By most accounts, the dispute between Apple and the FBI over the San Bernardino attacker’s mobile phone has escalated tension between the tech community and the federal government. In one of the best recent examples of misinformation and misunderstanding of the nuances, this case is now viewed as indicative of the insurmountable divide between Silicon Valley and the tech community on one side, and Washington, DC and the federal government on the other. There are certainly enormous challenges to overcome – culturally, technically, and organizationally. However, despite these doomsday scenarios of an intractable bicoastal feud, it’s important to keep in mind that there also have been, and continue to be, a growing number of olive branches between the two groups. These clearly are not as sensational and generally fail to make it through a 24-hour news cycle, but these collaborative efforts are fundamental to maintaining both our innovative spirit and national security. In fact, the growing national security and privacy challenges cannot be resolved without the input and collaboration of the leading minds from both coasts.
This fact was made increasingly apparent during last week’s Cyber Analytic Exercise at the UC-Berkeley Center for Long-Term Cybersecurity, sponsored by the RAND Corporation and the Hewlett-Foundation. With an intentionally diverse group of attendees from deep inside Silicon Valley as well as from the government, think tanks and academia, the attendees were divided into groups to discuss two different hypothetical scenarios in the not-so-distant future pertaining to the Internet of Things (IoT) and a series of breaches that lead to a loss of faith in online banking and data protection. The objective was for each group to identify solutions that take into account core values such as economic vitality, innovation, privacy, and security. It immediately became apparent that almost every solution had a government component to it, and required collaboration with the tech industry. Even when thinking about market forces driving innovation, it was deemed that there would be greater success at achieving objectives when the tech community and federal government work together. It simply is an imperative going forward for both national security and the preservation of privacy and innovation.
Despite the dominant headlines, and very real challenges, there are real-world indications that both sides realize the mutual value of working together. Here are just a few recent examples:
- Valley visits: East meets West. President Obama broke ground last year when holding the White House Summit on Cybersecurity at Stanford. While many in the Valley responded with skepticism, it was the first real outreach by a sitting president. Similarly, Secretary of Defense Ashton Carter was the first defense secretary in two decades to visit Silicon Valley, eliciting greater collaboration and support from the community to handle the range and sophistication of national security threats.
- Inside the Beltway: West also meets East. With former Googler Megan Smith as the U.S. CTO, it’s a clear signal on both sides that an embedded position – not just sporadic visits – is required to truly enact change within the government. Smith replaced another Silicon Valley figure, Todd Park, with a successful transition indicating this is not merely a passing fad. Similarly, DJ Patil is the first US Chief Data Scientist. With roots in Silicon Valley, including LinkedIn and ebay, Patil continues the trend of bringing Valley expertise to the federal government. The recent announcement of the creation of a Federal CISO provides yet another opportunity to bring a Silicon Valley mindset into the federal government.
- Outside the Beltway: There has been a quiet emergence of government entities starting to pop up in the greater Bay Area. From the Defense Innovation Unit Experimental to DHS’ Silicon Valley office, there is growing acknowledgement of the need for a federal presence within the Valley whose mission is to reach out to the community, while also bringing in new approaches to the respective organizations.
- Cyber commission: President Obama’s recent Cyber National Action Plan formalized the creation of a bicoastal commission tasked with identifying new cybersecurity recommendations and solutions. In addition to many other information-sharing groups, this is the latest attempt to provide opportunities for the two communities to collaborate, find common ground, and identify mutually beneficial recommendations.
- Wassenaar Arrangement: Last year’s recommended imposition of export controls on intrusion software ignited a strong debate about the research and security implications of such a ban. Yet again, many saw this as indicative of the bicoastal divide. However, the verdict is still out. The government requested and expeditiously received broad input from the security community. Given the breadth of input from the tech community, the government is delaying any final decisions until it receives another round of public comments. This is hopefully a good sign and indicator that the government is taking into account the hurdles inherent in the agreement.
Returning to last week’s Berkeley event, thought leaders from the various communities intentionally came to collaborate and network with one another. While likely appearing naively optimistic in light of the high profile FBI and Apple case, there simply seems to be a growing number of people and opportunities available to bring the national security and tech communities together. As the media continues to portray a divide as deep as the Mariana Trench, there is simultaneously a grassroots movement underway and real desire for collaboration between the communities. It is increasingly apparent that the complexities of both the national security and technological landscapes require input, collaboration, and thought leadership from both Silicon Valley and DC. It is essential to continue fostering and promoting these grassroots efforts in order to maintain our innovative, competitive global edge, as well as the security and privacy that make it possible.