Skip to main content

tv   Cato Institute 2018 Surveillence Conference  CSPAN  December 14, 2018 9:09am-12:09pm EST

9:09 am
take the opinion, they do a quick scan of the synopsis at the top of the machine and they try to write four or five perhaps for the web or more. and they did that in the aca case and got it wrong. the wires, interestingly, did not get it wrong, but a lot of other people did. and that's because the question that we all thought was the big question to be decided, whether the ac krchlc -- aca violated the constitution's limits on the commerce power-- >> my name is julian sanchez, i'm a senior fellow here and it's my great privilege to welcome you all to the 2018 installment of our annual surveillance conference. we really began the conference in 2013 as a one-off focused on
9:10 am
the nsa and inspired by the enormous information coming out as a rut of the edward snowden revelation and the following year i decided that it made sense to have a dedicated full day conference on surveillance, so this is the fifth year, we're running it under that name. i recall a year or two in, the excellent national security reporter at the new york times asked, do you think as the snowden headlines, do you think there will still be enough to talk about every year in the domain of surveillance? and i wouldn't say happy to say, but i can confidently say that it doesn't look like we're running into the problem of being short on subject matter for a conference anytime soon. before i introduce our first panel, i want to suggest i know a conference like this, people come in and out of the
9:11 am
conference during the course of the day and following the conference, a docent from the smithsonian art museum has come and agreed to give a special tour for the attendees of the ongoing retrospective sights inseen. paglen explores the surveillance state and its many guises and work to use art visible of the states that are normally cloaked in shadow. it's fantastic exhibit and if you haven't seen it it's absolutely worth it and closing in a few weeks i think it's a good opportunity if you're interested in art at all. but to the subject of our first panel, as with so many other, it's hard not to circle back to donald trump with his own
9:12 am
intelligence community, frequently calling into question intelligence conclusions and more dramatically calling a deep state conspiracy against him. attempts to abuse surveillance authorities for political purposes in order to undermine his presidency. and the question is, is this the thing that civil libertarians have so long worried about that the surveillance authorities that are intended to go after spies and terrorists could be turned inwards and misused as they work so long in the 50's and 60's for political purposes? or is there a reason for civil libertarians to doubt whether this is a genuine instance of that? i can't think of anyone better to lead a panel exploring those questions than my colleague patrick eddington who has been on all sides of this. he has been an analyst at the cia and a whistleblower at the
9:13 am
cia and we are very privileged and pleased to have him here as a scholar at the cato institute to introduce our speakers. i'll turn it over to patrick. >> thank you for that introduction and comment and i'll drop the check off in your office after we're done here. my thanks to all of you who are here with us in the auditorium and those viewing on-line. i want to go over a kick add-min items. make sure you've got your cell phones at least on vibrate and if you have an apple watch leak i do or other devices hanging around, make sure they're on silent as well. we will do some q & a here towards the end and i'll repeat this, just make sure you wait to be called upon, wait for the microphone so everybody can hear you especially our panelists and ask you to announce your name and affiliation, not that we're taking names, but we like to
9:14 am
get a sense of who is here and what theirs interests are. and julian gave us a good intro, i want to kind of amplify on that just briefly. for over a year, president trump has made extraordinary claims about the alleged political abuse of surveillance powers directed against him. let me rephrase that. allegedly directed against him and his campaign. claims repeated by inside and outside of government. and to date the groups haven't embraced the president's claims, it leads me to ask is this just trump derangement syndrome overriding the concern or is the skepticism well founded? there are examples of sitting presidents to use intelligence agencies to target their political opponents. theodore roosevelt used the
9:15 am
secret service to conduct surveillance against house and senate members he was accusing of corruption. his successor and relative franklin delano roosevelt kept an eye on a republican from north dakota and wheeler from montana as well as intervention american first committee. trump is not the first president to claim the federal bureaucracy was working against him, but his accusations are qualitatively dinner different and his tone is most definitely different. earlier this year, jeff sessions agreed that the department of inspector general that fisa was used to spy on one or more trump campaign officials. i should note that that investigation is ongoing. are specific trump accusations largely groundless? how are we to know for certain? who's claims are to be trusted or distrusted and why?
9:16 am
if the president truly believes the department of justice bureaucracy is out to get him, end quote. why would he agree to an investigation of his claims by an element of that very same bureaucracy? more broadly, is the whole idea of a so-called deep state even valid or useful? how is an outside observer supposed to tell the difference between a legitimate and possibly vital investigation, and a pretextual one motivated by political animus? are there policy changes that might look at risk and abuse and confidence and panelists are going to help hee with these issues. to my immediate left is professor michael glennen, professor of international law of fletcher's university of law at tufts university. spent time on foreign relations committee as counsel, a fellow at the woodrow wilson
9:17 am
international scholars, i could go on and on and on, and i want to mention about mike his book "double government", not only for me is essential reading, but i teach a course on congress and that is a textbook in my course, i highly recommend it. on the end here kate martin senior fellow for american progress and working on issues for national security. she was for the national studies here in washington. and she has written and litigated on civil liberties and national security issues and testified in front of congress as well. suzanne hennessey, sitting next to kate on her right, fellow in national security and government studies at bribinginbribinookings institute. and she has a blog, if you're not reading you're missing out,
9:18 am
and hard national security focuses and she focuses on national security, oversight of the intelligence community. and finally, april dass is a partner where she chairs in a private security practice group. prior to that senior minority counsel to the russian investigation on select senate committee on intelligence and both april and susan are prior counsel at the national security agency. so they've been in the business, they know what it essentially looks like. and they know what is and is not necessarily possible. so, i just want to kick it off here with a -- essentially, how do we define the deep state? let me give you the cambridge dictionary definition from the on-line edition. organization such as military, police or political groups said to, would secretly in order to
9:19 am
protect particular interests and to rule a country without being elected. there's a little side bar note, that the cambridge folks added, the idea that there is a deep state governing behind the scenes is dismissed by some as a conspiracy theory. susan hennessey, is there a deep state? >> so, i suppose the-- you can sort of stack the deck based on how you want to define it in the first instance. the term deep state applied to as the turkish government, i believe, actually refers to an extra judicial body that's operating outside, you know, the constraints of the rule of law, so actually carrying out extra judicial killings and it really is, you know, an extreme sort of shadow government. does that exist in the united states? no. does anything close to that or roughly resembling that exist in the united states? >> no, if indeed you want to say the deep state is some
9:20 am
group of unelected officials that operate in ways that are not fully transparent to the public, yes. there's a national security bureaucracy. there's a career civil service, i would describe that as the ordinary function of the u.s. government that exists in lots of different contexts, of course, the challenge of the national security spaces, a lot by necessity and some not by necessity has to occur in secret. it becomes difficult to maintain and especially a president who is using these terms to call into legitimacy that work, that work which i believe is done pursuant to the law and all three branches of government. it becomes more difficult when there's a president that says this is the deep state ability to overcome that and say it is legitimate and explain to the american people what's going on. you know, is especially challenging whenever you can't produce that information publicly. >> april? >> yeah, absolutely, and you
9:21 am
know, it's interesting because this idea of deep state, fundamentally, about who would compose that deep state, if it exists, you're talking about people who make a career, perhaps for some number of years, perhaps for some number of decades working in federal government. in whatever department or agency they're in and those people can serve a very important function in maintaining a moral compass at times when political appointment leadership of those departments and agencies changes. so, i think that the very use of the term deep state is so-- such a loaded term and frequently seen in a pejorative sense that just that language can crowd the discussion about the important roles that come with continuity of having career civil servants who understand whatever work it is they're in. to susan's point, absolutely much harder in the national
9:22 am
security community where the oversight roles necessarily involve dealing with information that can't be fully and completely shared with the public. so, harder than in, say, assessing whether there's a deep state in adding the environmental protection agency or some other more transparent agency of government. >> kate? >> i agree that there's no deep state in the united states. and i think that there is a fbi, a cia, and an nsa and now there's a director of national intelligence and there's a history with some of those agencies, odni isn't recent enough that there's less history with them of violating the law. violating civil liberties, but there's also a very strong and noble record of those abuses having been brought to light, changes having been made and i
9:23 am
used to work in eastern europe right after the fall of the wall when one of the tasks that the reformers wanted to do was set up a legal structure to bring under control what was the deep state in those communist countries, kgb and its associated secret police and what i used to say was, that in the united states, we don't have a system where we can be sure that the intelligence agencies will not violate the law, but we do have a system where it's pretty likely that pretty soon those violations will come to light and that's, i think, the difference. excuse me, one of the key differences and the other thing i would just say is that when you ask the question in the morning, how do we know that
9:24 am
the use of the deep state and michael might disagree with me about that, but i think in general, the use of the deep state terminology is not useful to illuminate what is actually happening and instead, it is used at the moment by the president of the united states to further conspiracy theories. . >> michael? >> i don't disagree with kate. first let me thank pat and julian for organizing this and inviting me to be here. i don't disagree with kate. i don't use the term deep state. i don't like the term deep state. i think it's vague and carries with it not only notions of a huge nefarious conspiracy, but as susan pointed out, an experience of the sort that has occurred in turkey, that is totally foreign to the american experience. i've written, instead, about what i referred to in this book
9:25 am
that pat talked about, a phenomenon called double government. it's not my term, it's walter badget's term taken from his classic work on the english constitution written in the 1860's, it's a standard mainstream analysis in britain to describe how britain moved smoothly, without revolution to a monarchy to what badget refers to as a concealed republic with one set of republican institutions and another set of concealed institutions engaged in the processes of government. through that process badget pointed out the british government become more democratic and more accountable. applying that theory to the united states and the evolution of the united states government since the truman administration, my thesis in the book is that the united
9:26 am
states also has developed a system of double government in which the public institutions, congress, the presidency, and the courts, have gradually, over the course of the last 70 years, transferred power to the national security bureaucracy. and the united states has moved from democratic accountability in the opposite direction towards autocracy. now, i should say -- i should use the term double government in the past tense because it's essential to badget's theory the two sets of institutions, public and private remain on the same page, that there's an image of public harmony, the public not to distinguish between the two and continued to believe that the decisions and definition of national security, policy, is made by the public institutions.
