The Columns

There is More to Cybersecurity than Emails

— by on November 3rd, 2016

By Axel Box ’17

Imagine a world in which access to the Internet required registration with a federal agency and the use of biometric data to log on. Next, think of a world in which every electronic communication is collected by the government and analyzed to identify and arrest citizens who have a high probability of committing a crime. These are terrifying propositions to the average American, even with the nation’s relaxed sense of privacy and yet, each of these scenarios is a possible evolution of current strategies to combat the ever growing threat of cybercrime. In fact, indiscriminate bulk collection of metadata is already conducted by entities in the private and public sectors, even with cut backs in the National Security Agency’s surveillance program.

The digital age, now in full swing, has brought about a new topic for discussion in the political arena—cybersecurity.  One of the most prevalent threats to both states and individual actors, the issue of cyber-attacks has taken a prominent place in the discourse of this election cycle. However, both candidates have largely reduced the subject to discuss a singular threat. Over the past few months, the debate has circled around protecting the United States from cyber-attacks perpetrated by state actors such as Russia or China when in reality, the threat of cyber-crime can come from anyone with modest computer skills, an internet connection, and a desire to cause harm.  Every time a computer accesses the Internet it assumes a risk, one that is growing larger every day. Just two years ago the number of records exposed by data breaches reached 85 million. These breaches come in large part from individual actors but the rhetoric heard from the candidates would lead the public to believe otherwise.

In a subdued speech from the Republic nominee, Donald Trump declared cybersecurity an “immediate and top priority.” Unfortunately for those interested in the future of cybersecurity, Mr. Trump offered more commentary on Secretary Clinton’s email scandal and China than he did on the real issues. Previous statements from Mr. Trump have indicated a desire for increased surveillance and bulk data collection. One can easily recall his advocacy of an Apple boycott as a result of the company’s encryption codes and policies on releasing information to law enforcement.  These types of generalized statements and brash action against a company pushing back against government intrusion represent a misunderstanding of the fundamental issues at play in the cybersecurity debate. Identifying flaws in his opponent may be a necessary strategy for his campaign but Mr. Trump is failing to capitalize on this issue. If he were to take a firm stance on surveillance and cybersecurity programs he could make himself stand out in the race on at least one issue. Instead he has chosen to stick to the discussion of emails and the hack of the Democratic National Committee. Oddly enough, despite her more reasoned campaign, Secretary Clinton has yet to tackle the issues surrounding cybercrime head on as one might expect.

Clinton, while implying that a continuation of the Obama Administration’s policies would be the hallmark of her presidency, has struggled to present a clear direction as to the protection of privacy and civil liberties. In 2015 she endorsed the USA Freedom Act, pushing for greater transparency at the National Security Agency and a slight rollback in the bulk data collection programs. This view was contradicted in March of this year though when she called for increased surveillance following the terrorist attack in Brussels.  Pinning down Secretary Clinton’s stance on cybersecurity and surveillance is made harder by the campaign’s lack of an official policy proposal. A continuation of current policies and programs with no clear plan for improvement is a shaky platform to stand on. Perhaps the hesitation to outline a concrete plan stems from fear of the potential response from the Trump camp.

Secretary Clinton’s email scandal has forced her into a corner when it comes to discussions of cybersecurity. Such a position while most likely beneficial to Mr. Trump has come at the expense of the issues at hand. Unable to question her opponent about his support for mass surveillance out of fear he will hit back with her mishandling of information, Secretary Clinton has shifted the discussion to China and Russia. Both nations are major threats to national security but they are only two possible attackers and in the world of cybercrime, the most dangerous players might be lone wolves in this very country. In fact, the most dangerous threat in the realm of Internet related issues might be the attack on individual rights.

The narrow discussion of cybersecurity in this election cycle has not only left the American public uninformed about the very nature of cybercrime but has left out the essential discussions of rights and privacy concerns. Is the Fourth Amendment’s prohibition of unreasonable search and seizure even realistically applicable to today’s highly advanced crime? Questions such as this have been missing in the public discourse in 2016. In the coming weeks, it would be beneficial to the American People to hear the candidates move past China and Russia and put forth plans addressing the very real problems facing America in the digital age. Voters deserve to hear the candidates’ views on Constitutional rights. Such discussion is arguably more informative about a person’s fitness for office than worrying about whom Mr. Trump has called ugly or how scripted Secretary Clinton appears.