Cyber Security Czar Front-Runner No Friend of Privacy
(WIRED) Former Republican Congressman Tom Davis, reportedly President Barack Obama’s top candidate for cyber security czar, voted repeatedly to expand the government’s internet wiretapping powers, and helped author the now-troubled national identification law known as REAL ID.
Citing White House sources, Time magazineon Friday identified the the former head of the Government Reform Committee as the president’s number one candidate for the new position. Davis’ reputation as a tech-smart moderate who knows his way around D.C. makes him an attractive pick for the administration, the magazine reported.
But an examination of Davis’ record in Congress shows that he’s been on the wrong side of key privacy issues, including the controversial REAL ID Act, which aims to turn state driver’s licenses into a de facto national identification card linked by shared databases and strict federal authentication standards.
“Given his role in REAL ID, Tom Davis would not be a good choice for privacy, which is something that President Obama specifically promised to protect in his remarks on the cyber security strategy,” says Jim Harper, the director of information policy studies at the libertarian Cato Institute. “Many cyber security planners refer obliquely to ‘authentication’ and ‘identity management’ programs that would devastate privacy, anonymity and civil liberties. Davis would probably work to roll past these issues rather than solve them.”
The creation of a federal “identity management” program is one recommendation in the broad cyber security report published by the White House last month, although the report makes no specific proposals on implementing an internet I.D. card.
If picked as cyber security czar, Davis would be given the difficult and sensitive task of coordinating a government-wide strategy to secure the government’s computer networks — as well as help secure the wider internet. That’s a job fraught with perils ranging from inter-agency disputes over territory, and significant issues about what the government’s role should be in improving security on the internet at large.
Davis, who served seven terms representing Virginia’s high tech district, was known as an outspoken moderate in an increasingly base-oriented Republican party. He declined to run for re-election in 2008.
In announcing the creation of the new position last month, Obama stressed that privacy was key to the government’s cyber security efforts. But Davis’ most notable action on privacy was his failed attempt to undo a measure that put a chief privacy officer in every major government agency.
The ACLU’s legislative scorecard on Davis shows he disagrees with that group on many privacy matters.
For instance, he voted consistently to give the government wide latitude to wiretap the internet and spy on Americans’ communications. That program, including the NSA’s massive database of emails known as “Pinwale,” made news recently again when The New York Times reported that the NSA examined Americans’ domestic e-mails without authority.
That track record would not put Davis out of the running with Obama, who, after winning his party’s nomination, embraced expanded government wiretapping powers, and voted to extend retroactive legal immunity to the telecom companies that helped the Bush’s administration’s secret spying.
Last summer, Davis joined with then-senator Obama, a wide swath of centrist Democrats, to legalize the Bush program, granting the NSA the right to gather billions of communications records of foreigners and Americans, and read Americans’ international communications without warrants. The law includes the caveat that if a particular U.S. person is targeted, the government must get court approval.
But Davis could excel in a new role as cyber security czar, says Marc Rotenberg, who heads the Electronic Privacy Information Center.
“He’s a good pick,” Rotenberg says.
Davis gets things done, supports bipartisanship, and comes from a civilian and industry background, rather than from the shady intelligence world, according to Rotenberg.
“[It’s] much easier for a former House chairman to stand up to the Director of National Intelligence and the NSA than some of the other candidates,” Rotenberg says.
That will be important going forward. Bush went through a succession of so-called cyber-security czars, who found they were either powerless or stuck in bureaucratic battles they could not win.
But Rotenberg’s organization has not always been a fan of Davis.
After 9/11, Davis pushed for changes to open government laws that created an even larger shield for information that private companies gave to the government. Specifically, Davis won protections for companies that run critical infrastructure — such as railroads and chemical plants — allowing them to tell the Department of Homeland Security about dangerous practices without the fear that the public could petition to see the information.
David Sobel, a Freedom of Information Act attorney, testified against that provision in 2002, when he worked for Rotenberg at EPIC.
“We are discussing the desire of private companies to keep secret potentially embarrassing information at a time when the disclosure practices of many in the business world are being scrutinized,” Sobel said, referring to the overstated corporate profits that were being discovered in 2002. “If a company is willing to fudge its financial numbers to maintain its stock price, what assurance would we have that it was not hiding behind a ‘critical infrastructure’ FOIA exemption in order to conceal gross negligence in its maintenance and operation of a chemical plant or a transportation system?”
Davis did not return a call to his office at the consulting firm Deloite.
A White House spokesman declined to comment on Davis, saying only that “no decision has been made yet, so any reporting of anyone being offered the job is not accurate.”