Skip to main content

tv   Director James Comey Says FBI Doesnt Take Sides  CSPAN  March 31, 2017 9:41pm-10:46pm EDT

9:41 pm
only four of them have agriculture. and chico essentially represents the northern part of the state. all over california to be experienced in agriculture itself. >> and we'll also go inside the chico museum to see the historic chinese altar from the 1880 chico chinese temple. watch c-span cities tour of chico, california on c-span2's book tv and american history tv on c-span3. working with our cable affiliates and visiting cities across the country. now fbi director james comey gives the speech on data encryption, intelligence gathering. it's an hour. >> thank you for that kind introduction. i did take a shot at the new england patriots on live
9:42 pm
television which i heard about from one of my brothers who betrayed the family when he moved to massachusetts and became a patriots fan. what i want to do very briefly is share with you some thoughts that are top of mind today for the fbi. and then i want to take questions that i will try to avoid answering from the great mike leiter. and i'm determined not to make news. first thing, i want to talk briefly about how the fbi is thinking about our cyber strategy. you hear me okay? how the fbi is thinking about our cyber strategy. then i want to talk about a unique challenge to all of our work in the form of u bbiquitou encryption and why it means so much to the fbi. the first cyber strategy. to state the obvious for this room, all the threats the fbi's
9:43 pm
responsible for come at us through the internet. counterintelligence, all the criminal threats are responsible for. and terrorists in the following way. to communicate to inspire to direct. not yet to use the cyber vector as a way to have doing actually harm, inflicting harm of infrastructure. logic tells us that it's inevitable for the terrorist mind to find that vector. it's all the threats the fbi are responsible for come at us in that way. the first part of our strategy is humility. we are standing in the middle of the greatest transformation i think in human history. the way we learn, the way we work, the way we love. the way we connect. the way we believe. all is affected by the digital era, the digital revolution. we know how the fbi should grow
9:44 pm
and change and adapt to meet a transformation. we don't know for sure. what we're trying to do are things that are thoughtful, make good sense to us. then get feedback from our partners and colleagues around the world about whether it's making sense. th two parts i want to spend some time on. first part of our strategy is we want to focus ourselves and there are two aspects that i want to highlight in the way we are trying to focus. the first is the way we assign the work in the fbi. traditionally in the n fbi, the physical manifestation is what drives who works on it. if the bank robbery happens in chicago, the chicago field office works the bank robbery. if the fraud is based in seattle, the seattle office. we've come to the conclusion
9:45 pm
that the physical manifestation of a cyber intrusion especially isn't all that meaningful. because it's being committed likely by somebody far away from the physical manifestation. it's being committed at the speed of light, and it may be quite random as to where the intrusion pops first. we're approaching our work in a different way for the fbi. we now assign computer intrusion work whether that's a nation state, whether it involves a criminal syndicate, criminal syndicate working for a nation state, whether it involves the motley crew of people engaged in intrusion, it's based on talent. we make a judgment on which field office posed to us by a nation state and we assign it there because they've demonstrated the ability. but because physical manifestations of intrusions are part of the real world and there
9:46 pm
vl a chief information security officer and there really is a cso and a ceo of a company that's been victimized, we're not blind to physical manifestations. and so we assign the threat of the talent. then we allow up to four other offices to help. the first office is called a strat office for strategic. the other offices are called tact offices for tactical. then air control from washington. this has had a great effectiveness in the fbi. it has fostered an intense competition among field offices to demonstrate -- generate and demonstrate the talent against dimensions of this threat. so little rock shows us they are best against a particular intrusion set from a foreign nation, it goes to little rock regardless of where the hits are from that intrusion set. so far it's working pretty well. so far air traffic has worked well. we stand here with humility.
9:47 pm
if it isn't working in some way, we're going to reiterate. the second way we're trying to focus is on stealing your talent. here's what i mean by that. the challenge we face at the fbi is that to have a special agent working cyber, we need a variety of things. we need high integrity. we need fitness. we're going to give you a firearm. you have to be able to run, fight, shoot. we need integrity, fitness. then we need smarts. we need intelligence. then we need specialized knowledge to make you a cyber agent. that collection of attributes is rare in nature. we may find integrity. somebody who can't do a push-up who has great specialized knowledge in general attention. or we'll find somebody with great specialized knowledge, can push out a push-up and wants to smoke weed on the way to e the
9:48 pm
interview. so we stare at the pool of talent and we have two reactions to the pool. we can't compete on money. you in the private sector have more money than we. we acknowledge that to the people we're trying to recruit. but we also make sure they understand life with you is soulless and empty. he said half kiddingly. and if you want to do work with content, come to us. it's not about the living. it's about the life. a pitch that worked for a lot of you in this room of ours. and so we try and recruit on moral content. and then we're trying to think differently about how we might generate that talent. in a number of different ways, we're considering do we really need -- making up an entire squad? now we have squads of eight around the country. should we instead have two special agents and six something
9:49 pm
els? maybe people of integrity, people with specialized knowledge. we don't give them a gun because they don't have the physical attribute. maybe. something else we're considering is if we can find that integrity, that physicality, and basic high intelligence, should we grow our own? should we build our own university to take that talent and raise it up to be cyber talent? maybe. and should we also do something else that is brand new for the fbi. should we try to make the barrier between us and the private sector semipermeable so that special agents might come work for the fbi and then go work in the private sector and then come back. the kurncurrent rule requires ae who leaves for 24 months to go back through quantico. that's a painful experience for people in their 40s. they all want to come back because they discover your lives are empty and soulless so they want to come back. but we've made real barriers to their returning.