9:27 am
once a rift occurs of the sort that's occurred in the united states, an epic development in american constitutional history, badget's prediction is the whole system of double government falls to earth in his phrase, falls to earth. it becomes destabilized and policy oscillations make predictions very difficult as to what national security policy will be in the future. that's the situation that the united states is in today. so in my view, badget's theory was accurate in suggesting that once that rift occurs, both the national security bureaucracy and the so-called madisonion institutions, congress, the presidency and the courts are delegitimized and we're as a
9:28 am
consequence of that rift, in very dangerous territory. >> what's interesting is how enduring this phrase and this concept of deep state is, right? in 1990's it was typified by the "x-files" on fox. confession, my favorite series of the 1990's. but it's even more contemporary from a cultural standpoint, right? adventurers versus hydra. any marvel fans here? okay, a few. the other thing we see is the literary manifestation of this. i told m my hands a couple of books that kind of speak to this. the first is by one of the president's most vocal supporters, former congressman and former house oversight and government reform committee jason chaffetz of utah, how
9:29 am
they were from obama to destroying the trump administration. and mr. chaffetz went over to talk to jeff sessions about a laundry list of complaints that chaffetz had, including subpoenas from his committee being refused, so on and so forth and not surprisingly, it was bryan pagliano who was hillary clinton's guy with her server, and he refuse today comply with a subpoena and chaffetz went over to bend ag session's ear and try to get it. i want to read a little bit of this. and this is chaffetz, this is not me to be clear, this is chaffetz. this should not even have been a partisan issue, even democrats in the house oversight committee would agree that congressional subpoenas
9:30 am
mean something. i wanted the justice department to prosecute pagliano, sessions said, no, i can't do that, i can't talk about it, end quote. the pagliano issue wasn't about hillary clinton-- well, that wasn't true, but anyway, it was about whether congressional subpoenas hold any force at the doj. here was a republican attorney general telling me, no, we're knots going to do anything about that and he goes on to talk about it in some lengths. by the end of the hour, it became clear this justice department was going to be little to no help same as the obama administration. the same deep state i was working with during the lynch holder years. loretta lynch, eric holder, obama years. nothing new with the administration. i couldn't see that sessions with a was doing anything to drain the swamp within the doj. would the three of you agree with the chairman's suggestion
9:31 am
that jeff sessions is a part of the deep state? >> no, i'll take that one. so i would suggest that former congressman chaffetz is actually pretty cynically capitalizing on something and producing things like this. not only do i not believe that that's true, i don't believe na jason chaffetz believes that it's true either and i think whenever you have a congressman, for example, talking about the difference between congressional subpoenas and the legislative branch has its own mechanisms to enforce their legislative prerogatives if they want to enforce legislative subpoenas, putting that onto, for example, the attorney general, as if it's the attorney general that is essentially dwarting their ability to get information, i think what that does is, one, it's demonstrably wrong about how the process works and two, it confuses the american public about what is going on, who is responsible, who is accountable, how processes should be working. and so, i guess i-- it's not entirely clear to me what anecdotes like that are
9:32 am
meant to accomplish other than in general delegitimizing function. they're factually inaccurate and two, this narrative of a group of people that are all working against essentially republican interests, it also doesn't make a ton of sense because you have bipartisan groups of individuals who work within doj, who worked with lots of administrations. so i have a pretty strong reaction to seeing stuff like this. i think that there is had a reasonable and important conversation to have about, you know, national security reform, transparency reform, office transparency all of this stuff, but this exists pretty well outside the balance of where production discussion might take place. >> well, and attorney general sessions spent his career representing republican party interests. i mean. >> and i think, you know,
9:33 am
another sort of frame of reference to keep in mind. to the extent that the allegations about the deep state come from partisan elected officials, they often are operating from a different mindset than the very career bureaucrats that they're talking about. so in a partisan electoral world, everything is sort of motivated by winning the next contest. everything is a zero sum game. can i get elected to get my agenda put forward? that's structurally and not casting aspersions on any particular elected official, but that's sort of the way that our electoral process works, right? it's all about winning and losing in zero sum games. and you have to remember that in the-- when you're talking about the mass of people, the individual government employees, right? who make up the alleged deep
9:34 am
state, to the extent they're in the federal government, these are people covered by the hatch act and are barred from most kinds of partisan activities. certainly as it relates to their work and if you're talking about the national security committee you're talking about people who are barred by hack plus restrictions, if you will. so really that there's a deeply partis partisan-- below the employees, the run-of-the-mill people who would call fall into the allegation of deep state bucket, it's a fundamentally different mindset and i think that often people who are involved in electoral politics just lose track or sight of the fact that there is a whol whole set of dedicated government employees who really are not working from that zero sum mindset. that's not what they're working
9:35 am
for. >> i would not agree, actually. i think that there are, in fact, most career civil servants, including international security bureaucracy are dedicated on a nonpartisan basis, but i think making a wholesale distinction between them and elected politicians or those who work for them doesn't make any sense. i don't think that all elected politicians or political leaders see it as a zero sum game. i think that there is a particular group at the moment led by the president of the united states who has, in a really remarkable way, kind of tried to transform our politics so that it is not tied to facts. it's not tied to basic shared
9:36 am
assumptions about the rule of law. it's not tied to what has been some basic shared assumptions about interests, and it's fundamentally-- it is all of the things you just ascribed to electoral officials, but i don't think that it's fair to paint everyone with that brush, nor do i think that it advances the conversation. >> you don't think this conversation is really about elected officials versus career people. >> michael, let her respond if she wants. >> yeah, and so, let me be clear about what i'm trying to say. i'm is suggesting that there is a different -- there is, i think, a different shaping of culture when you have to compete to get somewhere versus when you are sort of trying to
9:37 am
embrace a shared mission of whatever agency you're working in and again, i tried to be clear and so i'll say again, that's not to cast aspersions on any particular elected official because i think that by and large the vast majority are not only motivated boo -- by a sense of public service and whatever really they serve in. what i'm suggesting is that i think that there are a different set of frames of reference that get sort of institutionally inculcated, depending on -- what you see depends on where you sit is what i'm trying to say. >> i think we need to look at that more carefully. >> and i know michael has a point. the mere fact that we're having this conversation, the attorney general doesn't have a role enforcing congressional subpoenas so the question for chairman chaffetz, why was he going to the attorney general if he was interested in enforcing a congressional subpoena in the first place. we're talking as if there's
9:38 am
some group of people acting against him instead of saying that's not how the process works, this is a good example presenting facts and divisioning them a little bit and taking them out of contest can have people trying to explain and deconstruct things when in reality, the two have nothing to do with one another. >> well, that's three comments. first, actually, maybe four comments. the attorney general does ultimately have a role in enforcing a congressional subpoena unless the house of representatives or the senate wish to instruct the sergeant at arms to go out and arrest someone for contempt of congress. you've got to refer the contempt citation to the justice department. >> which had not been done. >> well, but looking ahead, maybe that's what he was referring to. it hadn't reached that stage yet, but ultimately if you're going to issue a subpoena, you want to think about what he is
9:39 am
going to happen next and maybe, you know, obviously, i wasn't there, but maybe that's what the subject of the conversation was. second, so it seems to me that, you know, regardless of the identity of the actors, the justice department ought to be willing to prosecute contempt of congress. if that was, in fact, the subject of the conversation. second, political appointees do get captured. they do tend to go native. there's something called path dependence in democracies, it happens to democrats and to republican, there are intensives deeply embedded in our system that cause political appointees to wish to be
9:40 am
protective of the bureaucracy that they had. and that happens all the time so it wouldn't surprise me if any attorney general became protective of the justice department. third, it seems to me a number of people talked about the proce process if you believe the rule of law to accept an out come of the process regardless of the identity of the political decision makers. that's fundamental to the rule of law. you don't start from the outcome and reverse engineer things to get the outcome that you want. >> that's a soviet approach. >> that's a soviet approach, and it's a political approach ultimately. it's a power approach. it's not a law approach. how does that relate to the charge that trump is the victim
9:41 am
of a deep state. is there any legit massey-- legitimacy of his charge? if you're a democrat with a small "d". look, for example, at bob woodward's recollection in his book of gary cohn, one of trump's financial advisors, removing from trump's desk a letter that would have terminated the trade agreement with south korea. now, there was nothing nothing to suggest that what trump was doing was illegal. this was a policy that trump promised he would pursue and on which he was elected. he's an elected official of american people and nobody elected gary cohn. nobody elected gary cohn.
9:42 am
this is an example of what some people have referred to as bureaucratic checking, which is totally alien to our constitutional system. >> and, in fact, you said-- >> but how-- >> well let me just jump in. in fact, this is a scene after article that you wrote for harper's back in june of 2017, trump versus the deep state. and you raised some extremely interesting points in this piece and i'll just quote this one particular session. to formally charge a bureaucracy with providing a check on the president, congress and accords would represent an entirely new form of government which institutionalized bureaucratic autocracy replaces democratic. what critics would bureaucratic supremacy should some president come along and seek to free them from the polar night of icy darkness that max webber
9:43 am
warned as bureaucracy's inhe have i believe it end point? where would they turn having consecrated the security direct directorate as their guardian. i found that insightful and compelling. kate, you had something? >> i wa wanted to ask you, whic i agree with you about it, gary cohn was a political appointee by the president working in the white house for the president. he in no way represents the career people at the fbi or the cia. and trump's main attacks have been not on the fact that he's in apparently incapable of having a white house where they all work to the same end, right, but that instead, they're all fighting with each other over what he's going to do which is a different problem
9:44 am
whether or not the fbi has, in fact, undertaken some kind of illegal or unconstitutional -- you don't think? >> let me respond. >> maybe it's-- >> take the fbi. >> yes. >> okay. jim comey charges hillary clinton publicly with gross negligence in the handling of her e-mail. now, is there anything illegal with that? answer, no. no. the fbi is a law enforcement organization, not a policy enforcement organization. nobody appointed the fbi as the national school marm to lecture people who are grossly negligent. the fbi is to look at
9:45 am
violations of the law not to lecture people on good citizenship. >> how is that an example of the deep state as we're discussing here? the example just, it fails for me. >> well, can i-- >> it's an example of what i've r just referred to and i told you, i don't like the term deep state. so i can't describe to you what the deep state can properly do or not properly do. it's an example of bureaucratic checking which is wholly improper. the constitution gives power to the congress and the president, and the courts and that power flows downward and not upward to the bureaucracy to the elected officials of the american people and that's the point. >> i totally totally agree with that example. about both of his examples now, and i wrote at the time that
9:46 am
comey's press conference before he even got to the letter in which he excoriated hillary clinton for having done something was close to the kind of political interference by the fbi that we saw and totally inappropriate. and i think the key is that if you look at that which is wrong in several respects. the leaks that were helpful to the campaign rather than harmful. that they bee lie this president's specific attack, which is that they're out to
9:47 am
get him and something that should be done which shouldn't have been done. is by comey and people in the fbi in a way that harmed, that actually helped candidate trump's election. . >> i would note that he's a public employee and i think a better example, i think it's parn whatever term we use. nobody should be in with the deep state, but the difference between bureaucracy and political appointees because the accountability mechanisms are so different and keeps the notions really clear. >> for the public staff and he's extremely versed in the
9:48 am
what happens, with the nuts and bolts of government itself. and this is what mike has to say about this kind of general kept and yes, there's another on this avenue a hybrid of ruling the pattern intermittently controlled by those explaining the phenomenon will be disappointed. my aanalysis do not sustain belief in-- that keep these conspiracies successfully hidden for decades and i think it gets to your larger model, michael, which is you have this dual structure essentially and so the question then becomes, do we have
9:49 am
examples where the non-madisonion component to use your framing, elements of that nonmad zon nonmad-- non-madisonion can be used to bring down a particular president. i don't know if you can think of actual documented ones, but i do have one and we're going to go back in time a little bit here, almost 100 years, as a matter of fact. the year is 1924. and of course, the presidential campaign by this point was really heated up, well underway, and come to calvin coolidge, didn't just face the democratic opponent, he faced a very, very familiar opponent from his own party. a senator by the name of robert laviolette, sr. who has as his running mate, somebody who had been under investigation
9:50 am
senator wheeler from montana. december of 1924, j. edgar hoover in his first year at running the bureau-- what was then still known as the bureau of investigation, it wouldn't get the federal min kerr until the fdr administration of 1935. hoover wrote to one of the state department functionaries of the last century and blain was a close confident of the then secretary of state and he wrote to lane, quote, from an extremely confident and delicate source i've been advised that the commissaryate, the election campaign and believed that it's victorious in his campaign and then the recognition of the soviet government will follow immediately and on supposition,
9:51 am
they're to use their force and energy to aid the laviolette campaign and directed no official statement should be made and no personal opinions expressed in connection with the elections in general in order that the enemies of the soviet government may have no opportunity to say that the latter is interfering in the internal affairs of a foreign nation and conducting propaganda therein as stated above. this information was received from a seemingly delicate source. the very very next day we have a circumstances whereby-- there was a correction, there was a meeting at the white house that involves the secretary of state and he is involved in the president's reelection campaign as were several folks and this is a member that went to mr. grew over at the state department.
9:52 am
and evan young was a state department official told this is an outside group in 1924. think of it as a 527 or similar group that there's, 500,000 to make sure there's a running campaign that they were anxious to refer to any material that he was in support of the government-- obtaining any facts along these lines. i told mr. young the only everythings in we had was the department 17th of september he had already seen, and so this hoover report had been circulated and also apparently of knowledge of the national defense committee. making sure there was no further character of the department of justice.
