Why did tech companies take a week to get behind Apple in the FBI standoff?

In the midst of the Apple-FBI dispute over the San Bernardino shooter’s iPhone, countless tech companies took the rare step of publicizing views in “friends of the court” briefs, statements, and interviews. The sheer number, nearly 40, filing amicus briefs — Facebook, Google, Mozilla, and Microsoft, as well as my own company, AVG — is telling. Though we’ve read much about the positions and the parade of horribles that could happen, this dispute provides rare insight into what compels Silicon Valley to act and why it appears to respond slowly.

Public safety, free speech, and the ability to create secure products would all seem to justify immediate action. Instead, most tech companies remained silent for several days after the facts of the case became public. Apple CEO Tim Cook’s arguments stood alone. Allies eventually emerged … a week later. Mass objection arose only with the court deadline arriving. What required seven days of thought if the harms were as severe as many asserted?

This phenomenon is not new. Even longer delays occurred in 2011, when Silicon Valley last coalesced during the outcry against the proposed SOPA and PIPA legislation. Civil society advocates and Congressional representatives warned us of the legislation early. They told us Twittersphere complaints wouldn’t cut it. We needed to direct messages to Congress from constituents. We recognized the legislation would irrevocably undermine key enabling Internet principles. We knew it would have a chilling effect on speech at Internet scale. We saw it speeding through Congress. Yet we remained silent.

Finally, a small group of tech companies and civil society advocates staged a blackout — temporarily obscuring logos, darkening websites. The resulting attention slowed the legislation enough to allow opposition to grow, but most of the big-brand, Valley Internet companies abstained. By the second blackout, though, everyone was in. The collective outcry forced Congress to reconsider the legislation’s unintended consequences. Again, why did the Valley delay?

When we look more closely at the nature of these companies, how they view themselves, and what drives them, we can see several structural factors that explain this behavior.

First, we’re product people. We confront challenges by building things. We code and instinctively consider digital products the answer. This is neither good nor bad — it just is. Policy problems don’t lend themselves to code and APIs, so our strengths and the tools we’re most adept at using don’t work.

Second, we tend to discount the legislative process as a solution because it’s slow. We’re reluctant to see legislation as the answer, and we fear unintended consequences. Further, the horizon of relevance we focus on most is 3-9 months. Rapidly changing technology and market conditions have often already altered the market by the time legislation could have an impact. Even the most well designed legislation is challenged to keep pace with technology. Public policy is also a long game that’s harder for young tech companies to play. New ventures are already stretched to fund product development, and they face the more immediate risks of execution and adoption.

Of course, the legislative process is vital, but Valley perception of time shapes our reactions. Moreover, only established organizations can devote the sustained resources required to effectively engage. We also irrationally believe that the established big tech players “with offices in DC” will somehow “take care of” broad policy threats. This results in even more hesitation and delay.

Finally, we as tech organizations don’t necessarily believe we have customer permission to enter the policy debate unless the issue is core to our mission. We have digital relationships with our customers and are empowered only to solve problems and value via our products. This truth further inhibits policy action. Further complicating our thought process is that no matter our stance, we’ll likely offend half our users.

While the tech industry may seem guilty of inaction or, at best, benign neglect, I think it’s closer to the truth to say we were in denial — with a dose of fear. Any of these factors would slow decision-making, and collectively they dissuade quick action, producing no-win situations for tech companies, who must reach “least-harm” conclusions, even when the issue is core to the business or the bottom line. Maybe our best bet in the Valley is to accept the uncomfortable truth that we don’t have all the answers. And perhaps we have more “permission” than we think, especially if we guide ourselves by the compass of user benefit.

Harvey Anderson is Chief Legal Officer at online security company AVG.