Apple signs on to Obama's cybersecurity framework as Tim Cook calls privacy 'life and death' issue

Posted:
in General Discussion edited February 2015
Apple is among more than a half-dozen major U.S. corporations that have agreed to integrate the White House's Cybersecurity Framework into their operations, but the iPhone maker will not share security information with the federal government.




Apple will "[incorporate] the Framework as part of the broader security protocols across its corporate networks," the White House said in a statement released alongside Friday's cybersecurity summit in Palo Alto, Calif. Joining Apple with varying levels of involvement are Intel, Bank of America, U.S. Bank, Pacific Gas & Electric, AIG, QVC, Walgreens, and Kaiser Permanente.

The Cybersecurity Framework was created as part of President Obama's Executive Order on Critical Infrastructure Cybersecurity and released in February of last year. The framework, which is administered by the National Institute of Standards and Technology, collates industry best practices for information security and helps businesses provide structure for new or existing infosec initiatives.

Use of the framework is voluntary, and the framework includes a set of recommended implementation tiers that can be used to adapt it for different business needs. Organizations which store little personal data or provide non-critical services might only implement high-level strategies, for instance, while those servicing critical infrastructure components would choose a more rigorous application.

While the extent to which the framework will influence Apple's security practices is unclear, it appears that the company will not take the extra step of sharing security-related data with the Department of Homeland Security's new National Cybersecurity and Communications Integration Center. Such information sharing is a tentpole of Obama's cybersecurity strategy.

While a few notable security vendors have signed up, none of Silicon Valley's major consumer-focused companies are participating, and Apple CEO Tim Cook was the only well-known corporate executive at the summit. The Valley maintains a deep distrust for the federal government in the aftermath of the Edward Snowden spying revelations, a point which Cook drove home during his speech.

"If those of us in positions of responsibility fail to do everything in our power to protect the right of privacy, we risk something far more valuable than money," Cook said. "We risk our way of life."

"We must get this right," he added. "History has shown us that sacrificing our right to privacy can have dire consequences. We still live in a world where all people are not treated equally. Too many people do not feel free to practice their religion, or express their opinion, or love who they choose."

Personal privacy is especially important "in a world in which that information can make the difference between life and death," Cook said.
«134

Comments

  • Reply 1 of 80

    No, Mr. Cook.

  • Reply 2 of 80
    The USA is not China. I can see not playing ball with the Chinese government. But not playing ball with USA government on averting terror threats is way too negligent in citizen safety.

    As an individual, give me a personal option to let spy companies freely monitor my online activities. Why can't I do that? I have a right to share personal information with any government if I wish. That said, I'm not aware of my information sharing options with governments. Can I already do this without impediment?
  • Reply 3 of 80
    The previous two comments highlight exactly why Tim Cook is in a position of responsibility and AppleInsider readers aren't. You are brainwashed by our great American government if you sincerely believe that terrorist plots through the use of Apple devices are an ever present threat to the safety of our country. It's all politics and smokescreens. I know we all are very fond of number 1984, but come on. The movement towards privacy in this age is number one priority.
  • Reply 4 of 80
    sockrolidsockrolid Posts: 2,789member

    Originally Posted by AppleInsider View Post



    Personal privacy is especially important "in a world in which that information can make the difference between life and death," Cook said.

     

    “We’re not in the business of collecting your data.”

    - Eddie Cue, 9/9/2014 (iPhone 6 / ?Watch / ? Pay event)

     

    [Nervous fidgeting, crickets chirping]

    - Google, Facebook, Yahoo (who were all no-shows at the cybersecurity summit)

  • Reply 5 of 80
    The previous two comments highlight exactly why Tim Cook is in a position of responsibility and AppleInsider readers aren't. You are brainwashed by our great American government if you sincerely believe that terrorist plots through the use of Apple devices are an ever present threat to the safety of our country. It's all politics and smokescreens. I know we all are very fond of number 1984, but come on. The movement towards privacy in this age is number one priority.
    I don't tbelieve a corporate CEO should have the right to decide how much privacy I need. Give me the RIGHT TO CHOOSE. I'm not easily brainwashed or a shill for everything Apple and everything Tim Cook.
  • Reply 6 of 80
    mac_dogmac_dog Posts: 1,069member
    C
    The previous two comments highlight exactly why Tim Cook is in a position of responsibility and AppleInsider readers aren't. You are brainwashed by our great American government if you sincerely believe that terrorist plots through the use of Apple devices are an ever present threat to the safety of our country. It's all politics and smokescreens. I know we all are very fond of number 1984, but come on. The movement towards privacy in this age is number one priority.
    could not have said it better myself.
  • Reply 7 of 80
    Oh crap.

    I really really HOPE this "framework" is merely recommendations.

    If it also includes government supplied software (or hardware/software) solutions, then of course Apple doesn't ACTIVELY share with the government. The Backdoor will already exist.

    With all the extras (things that normally require a vote by the people) slipped into Ombamacare (itself an invention foisted into the public who never had a chsnce to vote for or against), "czars" who weren't voted in by the people and who operate above the law, and Obama himself redefining what terrorism is to put Americans that traditionally so good in a bad light while simultaneously bring the most terrorist friendly president we could have ever imagined.

    And Cook is putting his stuff into the products I buy?

