Jeff Elkins

Featured eBooks
Software Bills of Materials
Future of the Air Force 2023
What's Happening in Health Tech
Briefing

Privacy Negotiator

Civil liberties advocate Ari Schwartz walks a fine line between tracking and protecting citizens as White House cyber director.

Aliya Sternstein

|
Aliya Sternstein
Aliya Sternstein
Senior Correspondent

In 2011, Government Executive spotlighted a handful of emerging leaders, including Ari Schwartz, the first-ever National Institute for Standards and Technology Internet policy adviser, who hailed from the privacy activism world. He went on to advise three Commerce Department secretaries on developing voluntary cyber standards in accordance with a landmark executive order. Then during the heat of the anti-surveillance movement, he was named to the White House National Security Council staff to instill civil liberties into cybersecurity and signals intelligence policies. Today, Schwartz, 43, has emerged. He is the White House senior director for cybersecurity. Senior Correspondent Aliya Sternstein recently looped back with Schwartz to discuss balancing the needs of operatives and privacy-
conscious citizens, along with raising kids in the smartphone era. 

Do your old colleagues at the Center for Democracy and Technology civil liberties group give you a hard time about working with “the spies?”

They’ve never referred to me as “the spy.”

They don’t see you as having gone to the dark side?

They see me as a person who can answer questions about what is going on. I think they see me as helpful in that way. I would love for you to ask them that. I would like to know the answer too. I think that’s really one of the worst things that happens in Washington—when something gets reported or [comes out] through the rumor mill, and they hear the worst of it first, rather than hearing it from the people who are trying to put it together.

What information are you personally most concerned about keeping private? 

I have a family and I have kids, and I think of a lot of things in my personal life—
relating to my children—as being very private and personal. It concerns me if information like that were to get out. I think communications—when taken out of context—often can raise a lot of concerns, so I do worry about what companies and what the government does with communications and making sure that it is used properly and that personal privacy is being protected. I am worried about [my 7-year-old and 10-year-old] getting on Facebook, but that’s a couple of years away. They don’t have phones. They have iPods. But my 10-year-old says everyone has a phone, except for him.

How has the discussion about privacy changed at Commerce and the NSC since the leaks by ex-intelligence contractor Edward Snowden about mass monitoring of U.S. phone records and foreign online communications? 

Privacy had always been a major issue, but certainly I think that the disclosures have really heightened those issues. The president was very clear in his Jan. 17 speech about the direction that we’re headed
in [when he announced a directive to hone data collections]. Since then it’s been more about implementing those things the president pointed to—building privacy protections for non-U.S. persons in particular. 

Your communications on social media, couldn’t they be swept up in some of these signals intelligence activities? 

I’m a citizen just like everyone else. It depends on what type of collection it is. Under [the directive], we have these areas where bulk data still can be collected. They are a very limited set of areas. I think it would exclude many of my communications and other private citizens’ communications, but I don‘t think it completely rules that out. It’s not out of the question at all.

Have you changed your online habits?

It’s almost as much from breaches, more so than government, but I think it’s related. Using two-factor authentication and using security tools are things that I did before and that I continue to stay up on. Especially right now, with breaches in particular, I think using multifactor authentication is just essential for everybody. I think a lot of celebrities found that out the hard way from the Apple breach that happened recently.

Is it hard for you to keep quiet about White House privacy initiatives, like the new executive order requiring two-step identity verification for government charge cards? 

It changes so quickly that I find even at times where I’m allowed to tell somebody, and then I tell them, then it changes and I have to call them back. That seesaw makes it so there is a natural tendency to want to hold off until you are certain that something is actually going to happen before you start telling people. That’s something I’ve learned in my four years in government. You don’t want to get people’s hopes up. It’s better to let people know that you are working on something, and give them a broad outline to get feedback from them without saying which direction the policy is going in.

Do you feel like you have made sacrifices to get where you are?

It is a demanding job and I, of course, make sacrifices for my family time because of that. But there is an awareness, if that’s the case. Particularly [National Security Adviser] Susan Rice has been really, really good about making clear that family has to come first. There are a lot of times when there is information that we’re getting on classified systems and we have to come into the office. That’s certainly not the case in nonprofit. 

Do your kids grasp the gravity of your job? 

They do. They get to come to the events at the White House. So, they get some fun out of it as well. But I think there is an understanding that I’m doing a serious job trying to protect the country and
our liberties. 

Have your kids met the president? 

They have not. But my oldest son came to Take Your Kid to Work Day and they had a question-and-answer session with the first lady. My younger one was four months too young for that, so hopefully this year he’ll get to go. There are some things they get to do that other kids would dream of doing. The first lady at that session, she said, “You know, I realize that sometimes your parents don’t get to come home for dinner and sometimes they don’t get to make it to all your soccer games,” and she kind of was apologizing to them for the sacrifices that I make, which I appreciated.

What has been the most fulfilling experience for you in the new job?

Everywhere I go, people thank me for the work we did on the cybersecurity framework and how it got better over time. The trust from the private sector to keep it voluntary; from the privacy groups, we hear that they are glad we were able to keep the Fair Information Practice Principles in the document despite the heavy pressure that we got from industry. When you start to see announcements related to and around cyber insurance, that’s pretty fulfilling because that was the original goal, to build it into the marketplace without a regulatory effort. Just like [with the proviso] “Do you have smoke alarms?” for fire insurance, which is built into most regular business policies.

Do you expect to leave anytime soon? 

It’s interesting because these undergraduate college students, they say, “Oh, my dream is to work at the NSC,” and it was never my dream to work at the NSC. But now that I am here, I see why it is people’s dreams. If you want to work on formulations, if you want to work on the hot national security issues, there is not a better place to be. 

NEXT STORY: Measuring Up

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.