tv Politics and Public Policy Today CSPAN September 18, 2015 1:00pm-3:01pm EDT
the metadata program continued in the united states. the fact is, as many of the judges suggested in these cases, zero plus zero still equals zero. so the fact that we now no longer have land lines but cell phones that follow us around and that information records a lot more information about us, if we have no privacy interest on the numbers dialed and received then we don't have any more privacy interest because we have more records available. and i'd like to suggest this is wrong. it's not zero plus zero equals zero or bringing something into existence exnigh low as the judge put it. it's zero plus one i can't tell a bite. the amount you have on people based not just on their cell phone usage but all of the metadata we generate is significantly different than the type of information at stake in 1976 or 1978 when the case was decided. the second point is on global communications and digital storage. since the 1970s, we've relied on
the country's borders as a way to protect u.s. citizens' privacy. so higher standards have accompanied the collection of information on citizens on domestic soil under the foreign intelligence surveillance act. the problem is that our communications no longer stay window midwest i can bounds. so in 2008 the government made a strong argument that it didn't make sense any more that if communications outside the united states, if you had a bad guy in london calling a bad guy in paris, traditionally under fisa you don't need to go to the court to get a warrant but now if those same two actors use e-mail and it happens to go through the united states, the government has to go to a court to intercept those communications. a very strong argument for 2008 fisa amendments act. the problem is it works two ways. now if i'm sitting in this room and i e-mail jen and it goes internationally, now it can be collected. so data is not territorial and not bound by countries' borders in the way traditionally we've thought about privacy
protections and erecting them at the country's borders. if i make a google document with my students, it might be stored by google in their finland server. suddenly that goes international. so our traditional understanding of territorial boundaries as a way to protect privacy is no longer adequate moving forward. the third and final point i wanted to make was big data. we've seen in the post-snowden era, there's a number of surveillance programs that have come to night, not just the surveillance program after 9/11 but the section 215 collection of telephony meta data. executive order 12333, we've seen the collection of e-mail metadata, collection of internet metadata and underlying these arguments is the principal that it's necessary to collect all the information and then to analyze it. this gives us the possibility of heading off threats to the united states.
why is this problem mat snick it's problematic at the point where there's convergence between national security and criminal law. this is not a new question in many ways in this country. lord cook discussed this in detail in his institutes when he was worried about the crown in the 17th century collecting a lot of information, looking for potential evidence of criminal activity and using it as a way to go after potential enemies of the crown. later hawkins wrote about this, we saw this in "hale" and "blackstone" and james otis in his famous oration in paxton's case railed against the con sthaept the government should be allowed to collect this information on victims and then look for evidence of criminal activity. the fourth amendment was introduced as a prohibition on general warrants and what we're seeing with this kind of rationale underlying the collection of foreign intelligence, the point at which it converges with criminal law,
you're seeing the reappearance of general lawrence, which raised foundational constitutional questions about the fourth amendment. >> so thanks to jim and the aba for putting together this terrific conference. i want to focus my remarks on two areas, one, the problem of so-called incidental collection which relates to what laura was just talking about with respect to global communications and global data. and second often under the radar problem associated with law enforcement actions that involve the cross border access of data and raise often overlooked security and privacy concerns. so the problem of incidental collection as i think everyone here knows, both the fourth amendment and current statutory scheme governing foreign intelligence information as protections based on one's identity and one's location. so it protects persons in the
united states as well as citizens and other voluntary -- other persons with sufficient voluntary connections to the united states wherever they're locate bud the fourth amendment under current doctrine does not provide protections to non-citizens located outside the united states if they lack sufficient connections to the united states and their stashtory surveillance scheme tracks this framework. when fisa was first passed in 1978, warrants were required for all povr ecovered collections i. in 2008 with the changes it's now the case that the government needs a warrant based on possible cause to collect communications of u.s. persons defined adds citizens and legal permanent residents wherever they're located but it does not need a warrant. it does not need an individualized targeting decisionment it does not need court review to collect the data of non-citizens located outside the united states. and the result is a huge quantity of what's known as "incidental collection" by which
the government is either targeting non-citizens or effectively targeting nobody because it's engaged in what's known as bulk collection not under fisa authorities but other authorities that sweeps in lots and lots of u.s. personal information. lots of information about u.s. citizens and legal permanent residents. there's a number of ways in which this happens, i won't get into that now, i'm happy to talk about it later but i have two arguments about this. first, the points that data is collected, acquisition matters. that's the acquisition itself tragers the fourth amendment regardless of how it's spently used, regardless of what other subsequent minimization restrictions are put into place. this is something that has been and ought to be a matter of congressional concern. if you look at fisa, if you look at the fisa amendments act as well, congress spends a lot of time regulating with
specificitying a sigs and this is right. it does a bare minimum of regulation of minimization of subsequent use restrictions, restrictions on dissemination, retention and who has access to the data. that's a mistake, congress should do more. butting but congress also recognizes the point of acquisition matters and that's why they spend so much time regulating on thatter ya. there's many reasons why this matters. the possible chilling effect on speech, association that results from acquisition. the way in which acquisition shifts the balance of power between the governed, the citizenry, and the government. and the risk of error or abuse no matter how well intentioned our officials are. no matter how well trained they are there's always the possibility of rogue actors and also the possibility of less well-intentioned government decision makers in the future.
so i think this brings me to my second point that the rules on acquisition are failing to adequately protect u.s. persons that both the fourth amendment and statutory scheme governing foreign intelligence surveillance are meant to protect and that we need to rethink the way we think about acquisition and we need to think about having rules across the board that no longer depend on the identity of the person who's being collected upon, the identity of the target because those rules fail to serve the interests that we're most concerned about. i want to say this is not the same thing as saying a warrant is required every single time the government engages in any collection. i'm very comfortable with the idea that there is a warrant exception to some types of foreign intelligence information more narrowly defined than it currently is, so this proposal is not necessarily rights protective nor rights resfriktive. we have to rethink what the rules are. but my basic premise is that we
need to start rethinking these territorial and identity-based distinctions at the heart of the fourth amendment and our statutory scheme governing foreign intelligence. and secondly i want to raise very quickly -- and we can talk about this -- more the problem of law enforcement trying to access data across borders. we're seeing this with respect to a pending case in the second circuit, the microsoft case where the government served a warrant on microsoft for e-mails. it turns out the e-mails were located in a server in ireland. microsoft said "we're not turning over this data, the warrants don't have extra territorial reach" and it's pending before the second circuit. the case has a lot of privacy and security implications. the united states is not the only government asserting this power to compel the production of data located extraterritorially. the uk has passed legislation saying it can compel any company doing business within its territory to turn over data.
other countries are looking at similar legislation as well and i think what the court ends up doing in this case and more importantly what congress does in response matters in terms of our own ability to protect our own data as well even within our borders. so i will stop with that there but i wanted to flag that as an issue i think we should be diskugdi discu discussing. thanks. >> so i have a lot to say if i had an unlimited amount of time but i don't and i just want to caution you at the outsaid that the fact that i do not explicitly disagree with something recently said doesn't necessarily mean that i agree with it. [ laughter ] i want to make a few points. i completely agree that we need to adjust our perceptions of the fourth amendment is based on technological changes. after all, that's what capps against the united states did in 1958. weer 50 years on and it's clear
that we can not use the same conceptions of the fourth amendment that we have all along. but i would argue that's a two-way street. that we need to look not only -- just to give one example in terms of the third party doctrine and i'm speaking only for myself here. i find it hard to believe that courts will apply the third-party doctrine in its full force to private documents that you store on the cloud. i just don't think the courts are ever going to go there and i frankly find it difficult to be the department of justice would argue that. so i think we have to make adjustments but it has to be a two-way street. fundamentally the fourth amendment is about prohibition of unreasonable searches and seizures and i think it's going to require a fairly fairful analysis to determine what is reasonable in light of the current environment and that should take into account among other things what kind of restrictions are on the use of data. how comfortable are we with that? how can we be sure that, in
fact, data being collected is not being misused and what are the technological challenges inherent in collecting data in the current environment? data that's, a, out there, and, b, being collected by our enemies. so it's a more complicated problem than saying we have to throw out the existing rules because they're not sufficiently protected from privacy. having said that, i want to respond to a couple of points. on the issue of the third party doctrine it's worth noting that smith v. maryland did not create the third party doctrine. it was a case a couple years earlier in the supreme court that involved bank records, your financial records held by a bank and the court held that because you gave those records to the bank you have no interest of privacy in them to prevent them from being obtained from the bank. so i think we need to accept that this is a fairly well-rooted doctrine. i think it needs to be reexamined but i think it needs
to be reexamined on a case-by-case basis looking at the type of data and the use being made of it. in that regard, laura said something about a principal that you can collect everything and look at it afterwards for evidence of a crime. that's actually, i think, not true of any activity that we undertake. first of all, of the programs she mentioned the only one that involves bulk collection was the 215 telephone metadata program and that did not involve looking for evidence of a crime into the data. that involved strictly looking for potential foreign intelligence information under very strictly controlled situations. and, in fact, that's generally true of nsa. nsa does not have authority to search its collections for evidence of a crime. what nsa can do is if in searching for valid foreign intelligence they come across evidence of a crime they can provide that to the fbi for further investigation which is a different thing and one, i think, frankly, that has evolved
over a long history of circumstances of insufficient coordination between intelligence and law enforcement. finally, on the issue of global communications it's absolutely not true that we could collect an e-mail between laura and jen just because it goes outside of the united states. as jen mentioned, if we want to collect communications of an american, wherever that person is located we need a warrant based on probable cause. so there are already substantial protections. i think the incidental collection point that jen raised is a significant one. and -- but, again, it's not new to the law in this area. if you happen -- if your barber happens to be the target of a wiretap and you call your barber to make an appointment, you're going to be incidentally collected regardless of the fact that there's absolutely no probable cause as to you. well, you might say there's -- a court has found probable cause as to the barber, but that's not
necessary. if your basher is an informant and talks to you and he's wearing a wire than that can be collected. if your barber throws his computer out without wiping it and abandons it and the government collects it, your communications can be incidentally collected. the general rule is that if there's a legal basis to collect one end of the communication it can be collected and then we do have minimization rules to ensure that the communications are not improperly used. and, frankly, i'm not sure how you can conduct foreign intelligence collection on any basis other than that. because you don't have the ability at the front end to weed out all communications involving americans, nor would you want to if you could because some of those communications will be of significant foreign intelligence value. so i see no way to solve this problem other than saying have appropriately limited authorities to collect foreign intelligence targeting
foreigners and then protect the american citizens information at the back end and that's what we do. sorry. can i wake one more point. i completely agree with jen that this is an area where congress should be legislating rules as it did for example after the case i mentioned about the bank records, it passed the right to financial privacy act which limited government's access to records. i think this is far more suited for legislative action and i'm not holding my breath. [ laughter ] >> indeed, after united states v. katz congress went out and passed title iii so there's a long tradition of the three branches getting involved. i think our opening remarks are i'm going to mix rugby and international football metaphors so our opening remarks are like the free kicks that we get and i think what jim wants is a free-for-all scrum of the kind you saw on the video.