    What?
  • Reply 8 of 80
    mac_dogmac_dog Posts: 1,069member
    I don't tbelieve a corporate CEO should have the right to decide how much privacy I need. Give me the RIGHT TO CHOOSE. I'm not easily brainwashed or a shill for everything Apple and everything Tim Cook.
    You do have a choice. There's always Google.
  • Reply 9 of 80
    Originally Posted by mac_dog View Post

    You do have a choice. There's always Google.

     

    Are you making a point or do you actually believe this?

  • Reply 10 of 80
    When it comes to information sharing with governments, Android is equal to iOS.
  • Reply 11 of 80
    paxmanpaxman Posts: 4,729member
    Quote:

    Originally Posted by YvesVilleneuve View Post



    As an individual, give me a personal option to let spy companies freely monitor my online activities. Why can't I do that? I have a right to share personal information with any government if I wish. That said, I'm not aware of my information sharing options with governments. Can I already do this without impediment?

     

    That is a ridiculous proposition. Seriously. 

  • Reply 12 of 80
    paxman wrote: »
    That is a ridiculous proposition. Seriously. 
    Not really. If they are aware of my activities then there is less suspicion I am working against them in secret. Less Privacy = More Personal Security.
  • Reply 13 of 80
    mjtomlinmjtomlin Posts: 2,673member
    Quote:

    Originally Posted by YvesVilleneuve View Post





    I don't tbelieve a corporate CEO should have the right to decide how much privacy I need. Give me the RIGHT TO CHOOSE. I'm not easily brainwashed or a shill for everything Apple and everything Tim Cook.



    What the hell are you talking about? You're free to give all the data you want to whomever you want. All Apple wants to do is make sure others aren't TAKING your information without you knowing about it.

  • Reply 14 of 80
    mjtomlinmjtomlin Posts: 2,673member
    Quote:
    Originally Posted by YvesVilleneuve View Post





    Not really. If they are aware of my activities then there is less suspicion I am working against them in secret. Less Privacy = More Personal Security.



    Please send me all your information, including credit card information, passwords, etc... that way I'll know you're not up to any good.

  • Reply 15 of 80
    Quote:

    Originally Posted by 9secondko View Post



    Oh crap.



    I really really HOPE this "framework" is merely recommendations.

     

    Seriously, do you people even read these articles, or do you just skim the headline and then comment in righteous outrage?

     

    Quote:

    Originally Posted by AppleInsider View Post



    Use of the framework is voluntary, and the framework includes a set of recommended implementation tiers that can be used to adapt it for different business needs. Organizations which store little personal data or provide non-critical services might only implement high-level strategies, for instance, while those servicing critical infrastructure components would choose a more rigorous application.

  • Reply 16 of 80
    bobjohnson wrote: »

    Seriously, do you people even read these articles, or do you just skim the headline and then comment

    **proceeds to not address the actual question of whether it is software based or if it's just recommendations, but addresses the voluntary nature of this framework, while mysteriously failing to notice that cook indeed volunteered**

    I guess you forgot about the part where cook said he would (voluntarily) implement it.

    Interesting that this framework INCLUDES recommendations. So sounds like it's a software/hardware thing. No Bueno.

    Maybe you should read entire posts instead of skimming...

    You know, like you accuse others of doing to the article.
  • Reply 17 of 80
    mjtomlin wrote: »

    What the hell are you talking about? You're free to give all the data you want to whomever you want. All Apple wants to do is make sure others aren't TAKING your information without you knowing about it.
    I don't believe you actually know how spies perform their tasks and missions.
  • Reply 18 of 80
    slurpyslurpy Posts: 5,382member
    Quote:
    Originally Posted by Benjamin Frost View Post

     

    No, Mr. Cook.


     

    Why not? 

     

    Oh wait, nevermind, clearly your thought process stopped at the word "Obama". I'm pretty damn sure Cook researched, and thought about this slightly longer than the 0.5 seconds that you did. But thanks for your incredibly insightful post- as always. 

  • Reply 19 of 80
    mjtomlin wrote: »
    Please send me all your information, including credit card information, passwords, etc... that way I'll know you're not up to any good.

    If you are registered with Apple as a legitimate spy, be my guest and take the information directly from my device and cloud storage.
  • Reply 20 of 80
    mjtomlinmjtomlin Posts: 2,673member
    Quote:

    Originally Posted by Slurpy View Post

     

     

    Why not? 

     

    Oh wait, nevermind, clearly thought thought process stopped at the word "Obama". I'm pretty damn sure Cook researched, and thought about this slightly longer than the 0.5 seconds that you did. But thanks for your incredibly insightful post- as always. 




    Honestly. What's with the knee-jerk reactions? I thought Apple users were more sensible? Guess not.

     

    "The Framework is voluntary guidance, based on existing standards, guidelines, and practices, for critical infrastructure organizations to better manage and reduce cybersecurity risk.  In addition to helping organizations manage and reduce risks, it was designed to foster risk and cybersecurity management communications amongst both internal and external organizational stakeholders."

     

    This isn't about the government having access, it's about all organizations, including government agencies of adopting standard protocols to ensure security from cyberattacks. (Like what happened at Sony.) The gov is worried that this is going to start getting commonplace.

Sign In or Register to comment.