9:53 am
i called had i am who drafted the letter on which the letter was based from the new york department of justice. i told him this had been of great interest at the department and we were at a loss to understand the daily worker-- young in this country and attacked mr. laviolette and so on and so forth. long story short, hoover had this drerogatory information and to the press and elsewherement and what i can tell examining the records of the laviolette family at the library of congress, j. edgar hoover made no efforts to tell him that the soviets were trying to use him. that was a salient example of the kind of thing, the kind of threat that i think trump is referring to. now, the question is, how frequent does this happen? how frequently does it happen?
9:54 am
at this point i think it's very difficult to say. it's probably relatively rare, but i don't think there's been a comprehensive example of how many of these episodes may have taken place. so-- >> i think that's an example, actually, it's a pretty good illustration of one of the challenges of having to go in the discussion, which is that the entirety of the post watergate reforms reflecting instances of abuses and including instances far more egregious was about layers of bureaucracy and rule, in order to depoliticize as a civil liberties protection, this entire bureaucracy, this structure was built out of a desire to distance the heads, you know, the constitutionally the head of the executive branch from using the tools of the state in what we all recognize to be plainly abusive purposes. and so, the challenge now in having the discussion of these levels of bureaucracy, is that
9:55 am
itself is a form of abuse, it's, there's a little bit of a circular problem here because those were intended to be responsive. and this balance we have been attempting to achieve between political accountability and nonpolitical law enforcement. nonpolitical or apolitical intelligence, no, we haven't always gotten the balance right, this is one, a structure to achieve that in order to constantly recalibrate. but we have plenty of examples of the bureaucracy engaging in some cases systemic abuses even to this day and in the fbi itself has been involved and continue to be involved in essentially political investigations. when you look at what happened after the outbreak of the iraq war in 2003, the thomas muhrton center, an organization in
9:56 am
pennsylvania was directly targeted by the fbi for their activities. that was a subsequent subject of a justice department report. and what kate said earlier, most of these don't actually prevent abuse, don't always prevent it, they can bring things to light, but it's usually after something really terrible has gone on. i look at what happened to brandon mayfield for those of you who may not recognize that name. you may recall that in 2004, march of 2004. . there was a terrible al qaeda related attack on these spanish transit system. and in the course of this investigation the fbi bungled the fingerprint analysis and implicated a portland, oregon lawyer who happened to be a former army veteran and muslim american convert as actually
9:57 am
having been involved in that ep so the and it turns out that the spanish government did everything they could to try to prevent the fbi from going public with that because the spanish felt that the fingerprint analysis was wrong and the spanish government as right. mayfield's name was out there and he got indicted, went out with fisa wear taps and seized everything. for a two week period his name was global and his life was literally turned upsidedown, so, those are examples, essentially, and i have a stack here, but-- >> and that's a mistake is not an example of what we're talking about, i don't think that anyone represents this is an error-proof system, but i don't see the abuse to the extent that it's tied to this conversation. maybe i'm missing it. >> well, when we talk about a systemic problem and i think we can possibly go back to fisa itself. and again, this is something else that i personally find
9:58 am
interesting, because with mrmr. mrmr. mr. chaffetz's bookings no mention of fisa, no mention of mr. putin and interference and that's interesting because that's a core part of this-- and that for years, nsa was actually engaged in going after what's known as multiple communications transactions. and that resulted in the collection of nontargeted entirely domestic communications and i'm not going to go page by page on this thing and that's something that the process put out a few years ago, and based essentially on actual advisa court documents and subsequently made public. and because of the layers of secrecy, it's difficult to get a handle on exactly how
9:59 am
widespread this stuff is, which i think is a point that kate made. >> patrick, i mean, i agree with you, and as you know, i spent those years call out the abuse of brandon mayfield's rights and i believe it was an abuse, condemning the surveillance of the thomas center. but i do think it's extremely important for those of us on this side to be specific about what it is that-- what the abuse is and what the possibilities are and i guess i agree with susan, which is that i don't see the-- any necessary connection between what the fbi was doing then and it might still be surveilling muslim american communities in ways that you and i would think were abusive.
10:00 am
and the question of whether or not there's any evidence or reason to believe that the fbi or any other intelligence agency improperly wire tapped president trump or his campaign. .. and i think one of the things we know is we know enormous number of facts about what the fbi did and didn't do about the campaign. we have the affidavits affidavr
10:01 am
page, the actual affidavit. >> let's be clear, those affidavits remain very, very heavily redacted. >> whatever they say in them, there's no way they didn't wiretap carter page without a fisa. we know they got a fisa. we know they got the court to remove it four times. i mean, who knows whether or not they told the court everything they should have told the court? but so what, is my question to you. because what the president is charging is not that some individual fbi agent didn't fully inform the fisa court. he's charging a conspiracy by the obama fbi to interfere with his campaign. there is simply no evidence of that. and you had to come up with the evidence, and there's a ton of
10:02 am
evidence out there. all over the committees themselves have made public a ton of evidence about what happened and what didn't happen. and then the other thing i think is if you apply kind of a commonsense logical, well, why would they do this? one of the questions you ask, why would comey attack the democratic presidential candidate in a way that is now agreed was a violation of department rules? and it turned out probably because of his own personal arrogance and misperception about fbi interests. was it at trump instigation? no, it wasn't. there is no evidence of that. and similarly, there is no logical reason to say that somehow the fbi or the cia or
10:03 am
the nsa acted not because they were worried about what they were saying with regard to russian activities, but they were acting instead to get then candidate, now president trump. and i actually as a civil libertarian who's always -- who was worked also on what i see as institutional threats posed by the national security bureaucracy that mike has talked about and others have talked about, that we have to be very careful to look at the actual facts, and that the threats to the institutions that i see at the moment come from political leaders line and not from the facts about what we know that
10:04 am
those national security institutions have actually done. >> seems to me you can argue validity of carter page application either way. it's questionable whether the dossier should have been referenced, in effect transmitted to the fisa court. it's questionable why the justice department didn't more specifically identify the origins of the dossier. it's questionable why the fisa court, the four judges, did at some point press the justice department for more information on where it got this information. but i think we ought not lose sight of the very fundamental question that pat put to us at the outset, which is far broader and more fundamental man fisa.
10:05 am
the question is, how does joe sixpack know whether an fbi investigation is legitimate or conducted for reasons, a lyrical, personal animus how does the person on the street make that judgment? let me just say, a little homework assignment. over the weekend, sit down with google at your computer and try to figure out an answer to this question. when can the fbi investigate me? and what you will find is there is a melange of a a little stae here, although statute there, lots of executive orders, guidelines from the attorney general, but there is no charter for the fbi. there's no statute that says in
10:06 am
simple, straightforward, comprehensive will terms what the authority of the fbi is what can it do? how can it do it? when can it do it? what can it not do? the church committee in its report recommended that those sorts of questions be answered by statute. instead, they are answered today mostly by attorney generals guidelines and an executive order. multiple executive orders but in part 12333. now, anybody who thinks that that constitutes regulation needs to think again. because the justice department, olc come has said greg i think that as as a matter of law thoe executive orders and attorney generals guidelines are not legally binding. if the executive branch wants to violate any of those executive orders or ag's guidelines, it
10:07 am
doesn't even need to repeal them first. senator whitehouse revealed this in a reading olc opinion 11 years ago. but clearly that's true as a matter of law. there's nothing that prohibits a president from an effect ignoring an executive order and acting contrary to it, let alone an attorney generals opinion. the answer to the question is, as pat said, you can't know. you cannot come to an informed, reliable judgment as to whether the fbi investigation is legitimate or motivated by personal or political animus. >> just a small point of click dictation or executive orders and the attorney generals guidelines are treated as binding law by the entire executive branch. he has the president, there is olc guidance for the president
10:08 am
at the presidential level to change the interpretation of those guidelines of what to make there's no belief in individual person working in some agency could decide to violate those and i would be up to their discussion. >> is exactly why because of olc opinions are treated as law by the executive branch. that's what nobody can be prosecuted for torture. it served as the shield. my big problem is with olc, quite frankly, but that's for another time. i want to get people the last word and that you want to save a few minutes for questions. >> i can't help but note in this conversation we're having the definitional problems. as we are touching on so many different kinds of examples and talk about so many different kinds of issues. to me it really illuminates the fact whether we call it the deep state, whether we call it something else, the sense of unease about whether or not there sufficient transparency into government activities is
10:09 am
sufficient accountability is not in any way being illuminated by a lot of the heated rhetoric around the state and the kind of thing. and so the kinds of examples where talking about, is fisa probably can constraint and overseen? is a different question than should jim comey have made this comment pre-election and questions about whether or not brandon mayfield was something systemic. and the these distinctions betn political parties and elected officials and people who operate as sort of an everyday working level. again, i think with this illuminates for me is that in order to really move this conversation forward we probably need more clarity and more specificity on what kinds of issues we're trying to raise and what kinds of perceived real problems we're trying to address because these are called into so many different bands.
10:10 am
>> so we're going to go briefly here to some questions. if i could have our friendly staff begin to circulate with microphones. i'll just emphasize, questions not filibusters, be brief, be to the point, and then hopefully we'll have time for at least a few. very back of the room up there. a gentleman with what appears to be a yellow tie on. >> if i'm colorblind, sorry. it's the lighting. please state your name and your affiliation. >> good morning. i custis algona. emigrant from the philippines, been around this town since 1955. my question is this, is, how would this, well, the discussions that you all just
10:11 am
had and i guess those conversations, discussion, what a joy to call them for the rest of today's conference, how would the subjects and/or tone, whatever, of the discussions be held today, the any different had hillary clinton been elected president of the united states? >> i'm not going to touch that. >> i'm sure we would've had a totally different set of debate i don't think it would be sunshine and rainbows. i think that would be, right, the opposite examination about whether enough had been done to reveal information about her campaign and sort of hold her accountable. i would be very, very surprised had she become president secretary clinton had chosen to respond to challenges from law enforcement or challenges from
10:12 am
congress or the intelligence community by attempting to is just those were eligible organizations that were just out to get her. i do think there is some part of this that is sort of a distinct feature of trump. i don't know how much that answers the question but in terms of counterfactual i would imagine we would be having a very serious but probably a more fact-based discussion. at least i would hope. i'll just offer the observation that if secretary clinton had one we would still be talking about her e-mails. i tend to think also mr. j fitz might've stayed in congress so he could talk about her e-mails some more, too. more than likely. but i have to agree with susan on this. i think donald trump is not an establishment figure. that's probably a very polite way of putting it. he's not an establishment figure. figure. that's why space loves him. i think that is the qualitative
10:13 am
difference is that he just doesn't care about the established norms of conduct and the like that existed in washington. i don't always agree with established norms of conduct myself, but to me don't have to be a bomb thrower and the utterly disagreeable to disagree in a meaningful and in a substantive way. and i think having spent time at the agency and is julian indicated, i was a cia whistleblower. there is no love lost between myself and my former employer. but unlike most cia critics and happy to admit when i think that i'm right. and on the question what in the russians interfered in our election i have complete confidence they are right. can we get another -- yes, ma'a ma'am. >> retired from department of defense. and you have brought up a comment about michael cohen removed a document from donald
10:14 am
trump does. if we can define -- [inaudible] the presidents appointees -- [inaudible] do they have a function to act quickly when there's not time to act? and also, is there any connection between the deep state as described and the shallow state of the people -- [inaudible] to control the president? >> what i'll say, having worked for a member of congress for over a decade, the interesting thing about staff is that they do have the ability essentially, depending upon the members present and characteristics, and this applies to presidents, too, they have the ability to help shape the agenda and essentially shape what actually gets in front of the president.
10:15 am
the bureaucracies have the ability to do this, too. every time somebody is making a decision, a manager at cia is make a decision about what goes in the presidential daily brief which i hear he doesn't read that much anymore, they are making a judgment call ultimately about what they think is important to the president of what the president ought to know. now, is that like qualifies as deep stake activity? i don't think so. -- deep state. i think is acquainted of judgment about what's important and was not something is actually a threat but there's no question that staff absolutely help to shape policy and shape the decision and the choices that elected and appointed officials openly make. that's one the reasons why you do have to be concerned about personal. you do have to be worried about who gets approved to a particular position and i think we've got the time barely for one more.