when he said he was going to show us the video, i thought he was going to show us the jon stewart one a few nights ago taking a chair into the wrestling ring and going at it. i think that's the kind of lively debate he wants to see from the panel. so i don't know if my headlines are the ones you'll see in a year or not. they're based on by observing the issues both while i was in the government and private sector and writing i've done on this. so think of them as issues lurking between the surface and if i can do nothing else than broaden the scope a little bit so it's not just about the latest twists and turns of the usa freedom act or what that crazy malicious dn zirks up to with his general counckoucounse anything like that, i want to
broaden the scope a bit. there's a huge amount of homeland security activity -- as the last panel showed and this whole institute will show -- that has not nothing but less to do with the intelligence community. so one thing i learned when i was at main justice is that there's a huge amount of activity, prevention, interdiction, interception, enforcement all that that is carried on in all levels of government. city, county, state, you know all that. and a lot of that involves gathering information. sometimes it's called intelligence, sometimes it's just called good police work or whatever. so there's that. there's public safety which involves a huge amount of gathering information and then there's economic or regulatory gathering of information as those of you know who've recently filled out a tax return or application to do business or anything like that. what i'd like this group to do, maybe not today but over time is to start thinking about the privacy versus security tradeoff
in light of the different types of information and intelligence that are being collected or could be collected or aren't being collected because of perceived operational economic or privacy or constitutional issues and think about those tradeoffs as well. and to make this more complicated, the panelists have referred to some of the wild cards, the cross cutting issues which means it's never a static balance. the third is the types of interconnectedness that both jen and laura have referred to. is so that's the first issue. it's a little amorphous but some attention as well as following the twists and turns of the latest patriot act issue would
probably be beneficial. the second issue is perhaps more amorphous. the snowden leaks triggered -- was one model for how some discussion, some lyely public discussion about intelligence collection and privacy versus security tradeoffs happen. some time maybe at the cocktail hour you can ask bob litt what he thinks about the integrity of that particular model of public discussion. but i think we all need to think about other models. maybe even some lawful models. this's one model which i'm sure you've seen in the usa freedom act which allows the foreign intelligence surveillance court to appoint a mica, friends of te court either lawyers or in their organization to help the court understand the technological development or something like
that. so that's one example the in a way to get the public or surrogates for the public a little bit more involved in something which is inevitably secret. but we need to think more broadly and imaginatively about other mechanisms for doing that. traditionally the sticking point has been well, it's all secret stuff. we have the president's advisory board but i'm thinking beyond that and by necessity we have to go beyond that and even the folks in the government on my left and right might concede that if the government doesn't come up with some lawful mechanisms, they're going to be -- and they may continue anyhow to be lots of other people taking measures into their own hands. so bringing ordinary citizens
for a day into three-letter agencies and talking about what's happening and with all due respect i don't necessarily mean ordinary people like jen daskel and laura and mr. litt once he goes into private service. but there's a role for that. it would simply be like a jury. i know the jury has the constitutional dimension and this doesn't but the question is the overused cliche of a focus group. another possibility that sounds ridiculous but we've been conditioned to watching these reality tv shows where people sing and, you know, they get instant feedback. instapoll votes by text messaging for various hypothetical intelligence programs. there's lots of ways we might be able to -- and none of this would bind the government or the aclu or the freedom -- the heritage foundation or anybody else. it would just be a way to sort of get some input from folks and, frankly, and maybe bob and
dan can address this later, inform people about either what is being done, whether what is being considered done or get input into what are the ways that could be done. i think that would have avoided a lot of heartache on all sides with the revelations of bulk data collection. and then my third point which may be the most amorphous of all, probably so, i'm sure all of you are familiar with the concept of privacy by design which first canada came up with, now everybody's embraced it, the ftc is all over it, everybody is talking privacy by design and in one sentence the concept is instead of coming up with a cool technology or service or product and doing whatever you do with personal information and then later on trying to build in safeguards and guardrails and fences once there's some public
issue, the idea is plan this ahead of time, design the product with privacy considerations in mind, figure out what the safeguards are in advance and maybe even design those into the product and how it works and how you collect data. that's been, i think, a large focus of a number of responsible companies in their new products and services lately. the question i have is to what degree is that entering into the way the government thinks about things? we've got the fourth amendment, we've got the statutory chings. i'm thinking of something different which is really beyond the legal compliance point to figuring out how are we going to operate this program or even how are we going to design it or what are we going to ask to go back to the last panel. what authority are we going to ask our oversaeoverseers for an congress? and part of that, bob and dan will probably kill me for this, might be having a rudimentary privacy by design presentation
about how we're going to build it in from the beginning. any information collection needs to be clearly linked to the security objective. so those are my three free kicks, pretty amorphous, they won't be in the headlines tomorrow but i hope they will be in the next year or five years. >> i'm actually going to give a specific case study. we've had these discussions about privacy and security and the debate, the balance for years i remember the first days -- joe, you'll remember when the department was first standing up and secretary ridge told us -- globl a tradeoff or a balance between liberty and security, i believe we need to and can accomplish both goals at once and i think sometimes people laugh that off a little bit but i'm going to give you a
case study and see if we can't make that work a bit and it does build on your comments and thoughts about privacy by design. so the specific study i want to mention is right in the news now. you probably know there are a number of legislative proposals currently under active consideration on the issue of information sharing in cyber security. it was mentioned in the panel before and basically the question is this -- how can we stimulate or catalyze or incentivize companies in the private sector to share information about malicious cyber activities or potential malicious cyber code and activities with the federal government so that government agencies can be informed and do their work, whether their work is to begin investigating a crime or their work is to try to help remediate whatever has happened to that network or whether their work is to try to spread out that information about that particular malicious activity to others so that
others can defend themselves. really what we're trying to do is create a robust, real, information exchange or really series of exchanges but an information exchange where information comes in, everybody learns, it pushes back out and everybody can defend themselves. is the president announced a leblgive the propo ive t legislative proposal in january, the house has passed two bills on this and the senate has a bill as you've heard from the previous panel, they're poised to consider. so there's a lot of activity in this area. now, to make information sharing and cyber security work, we need a new generation. we need a new revolution. we need to have machine to machine sharing. right now what we have is great and everybody's worked hard to get to this place but we have humans involved it's not going to work for us in this environment, you can't have humans taking telephone calls,
analyzing code, three days later saying "there's something here," calling everybody else and telling them what's going on and now you start to defend yourself. that's what we've got now and it's good, it's excellent. we have to take it to the next level. two problems with machine to machine sharing. one is a technical problem, how do you make that work? that isn't the bigger problem. i've made a lot of progress on that and we can talk about that at some length but the second problem is the problem of this panel -- how do you deal with privacy issues in information sharing. so here's the specific or i'm trying to put -- make it specific for you. when information is submitted to us, it could include personal information, spear fishing campaign, you'll send that information in, that has somebody's personal e-mail address. in the body the e-mail could have something about your wife, kids, personal life, whatever. do you want that? do you want your company send nag to the department of homeland security and then spreading that around this broad
network of whoever's connected to them. it could also have proprietary information, company identifier, things about the way the company may be organizing their networks, other things about the company. does the company want their proprietary information sent to the department of homeland security, shared all around? no, you want that scrubbed. you want to make sure it's anonymized and if you are convinced and confident that you can send potential malicious code to this government entity, it's anonymized and then shared, you're going to have no problem with that. as a matter of fact, you like that because you'll benefit from that, too, you'll benefit from other people's bad experiences and learn how to defend yourself so we have this robust sharing of information because everyone's confident that my personal information is not being lifted.
