A recent article in Ars Technica explores the positions of the two US Presidential candidates relative to cybersecurity. This investigation is welcome and timely, with the election barely a week away, and the waters muddied by verbal attacks and innuendo. The piece points out that Donald J. Trump’s policy positions are somewhat sparse, while Hillary Clinton’s are broader, more thought out, and more polished – agree with them, or not.
This characterization of Trump is a standard one for the candidate, who is famous for “flying by the seat of his pants,” and for his off-the-cuff remarks. Hillary Rodham Clinton’s position on encryption and cybersecurity (agree with it or not) is more substantive, because she’s apparently had more time and resources to hone it.
This is just what you would expect from a candidate who may have spent the last twenty years preparing for this moment. By comparison, Trump is a relative novice in the political arena, a posture he embraces as a key element to his upstart candidacy.
Many privacy advocates and civil libertarians, who are appalled by President Obama’s policies and track-record when it comes to surveillance and freedom of speech, are alarmed that a Clinton presidency may mean more of the same. As Stewart Baker, former top lawyer for the NSA, told the Washington Post this summer,
“Clinton’s position is cautious, incremental, sober and boring: a cybersecurity third term for President Obama. She is proposing nothing that President Obama hasn’t already proposed.”
On the other hand, Trump’s blasé stance on the subject is not one to engender confidence from that community. So, if you’re planning to cast your vote based on the cybersecurity issue, it is hoped that you may find the following edifying, if not enlightening. A note of caution: a general election in the US is a study in tempering remarks and positions to centrist thinking, and being all things to all people and at the same time.
With this in mind, it is no wonder that Trump is so evasive, and HRC outlines proposals that seem to suggest that national security and the privacy of strong encryption can coexist. This is exactly the prickly position that presidents and politicians have been wrangling with for decades, Obama being the latest.
Clinton seems to think that a system can be developed which allows privacy protection and still allows a way for the government access to encryption. She even calls for organizing a “Manhattan Project-like” effort (alluding to the atomic bomb project of the 1940’s), to make it happen. This may play well to middle-America on the stump, but would it hold water in reality?
It’s no wonder that privacy-minded groups like the ACLU and EFF have scoffed at this notion, and point out her self-admitted lack of sophistication when it comes to technology. In fact, this was her hole-card when confronted with her potentially criminal handling of her own email security issues, which still dog her to this day. As part of the Podesta emails WikiLeaks revelation, an HRC staffer wrote:
“Speaking of not understanding the technology, there is a critical technical point which our current language around encryption makes plain she isn’t aware of. open-source unencrypted messaging technologies are in the public domain. there is literally no way to put that genie back in the bottle. so we can try to compel a Whatsapp to unencrypt, but that may only have the effect of pushing terrorists onto emergent encrypted platforms.”
As mentioned, Trump’s positions are scanty, unspecific and what you’d expect from a political neophyte struggling for traction. But one might get an inkling of what’s in store from his remarks about the FBI – Apple phone fiasco after the San Bernardino shootings in February. At the time, Trump called for a boycott of Apple and said,
“First of all, Apple ought to give (authorities) the security to that phone. What I think you ought to do is boycott Apple until they give that security number. I just thought of that-boycott Apple.”
He later added that he would discontinue using his iPhone and use his Samsung phone instead, until “they give info.”
More insight into Trump and Clinton’s thinking may be evident in their characterization of Edward Snowden and his predicament. Trump said Snowden was a “total traitor, and I would deal with him harshly.” Clinton, meanwhile, dubbed Snowden a lawbreaker who should be brought home “to face the music.”
The fact that the tech execs of Silicon Valley have lined up in support of HRC is not noteworthy to me for a few reasons. For one, business people don’t like change and uncertainty – two things invariably tied to a Trump administration. The fact that this implies a propensity for the status quo is concerning to me, because the last eight years of Obama’s presidency have not been a boon for privacy advocates.
If you are lamenting the fact that the choices for president of the world’s greatest democracy leave much to be desired, you’re not alone. Many voters, given this scenario, will choose to sit this one out. Regardless of which one occupies the Oval Office come January, the thorny issue of privacy versus national security – strong encryption versus backdoor access – will be with us for the foreseeable future.