9:50 pm
and might we be able to encourage people from the private sector to come work with us as that something else don't have to go through quantico to learn how to run, fight, shoot, and return to the private sector? our minds are open then return sector. our minds are open to all of these things because we are seeking a talent and a pool that is increasingly small. so you're going to see us experiment with a number of different approaches. and then i hope when you see us doing something that doesn't make sense you'll tell us. when you see us doing something you think we ought to do more of, you'll tell us that as well. and it will be met with an attitude of humility. so focusing in a better way our work and how to get our best talent is the first part of our strategy. >> the second part is that we need to make sure that we, inside the government, have our act together in such a way that it doesn't matter to whom a victim of an intrusion or a
9:51 pm
cryptoware attack or some other attack it doesn't matter who they tell in the federal government. we're in that place when it comes to counter terrorism. you walk up to an f.b.i. agent, a deputy sheriff, a police officer with a piece of information about counter terrorism, terrorism threat. it will get to the right place very, very quickly. it doesn't matter who you tell. we've got to get to that place inside the federal government. we made a lot of progress on that trying to understand the rules of the road. but we still have work to do. the third thing we're trying to do is impose costs. i don't know the cyber intrusion that has ever been committed high on crack or inflamed by finding a lover in the arms of another. these are crimes, these are intrusions, these are attacks that are committed with reflection and calmness at a keyboard. we think that's an opportunity for deterrence, for influencing behavior. so we are keen to make sure that that attacker, whether it's somebody sitting in a government office halfway around the world or in a bottom somewhere in the
9:52 pm
pacific northwest that they feel our breath on the back of their necks. maybe literally, but at least metaphorically, as they begin that intrusion activity. we think we can shape behavior by locking people up. and where we can't lock people up by sending messages of pretty scary deterrence. faces on wanted posters. and people sometimes say to me yeah but the hacker somewhere halfway around the world working for another government or they're shelt earth -- sheltered by a government. how are we ever going to get them? my response is, life is long. the world is short. we are dogged people. we just gave up on d.b. cooper. and that took us about 52 years, i think. for those of you who are young he jumped out over the airplane over the pacific cascades. we hunted him for 50 years. we're pretty sure he is dead now so we're giving up. but when your face goes up on a wanted poster, we are not going to give up in your lifetime. and that can change behavior.
9:53 pm
so you'll see us send those messages in an attempt to shape people. the the fourth aspect of our strategy i won't spend a lot of time on is to help our brothers and sisters in state and local law enforcement raise their digital game. because everything they do requires digital literacy. in the good old days narcotic detective would roll up on a location, execute a search warrant at a drug house and find not just drugs and money but one of those black composition notebooks and the dealers would have written who got how much and how much they're worth. and you photo copied that, you're good to go. today there's no notebook. there's a pda, thumb drive, laptop. there is a digital device. we have to help our colleagues get to that work in a quality way, because there's simply no way the fbi can be part of helping with all of it. i'm told that people get e-mails from me when i'm in nigeria asking for money to be wired.
9:54 pm
i usually write identify myself as the president of the federal bureau of investigation. don't send me any money. but people do get ripped off. and the bureau can't reach all of that so the fourth part is help our partners raise their game and there's a lot behind that but i'll leave it there. the fifth thing which is the one i want to spend a few minutes on. we must get better at sharing information across the boundary -- and there should be a boundary between the public sector and the private sector. we have to find ways consistent with law and policy and tradition and culture to make the barrier between us and the private sector semi-permeable in some fashion. and the reason for this is nearly all of the intrusion activity in the united states coming at the united states hits the private sector. all the victims are in the private sector, all the indicators are in the private sector, all the evidence, if we want to go criminal, is in the private sector.
9:55 pm
we are not nearly good enough at getting information from the private sector to us and getting information from us to the private sector. this, i believe, is actually a problem, not so much of law but of lore. and the biggest problem -- i was general counsel as you heard. the biggest problem is people like i was who are spotting risks and calling them out. if we give that information to the government will it be used against us in a competition? will it be disclosed to congress in some way that it becomes public? will we get sued? what will our shareholders say? how will it hurt the enterprise? i see too many risks. what you ought to is hire one of the great firms that will help us remediate and get back on with our business. even people saying yes our files are locked up with ransom ware, let's pay the ransom and get on with it. most of the intrusions in this country are not reported to the law enforcement. and that is a very bad place to be.
9:56 pm
people are foolish and short-sighted to think that their interests in the private sector are not aligned with ours when it comes to this because you're kidding yourself if you don't realize that the hackers will be back if not to you than to your subsidiaries and your supply chain. those with the ransom ware will be back especially if you paid them off. our interests are aligned. the challenge we face is having the private sector know us well enough to realize we understand what a victim is. and we treat victims for what they are, which is victims and we do not re-victimize people. whether that's a sexual assault case or an armed robbery case, a mafia case or a computer intrusion case. we have lots of practice at this. our challenges people don't know us well enough. too much confusion and skepticism. and distance. derived from misunderstanding and myths.
