On Cybersecurity, President Obama Offers Mixed Bag in SOTU

Technology policy rarely earns more than a brief mention in the President’s annual State of the Union address to Congress. But tonight, when President Obama delivers his seventh address, he’ll lay out his plans for the Internet in greater detail than any President in recent memory. While the President’s tech agenda has its pros and cons, it generally envisions Washington doing more to oversee the Internet and technology markets. For the most part, this is the wrong prescription.

Obama is expected to focus on three tech policy issues: cybersecurity, broadband, and privacy. The President has delivered major speeches on each of these issues in recent days in locales ranging from the Federal Trade Commission down the street from the White House to Cedar Falls Utility in Iowa.

Cybersecurity is in the headlines in the wake of the cyberattack allegedly committed at the behest of the North Korean regime against Sony Pictures Entertainment. Unlike many roles the federal government now attempts to fill, protecting American companies from state-sponsored cyber terrorism is a legitimate governmental function. Therefore, to improve the state of cybersecurity, the President will call for greater coordination between the private sector and the government—including more information sharing about cyber threats between companies and federal agencies.

The approach Obama has outlined is no cybersecurity panacea, but it’s better than doing nothing, provided companies are held to enforceable promises made to their customers about how and when their information will be shared.

Reforming outdated laws and regulations that prevent companies from telling their competitors or federal agencies about impending cyberattacks or other potential threats is sound public policy. On the other hand, giving companies carte blanche to volunteer customer data to the National Security Agency (NSA) with impunity is a recipe for sharing too much data for the wrong reasons. In the past, the White House has seemingly appreciated this distinction. Let’s hope the President remembers this lesson if and when Congress sends a cybersecurity bill to his desk.

As for privacy, President Obama may yet again call for a “Privacy Bill of Rights.” If this sounds familiar, it’s because he’s been pushing this idea for over three years. Past Congresses haven’t acted on the idea, and it’s not likely the new Congress will do so in the foreseeable future. This is for the best. Consumers do not need a “Privacy Bill of Rights.” What they need is enforcement of the actual Bill of Rights—the first ten amendments to the U.S. Constitution, which among other things secure the American people’s right to be free from unreasonable searches and seizures.

Yet instead of delivering his major privacy speech at the FBI or the NSA, President Obama selected the Federal Trade Commission (FTC). Even as the federal government is forcing telephone companies to hand over phone call records of millions of Americans, and maintaining that a warrant should not necessarily be required to access private data stored in the cloud, the President is pretending that our real privacy enemy is the private sector. All the while, the White House has been sluggish at best in moving to amend outdated laws such as the Electronic Communications Privacy Act, USA PATRIOT Act, and Foreign Intelligence Surveillance Act. The FTC, other federal regulators, state attorneys general, and private litigants all stand ready to challenge in court any company that breaches its privacy commitments. We don’t need another law to empower these enforcers. Instead, what we need is a law that requires the federal government to respect our privacy in the first place.

On broadband, the President blames private companies for supposedly providing poor service while praising the small handful of city-owned utilities across the country that offer residents ultrafast broadband for a fee. In reality, few families are likely to appreciate the difference between a 15 megabits per second connection and a 1 gigabit per second connection, including students, for whom homework rarely entails large file transfers. Even if municipal broadband seems like an effective marketing pitch for a growing town, evidence suggests that city-owned networks have a disturbing tendency to fail financially—with taxpayers ultimately footing the bill. Running a business efficiently, it turns out, isn’t something governments are suited to do. This is precisely why markets exist: to provide goods and services that benefit from choice, competition, and freedom.

Instead of trying to spur more government-run broadband networks, President Obama should take the lead in proposing legislation that sweeps away the myriad obstacles at all levels of government that make it tough for private firms to deploy new infrastructure to deliver video, voice, and Internet connectivity directly to Americans’ homes. Already, in a few cities, Google offers a residential fiber-optic broadband product that rivals the facilities any U.S. city has deployed. Preempting state and local boards and commissions that needlessly delay broadband projects by burying them in red tape would make a great start when it comes to U.S. leadership in Internet freedom.