10:16 am
the gentleman over here and glasses, looks like an navy jacket and a blue shirt. name and affiliation, please. >> yes. thank you. i name is stephen dewey. i'm the federal government retiree. question i have, you talk a little bit about how the bureaucrats and the federal government are civil servants and they don't really affect public policy. from my experience that is not true at all. i have seen people in senior management positions are really do affect policy. the question i have, there's public information out there as far as political donations are concerned. you can find it on federal election commission website, you can find it on opensecrets.org. if you look at that public information about political donations it reveals that over
10:17 am
95% of u.s. justice department employees donated to hillary clinton, same with the u.s. state department and same with many other federal agencies. >> and your question is? >> my question is, would you acknowledge that having such overwhelming donations from federal employees for a certain clinical candidate influence their execution of public policy? >> answer, of course. >> i would say two things. one, i don't think april or anyone else suggested employees don't affect public policies. they deeply affect public policy. it's a question of whether or not they are able to disentangle their own personal political bias from the work. that's one thing want to be careful about, for example, fbi agents or individuals in my debate political donations. federal employees are people who have political views and we shouldn't pretend they don't have them.
10:18 am
we should acknowledge is they are able to do the work separately and put those used to the site and do their jobs with integrity as the law requires of them. i would frame it as a slightly different sort of presentation. >> and i think we should be clear that the data you are talking about on the website represents those employees of the department of justice or any other federal agency or department who elected to make campaign contributions. that is not necessarily an accurate reflection of the overall political worldview essentially of department of justice employees as a whole. i think when we start talking about examples here we have to be very, very careful. with that we are going to conclude this panel. will take about a 15 minute break, give my friend share a shout out. [applause] -- give my friends here a shout out.
10:19 am
[inaudible conversations] [inaudible conversations] [inaudible conversations] [inaudible conversations] [inaudible conversations]
10:20 am
>> this conversation will take a 15 minute break and we will return to the cato institute when the next panel gets underway. while we wait we are actually part of yesterdays conversation at the national press club on the impact of attacks on the press. >> thank you ladies and gentlemen, judges, so-called judges. [laughing] i'd like to say i'm delighted to be with you for this conversation, but i'm not. attacks on journalism and the future of democracy, it's sickening that we have to discuss this, but here we are. and let me begin with a few data points. according to the december 2017 7 pew public trust in government survey, the portion of the public trusting uncle sam to do what is right just about always, or most of the time, was 18%.
10:21 am
among millennials it was 13%. among republicans who control, still control all three branches of government, it was 22%. just by way of comparison, and october 1964 in the midst of civil rights tensions and the early days of vietnam, the value was 77%. the democracy project survey asked about the importance of democracy as the only form of government. only 39% of those aged 29 or younger said absolutely important. the most recent world values survey found that among american millennials, 23% say that democracy is a bad way or a very bad way to run the country for in a 2017 survey, 5000 voters,
10:22 am
29% of respondents showed at least some support for either a strong leader or army rule. army rule. the suspicion and scorn for ever. the edelman trust barometer is an annual tracking government, business, ngos and the media in 28 countries. from from 2017-2018 the use citizens trust for those institutions altogether plummeted 37%. military did okay. the media were down very low in the neighborhood usually reserved for the hated isis and congress. [laughing] in this falls night foundation gallup poll, 69% of u.s. adults said they trust in the news media has decreased in the past decade. among conservatives the number
10:23 am
was 95%. some of this we are about to discuss has to do with our demagogue president who dwells in alternate reality, dismisses actual reality as fake news and declares media enemies of the people. some of it has to do with the 50 year campaign to discredit so-called mainstream media by politicians and the archipelago of accusation, the likes of limbaugh, breitbart, daily caller and fox. but that's not the end of the story. the 19th century poet sir william watson, that the report 19th century poet william watson said he can mistrust of the children of blindness. i i guess, but hate and mr. ross are also the children of good vision because there is the glory of the free press and then there are the things we must answer for. access journalism, horserace coverage, staged cable punditry
10:24 am
and pyrotechnics, falls balance can routine anonymous sourcing, endless speculation, college relationships with sources, clickbait, gossip, bending over backwards to seem less shrill or partisan, carelessness amid breaking news. and then every now and then one of us like trudy miller gets played into helping start a war. then every now and then someone like jack kelly or stephen or janet coker jayson blair or brian williams gets caught just making shit up. and then there are the outlets that look just like a news organization but i really lie factories. the point being, while terrifying subject, is not so cut and dried. so i implore you judges to withhold judgment at least until we are to up here and also in the not unlikely event that i
10:25 am
myself should look out something objectionable. your honors, please do not hold me in contempt. [laughing] not necessary. i have children for that. [laughing] and with that matt asked you to create this extremely distinguished panel. [applause] i won't take time to introduce them individually but there are their the names and, of course, you can also consult your scorecard scorecards. susan page, i will start with you. congratulations. in due course i'm going to get into the trump situation but can we first contextualize a little bit? running against the press as the president has done and is doing, is that some sort of new
10:26 am
invention. you have seen this movie before come have you not that's right. thank you very much. i will answer your question the first i want to just express appreciation to the judges for your public service to one of the things the last two years is reminded us i think is the imports of institutions and legitimacy of institutions of which you all play a big part. this is the six president i have covered and all of those president hated the press. about the press was unfair and inaccurate and didn't give them credit for the good things they did and didn't understand how hard the job was. the previous five presidents i think at the core recognized even the press they didn't like as a crucial part of making our democracy work. something that was important and needed an legitimate, whatever our weaknesses which are considerable as you just detailed, you don't get the same sense i think from this
10:27 am
president. i think the phrase enemy of the people is the best example of that and i think you don't see the president at least acknowledging that the press has a role in making our democracy strong. quite the reverse. the biggest, a rally with the president used in just before the midterms and his biggest applause line was when he denounced us as the fake news. he didn't create the dilemma the press have, were not created by trump including the erosion of faith in the news media but he has certainly exploited them and exacerbated them. >> all right. this what the rest of you are supposed to chime in. chime in. [laughing] >> i mean, i've been in the shows as well and i will say i have never, i been a lot of dangerous situations for work. it's the job. i'd never been in a situation where an entire arena full of people have turned to scream
10:28 am
hostilities. and it's, it has changed the way we do our job every day. i'm in the white house. most days. and i now and i know others feel this way look both ways when you leave the white house because you don't know anymore. it has changed. it is made a sense of fear in being a a journalist and coverg the white house. not in a war zone. i'm in the white house. very real. and my fear, we can talk about the foundation of democracy and all of those things and what is at stake right now, i also have a very real fear that with this someone is going to get hurt or killed. >> they already have. >> yes, yes. >> i would say, if i can shine in -- >> i didn't mean you, frank. i mean everyone else. [laughing] >> i'm glad to be here as a potted plant. this does go back. we covered ronald reagan together.
10:29 am
and jim and the media have long been targets and picking points but it was also reagan went to moscow and in the midst of the evil empire talked about the benefits and the values and the virtues of the free press. and you're right, all presidents hate the press and the elusive because we are annoying and nesting and often wrong. one of the big mistakes we make is we failed to have a sense of humility about ourselves when we speak about ourselves. because there is unfair reporting and is sensational reporting and a lot of other things but it's also amazing heroic, demonstrably historic reporting. one of the big challenges to us now is to find a way to explain and defend and convey what it is we do without sounding self-serving. because we have to educate the public. because what i fear is this campaign has been so thorough, so long standing its notches trump.
10:30 am
this is a parade of people over a parade of decades actually that i been doing this. but the public has accepted this. it's not only a question of occasional unfairness or even bias but there's of this i do we really are enemies of the people. that is flat wrong. and we and others have to explain that in compelling but also humble ways. >> i'll just add one thing, frank. because you, susan and i all covered reagan. at the time sam donaldson was sort of the jim acosta of that time, and was known for shout out mr. president, mr. president, and reagan would is co, oh, sam. [laughing] but it wasn't the same as it is with trumpet sounds more aggrieved. reagan just sort of took it in stride. he understood what the game was, that journalists were going to shout at him, try to get them to say something at it and all
10:31 am
likely take it out of context, which is what we do for a living. if we presented the entire context would be on 24 hours a day. i guess some some of us are actually but not as individuals. so it's an interesting practice over the years. i could only cover for presidents, including clinton and bush 43. and, of course, clinton had his problems and his detractors. they all do. somebody is always digging and needling, and some presidents it better than others. trump, it should be pointed out, it's not just a real estate developer, a former real estate developer, but in new york real estate developer where hyperbole and exaggeration are tools of the trade. he has taken it into the white house. i don't think he can stop himself. but on the other hand, he is at the center of the news as a
10:32 am
friend of mine said on air, he takes everything is about him, and so do the media. and a tend to elevate him in that regard because they make it about him. he wouldn't be on the news everyday just some what he said if the news media were not putting him on. and then dicing it and slicing it and went over and over and over. >> hold that thought because we're going to come back to that very issue speech i just want to make an issue, i'm sorry. we don't all make our living by making things out of context. the recent recovery is because he is by i think any measure think most powerful person on earth. and the decisions he makes have an impact not only on this country but throughout the world. and that's why we cover him the way we do. >> that would be the case with every other president as well. >> but he's making it much more
10:33 am
dramatic changes and try to end the traditional order of the world. so that something that needs to be covered in a very aggressive wife and his challenge institutions in this country including the courts as as a matter-of-fact and with the previous presidents have not. it's really important to cover what this president is doing and that we cover it with a lot of energy and in the way we supposed to, under, with the first amendment called for and why do we have the first amendment. the idea is told government to account. that's why the founders wrote the first amendment. that's what james madison talked about in terms of writing characters and measures. so that's what we're supposed to do and that's what we're going to do. >> i think what we've learned already is that the panel, we are not all going to agree on every subject but i think we can agree as a group that hearing jim engels ronald reagan impression was worth the price of admission. [laughing]
10:34 am
when the president talks about the press and his use of this as an opposition party, he has set as against the electorate government and the very will of the people. i want to delve into that because there is this structural problem that we face, and that is a diagram of values between journalism and liberalism. there is a huge overlap. questioning authority, suspicion of big money, reform writ large, flicking a comfortable and comforting the afflicted, which is really just another way of saying social justice. dan hertzberg, journalism isn't a political party or an ideology, but is it inherently progressive?
10:35 am
>> well, you don't what a reporter or an editor who says all, everything is great. i mean, that's not going to produce a story. so as you said people to question authority, people who one of the best reporters i ever knew was i think it add h, you know, i think he was just moving all the time and doing stuff. you need people who are going to question, who do follow the money, who do that. but there is -- one, there's an element of fairness which should just be driven into you, that you got all the stuff and you sit back and say, all right, how can i be fair in reporting it? i'm not going to take the rebuttal or the comment of the person i have just written bad things about and are not going to put at the bottom of the
10:36 am
story. some reporters have been known to do. you put it up at the top of the story. and the other thing is, if you don't cover conservatives, if you don't cover that, you are missing a huge number of good stories. and to think that is a very, and you can see the difference in who are the papers i would say or news organizations like, for example, the "washington post" who i think have decent contacts within the republican party and others. that's crucial. you are only going, if you sit there and cover, i don't think it has to be progressive. i don't think that's true. i think you just had to go after the stories and you have to have editors who make sure it doesn't go too much one way. >> you've talked about covering the republicans, sort of covering the other guys, which sort of gets to the premise of my question.