9:57 pm
so the f.b.i.'s mission is to get out and talk to the private sector and let you know what we're like. now, i liken this actually to a journey that the c.i.a. and the fbi traveled since the mid-1980s. that's what i mean by the difference between law and lore. most people know in this the room that in the mid-1980s, the classified information procedures act was passed that offered us certainty about how sources and methods would be treated and protected if the government decided to use a criminal prosecution to incapacitate. to reassure the community that we're not going to blow sources and methods. that did not get the job done. because that is law. it took us 20 years of building trust, case by case by case, so the intelligence community came to realize you know what this really works. we really can trust the f.b.i. to protect our sources and
9:58 pm
methods, to use these tools that have been been on the books since the 1980s and use them in a way that protects us. that took us two decades to build that trust. it is in a very healthy place today. it is not in a healthy place when it comes to the private sector. so my ask, those of you who run companies who are the chief security officers, the general counsels. if you don't know someone at the fbi office where your facilities are, you're failing. you are pushing on an open door, come and talk to us, to understand in the event of an intrusion, in the event of an attack what is it that we need? and you'll discover we don't need your memos. we don't need your e-mails. we need indicators of compromise. we need to know how did the bad guys come. what are the signals, what are the indicators that we can use to contribute and help you get over this attack. the sony attack was a vicious hugely damaging attack.
9:59 pm
it would have been worse if sony hadn't invested the time to know us before the attack. every single one of you works in a facility that your local fire department knows the general layout of. they don't know your intellectual property, they don't know your secrets. but they know where your stand pipes are, your elevators. they know the general layout so in the midst of a smoky disaster they can save lives. we knew sony in that same way. we didn't know their secrets or intellectual property. we knew their key people, their facilities. we knew the layout of their network, generally. that day within hours we were on the ground helping stop the bleeding. the private sector has to get to know us better if we're going to be more effective. but it doesn't stop there because it's bad if people don't share information to us we don't do a good enough job of pushing information to the private sector. we have a cultural impediment,
10:00 pm
which is we have this information if i give it to them are they going to jeopardize sources and methods? sometimes we forget that you don't need the sources and methods. you need indicators of compromise so you can figure out how they're coming at you. and all of you in the room know this information if i give it to them are they going this. oftentimes private sector don't know what war come means. oftentimes we have a piece of information. we can't just turn it over to you. we have to go back to the people who own that information. but we can do that so much better than today. we will get better. i hope you will help us get better as well. the last thing i want to leave you is this. i intentionally did not talk a lot last year about the challenge we face from ubiquitous strong encryption. our judgment at the fbi was that this is a complicated issue with legal aspects, technical
10:01 pm
aspects, policy aspects, values. it was too complicated to discuss during an election year. i know you're thinking you're totally wrong. we could have nailed this. but we decided that we would not force a conversation about it. but that we would use the time to try to collect data so we could show people what's happening to our world. and here's what's happening. you imagine we work -- the fbi works in a room. a corner of that room has always been dark for the last 20 years. sophisticated actors could always find encryption to lock up a device, encryption to cover data in motion. sophisticated actors, nation -- near nation-state actors. what's happened is that dark spot has started to spread through the entire room. ubiquitous default encryption on devices, ubiquitous strong encryption on apps and other forms of information has spread
10:02 pm
if shadow so it is starting to cover more and more of our room. i'll demonstrate this with facts from our encounters with devices. october, november, december, 2,800 devices were presented to the fbi in the united states with lawful authority to open them. some from fbi investigations, others from state and local partners. they gave them to the fbi saying we have a court order, can you help us? in 43% of those cases we could not open those devices with any technique. any technique. that is the shadow falling across our work. you may say who cares? i don't know. but i think america needs to have a conversation about this. because i care deeply about privacy, treasure it. i have an instagram account with nine followers. nobody's getting in. they're all immediate relatives and one daughter's serious boyfriend. i let them in because they're
10:03 pm
serious enough. i don't want anybody looking at my photos. i treasure my privacy and security on the internet. my job, like a lot of the people in this room is public safety. those two values, privacy and safety, are crashing into each other. but i actually believe something more fundamental is happening. especially with regard to devices. those devices contain so much of our lives. our business life, social life. our lives are on those devices that we wear on our hip and carry in our pockets. that's a great thing. that has made us better in lots of different ways. but it has also introduced a concept that is new to america which is absolute privacy. we have never had absolute privacy in this country. this country was founded on a bargain which is your stuff is private unless the people of the united states need to see it. and then with appropriate predication and oversight -- obvious example of that being enshrined in the fourth
10:04 pm
amendment, the government, the people of the united states can see your stuff. they can go through your safe deposit box, your sock drawer, your car. they can actually compel you to say what you remember in appropriate circumstances. we've never had absolute privacy. the bargain was we have this privacy that can be invaded with this predication oversight so we achieve a balance between privacy on the one hand and security on the other. what's happening now is we're drifting to a place where absolute privacy is a huge feature of american lives. there are wide swaths of american life that are now off limits to judges. and i'm not offering that as a value statement. that's just a fact. that's a different way to live. if we are going to change the fundamental compact at the heart of this country, it should not be the fbi that does it. it should not be companies that make amazing devices that do it. the american people ought to do it. so what i'm determined to do is