the problem is law enforcement agencies want it now. they want in the realtime. they don't want some guy who looks like he's from -- you picture the geek squad, you take your computer and there's some guy standing across the aisle "when can i have my computer back do you think?" so you want to take out the human because the law enforcement agencies want it quickly. so we're trying to figure out the solution right now. as is often the case there is a way to make both interests. do satisfy both interests and it depends on, i think, some tried and true processes that we're familiar with. it takes the interagency, that's the first thing. we are working with people all across government, odni, fbi, all across government. nist, that's homeland security, we know that, we're familiar were that in the homeland
security context. it takes a lot of work. the easy answer is this won't work and we get that a lot. no, that's not going to work. it does work. to dozens of meetings, 20 plus agencies, we poured through these issues over the past number of months. just one example, we did a survey of the cyber analysts of all the operations centers in the government who do cyber analytics and asked them what data do you specifically need, what do you not need? so we have a survey of what they need. we're able to build on a great deal of technical work done for other purposes. we have a protocol for structuring how machines communicate to one another and we have to leverage that here and the fourth thing is it takes really strong stakeholder relationships, another thing we're comfortable with in homeland security but dhs has those with privacy and civil
liberties groups, we just worked on those over a number of years developing a number of committees, privacy advisory commit 's the and others so we've been able to leverage those and learn from people there. so even though the legislation has not passed since the president's legislative propos l proposals in january, we've been working. in october, the fall but i think october we're going to be able to begin ingesting or receiving information. by the spring we'll be able to share back and forth and by next fall, about a year from now, we'll have the capability to make all of that technical work being done available even to those who do not have sophisticated cyber security operation operations. what i'm trying to suggest -- and i'll just close with this -- is there are ways when you take specific case studies to work through both the privacy and security interests. here's one that we're rolling up our sleeves on and you heard in
the panel before the senate is even dealing with this very specific issue and trying to get their arms around it and feel comfortable with it. if the congress feels comfortable, we'll see legislation. if private sector companies feel comfortable, we're going to see information sharing. so these issues have a real practical meaning and play out in the day to day practical operational issues and other yen station. so with that i'll turn back over to you. >> can i make one quick point in response to ron's point about privacy by design. i'm not sure what nsa was like when ron was there but we are very, very focused on privacy by design. i'm building in the at the front end. we have a number of mechanisms for doing that. agencies have their own privacy and civil liberties officers as well as officers of general counsel. we have the privacy and civil liberties board which i know is represented here today which has a statutory obligation to ensure that all of our policies and
laws adequately take privacy into account. the president in ppd 28 a year and a half ago specifically directed that we take privacy and civil liberties consideration concern in developing all surveillance programs and if it requires legislation we've got to work with the congress on it. so people may disagree with the outcome, but it's not that we aren't trying to build privacy in at the front end. >> and i just want to say i was certainly not suggesting or implying there was a lack of privacy by design at any time in the community but if -- maybe it's a rhetorical thing in part which is it would help bridge the hugechasms of understanding between what the government and intelligence community does and how people in the private sectors think about privacy if they could start to talk in some of the ways that bob was just speaking. >> just in response to the last three speakers and, ron, your interesting blue skies approach
that you have, it makes me uncomfortable and nervous to think the majority would decide individual rights the. point of the bill of rights was to protect the minority against the minority so the idea of can sassing people to see what they'd be willing to trade off is in contradiction to the purpose of the bill of rights which is to protect minority juice against the majority. along those lines, reasonableness. in the fourth amendment -- not to go originalist but to go originalist here, "unreasonable" meant against reason or against the common law and the common law at the time banned general warrants which was the broad collection of information on citizens to use it then to find evidence of illegal activity. that's what a general warrant was. so when the fourth amendment says unreasonable if you go back to "cook" and "hawkins" and "blackstone" it wasn't fund the more modern sense which bob rightly says, well now we understand reasonable to say well, what is reasonable in this context in a relativist sense.
it meant what was against the common law. and from the magna carta according to cook and hale and hawkins it was against magna carta to collect broad information and use the information to find evidence of illegal activity. and there were good reasons for it. there were reasons that were related to the harms that could be perpetrated against anybody who objected to the government's policies. any social, economic, or political actors they wanted to target they could target but there were also rights that were valued in and of themselves. the importance of democratic celtics. -- deliberation. the importance of solitude, self-actualization, intimate relationships. being able to build a social network and have diversity and decide what level of intimacy you wanted. there are values to these rights apart from the security or freedom contemplation in this tradeoff. these were values that were recognized from time within the british constitution and later
by the american constitution. >> i wanted to respond to one thing bob said about incidental collection. so he made the point which i agree with that this is not a new problem. this existed before the rise of fisa. it existed before the rise of new kinds of data and the growth of the global internet. but it's also two things have changed. one, the scope of information that's being collected has changed and the quantity of information has been changed so that i think requires us to reconsider some of these rule, including the rule of incidental collection. and i want to read a quote from the 1978 house report when it first passed fisa. there was a debate at the time about as i said earlier, a decision in the 1978 legislation to require warrants for all collection covered at the time which was a lot less than what's covered now and there are a
number of members of congress who objected to the idea that warrants would apply to the collection of data that was targeted at aliens or non-resident aliens who could be covered in certain types of collection. at the time, the majority of congress rejected those objections and said the warrant was required not primarily to protect such person, those a n aliens, but to protect u.s. citizens who may be involved with them and ensure the safeguards inherent in a judicial warrant could not be avoided by a determination as to a person's citizenship. i think that recognition of the risks of targeted collection based on lower standards of non-citizens located abroad applies with much greater force today and it's something that requires us to reconsider our thinking about incidental collectio collection. >> i wanted to respond briefly to one of laura's points. i was certainly not advocating
that a majority should decide who advances, what practices get done in the intelligence community and in that way my analogy to america's star search may have been incorrect. i was suggesting that the public needs to get a better insight in understanding about what the choices are and then the governance and the folks that make these decision cans factor that into account. i think it's probably not responsible to suggest that people in the government who have to follow the constitution and the laws would simply do whatever the majority of people say in voting. but i have one other point about major tarnism and majority rule. the statutes under which the intelligence community and the whole government operate are actually passed by majority rule.
