Until the Paris and San Bernardino terror attacks, the presidential candidates in this election cycle largely avoided discussing cybersecurity, surveillance, and civil liberties, focusing largely on immigration, the economy, and a surplus of personal attacks.
Since then, the remaining candidates have laid out strong positions with Donald Trump condemning Apple for resisting the government's attempts to recruit its help at cracking open the iPhone used by one of the San Bernardino shooters. And Hillary Clinton has urged Silicon Valley giants such as Facebook and Twitter to do more to combat the recruiting of terrorists on social media by ISIS and other extremist groups. Bernie Sanders has strongly opposed the NSA's metadata surveillance program revealed by former contractor Edward Snowden. This is the first election since Snowden's disclosures in 2013 sparked a national debate on the proper balance between security and civil liberties.
When it comes to the controversy surrounding the private email server used by Clinton during her tenure as secretary of state, the other candidates have taken opposite stances. Trump says that it made her classified communications and the country vulnerable to hacking by foreign adversaries and governments while Sanders famously announced in a debate that he doesn't care about her "damn" emails.
Here are the candidates' positions on issues ranging from encryption and government surveillance to cyberattacks and civil liberties.
Encryption Regulation and Backdoors
The question of law enforcement access to encrypted digital information came to national attention in February, when the FBI won a court order requiring Apple to help unlock an iPhone used by alleged San Bernardino shooter Syed Farook. Apple, backed by other tech companies, contested the order, saying any government-mandated "backdoor" around its security mechanisms could be exploited by criminals and put its customers at risk. Until the FBI ultimately found a third party able to unlock the phone, politicians—including presidential candidates—weighed in with their thoughts on how to balance the right to privacy with the needs of crime prevention and national security.
Republican frontrunner Donald Trump quickly said, in no uncertain terms, that Apple should unlock the phone. "Who do they think they are?" Trump asked of the iPhone maker, in an appearance on Fox News. Soon after, Trump called on supporters to boycott Apple until it agreed to decrypt the device.
Democratic candidates Hillary Clinton and Bernie Sanders each took a more moderate approach, calling on the technology industry and law enforcement to forge a compromise giving officials access to encrypted data while still protecting privacy.
Clinton referred to the issue as "one of the most difficult dilemmas that we're faced with," speaking at a February MSNBC town hall event. She urged "the government and our great tech companies" to find a solution.
"I see both sides," she said. "I think most citizens see both sides. This is why you need people in office who can try to bring folks together to find common ground."
Similarly, Sanders said he thinks "there is a middle ground that can be reached" between the Apple and FBI positions to protect privacy and prevent potential terrorist attacks.
"So I think there has got to be a balance," he said. "But count me in as somebody who is a very strong civil libertarian, who believes that we can fight terrorism without undermining our constitutional rights and our privacy rights."
Technology experts and civil liberties groups have generally argued any backdoor access granted to the U.S. would also be demanded by foreign governments and likely exploited by criminals if leaked or independently discovered.
Limits on Mass Surveillance
Mass government surveillance of Internet, phone, and even snail mail"metadata"—that is, not conversations themselves but records of who contacted whom—has been in the news since former National Security Agency contractor Edward Snowden first leaked classified information on the subject roughly three years ago. Other leaked documents also revealed that the NSA spied on foreign leaders, including German Chancellor Angela Merkel, and obtained numerous emails and other text communications sent to and from the United States. Snowden's revelations also reignited discussion of controversial George W. Bush-era warrantless wiretapping programs, which allowed the NSA to monitor U.S. residents' emails and phone calls when it believed at least one party was overseas and at least one party was connected to terrorism.
In 2015, Congress passed, and President Barack Obama signed, the USA Freedom Act, which ended the NSA's original metadata collection program but allowed the agency to obtain specific metadata from telecom companies. The agency is required to get permission from the secretive Foreign Intelligence Surveillance Act court based on justifiable suspicions about particular targets.
Sanders opposed the metadata surveillance program and what he called "out-of-control intelligence agencies," voting against the post-September 11 Patriot Act and subsequent reauthorizations. Sanders also said in a 2015 MSNBC interview that it didn't "go far enough" to protect civil liberties.
"I'd shut down what exists right now, [which] is that virtually every telephone call in this country ends up in a file at the NSA," he said in an October debate. "That is unacceptable to me."
Clinton, while representing New York in the Senate, voted for the original Patriot Act and stood by that vote in the October debate, though she critiqued the Bush administration for undermining the law's civil liberties protections.
"I think that it was necessary to make sure that we were able after 9/11 to put in place the security that we needed," she said. "And it is true that it did require that there be a process. What happened, however, is that the Bush administration began to chip away at that process. And I began to speak out about their use of warrantless surveillance and the other behavior that they engaged in."
She also endorsed the USA Freedom Act, calling it "a good step forward in ongoing efforts to protect our security & civil liberties" in a 2015 tweet. Subsequently, she's said she would call on tech companies to conduct their own surveillance of social media posts in order to root out terrorist recruitment.
"We have to stop jihadists from radicalizing new recruits in person and through social media chat rooms, and what's called the dark web," Clinton said in a December speech reported by Time magazine.
Trump has gone much further in supporting government surveillance than either of his Democratic rivals. In a December interview with conservative radio host Hugh Hewitt, Trump said that he tends to "err on the side of security" and would restore the NSA's post-September 11 surveillance programs.
"I assume when I pick up my telephone, people are listening to my conversations anyway, if you want to know the truth," he told Hewitt. "It's pretty sad commentary, but I err on the side of security."
Trump has also called for "surveillance of certain mosques" and "a database on the people coming in from Syria," speaking at a November rally reported by the Washington Post.