10:05 pm
not to tell you we what ought do, but to tell you there's a problem and to urge all of you to participate in this conversation. maybe at the end of the day we say the benefits of privacy in this instance are so important that we'll put off with the tradeoffs. or maybe we say the tradeoffs are so significant we ought to see if we can't find a way to optimize both of those values better than we are today. i actually reject the idea that it is too hard. i actually don't think we've given it the shot that it deserves. i don't know anybody in the private sector that is actually making devices who is incentivized to try and figure out how to optimize those two values. they sell privacy. i get that. we're responsible for public safety. somehow we have to bring those two together. the fbi's an example of how it can be done. we give devices to some of our agents who are here today. we give them device that is we work very hard to make secure. but we retain the ability in appropriate circumstances to access that content. it does not require weakening
10:06 pm
encryption. it does not require giving the government a backdoor of some sort. i could actually imagine a world where some day if you're going to sell devices in the united states. you're required to be able to comply with judicial orders. you figure out how. i don't know if we're going there but first we have to have a conversation about it. so you're going to see the fbi trying to supply data to this conversation, stories of how it impacts our work so that we can foster an informed debate. i have six years and a few months to go. i don't want to see six years from now people say to me how come you didn't say something? i'm going to say something. this is affecting our national security work, counter terrorism, counter intelligence, and all of our criminal work in profound ways. which you would expect because we're now living in a different way. we should talk about it. and i thank you so much for joining that conversation. now i look forward to mike's questions.
10:07 pm
>> thank you, michael. >> thank you, director, for those comments. i think he's covered a lot of topics. i think there's a couple more issues that mike will probably get into as well as we go along. but i want to introduce mike a little bit and it was an interesting exercise for me today. the thing i'm going to introduce mike. i know mike. i'm going to say a couple nice things about mike and so forth. but i actually went back and read the bio and i guess i would suggest to all of you, when you go to do this, go back and read the bio because sometimes people you think you know, it's really good to know them a little bit better. as i got into that, you know mike was the director of nctc
10:08 pm
for four years, i think. left there in 2011. you see him a lot on nbc news doing some commentary stuff. very good. he's been in industry. he's been with us on the industry side as well. i looked at a couple things. mike was a naval aviator with service in iraq and yugoslavia. got out went to law school. was the 113th president of the harvard law review. left there and clerked for steven breyer on the supreme court. went from there and was an assistant u.s. attorney for the eastern district of virginia. went from there to the wmd commission where he got involved in things like how should we restructure the fbi and
10:09 pm
something called the national security branch. so you see some interesting parallels between some careers. i just want to share that with you. and also to say with the sort of background that we know we get with our zrekter -- director of the fbi and with mike, we are very lucky to have people like that that want to serve. so thank you both. [ applause ] and i just wish that when we stood up my head was parallel to jim's. no such luck at 5'10". well, jim, first of all thank you for those comments. and i think all of us really do owe you and i would ask a round of applause for an american public servant who has been through -- has had an incredible career and has been in the midst of one of the most difficult times i think in recent u.s. history. i want to thank you for your service. [ applause ]
10:10 pm
and i've got say the nice stuff. so i can now hit you with inside -- and i'm going to jump right into what i think everyone in this room and what many people watching on c-span probably want to know about. a big question, what do you think of how the fbi has changed the uniform crime reports? is that not why you're here? quite seriously. a lot of people talked about bob muller having one of the most incredible early tenures as director of the fbi, coming in a week before 9/11. you didn't get hit with that tragedy that we all experienced at the beginning of your tenure, but since july of this year you have been in the midst of what
10:11 pm
we now know are two criminal investigations involving broadly the presidential campaign. and without asking about that, because i know you would just evade the question any way, can you reflect just a little bit on your approach to decisionmaking through all of that, especially being the director of an fbi for two presidents, carrying over between administrations as the statue and congress intended the position to be. but your decisionmaking through all of that and how, as someone who is part of the intelligence community, part of law enforcement, part of the department of justice, has to build that trust with a first customer and simultaneously so deeply involved in incredibly sensitive counterintelligence or criminal investigations? >> that's an easy one. thanks, mike. first, i think bob muller's early tenure was much harder than mine. i'm not just saying that.
10:12 pm
i think it was much harder. he came in a week before 3,000 people were murdered in our country. and then he had to not only deal with that and oversee the investigation, but transform the fbi. and i inherited a transformed fbi. so my job is a lot easier, honestly. the last year -- it's been almost a year now -- has been both difficult and easier than you might think. i'll tell you, i've never been prouder of the fbi. what makes it easy is we're not on anybody's side, ever. we're not considering whose ox will be gored by this action or that action, whose fortunes will be helped by that this or that. we just don't care and we can't care. we only ask what are the facts? what's the law? what's the right thing to do. often we find ourselves choosing between bad and worse and having a difficult short menu of options.