10:37 am
it's more than that. it has to do with -- i wonder if this, what i regard as the big lie about the liberal media doesn't have some element of truth to it because liberals and journalists sort of look at the world through the same set of filters. >> i don't want to disagree. i think that's absolutely true. i think it is a liberal bias, all the things, speedy fascinating issues surrounding surveillance, intelligence in new technologies that if we were to cover them all with panels, this would be a conference that would last approximate three weeks, and because even i have limits to my capacity to focus on issues for that long. we have for the last couple of years been inviting scholars, activists to present shorter
10:38 am
flash shots but focus on a tightly single subject and present work for analysis that they've been doing in a way that allows us to get a sense of the range of hard questions we face as citizens and policymakers. our morning walk of flash talks covers issues from facial recognition to social media surveillance, to the global war on encryption on various fronts. i will very quickly and reduce the speakers. if you want more full biographies look to the conference website on cato.org picky will find in addition to the agenda links on the speakers names, more extensive biographies. we will begin with analysis recently passed legislation in australia that seeks to mandate law enforcement access to encrypted software, encrypted
10:39 am
messaging tools, the first of its kind but could be a model regulation elsewhere. for that i want to invite from new america sharon bradford franklin. >> thank you. i'm sharon bradford franklin with you america's open technology institute. if you're told me a year ago that i would be here today talking to you about australia, i would've thought you were joking but i'm really glad to have the opportunity to speak with you today about the law just passed earlier this month in australia and how this could actually allow the united states to look down under for an encryption backdoor. got to get the clicker working. here we go.
10:40 am
so for those of you who may not actually be already thoroughly with a long-standing encryption debate, this is about that pits security agents security. for years the u.s. justice department and the federal bureau of investigation have been arguing that their court going dark due to the increasing use of encryption. they'd complain they can no longer access many electronic communications even when you have a valid court order. many tech companies have encryption by default, and in the products and services and they simply do not have access to the users encrypted communications. the justice department and fbi want to require that tech companies guarantee that government has exceptional access, or what they now have started calling the use of so-called responsible encryption. so that they will always be able to access even encrypted messages. otherwise, they say, they are hampered in their ability to
10:41 am
keep americans safe from terrorists and other criminals. but security researchers, tech companies and privacy advocates have pointed out that this would amount to an encryption backdoor that could be exploited by others. there is no way to guarantee that only the u.s. government would be able to use any such mechanism. rather, this amounts to deliberately building vulnerabilities into products and services and undermining device security for all would harm everyone's privacy and cybersecurity. and it would create new threats that we will all be victims of criminal activity. in addition, as we explore any form at oti hosted last month, encryption protects economic security and the personal safety and freedom of journalists and individuals in rollable communities including victims of domestic violence. this debate which is been going on for years in the united states has now gone global with a quick flareup down under in
10:42 am
australia. this past august the australian government released what they called an exposure draft of its telecommunications and other legislation amendments or assistance and access bill 2018. unlike the u.s. congress, which takes months and months or more likely use before passing anything, the australian parliament managed to wrap up its consideration of the bill in a four months. following a public comment on the exposure draft, a slightly modified version of the bill was introduced to parliament and refer to the parliamentary joint committee on intelligence and security, or pjcis. which open a new public comment. my organization organize an international coalition of society organizations, tech companies and trade associations and we filed three rounds of public comments on the bill outlining our concern which i'll describe in a moment.
10:43 am
the committee held a series of hearings and then just at the beginning of just last week the pjcis issued a report recommending passage of the bill with certain amendments incorporated. early in the morning just last thursday december 6, the parliament released an updated version of the bill including 173 amendments that no one had ever seen before. but by the end of the day yesterday and in parliament had passed the bill into law. so what does this trillion law actually do? as one us join, to put it, quote, the combined stupidity and carriages of the collision in labor now means any i.t. product, hardware or software, mate and australia will be automatically too risky to use for anyone concerned about cybersecurity. so we're focusing on schedule one of that australian law which is a one that is designed on my
10:44 am
the safeguards of encryption. there are also other sections about create additional privacy threats, increase our government hacking but we're focused on schedule one which relates to encryption. the law include what appears to be an encouraging statement that purports to prohibit the government from demanding the creation of encryption backdoors. i have up on the slide section 317zg says that the government may not request or require communication providers quote to implement or build a a systemic weakness or systemic vulnerability here and also the government must not prevent communication providers from rectifying a systemic weakness, or a systemic vulnerability. however, the law grants unprecedented to a threat to this joint that undermine this promise. specifically, the law creates three new and powerful tools for the australian government. technical assistance request, ,r
10:45 am
tara, tyco assistance of notices, chia yun, a technical capability notices. the request are supposed to be voluntary where as the nose are mandatory and the difference between them depend on which government official is authorized to issue a notice. all of these authorities authorized estrin government to request or demand any quote listed act or thing. that's a long list in the bill and it includes things like removing one or more forms of electronic protection that are are were applied by on behalf of the provider and also includes modify or facilitating the modification of any of the characteristics of a service provided by the designated communications provider. in short, these are powers that the man that tech companies weaken we can the security features of their products.
10:46 am
for example, gesturing government could never make the same request to apple at the fbi made in the 2015 san bernardino shooter case, that they build a new operating system to circumvent iphone security features. as apple explained in the san bernardino case, building the request of software tool would have made that technique widely available, thereby threatening the cybersecurity of other users. as we know, in the lawsuit in the u.s., united states government argued that under the somewhat obscure all of this act which dates back to 1789, they were permitted to make this demand of apple but apple supported by other tech companies and privacy advocates argued this demand was unconstitutional. the justice department ultimately withdrew its demand because the court -- before the court could resolve the question because he fbi was able to pay an outside vendor to hack into the phone. but in australia they now have a
10:47 am
specific authority to make these kinds of demands. another worrisome scenario is that australia may seek authority in the same way that the united kingdom is looking to use it. just last month the uk's gchq which is essentially the uk nsa, put out a proposal. under this proposal tech companies would be asked or required to add gchq as a silent participant in into and encrypted chats and the tech company would suppress the notification to the user. they argued that quote you don't even have to touch encryption to add gchq as a ghost user inside the encrypted chat. so there are several of the threats posed by the new australia law approach to
10:48 am
encryption. and our coalition, in addition to explaining the breadth of the new parts created by the bill we also addressed three of the key concerns. first, the law lacks any required to for prior independent review or adequate oversight. many features of australia's new law such as the authorization of notices were modeled on the uk's investigatory powers act that was passed in 2016. the uk law also raises threats to get your security and human rights but section 254 of the uk's act does require the judicial commissioners must review and approve proposed technical capability notices before they may be issued. although we still have questions about the adequacy and a dependence of this review under the uk law, australia's authority poses even greater threats threat to cybersecurity and individual rights because is no provision requiring any type of prior let alone independent review. in addition, australia has no
10:49 am
bill of rights. so while the procedures to which tech companies, while there are procedures to which tech companies may challenge government request and orders, these challenges will be more difficult. tech companies will not have the same legal argument available based on protecting individual rights as they would in countries like the uk and the u.s. second, requires undue secrecy. although the law requires the physical transparency reporting by the government, and permits the statistical reporting by tech company is, it also includes very strict nondisclosure requirements whenever the government issues a request or notice to a tech company. violation of the secrecy rules is a criminal offense punishable by up to five years in prison. and there are no limits to the duration of these gag orders such as we have here in the u.s. when the reason for the confidentiality the longer exists. third, the lost definition of
10:50 am
coverage designations communications provider is overbroad. includes anyone who provides an electronic service that is one of the more end-users and australia. so this means any tech company doing business in australia or anyone providing electronic services in australia is subject to government demand that they weaken the security features other products and services. this is bad for australia but what does it mean for us here in the united states? australia's legislation appears to be part of a coordinated effort by the five eyes alight but for those of you who may not be thoroughly with that term, the five eyes is an intelligence alliance comprised of australia, canada, new zealand, the united kingdom and the united states that dates back to world war ii. since 2013, these five nations also form a five country ministerial which is an annual convening of strategy and information sharing on law enforcement and national security issues. for the past two years the five
10:51 am
nations a focus on strategies and policies that we can encryption. just this past august, august 2018, the 55 countries released a statement on principles on access to evidence and encryption. in that statement includes that if these governments continue to quote encounter impediments in their efforts to access encrypted communications, they may pursue legislative mandates for encryption backdoors. the very same month that statement came out, australia released the exposure draft of its encryption bill. so now australia's law can provide the united states and other governments with a backdoor to an encryption backdoor. australia now has the authority to compel providers to great encryption backdoors, and once providers are forced to build weaknesses into the products, other governments can exploit those weaknesses. i've only make an example of apple versus fbi.
10:52 am
now if australia issued a technical capability notice to compel apple to build a new operating system to circumvent iphone security features, which is what the fbi demanded in the san bernardino case, then if apple complied and built that system it could no longer argue that it lacks the capacity to turn over data to use government in similar cases. similarly, if australia forced facebook to read your what's at encrypted chats to be accessible in response to australian legal finance, those chats would also be vulnerable to other governments demands. finally, there's the course also visit the us government could simply seek to expand its own direct authority by pointing to australia as the new model for quote responsible encryption legislation. so whether it's as a pathway or as a model, yes john law creates risks to cybersecurity and privacy that extend well beyond australia's borders. thank you.
10:53 am
[applause] >> thanks so much, sharon. next up, the french philosopher is known for his analysis of the tight link between surveillance and training or discipline. his book, , usually translated n english as discipline into punishment is in french -- which could be equally meant to surveilled and to punish. so very naturally close monitoring is always a key part of training and indoctrination, no surprise children are often closely monitored as we're teaching them that it's perhaps an inevitable part of raising
10:54 am
children safely that it also means we need to worry about whether we are training them for compliance. as a technological capability to monitor children ever more closely becomes both a reality and widespread use, i often wonder whether we are preparing children to accept as normal a world in which everything they do is constantly scrutinized. to look at one aspect of that social media service posted on what to invite rachel levinson-waldman of the brennan center. >> that's the perfect introduction of becoming like exactly to the point you're the end of my presentation again my name is rachel levinson-waldman, at the brennan center for
10:55 am
justice. i'm going to talk about today social media surveillances and especially take toasted. to start this off on what to talk for a moment about the prevalence, the deep saturation at this point that kids have online. according to a pew internet study from last month, 97%, 97%, of 13-17-year-olds in the u.s. are on at least one major online social media platform. 95% of american teens have access to a smart phone, phone, and 45% say they are online almost constantly. so there is clearly a lot of content out there and a lot of time that teens and even younger kids are spending online. and with that come social media presence comes social media monitoring. these tools are sold for a variety of purposes. they are sold as preventing bullying, , preventing school
10:56 am
shootings, potential suicides and other online threats. maybe not surprisingly they are also big business. so spending by public schools nationwide on nine major social media auditing companies. you can see here and you can see there's some spikes, you know, some mountains and valleys. but overall it's is pretty massive increase in spending starting in 2010 and going up to the spike spikes in 2015, again and 16, 17 and this big spike in the summer 2010 potential he driven by the shooting in parkland, florida. the public school districts are spending more and more money on automated social media monitoring tools. this is similar reflected by keyword searches. so searches for social media monitoring in contrast between public schools and private companies and again showing these spikes over the last several years, really
10:57 am
significant increases than the major spike in 2018. so increase in a lot of public money is been spent on these services. based on these statistics you might think that schools are getting more dangerous. but, in fact, the opposite is true. schools are actually getting safer. while it's true this country has a unique risk of school shootings among developed countries and while a single shooting or even a single serious bullying incident is one too many, the overall crime decline in this country holds true in schools as well. the odds by k-12 student will be shot and killed at a public school are about one in 614 million so by way of contrast, the artichoke you are one and 3400. in 1995, 10% of students aged 12 to 18 reported being the victim of a crime at school in the
10:58 am
previous six months in the 2015-2016 school year, just 3% of students did. so in that 20 20 year timeframt went from 10% down to 3%, a pretty major decrease. in general of the lasted decades less than 3% of youth homicides and less than 1% of youth suicides have occurred at school. of course part of hope with social media monitoring may be able pick up risks of the school grounds as well but any measure school is a pretty safe place to be. the one state in the country that has legislative social media monitoring is florida. i'm sure everyone here is the may with a shooting in parkland, florida, last february when nikolas cruz, a former student and marjory stoneman douglas high school shot and killed 17 students and staff members, and injured 17 others. in the wake of that shooting the florida legislature passed a law that included the creation of an office of the state schools within the state department of
10:59 am
education. that office is required to coordinate with the florida department of law enforcement to set up a centralized database to facilitate access to a pretty wide range of information including social media data. the legislation also established a public safety commission which recommend the development of protocols around social media monitoring. doesn't look like that collection has become quite yet but it is likely to do so in the new year. as it turned out nikolas cruz actually have posted online about his intentions before the shooting. and people have taken notice. he was reported to the fbi and local police at least three times for disturbing post. one call to the fbi warned that he might become a school shooter. shooter. and a separate call flag youtube post in which the user had said they wanted to become a professional school shooter pickup of the poster wasn't identified as nikolas cruz until after the shooting.
