Read more: What’s Next For Ex-FBI Director James Comey?
Before his appointment in 2013 as the seventh director of the FBI, Comey spent five years as Lockheed’s top lawyer. He served as general counsel to the Connecticut-based investment firm Bridgewater Associates between September 2010 and January 2013. Comey was an associate and then partner at McGuireWoods, in Richmond, from 1993 to 1996.
Comey often noted in recent speeches the 10-year length of the FBI director’s term. In 2014, just months after his appointment, he told a crowd of information-security professionals that he wanted the FBI to cooperate with the private sector on cybersecurity and assured them he was “in this for the long haul.”
“You are stuck with me for 10 years,” Comey said then. “The FBI is in this for an even longer haul. We really, really are on your side. And we will do everything we can to keep your data, to keep your innovation, to keep your intellectual property—not to mention your family and your friends—safe and secure.”
As Comey now weighs his next move, here’s a look back at some of the comments companies and law firms might find compelling as they consider contacting the dispatched director about a possible return to the private sector.
A good lawyer must be able to say ‘no’
It is the job of a good lawyer to say “yes.” It is as much the job of a good lawyer to say “no.” “No” is much, much harder. “No” must be spoken into a storm of crisis, with loud voices all around, with lives hanging in the balance. “No” is often the undoing of a career. And often, “no” must be spoken in competition with the voices of other lawyers who do not have the courage to echo it.
For all those reasons, it takes far more than a sharp legal mind to say “no” when it matters most. It takes moral character. It takes an ability to see the future. It takes an appreciation of the damage that will flow from an unjustified “yes.” It takes an understanding that, in the long-run, intelligence under law is the only sustainable intelligence in this country.
(Source: Green Bag, September 2007)
CEOs must realize ‘employees are like your children’
So what I say to chief executives is that it’s important that you give speeches, it’s important that you are maniacal about ethics. And I’ll spare you how maniacal Lockheed Martin is. But you can’t get away from it. They are whispering it to you while you sleep.
But the most important thing for a chief executive to realize is that your employees are like your children. They are like these amazing sensors that we make. You can’t ever turn them off. I mean, I’m sure there are times when you as a parent want to say, ‘Look I want to drink beer out of a bottle and scratch my stomach. Move away from me. You know, I don’t want to be bothered with this.’ You can’t with a kid. It’s always on. Employees are always on. They watch you. They see you. They listen for gestures. They look for signals. And so the way you reinforce that is you recognize that actually what you do is much, much more important than what you say.
(Source: The Directors Roundtable, August 2006)
Comey the ‘weenie conservative general counsel’
A company that suffers intrusion is a victim and they will be treated that way by the FBI. We know, because I was a general counsel at a company, that one of our obstacles are the weenie conservative general counsels. I was a weenie conservative general counsel.
We were worried about what’s going to happen to the information we share with the government. ‘Will it hurt us in a competition? Will it lead to lawsuits against us? Will it violate some obligation we have in a different place? What will it mean with our regulators? How will this all work? There’s too much risk with this. Let’s remediate and move on.’ Well, we think we have a compelling case to make based on a track record of hundreds and hundreds of investigations that we will protect your privacy, we will not share data about your employees and your operations, and we will have an adult conversation at the beginning to explain here’s what we will do with the information you share with us, so that you—as a general counsel, a chief security officer, a CEO—can make a judgment about the risks and benefits.
(Source: Boston Cyber Security Summit, March 2017)
Navigating the federal bureaucracy
Who in the federal government is responsible for what when it comes to cybercrime? How do you know who to turn to? And who’s going to do the best job of navigating that federal bureaucracy with you? I get that. I know where you’re coming from because I’ve been there.
My last eight years before this were five years as general counsel at Lockheed Martin and then three years as general counsel at Bridgewater Associates. Two totally different industries—aerospace and defense and finance-—but in both I learned that you have an ironclad, nontradable responsibility to your owners, your shareholders and your board, and you must focus on the bottom line. And then the government knocks on your door, unrolls a long list of stuff that we need and doesn’t seem to offer a lot in return. As general counsel at these two companies, I spent a lot of time asking myself and my teams—and in both I had security under me—I would say, ‘How come we can’t get more information out of the government? How come they don’t share information? Nations and criminals are trying to steal all our stuff. Why can’t they help us more?’ It often seemed to me that information flowed in just one direction—towards the government.
There is no doubt that we in the government have information that we can’t always share for reasons that I think would make sense to you. But we have to do our best to make that group of things as small as possible and share information as much as we can and as quickly as we can and in the most usable format so you can do something with it.
(Source: RSA Conference, February 2014)
‘Everybody in this room knows we are at risk’
Before he left, Bob Mueller, my predecessor, told me that cybersecurity would come to dominate my 10 years as counterterrorism had dominated his tenure. And I know after five months that he’s right. We have to be agile and predictive. We have to use all reasonable tools and authorities to stop these malicious activities.
The cyber threat is different today than the terrorist threat, of course, because we have not yet experienced a watershed event like the attacks of Sept. 11. But everybody in this room knows we are at risk and we have to act quickly.
(Source: RSA Conference, February 2014)
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