and even the judges, the federal judges who adjudicate these things are nominate natsed by a president who was elected by the majority by the electoral college, so that's another story, and confirmed by the senate which i'm told can be a partisan process. [ laughter ] >> just in response to jen's point about incidental collection, i don't disagree there need to be rules to protect the information of u.s. persons, it's incidentally collected. i just don't see a way to do that other than some variant of back end minimization procedures, which is what congress adopted in title i fisa and congress adopted in title iii when it authorized electronic surveillance to begin with. i think the privacy and civil liberties oversight report on section 702 or some other document that we have released has indicated that under section
702 collection which targets non-citizens outside the united states we are currently targeting tens of thousands of selectors. because this covers a broad scope of foreign intelligence collection. we are never going require warrants to collect on vladimir putin's cell phone or to try to collect on what al qaeda terrorists are doing. it would bring foreign intelligence collection to a halt and so what we need to do -- and this goes back to the first point i made -- is we need to find ways, number one, to explain what we do which we have been doing for the last couple of years and, number two, to try to put technological, legal, and oversight restrictions in place that satisfy people that information about americans or information, frankly, about any persons that's being collected is subject to appropriate protections for privacy and not being misused. and, in fact, in the last two
and a half years, of all the information that's come out, there has not been any indication that people have been persecuted for their political believes or that this information has been misused. in fact, the system we have in place is working reasonably well to provide privacy protections for information that we do collect. >> so on the 702 point. i think it's really important to look at the controls that are put into place because 702 data right now according to the privacy and civil liberties oversight board the fbi routinely queries the database for purposes not related to which the information was collected. and i understand some people might have the view that once that information is legally collected you don't need a warrant to go back and query that data. but i would suggest there is a use restriction in the fourth amendment and if you collect that information for foreign intelligence purposes to use it to then check out bank robbers in california for purposes unrelated to some foreign intelligence purpose for which
it was collected that you should be required to go back to a court to get a warrant to query a database of that sort. so i think the 702 database brings up particular concerns about how information is being used, whether u.s. person information can be used to query it, if there are judicial restrictions on that or not and how that plays out in terms of the warrant requirement of the fourth amendment when applied in a criminal contrast. >> as you can see we have some degree of disagreement and fascinating. we may have a time for a couple questions. if anybody has a burning desire to query this talented panel be happy to allow you to do so. yes, right back here. >> hello, my name is david hudson. i recently remember hearing the director of the fbi testifying
on strong encryption and how many of the leads of the fbi are going dark because of the strong encryption and asking basically for industry or perhaps congress to force industry to provide keys to the castle so they can get in on one side or the other. strong encryption sort of strikes me that, well, that might work in america, i'm not sure in a globalized world. we're talking about privacy by design. but if the technology is getting to the point where we can't see what's going on in any way, shape, or form, i mean -- and i would imagine that there's aa way to anonymize the traffic itself. it all goes to one server and that's it. we don't know what happens without an encryption. is that something that needs to be looked at and weighed in some manner not just nationally but international amongst our foreign partners? because a lot of their territory
can host these services and, of course, there are those who may not want to help us. thinking of certain asian powers. so if there's anyone who could care to respond on that. >> good question, bob, you might can address that. >> so i think the administration's position on this is reasonably clear. strong encryption is a good thing. it's a way to protect people's privacy but it's also a bad thing in the extent that it makes communications invisible to us and there is no question that this is a problem for law enforcement not only in terms of foreign terrorists but domestically as well. what we need is the technology to come to the table to try to
find a solution that protects people's privacy while at the same time allows law enforcement to get information it needs when it has appropriate lawful authority. i think if there's an opportunity for law enforcement to get access, you have weakened encryption. how much risk are you willing to take for the greater social benefit. there's currently a statute that requires telephone companies to configure their services in a manner to permit interception of communications. well, that's less secure than we would be if we didn't have it. it creates vulnerabilities but we as a society have determined that that's a risk we're willing to take because the overall social benefit is significant. the question is, can we find that kind of a solution in the
encryption space where we say we've got a manageable risk here and the overall social benefits are sufficiently great and that's going to require engagement with the companies and their willingness to engage with government to work on these solutions. >> so i would just add to bob's remarks, economic security. this is often missing from the national security equation. but, you know, we've taken a huge bath since september, 2013, or 2012 -- well, 2013, on our cloud computing. so by some estimates 140 billion lost over the next five years because of the way in which the u.s. government interaction with u.s. companies has undermined their competitiveness abroad. we see these data localization efforts, certain amount of tunism going on. to the extent that we drive this as a law enforcement international security issue domestically, there's also an economic price to this and that needs to be part of the discussion and part of the equation. not just at an nsc level but
also to make sure our interests are protected long term in the interest of national security. >> i think that's right but i would add i would think at the end of the day there's a reasonable possibility if american companies have a transparent environment where it's clear to the world what we can do and your average person is faced with a choice of am i going to go to google or microsoft or apple where i know what they're doing or am i going to use some romanian communication where i have no idea what they're doing that we might still retain a competitive advantage even under those circumstances. >> i want to thank the panel and hope you'll give them a good round of applause. [ applause ] this afternoon on c-span radio and cspan.org, 11 of the
republican presidential candidates in columbia, south carolina, one of the early primary states for interviews at a heritage action forum. coverage start s 3:50 p.m. eastern time. tonight at 8:00 p.m. on c-span, a senate arms services committee hearing on efforts to combat isis. president obama has authorized the deployment of up to 450 more american troops to iraq to train and assist the iraqi forces batting the slate, signaling a major shift of focus in the fight against the sunni militant group. central command commander general lloyd austin and the chief policy official at the pentagon testify. after that, at 10:00 p.m., u.n. ambassador samantha power talks to reporters at a "christian science monitor" breakfast about a variety of foreign policy issues. more now from this american bar association conference on homeland security with a panel
on the use of drones and unmanned aerial devices for domestic security purposes. >> thank you very much. [ applause ] and, joe, i'd like to thank you and the rest of the team for putting together one of the premier premiere conferences, not only that the aba puts on that is anywhere, and i think the great thing about conferences like this is of course the information that is conveyed, but the ability to see old friends and make new ones. and so just to be a good guest, i'm very much going to be at the cocktail reception and trying to sample all the free aba cocktail, which is very good. but in all seriousness, that is an important part of the event. dawn has put together a tremendously talented panel here, myself excluded. and it really is an honor. i'm not going to go through their bios in a lot of detail.
i'll just give you their title so you can orient yourself towards what is in the materials. we have my old friend major general retired fred roggero, he's president and ceo of resilient solutions limited in alexandria, virginia. we have jay stanley from senior poly analyst from the aclu speech privacy and technology project. and of course we have don, but also scott glick, senior counsel and acting director of the preparedness response in the national security division of the department of justice. we have some government officials on our panel. they are not speaking for the government. they are speaking for themselves. they're kind enough to share their views with us. and fred is a retired military officer, but he's not speaking nor am i speaking for the air
force or any government entity. but, rather, just for ourselves. now, jay is speaking -- no. and so that's a wonderful thing. now, just to help us get oriented a little bit floor to what we'll be talking about, there is a lot of unmanned aeronautical systems or drones or whatever you want to call them. drones is a bad word for industry as well as the military because it implies things that aren't true about the technology. and there is lots of different classes of unmanned aeronautical systems and civilian world, as well. but what we'll focus on in this panel is the little uass and i think we'll have a little show and tell before the panel is over, show and tell meaning it won't be flying in here, i don't
think. if it is, it was unbriefed. and we won't be talking about armed drones overseas. we'll be talking about the challenge that we have here in the u.s. domestically because there has been so much focus recently on safety, privacy and things like that. it's a really complex problem. and since i've dived into it, i'm kind of surprised at some things th thas that are not reg and i think it's the question of the technology or the administration, meaning the administration of the regulation has not caught up with the technology. and so there is lots of unanswered questions. and so what we're going to do is we'll have a conversation here. i'll ask a few questions. it will go back and forth a little bit. but then we'll open it up for your questions. i think this is one subject where i think it's important and
it will help us if you ask questions because as we're all developing our thinking on this subject, we really need to know what practitioners, scholars and so forth are thinking about and what they're concerned about. what i found is that sometimes what i as a -- yeah. scholar? don't laugh, dawn. that's my official title now. as retired military guy, there are things that i think are important but may not necessarily be shared by others. let's start out by talking about -- well, just the general question. it seems to me every time i look in the newspaper or hear a press report, there is something about these little drones. sometimes they're good things, but sometimes they're not so good things. and i'd like to ask our panelists, what do you think is -- what do you perceive as the potential threat that these small unmanned aeronautical
systems present to our safety and security, if anything? >> well, i'll take that one on. as being a pilot with 4,000 flying hours over 22 different types, in my last job in the air force was chief of safety to the air force where i was responsible for uasad amongst other things, i would say that the threat right now and i'll quota good friend major general briggs out at north com who said this is not an emerging threat, this threat is here and it's here today. it's there for a couple of reasons. the threat i think that you talked about that your question is about, though, is sort of divided into two parts. we have the threat if you're a passenger on an airline, these little guys can occupy that same national air space very easily. if you look on youtube, you'll see not this one, because this one is mine and then legally, but you will see video of this one up at about 4,000 feet over the freeways of california. well within general aviation
traffic and certainly landing and departing airline traffic. you say is that much of a threat. it looks just like it's made of plastic, fred, what's that going to do. we know what the birds did to the u.s. err fligair flight ove haud r hud hudson. but it has something the bird don't have and that is a battery with all the lawyethings lawyere to have. and if that were to strike the airplane or go down an engine, that would certainly be a threat. they're probably flown by and large by people not with a desire to do ill harm, but they're done by people who have made empowered if you will to operate this because they are so easy and simple to operate.
this has a gps -- i don't have to know how how it works. i can take any of you out and you can fly it like an expert in recent than five minutes. so easy to operate, very inexpensive and you don't have to pass a test or be licensed to fly them. so on that aspect, you have a threat who has this new technological capability that law and policy hasn't kept pace with. on the other end of the spectrum, you have the more capable crowd who have a different determined purpose that could use this for ill purposes and use this capability. i like to say that it really is a revolution in aviation because it gives all those aspects of an air force to an individual. only nation states used to actually own that capability to
do intelligence, surveillance, recognizance, hoeblt or kinetic strike p but now you can purchase one and have those capabilities. and that's been shown. just earlier this week in cumberland, maryland, there is an eexample of a small drone trying to go deliver drugs and money into the cumberland prison. that's happened on two other occasions, one in georgia and one in south carolina. there was drugs, cellphones and money, small things that these could carry. so there is your mobility or your smuggling or delivery. they have also been used, apple when they were building their plant, had a drone that was flying over the construction of their building on a regular basis taking pictures. whoever that was didn't need to have the blue pribprints to understand how apple was organizing their building. they got it through the drone.