11:00 am
while you were warning signs on social media, wasn't the case that the district was flying blind. people were seeing those warning signals and were trying to act on them. what really failed though students wasn't a failure to see those posts. according to a review of the school district action that came out in august it was more that the district itself had failed at nearly every turn to provide nikolas cruz with the educational and support services that he needed. .. could catch one future suicidal student, why not do it if the stakes are that high. what is the harm? there are a lot of reasons to
11:01 am
be cautious about this kind of monitoring. the first is a real concern about the accuracy of social media monitoring and this plays out in a couple ways. one way these tools could be inaccurate is they are likely to pull more information. by way of example police in jacksonville, florida set up a social media monitoring tool to search for key words related to public safety that might indicate the risk of criminal activity. and one sort of bomb threat will turn it up. it turned out there when obama threats flagged online. things like pizza was the bomb and photo bomb. a lot of stuff coming in.
11:02 am
it is under reach, the kinds of risk social media monitoring tools would like to find are not going to appear online at all. nicholas cruz posted online about his intentions, it is not clear what the extra value of monitoring software would have been and to some extent he was the exception, the brennan center did an informal survey of major school shootings. that is a category, major school shootings since the handy -- sandy hook shooting and only one other perpetrator according to the public reporting had put up social media postings that strongly indicated an interest in school violence and that was the shooter in sandy hook. he had posted a discussion forum about the columbine high school shooting and operated accounts named after school shooters.
11:03 am
these postings were not a secret. fellow users were able to see these and they may not have known whether to take this seriously but it is hard to imagine that now these would have been reported directly to authorities. we saw them with nicholas cruz that is exactly what happened and the individual concerned users would support that. the online profiles of other shooters in major school shootings which usually get a lot of reporting after the fact don't show anything that would flag them for an automated tool. the perpetrator of the 2014 shooting in oregon had a facebook page showing he liked first-person shooter and military games like call of duty and also various gun pages. in retrospect these seem like warning signs of something going on but the official
11:04 am
facebook page has 24 million followers. the remington arms facebook page has 1.3 million likes. setting up a red flag about every single person who enjoys these pastimes would create a huge quantity of noise for very little signal. finally, automated social media monitoring tools have built-in shortcomings. i will flag a terrific report from the center of democracy called mixed messages which does a lot of research on this and as their research shows automated bartering tools work best when the posts are in english and the tools are looking for something very concrete. they can be fooled by lingo, slaying, pop-culture references, things like that. the best example is from the 2015 trial of the boston marathon bomber. during the trial the fbi produced several quotes from his twitter account to try to
11:05 am
show that he was an extremist, not just following his brother. he had tweeted and this is something that was brought up, a quote that said i shall die young which may be was suggesting something about his intent but also a quote from a russian pop song and he linked to the pop song in the tweet, but the agent didn't click on the tweet to see if it was a song lyric. of the quotes were from jay-z songs and south park episodes among other things. social media is considerably in textual. neither automated tools more human analysts are great at parsing that out. the second concern is the risk of discrimination and this comes in two forms. the first is that keywords themselves, the tools will be
11:06 am
set to flag on will be discriminatory. for instance the aclu report found when boston police department set up social media monitoring tool the hashtag flagging included black lives matter, ferguson, muslim lives matter, and the arabic word for community. these words are not signs of a public safety threat so these tools are only as good as the people using them and there are a lot of ways to use them to further something discriminatory. the second is the risk of discriminatory impact so whatever keywords are flagged there's going to be a huge discretion in what is done with the results including which students are brought in, who is punished by the school and who is subjected to criminal justice consequences.
11:07 am
we already know that students of color at every level of schooling experience harsher discipline than white students even for the same infractions and when they commit infractions at lower rates than white kids. there is a real concern that social media monitoring can contribute to the school prison pipeline. i suspect arc met mohammed, the muslim teenager who brought the clock to his high school was arrested on suspicion that it concealed a bomb. he was well-known at his school for bringing electronics, tinkering, fixing other people electronic said he told his teachers and the principal repeatedly that it was in fact a clock. which raises suspicions that the scrutiny he was put under and his ultimate arrest was grounded in islamohphobia. of former fbi agents going through student social media accounts on the basis of anonymous tips. the district ultimately expelled over a dozen students
11:08 am
on the basis of what he found online. 86 of the students expelled were black even though blacks made up only 40% of the student body. not surprisingly where people are mistakenly identified as posing a threat because of social media posts the consequences can be serious was one connecticut teenager posted a picture of a toy gun that resembled a real rifle. in his words and ask laney why he put it up he thought it was awesome and he knew his friends would also think it was awesome. another student saw the post and was worried about it so reported it to school officials. this does not strike me as a crazy thing to do although if officials had googled the name on the side of the gun, they would have seen that it was a toy gun even though it did bear a resemblance to a real one. instead of discussing it with resolving an issue, potentially with some lessons about responsible social media use and thinking before you post, he was not only suspended for
11:09 am
the day but arrested for breach of peace, a misdemeanor offense. because it is so hard to reliably pinpoint individual social media posts that actually indicate some kind of live threat monitoring companies have kind of a purpose incentive, and incentive to sweep up everything so they can assure their customers they will spot that needle in a haystack and at the same time have little reliable way of gauging their effectiveness. of 2015 investigation by the christian science monitor revealed none of the three major school social media monitoring companies head for metrics for measuring effectiveness. at least once said we know we succeeded when we get a call from the school saying we found something interesting. it is a perfect storm for a mindset of more more more. at the same time parents and
11:10 am
students often know very little about these tools was research shows social media monitoring companies may assume students are trapped by virtue of posting on public sites, students more often believe companies are prohibited from sharing personal information with third parties. there is a real lack of information how these programs operate. finally, this goes to julian's point at the beginning it is worth thinking about what it means for students to be under constant surveillance online. as a practical matter they may stop posting or posts more private forums which will blend any effectiveness these tools would have had. more concerning the it teaches students to expect surveillance or anticipate an authority figure's opinion is react
11:11 am
accordingly. you might for students worried about citizens roles and democracy to know they are under that surveillance all the time and to be acting accordingly so what does this mean? at the least, a people who wil those. thank you so much. [applause]
11:12 am
>> that does remind me i have an acquaintance who is a science fiction writer, more optimistic view of this. we are training our children to develop habits of sophisticated counterintelligence tradecraft just to be able to have a normal childhood so the next generation will be sophisticated about this. focusing on privacy and public in a sense, the myriad ways of walking down an ordinary city street, being observed in ways we may not recognize but also existing networks can be
11:13 am
transformed in deep ways by existing infrastructure becoming a platform for new methods of monitoring. the first of these is an examination of camera networks from the government oversight. i have -- >> thank you for having me here. i am a senior counsel at the constitution project of pogo where i focus on surveillance issues and i'm excited to be talking about facial recognition and aspect of facial recognition, how cameras in various aspects can empower and grow facial recognition surveillance into dragnet's. a quick start about
11:14 am
surveillance itself. it is no longer a sci-fi technology, minority report we will see in the distant future. it is happening now. the fbi conducts 4000 facial recognition searches every month on average. a quarter of all state and local police department, conducting facial recognition scans as well. customs and border protection has a biometric exit program that uses facial recognition for outgoing flights they plan to spread to airports in general and seaports and airports across the country and ice is looking to buy facial recognition technology as well. that is the state of facial recognition. it is alive and real surveillance threat. facial recognition depends on three key factors to be a powerful force for surveillance. first you need a database of photos identified with people, they have half of all american adults in the database and
11:15 am
powerful software technology that can scan across hundreds of millions of photos and scan faces rapidly. lots of companies are developing this technology, the government is as well as what i want to focus on is you need a network of cameras you can tap into and use to see people's faces everywhere all the time. there are four areas with potential to build these cameras. government surveillance cameras, police body cameras, third, privately owned security cameras and last, social media photo databases. let's start with government surveillance programs. a decade ago, richard daley said he expected to have a police camera on every corner. i want you to keep that in mind as we talk about american cities, let's go where we truly have cctv photo dragnet and
11:16 am
where it achieved big brother status in china. china is the most powerful network we can see in the world, the country has an estimated 200 million government run surveillance cameras in the country and the effects of this are quite profound. if you look at cities these networks are incredibly dense and powerful, beijing maintains 46,000 cameras that blanket the city. state media and police in beijing boasts this network allows them to have 100% 100% coverage of the city and to see everything going on. this can have powerful impact for facial recognition so recently they tested the system, he went to a city of 3.3 million people, gave his photos of the government to be inputted into the system, finding cameras and systems, the automated facial
11:17 am
recognition software tracked him down and found a ministry of 3 million people in a mere 7 minutes. so that is surveillance cameras at peak but it is also being instituted in large cities like new york, chicago, washington and los angeles. in new york there is a cctv network hub called the domain awareness system. you are networked into a centralized hub that can be subject to real-time viewing analysis and other tools, facial recognition could become one of those in the future. oakland, this would have hooked up average all across the city, used by government for involving everything from port authority to cameras outside schools, smaller cities such as st. louis and new orleans have
11:18 am
mass networks and centralized hubs and the city with the largest by far cctv network in the united states is chicago, chicago is the closest to achieving big brother stats. right now chicago maintains a police surveillance network that is 30,000 cameras in the city. this surpasses the level of surveillance you will see in china although 30,000 cameras in chicago is less than those in beijing. if you look at areas of density for cameras the 128 cameras per square mile, the average in chicago is far higher than that in the beijing dragnet. this can have powerful effects for facial recognition it is starting to in america. we are seeing this in orlando which is running a pilot program with amazon's real-time recognition, facial recognition
11:19 am
program. this works, you have cameras scanning throughout the city, they will try to scan faces, find people, identify them and flag any persons of interest whatever persons of interest means. that is government cctv. i want to look at police body cameras, the area of greatest risk in terms of establishing video surveillance dragnet's in the united states. the simple reason for that is body cameras are becoming incredibly popular in american police departments. the largest body camera producer in the united states has half of american largest cities, not a huge surprise because they offer body cameras for free so long as you use the video storage system. studies from recent years of police department indicate 97%
11:20 am
of the largest police departments in america either have body camera programs in place or if they don't have them are planning to build them in the future so this is a universal phenomenon of police wearing body cameras, that being a common thing you will see as beat cops walk by. why is this a big deal for proliferation of government surveillance cameras? cities have lots of police. and average localities have 16 to 24 police officers for every 10,000 residents. this gets much higher, plenty of cities have 40 officers for residents or more dcs over 50. if you look at area density you can see some cities are populated with police officers, ten cities have 20 police officers per square mile. topping the list is new york city which has 100 police officers per every square mile.