10:13 pm
but in a way that's been easy because that's who the fbi is. so people i think sometimes look at me and say look what you did. actually, the fbi made these decisions in a high-quality way. now, the painful part is that we confuse people. and the reason we confuse people is most people see the world differently than we do. especially in a hyper partisan environment. most people wearing glasses that filter the world according to side. and this is a challenge i face when i testify in front of congress. it's not a criticism of congress. it's they see facts as to how it will affect my side. how does that argument affect my side? and when they encounter people -- and i'm just one of 37,000 that are like this at the fbi -- who never consider side, it's confusing. like, so you're trying to help this person and that person. one of my daughters share with me last summer a tweet. and i -- i'm on twitter now. i have to be on twitter.
10:14 pm
but she showed it to me. it said that comey is such a political hack. i just can't figure out which party. and i smiled and i took that and i shared that with my senior staff. i said that is the greatest compliment. we confuse people because a lot of people can't imagine people who aren't considering side. now, we're not fools. i know that when i make a hard decision, a storm is going to follow. but honestly i don't care. if i have thought about it carefully and am doing the right thing, making the right judgment, it doesn't matter what's going to follow because it's not about that. and honestly the death of the independent fbi would lie down the path to considering impact. if we ever started to think about who will be affected and what way by our decisions in a political sense, we're done. so we never will. and in that sense it's easy. the misunderstanding of a lot of
10:15 pm
people about us can be painful. but the easy part is we know what our north star is and we're fixed on it. [ applause ] >> follow up a little bit on that. in that the intelligence community writ large and the fbi as part of that, has i think, always relied on the select committees on intelligence to provide you the breathing room to do those things in a nonpartisan way. and the reason those were select committees were to make sure that their oversight was more nonpartisan if not perfectly nonpartisan than many of the other committees. how much harder does it make your job when partisanship comes into those realms of oversight, those groups who are supposed to say, don't worry, jim comey can't tell you everything he is doing, but he's doing the
10:16 pm
oversight and you as americans should feel both safe and your privacy is protected. >> that's a great question. i don't want to comment on current events. it's vital that we the intelligence community need to be able to share with the american people through their representatives the most important things we're doing. for a bunch of reasons. first, they ought to know. and second, there's a danger in all humans -- and especially when you're in authority in the government, it's captured in something john adams said to thomas jefferson, which is power always thinks it has a great soul. there's danger. look, i think i'm an honest person. there's a danger i fall in love with my own view of things. so that checking and balance is the genius of the design of the founders. it's vital that we be able to tell them what we're doing so they can ask hard questions about it. and in my experience, it is a highly productive relationship. sometimes people outside of that world don't understand it. how come you're only telling a
10:17 pm
select few. because of the nature of the work. there are things we can't let this nation's adversaries know. we have to be able to share them with our oversight committees. and by and large it works very, very well. the challenge in general in a polarized environment is, again, those glasses of side can get in the way of a robust oversight and make it sometimes difficult for the intelligence agencies. but here's the truth. we find a way. we find a way. because we need each other too much because we all believe deeply in the design of this country and we find a way to make it work. >> i'm just happy when you check back in to got you got your soul back. >> i left it at a bus station i got it back. >> i'd like to ask you a little bit about signals intelligence. not just signals intelligence but really electronic exploitation writ large. the device might be what you find after a raid versus what
10:18 pm
you intercept. i'm just a middle aged country lawyer but i want to push you a little bit on that fourth amendment analogy that you drew that we've always had this agreement of the balance between privacy and security needs or law enforcement needs for the government. it strikes me at least two things have changed though. one, there's more information out there than ever before. so in 1787, you couldn't figure out what jim comey was saying to mike lighter for the past 10, 25 years. you could listen to that moment or look at his papers and not have everything. second, in those days of a court or magistrate approving that search want in 1787, that privacy protection that he had didn't cause any problems for anyone else.
10:19 pm
and one of the criticisms of what went on with the iphone experience was that by asking for a backdoor for one, you're not just impinging on that individual's privacy appropriately, but potentially impinging on everyone else who used an iphone on their privacy. so how do you think about those and probably other differences from the compact that was struck in 1787? >> you've pointed to two things that made this a hard debate. but to take both of them there's no doubt that there is more digital dust about all of us out there than ever before. couldn't even imagine 30 years ago. and that we're able to communicate in ways that were unimaginable. i have two reactions to that. one is the bad guys are able to communicate in ways that were unimaginable 30 years ago.
10:20 pm
the best example is isis reaching into this country through twitter, especially in the summer of 2015, to find people willing to kill on their behalf and then moving them to an encrypted end to end app. that would have been unimaginable when we began our careers. so the opportunities -- there's no doubt the opportunities for law enforcement or the intelligence community to gather information have gone up dramatically. but so have the ability of the bad guys. second thing. metadata is great. incredibly useful to try to establish patterns of connection. but especially when it comes to the fbi, whose business is to incapacitate through conviction beyond a reasonable doubt. it does not get you there. you will not be able to -- maybe in some circumstances i can't imagine -- meet that threshold to a jury simply by saying i see these connections between them without any sense of content. so that's the first piece. the -- what was your second one? i forgot already. >> impinging on other people's privacies.
