:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/46914248/GettyImages-483181380.0.jpg)
An unexpected theme in tonight's first Republican debate — featuring candidates who didn't make the cut for the top-tier debate later in the evening — is the "cyberwall."
Former Hewlett-Packard CEO Carly Fiorina was asked whether to tear down cyberwalls to help catch terrorists. Fiorina said she would tear down these walls on a targeted basis, but the exchange raised other, unanswered questions: What is a cyberwall? And what does it mean to bring them down?
What's a cyberwall?
The term seems to have been coined by Fox News moderators. It's not a term that tech policy experts were using prior to tonight — though we can expect them to snark about it extensively in the coming days.
But the term seems to refer to privacy protections and other limits on information flows that impede terrorist investigations. That could include the encryption capabilities on iOS and Android devices. It could refer to privacy protections on online services such as Gmail or Facebook. And it could refer to legal constraints that make it harder for companies to share threat information.
Where do Republican candidates stand on cyberwalls?
"We need to tear down cyberwalls not on a mass basis but on a targeted basis," Fiorina said. "I do not believe we need to wholesale destroy every American's privacy, but, yes, there is more collaboration required between private sector companies and the public sector."
Later in the debate, Sen. Lindsey Graham (R-SC) also said he favored tearing down cyberwalls: "If I have to take down a cyberwall, I'll take down a cyberwall." He didn't say if he favored wholesale destruction of Americans' privacy.
What would it mean to tear down cyberwalls?
It's not entirely clear, but here are two cyberwalls the next president could help to tear down:
- Smartphone encryption: Over the last year, FBI director James Comey has been complaining about features in the latest iPhones and Android devices that make it practically impossible for the government to access the contents of locked devices. Companies like Apple and Google are legally required to cooperate with law enforcement requests for information if they have the technical capability to do so, but the encryption on newer smartphones are designed to be unbreakable even for Apple and Google. Law enforcement has been seeking to require a "back door" to guarantee that investigators can access information even on encrypted devices.
- Information sharing. Fiorina mentioned an information-sharing law that has been "languishing" in Congress. This was presumably a reference to the Cybersecurity Information Sharing Act, which would shield companies from liability for sharing information about online threats with the government. The legislation is opposed by civil liberties groups, who worry that it will gut privacy protections. Also, it's important to note that CISA is designed to fight cyberattacks, not conventional terrorist attacks.
Should we tear down cyberwalls?
Proposals to create back doors for smartphone encryption and to allow more liberal sharing of online threat information are deeply controversial. But that's largely because the law already gives the government extraordinary powers to compel the cooperation of technology companies.
Companies have long been required to cooperate with law enforcement when presented with a valid court order. More recently, Congress has given the government broad power to compel cooperation from private companies without significant judicial oversight, as we learned from the 2013 Snowden disclosures. For example, a program called PRISM allows the NSA to quickly and efficiently request private user data from Google, Facebook, Apple, and other major service providers.
Indeed, in answering the cyberwalls question Fiorina actually explained why tearing down more cyberwalls probably isn't needed. She pointed out that in most recent terrorist attacks, including the 2013 attack on the Boston Marathon, investigators already had information that could have allowed them to stop the attacks. They just didn't "connect the dots" in time. So tearing down more cyberwalls to unearth still more information won't necessarily help, because often law enforcement is overwhelmed processing the data it already has.
