The Obama administration is stumbling in its cybersecurity message to Silicon Valley, according to tech executives and a former White House official.
The White House recently made a big show of going to Stanford University for a major cybersecurity summit. While much of the administration’s message was well-received by the tech community, some wondered why the platform wasn’t used to better explain Obama’s stance on encryption and privacy, the divisive issues causing strain between D.C. and Palo Alto.
“I think we missed an opportunity,” said Jason Healey, a former director of cyber infrastructure protection at the White House. “Real leaders focus on privacy and they don’t compromise on that.”
The White House has been encouraging the tech sector to share cyber threat data with the government to help halt the rising tide of foreign cyberattacks.
“There’s only one way to defend America from these cyber threats, and that is through government and industry working together, sharing appropriate information as true partners," Obama said during the summit.
But the White House seems to be speaking to the Beltway, even when its talking to Silicon Valley, executives said.
The administration has gone to great lengths to reach out to the West Coast tech set as it tries to simultaneously push its cyber agenda and repair longstanding distrust, rooted in Edward Snowden's disclosures of government spying.
At a Truman Project event this week, Phyllis Schneck, deputy under secretary for cybersecurity and communications with the Department of Homeland Security (DHS), said her and her colleagues frequently “go out and meet with venture capitalists out West.”
“We did this again last week,” Schneck added. “Reason being that they are the edge of innovation. All those startup companies are making the technologies that could drive us to better, more easier, more fun cybersecurity in the future.”
And while Silicon Valley sees the business opportunity in cybersecurity — early-stage funding for cyber startups is expected to nearly double in 2014 for the second year in a row, according to research group PrivCo — it’s a bit wary of working with the government.
“Snowden has really impacted the relationship between government and the tech industry — and they were probably skeptical to begin with,” said Joseph Demarest, assistant director of the FBI’s Cyber Division, in an interview with The Hill. “It’s the amount of trust and how do you rebuild that trust or burnish that trust between us and the tech sector?”
For the White House, the answer was to take its cyber pitch to the place that has launched some of Silicon Valley’s most prestigious companies — Stanford University.
Cabinet officials laid out their argument for a strong public-private partnership on cyber. In a nod to the industry-heavy crowd, officials stressed the economic benefits of strong cybersecurity.
The theme “completely” resonated with the venture capitalist-heavy crowd, Rothrock said.
“There was this whole positive focus on opportunity,” said David Hoffman, director of security policy and global privacy officer at Intel, which agreed to start using the administration’s cybersecurity framework, a set of standards for defending against online risks.
But notably absent, some thought, was a significant reflection on privacy and encryption.
Obama recently endorsed a form of guaranteed legal access to communications on social media networks. Some in the tech world took it as a call for “backdoors,” or holes in encryption to allow government access. The concept is abhorrent to many tech executives.
“On encryption, they only touched it lightly in the big meeting,” Rothrock said. “Backdoors and all that sort of stuff just scare the heck out of everybody.”
Apple CEO Tim Cook grabbed headlines at the event when he preceded Obama with an impassioned plea for the right to privacy and un-crackable encryption.
“If those of us in positions of responsibility fail to do everything in our power to protect the right of privacy, we risk something far more valuable than money,” Cook said. “We risk our way of life.”
“He was getting into stuff that was more likely how the Silicon Valley people see it,” said Healey, now a director at the Atlantic Council.
The White House did hold an off-camera panel later in the day on privacy issues, which Rothrock attended.
Privacy “wasn’t swept aside,” he said, “but it was as if, ‘Of course we’re going to do what the Constitution says and live by those words.’”
Privacy "didn’t get enough” attention, he added.
Several people said the White House missed a chance to address the elephant in the room — the NSA. Just this week, a report exposed an NSA program that puts bugs into the hard drives at dozens of top manufacturers, allowing the agency to spy on, and attack, computers worldwide.
To a dubious tech community, it’s another example of the government weakening consumer faith in American tech products.
“We went almost the entire day,” Healey said, before the question on many people’s mind was finally discussed: “Why are people going to want to share with a government that’s weaponizing our technologies, that’s using this stuff to further spy on others?”
“That is a really big point,” he added.
That said, most people, including Healey, agreed the White House is making progress on its cyber agenda and relationship with Silicon Valley.
“The summit helped to start elevating the discussion at a senior level and created opportunities to take things to the next level,” said James Barrese, PayPal chief technology officer, by email.
But the administration has room to grow on how it talks about privacy and encryption.
“It would have been a successful message for Washington D.C.,” Healey said. “I think they could tweak their message better for Silicon Valley.”