Apple signs on to Obama's cybersecurity framework as Tim Cook calls privacy 'life and death' issue
Apple is among more than a half-dozen major U.S. corporations that have agreed to integrate the White House's Cybersecurity Framework into their operations, but the iPhone maker will not share security information with the federal government.
Apple will "[incorporate] the Framework as part of the broader security protocols across its corporate networks," the White House said in a statement released alongside Friday's cybersecurity summit in Palo Alto, Calif. Joining Apple with varying levels of involvement are Intel, Bank of America, U.S. Bank, Pacific Gas & Electric, AIG, QVC, Walgreens, and Kaiser Permanente.
The Cybersecurity Framework was created as part of President Obama's Executive Order on Critical Infrastructure Cybersecurity and released in February of last year. The framework, which is administered by the National Institute of Standards and Technology, collates industry best practices for information security and helps businesses provide structure for new or existing infosec initiatives.
Use of the framework is voluntary, and the framework includes a set of recommended implementation tiers that can be used to adapt it for different business needs. Organizations which store little personal data or provide non-critical services might only implement high-level strategies, for instance, while those servicing critical infrastructure components would choose a more rigorous application.
While the extent to which the framework will influence Apple's security practices is unclear, it appears that the company will not take the extra step of sharing security-related data with the Department of Homeland Security's new National Cybersecurity and Communications Integration Center. Such information sharing is a tentpole of Obama's cybersecurity strategy.
While a few notable security vendors have signed up, none of Silicon Valley's major consumer-focused companies are participating, and Apple CEO Tim Cook was the only well-known corporate executive at the summit. The Valley maintains a deep distrust for the federal government in the aftermath of the Edward Snowden spying revelations, a point which Cook drove home during his speech.
"If those of us in positions of responsibility fail to do everything in our power to protect the right of privacy, we risk something far more valuable than money," Cook said. "We risk our way of life."
"We must get this right," he added. "History has shown us that sacrificing our right to privacy can have dire consequences. We still live in a world where all people are not treated equally. Too many people do not feel free to practice their religion, or express their opinion, or love who they choose."
Personal privacy is especially important "in a world in which that information can make the difference between life and death," Cook said.