11:21 am
in terms of facial recognition we have seen a little bit of progress. axon backtrack on a plan involving facial recognition, they acknowledge this tech is very flawed so they scrapped plans that might have happened as soon as this year to put facial recognition in the system but not all vendors are taking the cautious approach. them charge facial recognition and body cameras and only a matter of time before companies are satisfied it is good enough for their work and begin to institute it. dp describe their interest in body cameras by saying by putting facial recognition in body cameras one day every cop in america would be robocop. this is very worrying because virtually all police departments are charging ahead with police body cameras, very
11:22 am
few are sitting and standards for facial recognition. according to a scorecard of body cameras maintained in the leadership conference, basically no cities that operate body camera programs have effective role in facial recognition, many many cities that are not acting with appropriate standards. next i want to talk about private surveillance cameras and capacity to build from them. co-opting private surveillance cameras is similar to cctv. another way the government could potentially, surveillance networks, do so with very little work, without the infrastructure and at a fraction of the cost. we may not have the $2 million china does but america has 30 million privately owned security cameras throughout the country. given potential to tap into these instead of building your own cameras, no surprise
11:23 am
government may want to turn this into this. as a quick aside a couple cameras are amazon's ringing doorbells, video doorbell system. just last night news broke amazon had technology to build facial recognition into those doorbells and connected to police networks and notify them when anyone suspicious came up. another fun innovation from amazon. police departments are not just thinking of this idea but proactively soliciting owners of private security cameras, asking registration of security cameras and asking them to engage in formal agreements whereby those cameras can be accessed and readily used by law enforcement in video surveillance networks but i mentioned new york before and domain awareness system they have that allows real-time streaming of video cameras. of the 6000 cameras connected to new york's network two
11:24 am
thirds are privately owned cameras that have agreements in allowing the police department to use them. washington dc and a lot of cities offer incentive to try to get people to hook up their surveillance cameras in police networks. so here, for example, please purchase security cameras and connect them to our networks. we will pay you to do this. excellent use of emoji's. that is privately owned security cameras. it is similar to government cctv, network of stable carriers that provide video dragnet that has facial recognition but another way to build it out and a severe risk given we don't have the option of stopping government in fraction, building these cameras, they are already there, just worried potentially about having law enforcement tap into them. i want to talk about social
11:25 am
media photos. this is a different vein, not talking about cameras taking images but images that are being stockpiled. nonetheless social media photos are potentially the greatest risk in terms of surveillance photo dragnet that could be used, co-opted by government for facial recognition and that is because of the sheer size of these photo databases. we have seen facial recognition used for social media to a limited degree, a few years ago they got caught and admitted they ran social media through facial recognition technology during protests in baltimore to find individuals with outstanding warrant and directly arrest the crowd. and they blocked and shutdown access to their services. it is important social media companies continue to be vigilant to limit their api to
11:26 am
prevent photo databases from becoming a means of government surveillance and facial recognition surveillance. it is important companies think about data harvesting on their platforms. and court orders and getting through those means. we've seen this in the recent past. a couple years ago, complied with the court order asking to scan the databases. it is hard to imagine a similar court order. we have google talking about surveillance transparency, these companies maintain very large photo databases, google has 2 million users storing photos in its cloud photo
11:27 am
service including 24 billion selfys, facebook has 350 million photos uploaded every single day. it would be great if these companies continue to build out fantastic surveillance to think about including a warrant canary for facial recognition so the government is come with, scanning all photos for facial recognition purposes, look at the heads up and be able to start acting. with that i want to conclude by talking what actions we can take if we see these activities and how to respond. there is a lot of potential at the local level. oakland had a proposed domain awareness system connecting government cameras into a hub. this was a great success story. when they found out about this, organized, got very mad, talked to the government about it and got it shut down. we can see that if we take
11:28 am
action and i want to give a shout out to a great program, and efforts to improve transparency and limit surveillance in cities across the country. i'm sure the campaign goes on, doing a lot of great work to limit video surveillance and limit surveillance tools like facial recognition being built into cameras. and we talked about government cctv, they come from the federal government. doj funded them, orlando which is running a cctv real-time facial recognition network received funds from the department of justice. it would be great if in the
11:29 am
future they hand out fund class for cctv surveillance network space that you cannot use this for facial recognition were strict guidelines on how it could be used. dhs funds surveillance cameras for cities as well, this is another opportunity where sitting strict guidelines and limits could be a very effective way to be turned an doj, you need to put effective rules and guidelines and limits to protect privacy before we give you this money. those are actions we should take. it is important we take them now because we are approaching a point that we will be much like the bbc reporter tracking down through automated computer
11:30 am
system being monitored so thank you very much. you can read about our work, looking forward to the rest of the conference. [applause] >> classic surveillance that makes sense, mechanism of power, jeremy benson, they know they are under observation. they can be seen with public networks of cameras, one of the things we can do in order to encourage people to react to changes happening around them is be aware of them. to try to help people recognize
11:31 am
the ways the public is exploding around us. >> thank you for having me today. my name is dave maas with electronic frontier, if you are not only with who we are we are based in san francisco and have been here since 1990 and we exist to make sure our rights and liberties continue to exist as our technology advances. i work on the surveillance project, which is transparency and public awareness, deploying in the communities and a lot of
11:32 am
times the work looks like filing public records requests. for example with eff teams up with the organization to file hundreds show how uc berkeley requests with protesters or file public records request with the district attorney's office to get a spreadsheet with geo locations of every surveillance camera in their database similar to what jake was talking about and this is a problem because too often our work looks like this. we are checking public records that people saying here are some documents on document cloud or here is a white paper
11:33 am
we wrote or 3000 word blog post or even worse me standing in front of you doing a power point presentation and if we're lucky i have a funny cartoon to go with it, we don't have one today. really come our work should look like this to the public. i would contextualize within their communities. if i could i would run a walking tour company where i could take people around and show them the various surveillance technology around them. i'm a very busy person and i don't know that during tour groups is the most effective way to get the message across. however maybe this concept can transfer over to something like virtual reality. taking a step back, look at virtual reality and law enforcement technology police are working on virtual reality so this is a company out of georgia called motion reality
11:34 am
that has a space where police officers put on virtual reality helmets, given real fake electronic firearms and wired up head to tell and they run scenarios and that can be played back so they see what they did right a wrong. one of my favorite things is they are covered in electrodes so if they are shot they get shocked, immobilized in that part of their body. there is a company that has taken one of these oculus goods and modified it to work as a replacement for field sobriety tests, so the flashlight thing would happen. then there's the surveillance aspect. this is something that is a little camera, a swat team officer might check that into a hostage situation and somebody could sit outside virtual reality looking around before they could go in and recording
11:35 am
a 360 view of everything going on. what can we do on the other side? i will give you quick background, brief history of our organization. this is one of our founders, a lyricist for the grateful dead and the digital pioneer and he wrote an essay in which after he had gone and visited the early vr companies he came back and was amazed, he thought it was like psychedelic experience. he thought a lot of things were psychedelic back then because he was on psychedelics quite a chunk of the time but he was excited. this was the next big thing, welcome to virtual reality, through the looking glass, now we will jump 25 years because not a lot happened since then but in 2015, we saw vr start to move toward the mass commercial market, the oculus rift, the playstation, they came out early 2016 and for our
11:36 am
organization there were two questions. what were the digital rights implications of virtual reality technology on our society and what is the potential for virtual reality is an advocacy tool and educational tool? what i think is for privacy elements, the intercept had a great piece in 2016 about hypothesizing that virtual reality might be the most varied kind of surveillance with regards to the internet, yet. i agree with this. a lot of the concerns i was having, we were talking among ourselves and haven't seen it floated publicly. the reason is biometrics. virtual reality tends to rely on our physical characteristics to function so on a very basic level that is how your head is moving, the distance between your hand and your head, how
11:37 am
long your arms are, if you're left-handed or right-handed but even something as simple as how your head is moving in a virtual reality environment can be correlated to mental health conditions. more advanced the art technology is starting to involve devices that manage that or track your riser map out facial expressions and that is another word of biometrics and one of the creepiest things is when you have companies that in order to gather reaction of biometrics are throwing stimulus at you in a quiet manner without saying why so they can find something measurable in how you respond. we will not get into augmented reality but that will also present more problems because a lot of devices are scanning the world around you to produce content. something interesting that came up as well, there was a research study by the extended mind of pluto vr that found current state of play, 90% of vr users are taking steps to protect their privacy whether that is adjusting facebook
11:38 am
settings are using an ad walker and 3 quarters of users were okay with companies using biometric data for product develop and the overwhelming majority was very much opposed to that biometric information being sold to other entities. as far as vr advocacy tool we were not the first to try this. planned parenthood has an experience called across the line that puts people in the position of a woman trying to seek reproductive health services at a clinic that has a lot of angry protesters. peta has a couple experiences they take to college campuses and other locations where they challenge people to step inside a factory farming situation. what is it like to be at a factory farm. there are groups in massachusetts that worked with the united nations environment illicitly to do virtual reality
11:39 am
visualization of data on air pollution and they took that and ran it through a bunch of un delegates in nairobi. that brings us to the surveillance project. at its base a virtual-reality experience that uses basic stimulation to teach people about the spying technologies police may deploy in their communities. starting to pursue this in the early stages he had considerations, we want a meaningful advocacy experience, we want to not collect biometric information, we wanted it as an organization to make sure it worked on multiple platforms and not just oculus store. we wanted to function on a modest budget because we are a nonprofit and not sony. when i say meaningful advocacy we didn't want to rely on the novelty factor. you can take anything and put
11:40 am
it in vr and be like this is amazing regardless of what it is but we wanted to make sure we were presenting research in a way that only vr could do and we didn't want people watching a movie in vr, we wanted them to interact with the world and be challenged by it and learn information that even though they were experiencing it in a virtual world we wanted to carry it back to the real world so the concept, once you put the head set on and people have demos during the lunch break but put it on a street scene in western addition neighborhood san francisco where there is a police encounter between a young citizen and two officers and look around and as you find something you get a pop up and voiceover explaining what it is, not how quickly can you go through it and scored points about surveillance technology but an educational tool. and can we do a virtual-reality
11:41 am
experience? and do it the first time? maybe we can do other things down the road. number 2 is to educate people about the surveillance. then we also wanted to figure out where they are in the community and finally we had this thought that police encounters are a stressful situation, protests are a stressful situation, things move very quickly but it can be useful for people to take note of what surveillance technology they saw so by putting people in a simulation in a controlled environment where they gain practice looking for these technologies it might carry over to higher stress situations. we decided not to go with computer-generated environment and just go with a 360 ° photo. this, you can see right here on
11:42 am
the screen has two concave lenss, one on each side and captures just beyond 180 ° on each side and stitches from together. if i used it right now you would get all of this, all of this, the only thing you might not get is just the very base of the tripod underneath the camera. this gets what people refer to as the uncanny valley when it comes to video games. the more you try to create a realistic personal realistic environment the more creepy it is to people but by using a photo with a real scene with a few things photoshop did it bypassed that together. this is what the photo looks like that we took. once you're in virtual-reality, it wraps all the way around but you see a scenario going on and you can see at the bottom this is what it looked like, you don't see this in the game, this is a behind the scenes exclusive. we were just hiding under a
11:43 am
longer version of this, hiding outside the police station hoping police would come outside and eventually they did. it being san francisco they didn't question two people with a weird piece of technology on the street which is great because it was the perfect shot for us. those who don't have a chance to try today this is what it looks like. if you look at the body can you get a pop-up that explains what it is and has a voiceover. it is a visual medium. we didn't wanted to just be that you have to be fully sided to learn from this experience so if you are unable to see out of one eye or you have limited visibility you have a certain amount of awareness, you can go in and learn things through audio. we did our beta launch on november 5th him of the internet archive at the national hackasans.
