have included cybersecurity as a subtopic under a broader umbrella of national security.

Democratic Candidates

At the time of this writing, Sanders is the only remaining presidential candidate who has a dedicated cybersecurity plan. “Our nation’s national security and economy face unprecedented threats from cyber-attacks, and it is important that we defend ourselves as best we can while, at the same time, protecting the privacy and civil liberties of the American people,” Sanders said.

Further, Sanders is also the only presidential candidate from either party with a published plan to address privacy issues. Sanders opposes warrantless wiretapping, believes mass surveillance should be curtailed and supports net neutrality, according to the plan.

Unlike Sanders, former Secretary of State Clinton's campaign website doesn't have portions dedicated to cybersecurity or privacy. Instead, Clinton's site addresses cybersecurity as an element in ensuring national security and addressing conflicts with other countries, mainly China.

For the next president, addressing cybersecurity will entail multiple layers of issues.

Craig Spiezle, Executive Director, Online Trust Alliance

According to Clinton, as president, she will “encourage China to be a responsible stakeholder—including on cyberspace, human rights, trade, territorial disputes, and climate change—and hold it accountable if it does not.” Further, Clinton called for maintaining “strong protections against unwarranted government or corporate surveillance.”

Sanders' and Clinton's campaigns didn't respond to Bloomberg BNA's request for comment for more information on the candidates' cybersecurity views beyond what is on their campaign websites.

Republican Candidates

Across the aisle, Kasich's campaign website has the most robust discussion of cybersecurity among the remaining Republican candidates. Under his national security plan, Kasich says he will create “new cyber defense resources” for the U.S. military.

“We must defend against cyber attacks on our government and businesses, as well as counter the online activities of jihadis and other opponents,” the Ohio governor said.

Republican front-runner Donald Trump addresses cybersecurity issues strictly in terms of ending China's alleged intellectual property violations. According to Trump's plan, China's “ongoing theft of intellectual property” costs the U.S. “more than $300 billion and millions of jobs each year” and the Chinese government actively encourages the “rampant cybercrime.” The billionaire businessman said that as president, he will “enforce stronger protections against Chinese hackers and counterfeit goods.”

Unlike the other candidates, Senator Cruz's campaign doesn't have a cybersecurity plan listed on its website.

Kasich's, Trump's and Cruz's campaigns didn't respond to Bloomberg BNA's request for comment.

Uncertain Future

Whether the next U.S. president will maintain Obama's stance on cybersecurity remains unclear, as there is no single candidate most favored to win the election.

At the time of this writing, there are multiple pending state primaries, and there remains a possibility of a brokered convention for the Republican nomination. Once the two political parties choose their nominees—the Republican National Convention will be held July 18-21 in Cleveland and the Democratic National Convention will be held July 25-28 in Philadelphia—a deeper analysis of the candidates' views on cybersecurity, whether officially included in their parties' platforms, should be possible.

That being said, a major cyberattack may happen at anytime, and that might change the calculus for the candidates' views.

To contact the reporter on this story: Jimmy H. Koo in Washington at jkoo@bna.com

To contact the editor responsible for this story: Donald G. Aplin at daplin@bna.com

Request Bloomberg Law: Privacy & Data Security