10:21 pm
>> that's the -- >> and let me -- sorry. let me add. when you went to the vendor in the iphone case, the argument was we can keep it safe. but since then i don't know who but someone has sued trying to get the name of the vendor. and the justice department is saying we don't want to do that because the vendor might not have the same protections the fbi does and, hence, we'd be putting at risk what we used if we disclose the name of the vendor. does doesn't that very much go to the argument that any backdoor causes privacy implications for others?. >> i think it's a reasonable argument to raise that whatever solution we have should optimize in the best way both security and privacy and there are clumsy ways you can do it that would expose all devices to an intrusion which is why -- i can say this until i'm blue in the face -- i'm not in favor of
10:22 pm
government-mandated backdoors. i would imagine a world where the companies are saying you want to sell a device in the united states, you figure out how to do it. the most secure way to do this. and look -- the problem with this debate is too much people tweeting at each other. it is -- it's a complicated conversation. but i don't buy that it's too hard. there are plenty of companies today that are providing or selling devices that are default encrypted and their cloud services are not. i hope they're able to sleep at night. i happen to think they put reasonable security around their cloud. so when we serve them with a search warrant, they produce what's in the cloud. so this notion that we're all fatally at risk or exposed if the government is able to serve judicial process, i'm just not buying it. a lot of work's been done over the last year inside the government to the figure out what could be done to optimize both of those?
10:23 pm
and i'm not going into the details but it's not impossible. >> you talked about cyber a lot and interesting things you are doing for workforce. but the traditional responsibility. do you see other changes that need to happen in the u.s. government that we have not seen the eo, the executive order already from this administration in terms of organization. the fbi did an amazing job with sony for example. there has been some confusion regarding who is in charge, who is responsible in the capabilities of each of those workforces -- how can we better optimize these pieces of the puzzle?. >> that's a great question. i think where we are today, the lanes in the road that the obama administration laid out, which to my mind just captured in writing that we developed to -- are fairly clear to us and make good sense. the fbi's responsibility is to investigate it response to
10:24 pm
intrusions, share the information we gather from our investigations. in the main, it is to help with remediation and hygiene and the dni are to provide threat indicators. intelligence about what is going on in the world. an interesting question that i am not expert enough to answer as to whether there is our role for nsa to play outside of government networks, dcod networks as part of their defensive security function. i don't know the answer to that. i think we are in a pretty good place where everyone understands their role in the government. and i think moving to the place where it does not matter who folks call. if you call us about something and it looks like it belongs to the secret service, we share it. but i think we're in a reasonable good place. that doesn't mean we can't be better but that's how i'm thinking about it. >> getting away from cyber and electronics for a minute.
10:25 pm
we have clearly had a spate of leaks over the past five years going back to chelsea manning, moving to edward snowden. recent arrests also associated with nsa. a number of those have come from contractors working for the u.s. government. do you have a perspective on that? is that part of the problem? is there something else we should be doing to protect that data not even touching some of the leaks that have been criticized in the past three to four months? >> i will not talk about anything that has been recently reported with -- for reasons which i hope you understand. we don't ever want to be in the business of confirming something was classified information. i will go further back. there is no doubt that there are improvements that we in the usg can make with respect to the way in which we know all of the people working on our campuses, both employees and contractors.
10:26 pm
and jim clapper, since snowden has been driving improvements in that way, we are quite not where we need to be yet but there is no doubt that the answer is that we need to know our people incredibly well. if we are relying on the polygraph or periodic investigations, we are not doing it well enough. five years is too long to wait. and these -- the theft cases by insiders remind me of things you see on the news about a terrible crime in the neighborhood where somebody always had a bad feeling about the guy. or take the terrorism cases, friends or family almost always saw something. so we look back at the cases we've had inside the government including inside the fbi over the years there were all kinds of flags. we have to get better at collecting that data in an appropriate way and popping the flags so we look at the person now and not five years for now. we have to find that avenue for contractors as well as our own
10:27 pm
employees. and the last thing we need to work on is making sure we have a uniform security culture. and this is a challenge when you have a lot of contractors on si site because sometimes they do not feel like they work for you. and they do not need to buy into your culture. we together have to figure out a way to drive a high security culture into everyone no matter what color their badge is. >> another issue which has been in the press has been immigration and vetting. the fbi does not have a role in determining immigration status and the like. but you have been quoted as to the u.s. government's ability to vet people who are coming into the united states. and it strikes me that there is a common misperception that you said we cannot vet any of these people. the fbi does play a role in vetting. what is your view on how
10:28 pm
effectively we can vet people who are coming into the u.s. of any sort? >> we the bureau and our partners in the intelligence community have a critical role to play in vetting the refugees and others looking to move to our country. and we can always improve that. and i'm always look for opportunities to improve it. we dramatically improved it after 2008 to 2010 when we discovered some weaknesses in our system. we have gotten our act together in a good way to make sure that if there is any dot in our holdings, we will connect that dot that to that person. the challenge is when someone is coming from a place where they are unlikely to be dots or unlikely to be things in our holdings that connect to them, say for a place like syria. we could have a great system and talk to each other but we will not be able to buy down risk in
10:29 pm
a way we might if we have a relationship, for example, from iraq. the challenge of people coming from places where we do not have relationships is as good as our systems id, we will not have any dots to connect. that was the point i was trying to make. i'm not involved in policy decisions about who should come in and how many, that's not our business. we are working constantly to improve our vetting. but that is what i meant. >> i am going to start transitioning to many of the great questions we got from the crowd. there were several about recent terrorist attacks. san bernardino. the boston bomber. the discussion of what has colloquially come to known as lone wolves. is that a term that we should keep using? does that mischaracterize who and what they are? if you could also speak to the challenges you faced after boston and the changes the bureau has instituted as lessons learned from that unfortunate event?