and if you're oversea, you probably heard last october about the coordinated overflights of nuclear power plants in france and of course in japan just in april with the landing of a dji phantom this type right on the prime minister's house with a part of radioactivity in it just to send a message. >> one of the things that surprised me -- let's talk about what is the threshold for the faa regulating these devices. >> right now there are two aspects. number one, you can operate it commercially if you go through the faa's section 333 exemption process. >> and that is commercially. but suppose if you're just a hobbyist. >> if you're a hob weisbyishobb regulations are quite light. there is a note before you fly guideline that if you go to their website, you can and the
guidelines are avoid airports by five miles, 400 feet and line of sight. but if you look at the actual regulations that are out there for a hobbyist, you'll find that line of sight is about the only one that really applies. you can call the airport if you're within five miles, but you don't have to wait for a response actually. the guideline is to inform the airport that you're there. if you're -- of course you do have to abide by regulations of restricted air space. for example, you can't tli within 15 nautical miles of ronald reagan airport, but i doubt that when you order your dji phantom on line and get it shipped to the house that those instructions are on there. >> is there a size or weight that sets up the limitations here? >> you're really talking 55 pounds or less. and to tag on to what fred was talking about, the regulation he's talking about is faa
advisory circular 91-57 in case anybody wants to look that up. it's actually not very easy to find. but you will eventually find it. and you're characterly right, the biggest thing that jumps out of that circular is use your between judgment. so really when you're talking about model aircraft and that's what we're talking about here, not commercial delights, because that was the notice of public rule making that came out in february and we he can talk about that here shortly. really it's use your good judgment. a in the event you violate good judgment, you're look at fines pretty much, civil fines. and i know scott will talk about other laws. but from an faa perspective, that's really what is out there. >> before we get into more of the laws, what about it's pretty
obvious that there is privacy issue here that is raised by these small drones that anybody can operate. jay, to you ha jay, do you have any thoughts on that? >> yeah, thank you. so i think that the aclu and civil liberties concerns fall in two buck ketds. number one, spying. and number two, the first amendment and the right to photography. so, you know, our big focus has been putting some rules in will place to ensure that drones used by government agencies, local police departments, et cetera, don't become a tool for mass pir vase sif surveillance, we don't have any rob with them being used for particularized focused missions, whether it's a s.w.a.t. raid or what have you or a lost child or so forth. but we are concerned that national security agencies and
especially local police departments will begin using them for mass surveillance. and then of course individuals will inevitably use them for privacy invasions. and we have not called for regulation in that area because it's very complicated issue, unclear to what extent the kind of privacy invasions will be perceived, which is a kid down the block flying outside the window which should already be covered by peeping tom laws, trespassing rules that may come into account. so it's not clear how much current laws will already cover the things that we will see as regular problems when it comes to individuals engaging in privacy invasions. and also there will be a lot of innovation, we don't want to step on that, but also there are first amendment issues. we at the aclu have had numerous lawsuits around the country against police departments when police officers interfere with people's right to videotape police officers or often just
trains or bridges or so forth. sir, you need to put that camera away. that is an order that is frequently heard, sometimes people are harassed and arrested or worse because of photographing police without interfering in their legitimati operations. the courts have pretty much found a first amendment right to photography. so that cuts in complicated ways against the privacy concerns here you can easily see. i guess the bottom line for us is -- and i think that we'll be seeing a big clash here between our very powerful national security establishment, our security agencies, which have very genuine concerns about the security threats posed by drones and another thing that is always very powerful in this country, industry. we tolerated huge carnage in the railroad industry when the railroads were new technology and all kinds of errors and
crashes and high schomistakes. huge carnage when it comes to automobiles on the highways. how much carnage will we tolerate from drones in order to reap what the industry says are potentially huge innovations, conveniences for all of us, really cool applications. how much will we tolerate. in many ways, the civil liberties doesn't have a dog in that fight. we respect that there are real security problems. we respect that there will be a lot of innovation. we like that. i guess the thing that we keep an eye out for in that area is that security not be used as a pretext to it proceed hhibit pe from using drones for faf if photography by agencies that don't want to be deal become public execuscrutiny, we saw in ferguson photographers were htht
harassed, faa closed the air space it for what appeared to be no good reason. so that is our interest. we don't deny that there are big security problems or bighe othe. >> steve, just generally, what do you think about the regulation of the use of these things and are there recourses in the law today or do we need to start from square one? >> i thank the aba for inviting me to appear here and emphasizing that thinking that i say is in my individual capacity. as dawn mentioned, the regulatory framework is in really two pieces or maybe three pieces at this point. you have the proposed regulation that has to do with commercial use that was mentioned, you have the faa and the 2012
modernization act setting out a different framework for hobbyists. and the other aspect that applies is that the faa has a number of regulations out there that apply generally to operating aircraft that we know are going to apply to uas. so for example it's 14 cfr, code of federal regulations, 91.13. and it's on your little thumb drive if you picked that up for the conference. it prohibits the careless or reckless operation of an aircraft, that will apply for a uas. so there is a regulatory framework that applies to using the uas in a reckless way. >> and that would be irrespective of the size. >> irrespective of the size. as long as you meet the requirements and elements of what goes into that regulation. there is also a number of federal statutes that would
apply in this space. some of which may be specific to the use of an aircraft, for example. so if you are photographing or sketching a defense installation or using an aircraft for that purpose, you're violating title xviii united states code 796, that is also in your materials. and there are some other ways of looking at existing statutes this sort of a-with a creative application of a technology neutral lens, you can see how existing criminal statutes, and we can go into that if we want, how those statutes could be made or thought to apply to a uas circumstance if someone was operating a uas this conflict with that. so there is a legal framework, there may be some gaps, but there is a legal framework that governs the unlawful use of a
uas. >> i'm thinking out loud. we were talking about the legal and criminal ways that you would confront improper use of these uass. but is industry looking at technological solutions? >> yes. sha as a matter of fact, my company helps companies that want to fly uass legally. we write their aviation operations manuals and help them through the faa 333 exemption. and on the other hand, we help the military installations. yes, there are technologies, it's actually quite a challenge technology-wise. but there is a history of ground based air defense that militaries around the world have
and they have beenab able to ta that and move it slightly to deal with this threat. it basically takes a multimodal approach. but usually depending on the area that you need to defend or protect, it would involve some type of radar system, it would involve electronic surveillance, it would involve acoustics swemgs long range electric optical cameras. to pull all that together, you need a command and control system that will assimilate all that data, tell whoever you have watching it that there is an issue, there is something approaching, and then you have to determine the intent of that. and then we get into a little bit of gray area on the legal aspects on once you've found it, fixed it, tracked it, identified it, how what do you do to engage it. and what are you allowed to do to engage it. probably depends on what you're defending. if that's national security asset such as the president or
nuclear installation or something like that, you probably have one set. but generally overall, you start to run into things that scott was talking about, there is a federal law that you can't just shoot at an aircraft and the faa has said this is an aircraft when flown for the purpose of flight outside. so if you shoot at my drone, you can actually wind up in prison or fines. >> so if a drone was hovering outside your bedroom window with a camera on it, i suppose you could call the police, but you could not shoot it down? i mean i have my own ideas what the answer to it that is. >> i guess the lawyer's -- >> it hasn't been tested in court yet. >> so let me jump in here for a second. what the reference is made to for folks who are interested is title xviii united states code section 32. which has do with the
destruction of aircraft or aircraft facilities. obviously there is certain intent as lawyers know there is a mention ray oig or state of mind required and you have to have a willfulness to meet the other elements of the statute. but shooting down a uas should be evaluated with the same framework of whether or not it violates section 32 because you're shooting down an aircraft. there are state statutes that may govern. oregon has a statute that addresses peeping tom using uas, so the state could respond. but it would violate section 32. >> so self help is not -- >> and anybody advising someone who is planning do that immediates to be thinking at least about that statute. that statute also has some other applications, though that we can get in to in terms of if someone is using a uas to threaten an airplane. >> one question often asked, and i don't have an answer, what
about if you ground the aircraft with a net rather than destroying it or harming it in any way. >> i don't know the net answer. if it's on your property and you throw a net on it, do you damage it and can they sue you for it, it's possible. you know, talking about -- i think state law is very relevant here. and i just want to touch for a second where we are vis-a-vis state legislation. in the last three years, 2013 to 220 2015, 283 separate bills introduced to legislate drone use. as jay alluded, to a lot were drafted with the assist tafrns the aclu and really focused on government actors and quite frankly focused on privacy. and so the majority of these proposals focus on government actors and basically prohibit for example law enforcement,
which is the primary interest target of these bills and some that have passed actually into law. from using a drone for purposes of collecting information or evidence without a warrant. and then a lot of these bills also carve out specific exceptions when it would be permissible. thousand, many of these exceptions don't always include all of the things that we have in our fourth amendment jurisprudence. for example a number don't even include a consent exception which seems a little odd. but the concern that i have after looking at this issue and this kind of drone threat issue for lack of a better term is that virtually none of these bills, none of these laws address the possible threat. so the focus has been on government actors and as we heard, not so much on the private individual, because frankly, it is kind of -- i think we heard it's hard. it's a complex problem.
and how do you address it. so you have the surveillance privacy issue and then you have the no kidding kinetic threat issue. because we talked about the threat here for a second. one thing you didn't mention which i want to bring up, has anybody seen the youtube video of the kid that created the drone that he put shall guns on it and he's shoot things? i'm seeing shall nods out there. that is relatively new, but one is a russian guy who actually hooked up machine guns to his drone. he's talking about look at the bad guys over there, i don't think i know those guys. and he's watching them so he's using the surveillance capability of his camera. and then he shoots these dummies, you know, all apart. so none of these -- some do. i don't want to say none. there have been 46 that passed
and will fact in fact 28 in the months. so a lot of activity in 2015. but the majority of these bills do not address the threat issue. and in my humble opinion, it's a significant issue that does need to be looked at. >> there is one or two states and i can't remember which ones, i think maybe oregon, a couple states that banned weaponization of drones and shaome just have flat drones that would cover it. interestingly today, there was news that north dakota has actually passed a bill that allows the police to use quote you been quote nonlethal, which really means less lethal weapons on drones which generally has been a strong consensus against any kind of weaponization of drones and all the drone conversations i've been with government and industry and so forth.