"I want surveillance of these people that are coming in, the Trojan horse," he said. "I want to know who the hell they are."
Federal Protection from Cyberattacks
Protecting both government and civilian computers from cyberattacks has been of increasing concern in recent years, after numerous reports of digital espionage by Chinese state-sponsored hackers, allegations that North Korea was behind the devastating hack of Sony Pictures Studios, and reports that Iranian government-affiliated hackers have attacked U.S. banks, government computers, and even servers connected to a New York State dam.
The Obama administration's 2016 proposed budget included $14 billion in funding for cyber defense—an 11% increase over the previous year's spending—and Obama signed a controversial bill allowing for greater information sharing between government and industry about cyberattacks late last year.
Sanders opposed an earlier version of the bill, which ultimately passed as part of a massive spending package, amid concerns by privacy and civil liberties advocates that it could allow too much sharing of personal information. He's previously come out in favor of other cybersecurity measures that he says strike an appropriate balance between privacy and security.
"Our nation's national security and economy face unprecedented threats from cyberattacks, and it is important that we defend ourselves as best we can, while at the same time protecting the privacy and civil liberties of the American people," he said in a 2012 statement about a bill that ultimately failed to pass amid Republican concerns about its costs for businesses. "I worked hard with a number of colleagues to make sure that language in the bill would protect the constitutional rights of the American people."
More recently, as part of his presidential campaign, Sanders has called for a domestic spending bill that would, in part, "address critical vulnerabilities to cyberattacks" in the electric grid.
Clinton, too, has called for cooperation between the government and industry to safeguard computer networks.
"Hillary will leverage the work of the public and private sectors—overcoming the mistrust that impedes cooperation today—to strengthen security and build resiliency for economy and infrastructure," her campaign has said in a policy statement on its website. "Our country will outpace this rapidly changing threat, maintain strong protections against unwarranted government or corporate surveillance, and ensure American companies are the most competitive in the world."
Trump has included cybersecurity as part of a get-tough approach to China, including the topic in a position statement indicating he'll renegotiate trade and other agreements with the country.
"China's cyber lawlessness threatens our prosperity, privacy, and national security," according to the statement. "We will enforce stronger protections against Chinese hackers and counterfeit goods, and our responses to Chinese theft will be swift, robust, and unequivocal."
He also sounded the alarm about the country's digital preparedness in a March interview with the New York Times, the full transcript of which was posted online.
"First off, we're so obsolete in cyber," he said. "We're the ones that sort of were very much involved with the creation, but we're so obsolete, we just seem to be toyed with by so many different countries, already."
The Role of Offensive Cyber Capability in the Nation's Arsenal
The flip side of protecting against foreign digital attacks is using the nation's own digital capabilities against enemies. In 2012, the New York Times reported that U.S. cyberattacks have primarily been focused on Iran, often in an attempt to scuttle the country's nuclear program. Obama, the paper reported, was cautious about overusing digital weapons with little historic precedent for when and how such tools should be deployed and with the U.S. so dependent—more so than many of its rivals—on computer technology.
Indeed, in 2015, Reuters reported that an attempt a few years prior to use the Stuxnet virus, believed to have been developed by U.S. and Israeli forces to target the Iranian nuclear program, in North Korea failed, partially because of the country's limited digital connectivity.
But more recently, the White House confirmed in April the use of digital attacks against ISIS. The Daily Beast reported a few days later that digital techniques have been used to gather intelligence and hamper ISIS communications.
Trump has enthusiastically expressed support for using cyber warfare in the fight against ISIS, saying he'd work with experts from the tech industry to find ways to knock the Islamic State offline and gather intelligence about it, even potentially disrupting Internet access for areas where the group holds power.
"I would certainly be open to closing areas where we are at war with somebody," he told CNN anchor Wolf Blitzer in a December debate. "I sure as hell don't want to let people that want to kill us and kill our nation use our Internet. Yes, sir, I am."
Those comments immediately drew fire from technical commentators , who said significantly disrupting ISIS's connectivity would be difficult, and civil libertarians, who opposed the idea on free speech grounds.
And in his later interview with the Times, Trump appeared to somewhat equate cyber capabilities with nuclear weapons in terms of the need for restraint, though he didn't directly answer an interviewer's questions about when he might use them.
"But certainly cyber has to be a, you know, certainly cyber has to be in our thought process, very strongly in our thought process. Inconceivable that, inconceivable the power of cyber," he said in part. "But as you say, you can take out, you can take out, you can make countries nonfunctioning with a strong use of cyber."
Trump's campaign didn't respond to multiple requests for comment on the subject.
Clinton, in her role as secretary of state, apparently supervised some American cyberattacks aimed at sabotaging Al-Qaeda recruitment efforts in Yemen.
"Within 48 hours, our team plastered the same sites with altered versions of the ads that showed the toll Al-Qaeda attacks have taken on the Yemeni people," Clinton said in a 2012 speech covered by ABC News and other outlets. "We can tell our efforts are starting to have an impact because extremists are publicly venting their frustration and asking supporters not to believe everything they read on the Internet."
More recently, she's called upon the U.S. to be "fully vigilant" against attacks from China, which she said in July is "trying to hack into everything that doesn't move" in the U.S., though it's unclear to what extent vigilance would approve digital retaliation.
Clinton's campaign also didn't respond to multiple phone and email requests for comment.
Sanders, whose campaign also didn't respond to multiple requests for comment, has spoken little on offensive cyberattacks. Indeed, a contributor to The Hill wrote in September that Sanders is vague on digital issues overall, and a March Gizmodoarticle saw his lack of a firm cyber stance as part of a "foreign policy [that] is notoriously scant on details."