In the wake of Edward Snowden’s disclosures, the Obama administration had to address a daunting series of challenges on surveillance, cybersecurity, and privacy.

Upcoming Events

Welcome to the LAA for New Graduates Post-Bar Exam Reception
JUL
27
5:00 pm - 7:00 pm
Birch Bar (Westin Boston Waterfront)
19th Annual Rhode Island Attorney General Open Government Summit
JUL
28
8:30 am - 12:00 pm
RWU School of Law, Bristol, RI
Incoming Student Orientation
AUG
09
3:30 pm - 5:00 pm
RWU School of Law
18th Annual LAA Scholarship Golf Tournament
AUG
19
12:00 pm - 8:00 pm
Swansea Country Club, Swansea, MA
CLE Program: Management of Spinal and Extremities Radiology
NOV
02
5:30 pm - 8:30 pm
Crowne Plaza, Warwick, Rhode Island

Trending@RWULaw

06/02/2017
By Dean Michael J. Yelnosky
  As spring is finally springing and commencement is behind us, we (Tiffany Healey and Nicole Dyszlewski) wanted to take a stroll down memory lane and check in with some of the members of last...


Affordable Excellence at RWU LAW

Archives

Newsroom

Cybersecurity: Obama's Conflicted Legacy

In the wake of Edward Snowden’s disclosures, the Obama administration had to address a daunting series of challenges on surveillance, cybersecurity, and privacy.

RWU Law Professor Peter Margulies writes:

CybersecurityIn the wake of Edward Snowden’s disclosures, the United States administration faced a daunting series of challenges on surveillance, cybersecurity, and privacy. Congress was reluctant to enact comprehensive legislation. Moreover, Snowden’s revelations had triggered an international trust deficit. To deal with these challenges, the executive branch under President Barack Obama resorted to two alternatives: soft law and agency discretion. Soft law entails the issuance of non-binding policy positions and entry into nonbinding agreements with other stakeholders. In contrast, agency discretion connotes unilateral action by federal agencies.

In the soft law domain, the Obama administration sought to ease the post-Snowden trust deficit with Presidential Policy Directive No. 28, which expressly recognized global privacy rights. In collaboration with the EU, the Obama administration also crafted the Privacy Shield agreement governing U.S.-EU commercial data transfers, which created an ombudsperson in the State Department to address EU complaints about U.S. surveillance. The agency discretion model has also yielded advances on privacy. The Federal Trade Commission, for example, has implemented cybersecurity best practices through settlements with firms whose negligence resulted in data breaches.

While both soft law and agency discretion have marked virtues, they also create risks. In disputes with Microsoft regarding overseas data and with Apple about iPhone encryption, U.S law enforcement prioritized the acquisition of information needed for investigations over engagement with stakeholders. Moreover, soft law often lacks clear norms and enforcement mechanisms. For example, the Privacy Shield agreement lacks specificity on the ombudsperson’s powers, which may blunt the ombudsperson’s ability to check the U.S. intelligence community.

To analyze the Obama administration’s cyber efforts, this article proposes a paradigm of stewardship with both discursive and structural dimensions. Discursive stewardship refers to the Executive’s openness to dialogue with other stakeholders. Structural stewardship refers to the domestic and transnational distribution of decisional authority, including checks and balances that guard against the excesses of unilateral action. The Article concludes that the Obama administration made substantial progress in each of these realms. However, the outsized role of law enforcement agendas and dearth of clearly articulated checks on transnational surveillance drove headwinds that limited forward movement.

To download and read the full paper, click here. This excerpt also appeared as a blog on the website of the law firm of Robinson+Cole.