>> and i think that would cover your net question, right? the oregon -- or the north dakota law, if it's nonlethal and they use a net to take it down. >> we're talking about nonlethal weapons like putting tasers and tear gas for use from the drone against the individuals on the ground. which is permitted by the law. i was talking about whether the damage to aircraft law would be covered by taking it down with a net. >> i can imagine some -- josh, i think we have an idea for students who want to write a paper. the application of the second amendment to an armed drone used for home defense. when you start looking at the supreme court cases, that would be an interesting paper. i'm not quite sure how it would come out, but that would be interesting. keeping with this, and i'm thinking industry would have a
lot of use for this information, in other words all kinds of information can be gathered with these small drones. and adding into big data to include -- i could see a commercial company saying we'll keep track of your kid, we'll equip the drone with facial recognition software, and the kid's a minor, so we'll just follow the kid. keep track. so you don't have to try to tap into the cellphone. we'll give you eyes on. any thoughts about that, philosophically, legally? jay, i'll spring this on you. >> you were talking about like if you assign a drone to follow your kid? >> gives a new dimension to helicopter parent. >> i think they had that on the jetsons actually.
>> yeah, i mean, that gets into complicated issues about right to photography versus privacy. i don't think we're ready to take position on a question like that yet. i think that we're going to -- this is a hugely complicated thing watching this technology integrate with human social norms and sthupinstitutions ach spaces. there is a little bit here of not deciding the cases that aren't before us. >> i think jay and i agree that this is another great topic for students out there to write their thesis paper on. scott, do you have any thoughts on this? >> well, i think that this is interesting, one, you can see the sample of the drone that we're talk about in terms of a small drone. what is missing from this drone flying and what we have in a manned aircraft, we have a pilot who is able to look out and see what is going on. you've got air traffic controllers that are able to
spot planes flying and they can move them in different directions. so i think technology has to catch up with whereé%3 we are. so to the sense gio fencing is developed, we may see applications in some places, but it's hard to emergency until the technology catches up whether or not we'll see drones following your children in cities. and then of course the tension that exists in that space is the tension between innovation and economic growth versus safety and security and how much do you put in the regulation of whether your drone has to have these capabilities before you can sell it is going to be a question that the public is going to have to deal with and policymakers will have to deal with. but i think up tilg we hantil w technology that can have these things flying in the air safely, i don't think we'll be facing
the drone following your kid too much. >> i'm going to take that in a local different direction read the notice of public rule making that just came out in february? who will admit that? okay. one person kind of raised a finger. okay. another hand. two people. >> we know who the nerds are now. >> i'm a nerd. i admit it. but if you think about your question, so this is a business. i'm going to have a business where i have drones that follow kids around. well, if the -- [ inaudible ] >> -- also advertised to protect females when they run in parks and stuff. so it does exist. it can be seen from a smart device, either close or at a distance. it exists. >> so you're talk about the gopro. >> actually, it's a small uav that follows a child who wears the device on the back or on the
arm and circles them within 30 or 40 feet and films constant. >> okay. i was thinking more along the lines of maybe something that big, more commercial, this is a service almost like again no federal implied or intended, uber or something like that, this is a service being provided. if the rules are passes a they were proposed, it would have to be visual out of sight. so you'd have to have the operator following the kid the whole time. that won't work real well. so we can talk more later about the notice for public rule making. but it has very interesting proposals vis-a-vis commercial use. >> dawn, since you have lee bth boys, i thought i had the perfect idea for you. >> i'd have to buy the hovering drone technology. >> you know, at the same time, one of the things that we haven't talked about, you kind of wonder about civil liability.
and when i first saw the proposal for amazon delivering you look at that and everybody thinks this is a great idea aunldall i could think of is some little kid seeing it starting to land and sticking his hand up. what do you think about civil liability? i got this from something jay said. in this country we did a lot of dangerous things. we have automobiles that kill 30,000 people a year and we've come to accept that but it would have been much worse had it not been for the civil liability revolution which forced the industry to put in place safety devices that they might not have done for a purely commercial reason other than that. what do you think about the future of civil liability? is that a good thing, bad thing?
>> he's going off script here just for the record. >> never done that before. >> then i guess i'll answer my own question. i think there are some things in life where the plaintiff's bar really can make a contribution and i think that this may be one of those areas where we can decide eventually over time what is reasonable, what a reasonable would person under those circumstances, what the expectations should be. and i do think testimony come to some of the things that you're talking about, what kind of technologies, what sort of limitations there should be. and i do want to get the q&a from the audience. but i'm thinking what should we be looking for in the future? do we need a comprehensive small drone or drone bill or specialized -- or should we try
to build off of existing regulation with a few tweaks? what does the panel think? jay, do we need national legislation? let look at it from the point of v. >> i do think as a technological hear i think that about if regulations are not put this place that slow it down, we're all right s already seeing a ton bought and used. the world is full of stupid people and there will be just drones that fail. i read one article that said a lot of birds are territorial and will attract drones. so the more they're crisscro crisscrossing our sky, they will be falling out of the sky and some will be hitting people heeds or slashing windshields and causing people to crash into a tree. so i can't even beginning to imagine where this is going to
go. but the legal system is going to have to deal with it and i don't know -- again, we don't have a dog in the fight as to what the right balance is between innovation and safety or what have you. i mean, when it comes to privacy, we hold out that it may turn out to be necessary to pass laws to protect privacy if all kinds of mass privacy in-vakss tu invasions turn out. faa has very little institution al involvement. but, yeah, others can answer better than me when it comes to just sort of what is best for the industry. >> i think it's very interesting when you raise the tension between first amendment rights and privacy rights. and that will have to be resolved. >> i think we're at a point in history almost when we went from the horse and buggy to cars.
we had rules that were great for horse and buggies and we probably tried to apply those to cars when they first came on the trail. and we're doing the same thing now. there really is, you know, no dedicated law yet, we're using laws of aircraft to govern these. but it's slow progress. meanwhile the technology for these is moving ahead at moore's law. doubling every two years. so there has to be some change. and unfortunately, i think the area -- or the era of free flight is probably coming to an end for the modelers out there, if you will. i believe eventually you'll have to come to some form of licensing. doesn't matter the age, but when you buy one, it should be registered and licensed. right now there is quite a deal of anonymity. you're on the ground safe and sound holding this swhich is
actually a flight deck or cockpit. we focus on the aircraft, but this flight deck is also very important. and that's tied to a person. and when that drone is up there flying and that person is not at risk, that is a mindset, that person has to think what they do with that drone is going to be watch and they have to be accountable for what happens to this. in some cases i don't think we're quite there yet. >> the moral hazard so to speak has hnot been allocated. >> i'm a little reluctant to try to predict the future exactly on this, but i think a lot of the different things that you're seeing with hobbyists is going to put a lot of pressure on probably the congress to try to go back and revisit what was fairly handsoff kind of roach to t approach pot hobbyists. dawn was alluding to the modernization act in terms of what the requirements are.
