Obama's Executive Order Sparks Privacy Concerns


President Obama’s recent cybersecurity-related executive order, ultimately aimed at fostering cybersecurity threat and information-sharing between the public and private sectors, has stirred up mixed emotions, to say the least. The order does not provide legal protection for companies that share such information, which has led business owners and privacy advocates to argue it is doomed to fail. But some say those concerns are overstated, and that such models are already working well in the marketplace.

Against the backdrop of ongoing, incessant data breaches, the Sony Pictures hack, and the multi-million dollar bank cyberheist that came to light this week, it’s clear that cybersecurity attacks are a constant reality that enterprises must address. A cybersecurity summit last week at Stanford University in Palo Alto, Calif. brought together President Obama, the secretaries of Homeland Security and the Department of Commerce, and the CEOs of Apple, American Express, Kaiser Permanente, AIG and Pacific Gas & Electric, to discuss ways to stay ahead of the bad guys as technology rapidly evolves.

"When companies get hacked, Americans’ personal information, including their financial information, gets stolen," the President said in his address at the event. "Identity theft can ruin your credit rating and turn your life upside down. In recent breaches, more than 100 million Americans had their personal data compromised, including, in some cases, credit card information."

He added, “This should not be an ideological issue,” the President said. “This is not a Democratic or Republican issue. Everybody’s online and everybody’s vulnerable.”

The executive order is meant to create a voluntary framework for “expanded information-sharing designed to help companies work together, and work with the federal government, to quickly identify and protect against cyber-threats.”

This includes setting up information-sharing and analysis organizations (ISAOs), to act as clearinghouses where companies and industries can share information with each other. It also calls for a common set of standards so the government can share information on threats with these hubs more easily.

“Government cannot do this alone,” Obama said. “The fact is that the private sector can’t do this alone either. It’s government that often has the latest information on these new threats.”

The summit and the EO are the latest in an ongoing White House cyber-push, which has included the creation of a new federal agency, dubbed the Cyber Threat Intelligence Integration Center, and the creation of a framework aimed at improving security for critical infrastructure.

“Cybercriminals are persistent, and their attacks are increasingly sophisticated, continuing the conversation among all stakeholders is critical,” said Sandy Kennedy, president of the Retail Industry Leaders Association (RILA). “President Obama’s commitment to these important issues, threat information sharing and payments security, is welcomed by retailers and we look forward to continuing to collaborate with the government on ways to help ensure retailers have the necessary partners and tools available to them in order to mitigate cyberthreats.”

Mixed Reactions

The retail sector may applaud the efforts, but others are more wary of the idea. In a post-Edward Snowden world, sharing information with the government has not been a particularly popular topic among tech giants. Many of them suffered a big brand hit after Snowden leaked documents showing that companies like Google and Microsoft were working with the National Security Agency to aid in surveillance of suspected terrorists—unbeknownst to their customers.

Since then, most digital economy companies have worked on their privacy bona fides, through transparency reports and honed rhetoric. To that end, Apple chief Tim Cook took to the stage at the summit, calling privacy “a matter of life and death.”

"People have entrusted us with their most personal information," he said. "We owe them nothing less than the best protections that we can possibly provide by harnessing the technology at our disposal. We must get this right. History has shown us that sacrificing our right to privacy can have dire consequences."

Not-so-subtly sending the message that sharing information with the government is not something that they’re interested in jumping on board with, CEOs from Google, Yahoo and Facebook turned down invitations to the event.

Despite the snub, others in the online arena were optimistic—with caveats. “This order and the information-sharing initiatives are a step in the right direction, however the challenge will be in the implementation where citizens’ privacy and civil liberties are protected, as well as making any intelligence gathered through these initiatives relevant and actionable for government agencies as well as private industry,” said Ken Westin, security analyst for Tripwire. “The government is breaking new ground and it is important to tread carefully, as there is a lot to learn in the process of developing a system of this scale and depth. I sincerely hope that the government will be involving not just lawmakers and political thinkers, but also technologists and security experts from both private industry and the government to ensure the program is implemented efficiently, securely and meets established requirements for the program.”

Security expert Dave Frymier, Unisys’ CISO, believes the privacy and surveillance concerns here are both overblown and shortsighted. “Similar information sharing programs are currently working successfully in the DoD,” he said. “As long as the program is voluntary, the entity sharing the information can redact it to whatever extent their lawyers feel comfortable with. The rewards of such a program far outweigh the risks associated, which is why this will ultimately lead to its long-term success.”

Edited by Maurice Nagle
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

TechZone360 Contributor

Related Articles

The Role of Knowledge Sharing Technology in Call Centre Management

By: Contributing Writer    6/21/2024

In the dynamic environment of call centres, the efficient management of information can significantly enhance service delivery and customer satisfacti…

Read More

Augmented Reality Gets an Upgrade as Result of New Partnership Between Lumus and AddOptics

By: Alex Passett    6/20/2024

Lumus and AddOptics - the former an AR optics company developing reflective wavelength tech, the latter an AR lens/smart-wear prescription provider - …

Read More

The Rise of Eco-Apps: Hear How Technology is Helping Us Live Greener Lives

By: Contributing Writer    6/17/2024

In recent years, technology has revolutionized how we approach sustainability. One of the most significant developments in this realm is the advent of…

Read More

Introducing the Newest Addition to ITEXPO #TECHSUPERSHOW: Enterprise Cybersecurity Expo

By: TMCnet News    6/11/2024

TMC today announced the launch of Enterprise Cybersecurity Expo, set to take place from February 11-13, 2025, in Fort Lauderdale, Florida, at the Brow…

Read More

The Shifting Landscape: Emergent Technological Paradigms in Online Sports Wagering

By: Contributing Writer    6/7/2024

In the ever-evolving sphere of online sports wagering, technological advancements have been instrumental in reshaping the landscape, altering how enth…

Read More