Obama set to announce executive order on cybersecurity threat data
President Barack Obama is expected to announce an executive order directing the government and companies to share more information about cybersecurity threats in response to attacks like that on Sony Entertainment.
As in other policy areas where Obama has been unable to get legislation through the now Republican-controlled Congress, the White House is turning to more limited administrative actions to advance its agenda as much as it can.
The announcement could be tonight or tomorrow, when the U.S. president speaks at a daylong conference on cybersecurity at Stanford University in the heart of Silicon Valley, according to three participants in the conference.
The move comes as big Silicon Valley companies prove hesitant to fully support more mandated cybersecurity information sharing without reforms to government surveillance practices exposed by former National Security Agency contractor Edward Snowden.
“We are certainly hearing that an executive order may be announced,” Nuala O’Connor, president of the technology lobbying group Center for Democracy & Technology, said as she boarded a plane en route to the event.
A new government center for cybersecurity, announced earlier this week by Obama’s top homeland security advisor, could play a key role in the process. But the Stanford attendees said they did not have details.
The White House declined to comment.
Cybersecurity industry veterans said Obama’s anticipated order would be only a modest step in one of the president’s major priorities – the defense of companies from attacks like those on Sony and Anthem Inc.
Administration officials have said they would prefer legislation that would require more information sharing and limit any legal liability for companies that share too much. They have said that an executive order could not limit liability.
But getting anything through Congress on the subject has proven a daunting task. That is unlikely to get much better without at least the support of big Silicon Valley companies such as Google Inc and Facebook Inc.
Those companies, however, have refused to give full-throated support to cybersecurity bills without some reform of surveillance practices exposed by Snowden that have hurt U.S. technology companies’ efforts to win business in other countries.
No grand bargain between the administration and the Valley companies has been reached, according to O’Connor and an executive at a major technology company.
For that reason, and the fact they have not seen the text of the planned executive order, top companies Google, Facebook and Yahoo are not sending their chief executives to the Stanford conference, the executive said. Apple Inc Chief Executive Tim Cook is one of the few household names that is speaking, and that company declined to comment.
In a private meeting with Obama Friday, though, some of the leading executives are expected to press again for surveillance reform and support for strong encryption, which some in the administration have faulted recently on the grounds that it enables criminals and terrorists to hide their activity.
Big technology companies and a host of startups have been beefing up encryption in Snowden’s wake to make blanket intelligence collection overseas more difficult.