so we might see some work in that space. in terms of the threat that you've been mentioning and the panel is focusing on in part, the faa does have the authority with the secretary of defense under title xlix united states code section 401.03 b 3 to issue regulations that have to do with the national security space, so we may see some things in that area. some of the early panels talked about homeland security and legislation and the difficulties of getting things through congress. right now there are 16 bills pending that in one form or another mention uas, none of them has really made significant progress. but we may see some enhancements to some of the penalties to discourage some of the hobbyists' use by increasing some of the penalties. so i think we'll see different movement in the regulatory space as well as different movement in
the federal and the state regulatory space in this regard. >> one of the things i thought when joe was talking about we used to see birds and now we might see uav. and i know dawn and fred would be -- a bird can do a lot of damage to an airplane. it can bring an airplane down. and i'm wondering if-will-i hate to say this -- whether we have to have a desert 1 phenomenon. in other words, a big disaster and then suddenly we'll get a lot of urge to have a lot of regulation. dawn, what do you think about that? >> i would hate to position t t we'd wait for something like that. we had a drone land on the white house lawn in january. so there was a flurry of activity after that where people start talking, how the they oig is this possible, what would we
do in in response. and the not shortly after that, we had a man copter, gyrocopter, land on the capitol lawn. and that highlighted a number of problems including detection, which when they peeled it back was on the radar but wasn't on the visual radar as the air traffic controllers are looking out. so to go back to where we started with what jcgeneral roggero said, this isn't emerging. this is real. the fact that president merkel was on a podium with her dignitaries and one of these things flew right up into her face. have you ever seen that video? anybody? yes, one hand. thank you for the audience. so this threat is real. and to go back to your question about what kind of legislation do we need or do we need something comprehensive, i would submit you do.
i really feel that we need a comprehensive federal legislative scheme on this topic that deals not only with the government but also with private individuals, as well, to a certain extent. because right now especially the counter uas piece of this. and where you sit determines where you stand obviously i'm in the military. and i would love to see especially in the states right now -- because you have this patchwork of different laws out there. and for a national guard brethren who i know we had one speaking on the last panel, this stuff applies to them at the state level. so as a military member, i'm saying that if you're not thinking about this, this isn't in the legislation, this could pose a big problem to possibly our training and exercises that we need to do to be able to
perform our overseas missions. we can talk all day about federal pre-severemption and so states are done a great job. but, yes, i think a comprehensive scheme. and not just like a drone law, right? because to me it's a little truss tr frustrating. we do have laws on the books that should apply, why do we need something special. but so many laws need to be addressed including the federal trespass law. it really doesn't prohibit someone flying over for example a military base and looking. because it really applies to the ground. it's very ground centric. so i think there are gaps there. i also think there are gaps in the federal court of claims act. you talked about maybe the net response, if you will. what other response, i can net ticks shoot it down, whatever do you. but if a military commander is defending his base against one of these and damages it, should
the air force get sued or the army? i think there should be something in the act about that, as well. so i think this this needs to be verysively looked at. >> i think that the future may be determined by a single incident or accident or terrorist attack or what have you. and i think there will be a lot of pressure for regulation. some of the proposals that i've seen include making every drone no matter how shawl have a transponder so that anybody can see not only where any drones are thin the area, but also who owns those drones and that could be a determent to certain wbad behavior. also prohibit anonymous photography. there also have been after the white house incident there were proposals, in fact the
manufacturer building in gio fencing into the technology. if you're talking about taking a technology out there and putting gio fencing that can be controlleded in a centralized way, you're allowing centralized control of technology and what about the freedom to tinker with one's open technology. we generally don't like regulation of personal technology. and on the other hand these are aircraft, we regulate cars heavily because they're so dangerous and doesn't it make sense to regulate aircraft. and i think those are the deb e debates that you will see. so, yeah. >> let's open it up to some questions. yes, ma'am. francine, would you mind coming up to -- some of us, our hearing is not as good as it once was. >> it's a pleasure to hear all of you speak. it's sad to think that we're going to have to have as you seem to suggest a major incident
before we get consensus on how to proceed. but the thing that i have found interesting within tsa when we've discussed this is the difference of opinion as to whether or not a drone really could be used to take down a commercial aircraft. and that is something that i have asked and i get answers that suggest people don't think it's possible because a drone flies this the way a helicopter flies. and it would not be sucked into the engine. and it would bhouns oounce off outer metal shell. >> thank you very much, francine. thank you do your service with the ts after ta and keeping us that regard. yes, these can very much be a danger to an airplane.
now, it may not hit the airplane. but if i wanted to be a bad guy, i would take a few of these and not just one, i would take a few and they only cost maybe $300. you'd put them up on approach to a major runway and let the airplane fly to hit. now, actually it depends on what i want do. to i want to bring down the airplane or cause billions of dollars worth of economic damage in a day because what is the reaction of the airport authority's going to be when all those drones are signature ottie approach. they will probably divert those airplanes to a lot of different fields until they can use a counter system if they have one or somehow find the operator of those drones and seize that activity. in the meantime, you have passengers and equipment and mail and things like that going to all kinds of different
locations. so if you want to do a determined effort, you have to think about what the bad guy is really trying to do. bring down an airplane or send a message. >> or just interfere. you've probably seen in the paper recentlyof -- not tons, but quite frequently drones are interfering with medical choppers. i don't want to say a routine problem, but pretty routine. and then more recently of course in california with the wildfires, you know, everybody out there wanting their drones filming the fire, they couldn't get the aircraft into drop the fire retardantetardant. so lots of issues there. we don't want on give the bad guys any ideas of course, but we could probably list out a whole list of horribles of ways that you could do that. >> there is an assumption in the media that if a 747 hits a hobbyist drone that it will be
catastrophic. but people seem to say that it's not. if it get sucked into that engine, it would take out that engine, which is not a catastrophic thing for an airliner. if that's wrong -- >> well, i think fred and dawn might agree there have been pretty weird little things that have brought down airplanes that you would not expect. but this young lady here. >> i'm former u.s. department of state foreign service. i live in harlem on the harlem river. we recently had a drone up on the -- spying on the 26th floor into a neighbor's bedroom. and the adjoining building for us is the newly bus depot who first spotted the guy on the street doing it and they should
you shooed him away. so if i see a drone outside my bedroom window, can i shoot him? >> well, i think the consensus has beenso if i see a drone out bedroom window, can i shoot him? >> well, i think the consensus has been that pulling the shade is the option right now. but correct me if i'm wrong, colleagues. i think that there are some peeping tom statutes and 10 forth aboso forth. but that's why i asked the question can we pull out our pistol. >> his up skel special forces. so we finally found him. you're saying basically we can't do anything but pull the shade? >> honestly, i have like six binders in my office of the various statutes or the proposed legislation and those that have been passed and i can't recall off hand if new york has actually passed a law and if they would have a provision that would prohibit that activity.
so i don't really know. but -- >> i have an idea, ma'am, we'll do a militia. >> let's say hiypothetically yo did it shoot down a drone. you're in the city. where is it going to land? one of the thiching things we military race, when an enemy is shooting at your planes, a lot of the ammunition ends up landing back in the city. and a lot of collateral damage. and the iraqis would shoot missiles at airplanes and one came down, i remember it in a market area. i don't know if you remember that one, fred. we got blamed for it and so we went and looked at the pieces and it was actually an iraqi missile. any other comments on -- [ inaudible ] >> well, some states have laws that like for example oregon has
a law making it unlawful for a person to make a photograph or fly an aircraft without permission. there are peeping tom laws, some which might be technology neutral, but states might be able to apply. so there are some statutes that govern this. the question would be whether or not you're in a location or a state that has such a statute and then whether or not the elements of the crime have been established in terms of the state of the mind of the actor and then the other elements of the statute. >> and i would just add if it were a government or police drone, it would almost certainly be a violation of the fourth amendment, reasonable expectation to privacy upper story window. >> and one of the things that i would advise, if you see a drone and it's obviously being operated where it's not supposed to be, which means that you have a little sense of where it can be legal and where it's not, certainly outside your bedroom window is probably not the right place for it to be flying, but the first thing i would do, everybody tends to look up when
somebody says drone. you should be looking down. don't forget, there is a guy or somebody out there within the flight deck of this. it just happens to be on the ground. [ inaudible ] he's probably within a mile. >> you raise another super interesting question about whether or not somebody's typical homeowner policy would cover a drone operation even as a hobbyist. i don't know the answer to that, but i think that's a question that people need to ask. and it will be interesting to see how the drone industry approaches this because i'm not quite sure how they would assess the risk and so forth. fred, do you have any thoughts on that one before we go on to this gentleman? >> sure. and just to back up one because there is sort of another second, third order of effect that probably wasn't intended. but if you see this guy, it's probably best to call -- leave law enforcement to deal with it
because this guy is flying. he's in a flight deck. there is a statute against interfering with a flight crew, as well. now that's one of those things hasn't been tested in the court, but if you were to go down the legal parameters, that should be another concern. so if you do wrestle him to the ground or her, you might be in violation of something else. but to get to the insurance question, most modelers belong to the ama which includes insurance. the only problem with insurance right now is insurance is all based on data as those of you who deal with aviation insurance though. we have 70, 80 years of aviation data so they can establish what risk is and price it accordingly. right now there is no data on this. 700,000 of these will be sold this year and when they walk out of radio shack or off of amazon, and a certain percentage will be wasted within the first couple of days. there is no place to record