10:30 pm
>> i do not like that term at all because it conveys -- i worry that it conveys to these wing nuts a sense of dignity and i don't want to give them any kind of dignity. they are troubled people seeking meaning in a misguided way. it often leads them down a path of killing and harming innocent salespeople. i don't use that term. it is a -- continues to be a major feature of the fbi's work because all of human experience is in some way a search for meaning and there are troubled people all over the u.s. attracted to finding meaning through the hyper violence of the savage intentions of the group that calls themselves islamic state. we are trying to find these troubled people. i keep saying troubled. but they are people with drug problems, mental health problems, sexual abuse problems.
10:31 pm
we are trying to evaluate where they are on the spectrum from consuming the poison to acting on the poison and that is really hard. it's a nation "w" search for needles in a hay stack but it's actually harder than that. we are not just looking for needles in a hay stack, we are looking for which pieces of hay might turn into a needle and it gets harder still especially with the islamic state. if they found a live one, they would move that needle to a place where they disappear. it is an encrypted needle in the nationwide haystack and that is the reason it's at the center of the fbi's work, to find them and disrupt them been they can kill. it is incredibly hard work. we are always tried to figure out how to do it better. one way we have gotten better since the bottom marathon bombing is that we are better sharers of information with our state and local partners. every time something happens, we stare back at it and say "what
10:32 pm
could we have done differently or better? every time something happens that involves a terrorist attack, we do that. with boston, we realized we could make it clearer that the default is shared and we could make it clearer to our partners what the inventory was in the state and local task force. across the country, we regularly invite our partners to come in to discuss cases. including what cases are still open. and get your feedback on that. taken you want to follow up on some of them, you have an "t" opportunity to do. that we've gotten better as a result of that. >> two quick follow-ups. you talk about the transition from a piece of hay to a needle which i think is a beautiful but really terrible but accurate picture. do we need a system like some of our european allies to have an ability to engage that person,
10:33 pm
possibly not with the fbi or law enforcement but a diversion program to keep them from becoming needles in the first instance and not just wait for them to become needles? >> all of us in the ct business are open to finding ways to do that. we have worked hard to see if we, the department of homeland security, and our partners can build such a thing. so far with limited success. the challenge is that there is no typical person, no typical journey because the search for meaning is individual. we are talking about people from the age of 15 to the age of 62, all over the country. all different troubles of backgrounds. finding in a repeatable way indicators and then reliably off ramping people -- that is the holy grail of this work. i have not found anyone in the world who's doing it in a
10:34 pm
repeatable, validated way, yet. >> the second is, i want to weave something from your answer here to some of what your previous comments were regarding cyber and pull in, also, counterintelligence. i do not think there is any doubt -- we know we are in one of the most complicated and heavy flow of counterterrorism issues we have had probably since 9/11. the volume and speed with which they are coming is probably unmatched in the last 15 years. on the cyber side, you faced innumerable threats at this point. and your ability to do all the things you want to do are challenged. and i also think it's fair to say that from public information, the counter j.j. intelligence world is not slowing down. if anything, it is probably speeding up. how do you remotely have the capacity to do all of that and at the same time, do all of the other pieces that the fbi is so critical to -- enabling state and local law enforcement, white
10:35 pm
collar, public corruption? do you have the budget to get that done? >> it's hard. it's a good thing that people never sleep. here's the truth. the fbi today is about twice the size it was when my friend louie frei was director. we are on a path to be at full strength which is 38,000 people. by the end of fiscal year. by and large, we have the resources we need. there are challenges. summer of 2015, we were strapped because we were following people all over the country who were moving towards dangerous needle territory. i was asked by congress if i had enough, and i said if this keeps up, i will not. we were pulling analysts from all over to cover these people. and it is only easy to follow people 24 hours a day on tv. it is really hard to do in a clandestine way. and so we were strapped.
