Ambassador Delawie’s Remarks at the Cybersecurity and Privacy Conference, January 19,2016

Thank you very much for having me here today.  The U.S. Embassy strongly supports Kosovo’s efforts to increase its cybersecurity capabilities in the public and private sectors.  I am very encouraged to hear that the Kosovo Government has been working hard on a National Cybersecurity Stategy.

Today, I would like to talk with you about the nexus between cybersecurity and privacy. The digital economy is booming around the world, creating new jobs and opportunities we could not have imagined even a decade ago.  Increasingly, our lives are interconnected and online.  From our critical infrastructure and national security systems, to our cars and bank accounts, the digital economy is creating efficiencies and enhancing effectiveness. If all nations and people are to reap the tremendous political, economic, and social benefits that cyberspace offers, the underlying system must be open, interoperable, secure, and reliable.

Threats online exploit the increased complexity and connectivity of our lives, both online and offline.  They place not only national security, economy, public safety, and health at risk, but also expose all of us around the world.  Since these threats know no boundaries, it is critical for us to work together and coordinate our efforts both between governments and with the private sector.

To mitigate these threats, it is very important to build a culture of cybersecurity.  We need to increase awareness amongst citizens and industries of the critical role we all have to play in protecting cyber systems.  Threat analysts will tell you that one of the greatest threats to our cybersecurity is ourselves – our own actions and choices that make us vulnerable.

Cybersecurity is hard work.  Developing the norms, policies, and practices for this work is critical.  And we must remember our adversaries have the advantage.  They can experiment and make mistakes with little consequence, which we cannot; they are looking for  vulnerabilities. The traditional notions of space and time, venue and border, or my jurisdiction and your jurisdiction are blown away by a threat that moves not at 60 kilometers per hour, but at 300,000 kilometers per second.  The speed of light. Traditional notions and frameworks are destroyed by that kind of threat.  That requires every element of law enforcement – those  who are spending their days protecting kids, fighting fraud, fighting spies, fighting terrorism, protecting intellectual property, all of those things – to be digitally literate.

As you are aware, we are particularly concerned about the growing trend of radicalization around the globe.  I am sure you are as concerned as we are about any space that terrorists can use to plot attacks.  We must find additional ways of making it even harder for terrorists or criminals to find refuge in cyberspace.

When the use of social media crosses the line from communication – the expression of views, even views that we may find profoundly troubling – and into active terrorist recruitment and plotting, that is deeply concerning and has to be addressed. Neither we, nor the providers of these technologies, want to allow terrorists to plot attacks.  We strongly encourage technology companies to harness their entrepreneurial and innovative expertise to consider ways in which we can make it harder for terrorist groups to recruit and radicalize.

Finally, I see that lawful interception is one of the main topics on the agenda today.  Lawful interception is a powerful tool to identify and prosecute suspects engaged in serious criminal offenses.  I would like to stress, though, that it is critically important to consider state and public security on the one hand, and the protection and guaranteeing of fundamental human rights and freedoms on the other.  This is difficult, but it is by no means impossible.

As the Director of the FBI said, “in the United States the means by which we conduct surveillance through telecommunication carriers and those Internet service providers who have developed lawful intercept solutions is an example of government operating in the way the founders intended—that is, the executive, the legislative, and the judicial branches proposing, enacting, executing, and overseeing legislation, pursuant to the rule of law.”

The key to having both cybersecurity and privacy is a strong respect for the rule of law.

With that, I would like to thank you again for having me here today and for your hard work to strengthen Kosovo’s cybersecurity capabilities.