that. so the industry really doesn't have any idea of the risk level of these. so if somebody wants to go out and get an shrps poinsurance po this, that policy will probably cost two to three times of what the cost of this actually is. so guess what their decision will be. >> another great pain foreshape enterprising law student. sir. >> well, i -- >> i'm a general, so we'll just go a little longer. >> it doesn't matter. just a quick point. i think industry will have to do some heavy lifting and what the product does. i used do products liability work before i joined the government. and failsafe is a critical thing. and if you're going to send a product particularly if it looks like the economics of it is to try to get that last mile to deliver things to people, this will be even heavier, you will have to be able to have it failsafely or as safely as you
can which means it will be overengineered and a lot more expensive than the $300. the same thing happened with automobiles. average price of car is like $34,000, but it's a lot safer than it was in 1964. so i think there is probably something where the industry is probably in its own interests will start thinking about how can we design these things are geo fencing already built in. i know amazon's founder is trying to get a slice of air space where this won't have to interact with anything else and you can put a governor on it saying you can't go above that. so you wouldn't have necessarily except for right around the airports which could be geo fenced the issue with the being issued in to a 747 unless of course you manipulated it, hacked into it. >> yes, sir. >> putting aside the shotgun
approach, you obviously can't do that with u.s. 32 and companies whether fortune 500s or todown individuals have the type of defense you were talking about there, are v are companies that basically say we know you can't shoot out of the sky, but we can disconnect so the camera won't work. so if you see a drone coming up to you, one calleded a cyborg unplugg unplugged, but if you were taking in to account saying you don't want the drone falling out of the sky, but most stabilize that the pilot is no ropger in charge and it is supposed to be line of sight. so if you went ahead and disconnect that had camera, so you don't have that peeping tomt problem, there are of course the right of taking that photograph, but there are also peeping tom laws. a lot of debate online whether
this is criminal. it looks as though it is. >> what you run into, the minute that you start to get into a signal or signal interruption, suddenly there are a whole bunch of fcc rules that you're in violation of. so once again, you know, whoever is using that as a defense has to make sure that they understand the authorities that they can use that defense against. certainly like i said in defense of a national security asset, yes. in terms of your personal home, i don't think you'd be on solid ground and i'd find a good lawyer. >> i think the other thing separate from the criminal statutes or the fcc statutes and regulations you might be violating is you need to think about collateral consequences. so if you're jamming some wireless signal and all of a sudden people can't call 911 or someone's medical instrument is disconnected for some treatment
that they're receiving, i think the collateral consequences take come from trying to interfere with or jam a signal need to be thought there and the same for military commanders or other people trying to defend their space against, not just the question of a statute, but the collateral consequences that may flow from the particular acts. so that needs to be thought through even assuming that you can determine intent which is a separate question. >> you assume that it would stabilize and they are very resilient systems, there is redundancy in those systems. and i'm not an operator, but i've talked to enough to somewhat understand this. the problem is that may not be a correct assumption. you may have just september this into uncontrolled flight. so now where is it going to go. is it going to land on the school bus full of kids. where is it going to go about so that that is the second third order of effect. >> and no matter what, if you're
interested in the defense side on this issue, you're going to have to have per rim testify defense of some kind before if you have a nuclear power plant, no matter how much geo fencing or other limits are programmed in to droins, somebody can, a, hack the nuclear plant, someone can hack the drone and defeat it, they can hack other people's drones, and that's something we haven't talked about which is a whole other realm of security threat, people hacking other drones. >> hi. sharon novak. a quick question about the stadiums. talking to an nfl employee, but i can't go into details about threats but there are issues in public places with drones, things happening, not just picture taking. you don't want to give people ideas but you don't want the pro teams to have drones because they're afraid of things flying over. there should be a nationwide law
about public events. >> for any public gatherings, i believe the number is 30,000 people for any stadiums while occupied. there's a restricted zone that goes up rnd that venue. that would incollide nascar, football games, college games, as well as pro. there is restricted air space. but that comes into the next question of what training do we give to drone operator to let them know they have to look to the notes to determine when this temporary flight restriction zone becomes active. many don't know. that goes to an education aspect of public affairs campaign if you will by the faa of getting the rule out. if somebody violates it, they can be fined or jail. >> but then there's the nut case who's operating it and that's why i think probably the next big thing is drone defenses. but, as we heard from our
panelists, it requires a very holistic approach. it engages collateral unintended consequences to include what happens with the frequency space and so forth. it can have all kinds of -- but that may be the next big thing. how can you construct a defensive system that acknowledges these other interests in a productive way. and i think ultimately it's going to come to some sort of balancing, like we have with automobiles. we require licensing, the automobile has to be inspected. but we don't go the next level that we could. if we wanted to drive down the casualties from 30,000 a year to $10,000 a year, you would have to take a test every year. your car would have to be like a tank. you know, and all sorts of other
things. but we as a society have decided that there's a balance there and maybe that's the future of drones. i would like to hear from our panelists. >> what was the special question, about the future in. >> yeah. do you think that home defense against drones or at least at big public events is going to be -- fred or scott, do you think that's going to be the next big thing in industry? >> certainly. and this community is probably going to help it out. first time it happens at a stadium, there is going to be a few lawsuits against that. and if the stadium knew this was a potential threat and yet they did nothing and there was the capability to do something, that's going to drive action. >> and i'm not even sure a dome would work because somebody could bring one in and operate anytime a dome stadium. >> i would say this in terms of my personal recommendation. there could be some authorities out there who don't have the
capability to act. and there could be authorities or state and local folk that have the capabilities but they don't know whether they have the authority. i think what has to happen now -- and my recommendation would be for federal, state and local authorities who might be responding to one of these incidents, whether it's civilian and military, they should get together and do the tabletop exercise. okay, if this happens, what are your legal authorities, what are our response authorities. and if the discussions in those tabletop exercises disclose there are legal gaps or training gaps, then those discussions should lead to things to happen. the time that you want to respond to an incident and answer the question is not when the drone is on the way. you want to have the conversations now. and if the damage is done, we want to be able to prosecute or do something about it. if we don't have the right protocol response in place, then maybe the evidence trail isn't
good and they can't respond. folks need to get together to look at what's going on in their jurisdictions, look at the vu l vulnerabilities. >> you need engineers and scientists at that table to explain what is in the realm of the possible vesee so vie defen. and the lawyers to say here is what we need to do to get there. if everybody is not working together, we're not going to have a solution. >> and we need the privacy ad o advocates involved as well. we could go on the rest of the afternoon here. i can't really summarize where
we ought to go better than what has already been done. but i think we at least know what the questions are. and i think we -- i know in my mind, i've thought of things that i hadn't really thought about, like homeowners insurance if you have a drone. so i think we know what the questions are and now we have to go forward looking for the solutions. and i really, i really like your idea of having the tabletop and doing it before we have the desert one event. i really hope that we do it. joe, i want to thank you so much for allowing us some extra time. i really personally appreciate it. thank you. [ applause ] >> thank you, charlie. this is a panel that i hope we can encourage to come back next year. i think so much is going to happen between now and next year in this space. and also, those papers can be read by a law student between now and then. we're going to move to the next
panel, supply chain. and without too much more adieu, i'm going to get them up. they can join us. right after this panel we'll go to our cocktail reception. stay with us. this is -- if you have any export products [ inaudible ] stay with us. thank you very much. i'll make introductions. this afternoon on c-span radio and c-span.org, 1 is of the republican presidential candidates in columbia, south carolina, one of the early
primary states. for interviews at a heritage action forum. coverage starts at 3:50 p.m. eastern time. . the pope's upcoming visit to the u.s. c-span has live coverage from washington, the first stop. on wednesday, september 23rd kb pope francis will visit the white house starting with a welcoming ceremony on the south lawn. followed by a meeting with president obama. then on thursday, september 24th, the pope makes history on capitol hill becoming the first pontiff to address both the house of repts and the senate during a joint meeting. follow all of c-span's live coverage of the pope's historic visit to d.c. and wednesday, president obama and the first lady will officially welcome pope front
francis. later in the day at 4:00 p.m., pope francis will say mass outside the basilica of the national shrine in washington, d.c. about 25,000 people are expected to attend. thursday at 10:00 a.m. we'll address a joint meeting of congress within the first time a pope has made such a speech. live coverage at 0:00 a.m. eastern time on c-span. a final panel now from this homeland security conference hosted by the american bar association. this discussion is on the role of lawyers in emergency preparedness. the next topic is a very serious one, which is going to be reflected upon by our panel. and moderating that panel is a perfect person to be part of this segment, joshua filler. i know josh from my service at the department of homeland security. he's the founder and president of filler security strategies in
washington, d.c. it's a homeland security consulting firm, specializing in risk and capability assessments, exercise and evaluations. he served as the first director of the office of state and local coordination for the u.s. department of homeland security. josh coauthored the homeland security presidential directive eight on national preparedness that we followed early in the history of homeland security. he served on numerous boards to including the homeland security policy institute at george washington university. please welcome josh filler. josh, thank you. [ applause ] >> thank you, joe. good afternoon, everyone. again i'm josh filler. i'll be serving as the moderator on today's panel. when we think about emergency preparedness and response, we generally tend to think of firefighters and police officers and sheriff's deputies and the like. and while that makes a lot of