Future Tense

Trump Only Cares About Cybersecurity When It’s Convenient

A woman snaps photos on her phone of US President Donald Trump as he speaks at the NRA-ILA Leadership Forum during the NRA Annual Meeting & Exhibits at the Kay Bailey Hutchison Convention Center on May 4, 2018 in Dallas, Texas. (Photo by Loren ELLIOTT / AFP)        (Photo credit should read LOREN ELLIOTT/AFP/Getty Images)
A woman snaps photos on her phone of President Donald Trump as he speaks at the NRA-ILA Leadership Forum. LOREN ELLIOTT/Getty Images

From one perspective, the U.S. government is currently obsessed with locking down the security of our networks and devices. In January, AT&T backed out of a deal with Chinese tech firm Huawei to sell its smartphones to U.S. customers after lawmakers warned that the devices might be insecure and could pose serious national security risks if acquired by unwitting government employees. Then, in March, the White House blocked a bid by Singapore-based firm Broadcom to acquire U.S. company Qualcomm on the grounds that the deal might result in Qualcomm spending less money on research and development, ultimately giving Chinese firms like Huawei an advantage in developing innovative 5G technologies for mobile networks. And those technologies, by virtue of being developed by a Chinese firm, would—you guessed it—pose grave national security risks to the United States.

Also in March, the Federal Communications Commission started sounding the cybersecurity alarm as well with a proposed rule aimed at further stemming Huawei’s sales in the U.S. by banning U.S. carriers from using Universal Service Fund money to buy internet infrastructure equipment from companies that pose national security risks. And just this month, the Department of Defense decided to ban military bases from selling devices manufactured by two major Chinese firms—Huawei and ZTE—on the grounds that they pose, you guessed it, serious national security risks.

Has any administration in any country ever taken our cybersecurity so seriously? Has any government ever before made so many aggressive, unprecedented interventions in the private sector all in the name of protecting our computer systems and smartphones? To hear U.S. government officials justify this series of decisions, you might think they have no higher priority than our digital security—that they are willing to go to any lengths to ensure a vulnerable Chinese phone doesn’t fall into the wrong hands and leave us all in jeopardy.

And yet, even a cursory glance at this administration’s actions belies just how little they are doing to secure computer systems even as they pay near-constant lip service to that goal. For instance, Politico this week published yet another installment in the ongoing saga of President Trump’s refusal to take even basic security precautions for his smartphones. (He uses one for tweeting and one for calls.) For instance, according to the Politico report, Trump’s dedicated tweeting iPhone has gone months without being checked by security experts, unlike President Obama’s phones, which were assessed every 30 days. Politico’s administration source said that Trump thought that the inspections were “too inconvenient.”

Meanwhile, earlier this month, the White House eliminated the position of cybersecurity coordinator, created during the Obama administration to take the lead on cybersecurity-related policies. And in February, Mick Mulvaney in his capacity running the Consumer Financial Protection Bureau, defused the investigation of credit bureau Equifax following its massive breach of personal information.

The Trump administration’s stance on cybersecurity is, in fact, quite clear-cut when you look at these decisions. Smartphone security—even for the top government official in the country—is, simply put, not a priority. Ditto crafting comprehensive, careful cyber policy and protecting Americans from large-scale data breaches of their personal information.

In this administration, cybersecurity is not something to strive for—rather it is something to tout loudly each and every time it can be used to justify a controversial or foolish or anti-competitive decision. Cybersecurity concerns are the perfect foil for attacking the Chinese tech industry: These concerns are unassailable in their importance to national security, but they’re based entirely on an invisible body of evidence made up of classified intelligence that none of us can ever be told about.

The sheer hypocrisy of arguing that Huawei phones sold in the U.S. pose a risk to the cybersecurity of government employees or military personnel while the commander in chief himself openly walks around with an unsecured iPhone—one that may well have been assembled in China itself—is breathtaking. It’s a reminder that while cybersecurity risks are important and require serious attention and consideration, they can also be wielded as a weapon to excuse any number of policy decisions made for other reasons.

There are real cybersecurity problems right now in the United States government—including an absence of clear leadership on cyber policy in the White House, a woefully lax security regime for the president’s personal devices, and a complete lack of penalties for companies that fail to protect sensitive data collected about their customers. But of course, doing something about these things would be too “inconvenient” for Trump and his administration to bother.