11:44 am
i think for the most part we are looking at having tables like this. it this point not a lot of people have these devices in their homes even though this one just dropped to $200 recently. not a lot of people have it but it is him to take the conferences, we can have our grassroots activists visiting community groups, bringing it with them like they bring one pagers or brochures, they can bring one of these. and we run through 500 people in the last month which if you think about in terms of an activist organization if you send 7 to 9 minutes with some but getting them to exclusively focus on surveillance that is a lot of time. it was available on the internet. something i found gratifying is portland, maine is as far from san francisco as you can get while being in the united states but there are hacker spaces that are trying this
11:45 am
out. we started to see social media respond to it as well. vr tech, i went spinning through my apartment springing spy satellites, lol sob is what we were going for. i feel pretty good about that. next step for us, we are still in beta mode so we will continue doing demos to gather user feedback. we will improve the appearance, one thing is sometimes there might be a tweak in the language and then everything breaks so sometimes we have to fix them and get everything stable for in april 2019 launch. once we have that we will send it to communities or come up with educational curriculum so
11:46 am
teachers do it but then we have to look at what was the next version of the project? we have a few ideas. let's do an internet of things version, home office where you look around and see the printer and ways you might be surveilled through your devices or maybe we do one where not everyone is into san francisco and want to know what it is like in iowa or new york city so build the same thing for various areas or just abandon vr altogether and go on to ar and have a way for people's phones to project things for them into the world. these depend how the technology developed in the interest we get into it and whether there is a return on investment and what grants there are. it is a new world. we don't know where it will be in a year or five years but i can tell you i know where it will be after lunch time and that is just outside the lunch room where you can try it out, i have two devices and i will show you how the camera works and that is all i have. if you have a head set or went to play around with your
11:47 am
computer browser. [applause] >> a concept called the texas tech, the idea that playing games on pattern recognizing behavior, it spills over into -- those who play a lot of tetris, think about how it fits together. the assassin's creed game, reliving a simulation of ancestors live takes on superhuman murder stealth abilities and that seems unrealistic and undesirable but it might be desirable to imagine a population that teach about spotting surveillance technology, a more useful version. back to the question of
11:48 am
encryption, as we heard from franklin earlier, law enforcement has been complaining that the spread of encryption causing them to go dark, making it more difficult to do electronic surveillance of communications, a fascinating report from the center for international studies that points out that there are a lot of difficulties law enforcement is having with intercepting electronic communications but doesn't have a lot to do with a need for backdoors and there's a lot of low hanging fruit that we are to examine before we talk about legislating breaches, platforms for breaches and the tools we rely on to secure us. i want to invite jen to talk about that.
11:49 am
>> thank you, jillian, thanks to kato for putting on this excellent conference. the focus of my talk today is the range of challenges that law enforcement faces in accessing digital evidence separate and apart from the encryption related challenges and this report that i worked on through a co-author under the auspices of the center for strategic and international studies but the debates about encryption will continue but it was, is and is emphatically more so our view after writing this report and working on this report that encryption has taken up so much of the limelight there are a range of
11:50 am
other challenges law enforcement faces that need to be dealt with and they can be dealt with relatively easily and need to be dealt with now. so, these challenges will continue no matter what happens with respect to encryption, no matter if there were a clear decryption mandate, there would still be other ongoing challenges that need to be dealt with. as our title low hanging fruit indicates these are problems that can be relatively easily solved. not completely, nothing in this space ever leads to a complete solution and we make a mistake if we assume that we are seeking a complete solution or trying to illuminate totally the friction in the process. some of that friction is healthy but some of the friction is unnecessary and collectively harmful to security and privacy and minimizing that friction is not only a laudable goal, but one
11:51 am
that is eminently achievable. to that point i will note the report that was endorsed by a number of individuals and groups and entities, endorsed by former cia director john brennan and general counsel ken weinstein, and the former boston commissioner, the assistant attorney general for national security david chris, it has been praised by a number of groups and providers and several providers introducing reforms consistent with what we called for in the report. now that i have given you the hard-sell i will spend the remainder of my time talking about the substance and the methodology we used in doing this report, a little about our findings. this report stems from a years worth of research including a series of qualitative
11:52 am
interviews with state, local and federal law enforcement officials, prosecutors, representatives from a range of different tech companies and members of the civil society community. it involves a quantitative survey of state, local and federal law enforcement officials and survey results are notable, you can read a little bit of this. the survey, found difficulties accessing and utilizing digital evidence in a third of their cases. we believe that problem will only continue to grow as digital information becomes more ubiquitous and digital evidence is needed in a couple investigation. this chart shows the response to the question what is the biggest challenge your department encounters when using digital evidence and accessing data from service providers was ranked as a key
11:53 am
challenge among our respondents, separate and apart from questions, identifying which service provider has the data reported as the number one challenge, 30% of respondents ranked it as the biggest problem. obtaining the data once it was identified was reported as the number 2 challenge, 29% of respondents ranked as the number 2, as their biggest challenge. accessing data from a device was 19% the biggest challenge they faced and collectively, analyzing data from devices and analyzing data from providers disclosed for providers which are two separate things combined 21% said that was their biggest problem. this is important because these are problems that can be fixed or at least largely reduced without huge changes in the
11:54 am
system but with more resources and more dedicated systematic thought to addressing these problems. to the extent that law enforcement doesn't know where to go to get data of interest that is a problem that can be solved with better information flows and better training. to the extent law enforcement faces challenges, that is a bigger challenge and we heard two different stories from law enforcement officials in the provider community and law enforcement officials talked about long delays in getting information back from service providers, what they perceive as service providers dragging their feet and service providers having insufficient resources to respond to their needs of requesting slow walk or turn down what they perceived to be invalid circumstances. providers tell a different story, they complain about what
11:55 am
they saw as overbroad requests, law enforcement asking for things that were not available, delays being the fault of law enforcement as they were internally debating whether or not to get nondisclosure orders prohibiting the provider from telling us subscriber customers are obtained and providers holding off at law enforcement requests, turning over the data until they learned whether they had permission to tell the customer or subscriber. the data supports both sides of the story. this chart shows the request law enforcement issued to six key companies, facebook, microsoft, google, yahoo and apple over time based on the company's transparency reporting. there is no other good source of this data and not surprisingly you see from this
11:56 am
chart a dramatic increase in request over a short period of time. these show requests in 6-month intervals so in a 6-month period ending in december 2013 there are 400,000 requests to six us-based providers. by december 2017, not quite but almost doubled or increased by a significant amount, 650,000 requests in the prior 6-month period. what is interesting about this chart is the grant rates have hovered more or less the same rate at 80% so they are consistent in terms of percentage of requests or demands providers comply with but that also means the absolute number of requests being turned down with the number of exposure -- exposure
11:57 am
demands are higher given there is a bigger volume of requests so in a systemic sense, law enforcement is frustrated because they sense this bigger number of request denials whereas providers are saying we are consistent in how we are treating this over time. the chart only shows where the requests were actually made, not where they were not made because law enforcement didn't know where to go and the grant rates say nothing about the legitimacy of the requests, or rejecting the requests and there is and should be ongoing disagreement about appropriate scope of the request. this is an area where friction is not only healthy but productive and going to persist because there are different views about appropriate scopes of these requests but there is also a number of areas with
11:58 am
respect to law enforcement issuance to providers where there is unnecessary friction and some of the reduction in that friction can support privacy and security at the same time so some of the things that can be helpful in this regard are better up-to-date law enforcement provided by the providers, resourcing of law enforcement teams by the providers, better training and dissemination of that training to state and local law enforcement officers, better training of judges that review the requests subject to court order, and these have obvious security benefits, providing law enforcement more streamlined ability to access data of interest but also privacy benefits that lead to better tailor it, more privacy protective requests and as a result more tailored, more narrow requests.
11:59 am
to the extent that law enforcement cannot interpret data that is disclosed to this problem stems in part through encryption but also what we heard over and over again from the absence of technical tools to decipher non-encrypted data that was disclosed. this is a problem that results from the absence of tools to some extent and also a distribution problem. some of the bigger law enforcement entities would have access to appropriate tools that it was not disseminated to the 18,000 state and local law enforcement entities that exist around the country so despite what appears to be pretty clear need and pretty easy to identify solutions with respect to resourcing training and dissemination of tools, the sole federal entity with explicit mission to better
12:00 pm
facilitate cooperation between law enforcement and providers is fbi national domestic communication, it has a budget of 11.4 million this fiscal year and that, spread out among several programs designed to distribute knowledge of service providers, policies and products, develop and share technical tools, train law enforcement, maintain a 24/7 hotline ctr. and other initiatives. .. when you consider there's 18,000 federal, state and local entities across the country. that's just a number of entities, not the number of individuals working at those
12:01 pm
entities. there are a range of state and local training centers and resources and some other federal resources that have a rosen to fill some of the scraps. but as you can see they're not geographically distributed evenly, much higher concentration on east coast, nick swaps in the middle where there's not much in terms of resources and training centers. there is no central entity for determining what's out there, what works, what doesn't and how to best allocate these resources. this gets me to our recommendations which is the creation of a national digital evidence office that's authorized and resource by congress that would fit in doj and that would do the kind of work that needed to both assess what's out there and ensure a
12:02 pm
more efficient and reasoned distribution of resources. so develop a national digital evidence post, coordinate ongoing efforts including grantmaking. a lot of different grantmaking bottoms, not well coordinated existing. rectify some of the gaps, establish and promote consistent set of standards for securing and minimizing the data that is collected. developing authentication systems to ensure that the person who is asking for the request is, in fact, in fact, title to receive that data. corn it was some the interesting international efforts that are ongoing and report to congress and remote transparency about what is, in fact, going on. we've also called on congress to authorize -- it does not have an independent authorization at the moment to authorize an adequate resource it to do its job.
12:03 pm
this would serve within the broader digital policy office we have this synergy between the technologist who are aware of what's going of the technology and are aware of what's going on in the field and the chosen field with some of the policy folks and again allow it to do what it already is trying to do but is trying to do on the very slim budget which is conduct and disseminate training, gather and to submit information about providers, people and to submit the technical technical tools, provide hotline system. we've also included a series of recommendations to providers. providers to step up some other training efforts, having a centralized body where they can go to help facilitate that. when things went from providers over and over again is we do trainings but they're such, 18,000 federal-state and federl law enforcement across the
12:04 pm
country. like a cat and mouse game. that having some sort centralized place that can disseminate the training and then lead to better more tailored request is helpful both for the law enforcement folks and for the provider folks. so provide training, maintain online portals to facilitate the request process to help also with if indication to some extent, provide explanations for rejection so they can be a dialogue, to appropriate staffing to meet the needs, provide rapid responses and what is an adequate response is going to change based on what is being requested so we don't include specific time limits but, and also maintain the transparency that providers are are redoing with respect, the big providers with respect to law enforcement data the gipper to break that down even more in terms of the categories of requests and an overtime, a range of other
12:05 pm
different, smaller categories as well. finally, this is not on here but important to think as well about providers, some of the bigger providers working with and helping develop best practices for the range of smaller providers that are increasingly coming on the market and that will have to deal with this bucket of issues as well. i will end by saying the challenges are only going to grow over time that we think this is low hanging fruit. these are structures and resources they need to be put in place now because the needs are only going to expand as we move forward and in our view this as benefits both for security and for privacy. and allows us to do something as the debate about encryption continues to rage. [applause] >> reminds me of a comment i heard from somebody who worked
12:06 pm
for a tech company, giving i confuse enough from a loyal person office of the files you sent me we requested are all encrypted. we need you to help us to crichton. that's a spreadsheet. you need to open it in excel. [laughing] the case is that use that extreme. upon receipt is very often that are automatic calls for greater authority to solve problems that often more about institutional knowledge and ability to navigate changing structures that about the need for power but that isn't always the easiest to mid-may. i want to thank our talkers and invite you to join us upstairs for lunch but i hope you'll join for the afternoon session as well, and in particular you'll stick around or if you delete, return at the end of the day when will be leading a group over to the art museum for tour
12:07 pm
of the exhibit. so please join us in thanking our speakers one last time. [applause] [inaudible conversations] [inaudible conversations] [inaudible conversations] >> this form at the cato institute will take a break for
12:08 pm
lunch. they will resume at about 115 eastern and continue with live coverage here on c-span2

12 Views

info Stream Only

Uploaded by TV Archive on