10:36 pm
that wave went away in part because the number of the people who were with isis in raqqah, syria, were taken off the battlefield by our colleagues in the military. so i think by and large we have the resources. we have to make judgments regarding what we need to be addressing and what our state and local partners need to be addressing. the fbi has a complicated process to decide what to do. we asked each field office to look around and say -- what are the bad things that could happen here across all the fbi's responsibilities? and who else is working to address those threats? and given the magnitude of the harm and the other efforts already in place where would we rank that? we rank without the -- without regard to discipline and across all of our threats. and we do that on a national level and that drives our allocation of resources. so what's going to happen is if a particular state is doing a great job of addressing gang violence, state and local partners we may pull away from that to address some other threats but you're always going
10:37 pm
to have to make tradeoffs like that. budget wide, when i came director we had a big problem which was sequestration. then we shut the government down. we have been digging out of that hole for the last three and a half years. quantico has been digging out from there. my fondest wish is to be able to sustain those human beings. the fbi is people. we don't have satellites. we don't have aircraft carriers. we are great people. and i need to be able to pay them and support them. and that's what i'm going to be working on for next year's budget. >> we unfortunately only have time for two more questions. and i kind of know where this one is going to go but half of my pack of cards include something like this. so everyone knows i'm not just ignoring it. >> i'm 6'8". thank you. [ laughter ]
10:38 pm
>> i fear like you said that as a threat to me right before i asked this question. >> can you comment on your commitment, the fbi's commitment to pursuing to its end, whatever ends those ares the investigation that you commented on in the front, regarding russian involvement in u.s. elections. >> i do not want to comment on that particular matter but i will say generally, what i said at the beginning. we are the same today that we were yesterday and we will be tomorrow. we really do not care whose political ox is gored by our work and that is the passion at the heart of the fbi. we will always be that way. that can make us annoying in different circumstances but i hope that is comforting to the american people. we are competent and honest. and independent. when i became director and when i leave in six and a half years we will still be that way. i hope that is reassuring to
10:39 pm
people. but if it it's, it doesn't matter. we are going to be the same. [ applause ] >> last question and relevant to many people in this room. clearly, the bureau is -- comprises 30,000 plus u.s. government employees but it's supported by many tens of thousands of people from industry, whether they're providing information technology or analytic support or basic functional support for the fbi, what do you want to see more of? what would you like to see less of? where do you think you need help from industry that you as fbi director can't get the u.s. government to move fast enough to face the missions that you have to face now? >> that is a hard one. i need you all to help us be smarter and better. and know -- i talked about that attitude of humility when it comes to sbieber.
10:40 pm
the commanders' intent is you will find that in all parts of our mission. we do not have a monopoly on wisdom. we need you to bring to us, smarter ways of doing things, cheaper ways of doing things and better ways of doing things. things and help us be agile. we are determined to be humble enough, proud enough of our century of achievement but humble enough to be agile. you will bring us the opportunities to demonstrate that agility. and second, i do hope you will urge your people especially those in place for a longer-term contract to get part of our culture. one of my concerns is that with long-term contractors who do not feel part of the fbi, and do not act like they work for me -- and i know they work for you, but i need them to be part of our culture. i have met contractors, some of whom are all in.
10:41 pm
i met a group in one place where i sat down at a cafeteria to chat with them and they asked me to move out of the way because i was blocking the tv. >> you are tall. >> they knew i was the director of the fbi but they didn't care because they don't work for me. as a business model, you do not want that. we need you to be not "us" but "of us" in a whey thay that wil usesquively accomplish the mission. >> jim has what i think we all know is one of the most challenging jobs in the u.s. government if not the most challenging job other than the president. and i don't think it's going to get any easier over the next six years. but i hope everyone is heartened by the -- i know i am -- by the intellect, the integrity, and kind of the vision that you bring to this role.
10:42 pm
and i want to thank you for your past service and thank you for the next six years because -- it will not be -- none of them -- we don't know what's going to happen -- but none of them will be easy years. >> thank you so much. [ applause ] this weekend on american history tv on c-span3, saturday
10:43 pm
at 6:45 p.m. eastern, james hailey, author of "captive paradise" a history of hawaii talks about the life of the last queen of the kingdom of hawaii. >> she had been working on a new constitution to restore her royal power. and from this she went back to the palace and announced her new constitution and that was the beginning of the overthrow. >> at 9:00 on the presidency, a historian on the effectiveness and legacies of 20th century presidents. >> how weak are the american president she was in the late 19th century and how powerful an office it was when theodore roosevelt surrendered his power to shoot lions in africa. and sunday at 4:00 p.m.
10:44 pm
eastern on reel america, "the ordeal of woodrow wilson". >> even though they grayed to mr. wilson's 14 points these were not going to let idealism stand in their way not when it conflicted with their own purposes and desires. >> for our complete schedule, go to c-span.org. sunday night on q & a. >> britain was in decline. nationalists were rising up. so the big strategic question that the u.s. faced was should it support britain against the rising nationalists or try to create a new order by mediating? >> on his book "ike's gamble" america's rise to dominance in the middle east about the suez
10:45 pm
crisis and aftermath. >> what he is trying to prevent is the soviet union aligning with the nationalists, undermining the british and taking care of the oil in the middle east. the oil was 100% of european oil came from the middle east. we wanted to make sure we had friendly arab regimes if not aligned with the united states, keep the soviet union out. that's the goal. >> sunday night at 8:00 eastern on c-span's q & a. congress lloyd smucker sat down with c-span for an interview. he represents pennsylvania's 16th congressional district. >> when did you get involved in politics and why? >> i was a small business owner for 25 years. and really didn't anticipate that i would -- at

17 Views

info Stream Only

Uploaded by TV Archive on