Skip to main content

tv   Key Capitol Hill Hearings  CSPAN  May 14, 2015 7:00pm-9:01pm EDT

7:00 pm
se an extraordinary threat to americans in the diplomatic facilities in iraq right now, embedded side by side with regular iraqi forces. they have full access to all of the iraqi government buildings, et cetera. and i believe that if the united states had taken a more aggressive position, that there -- >> against isis? >> against isis and its stronger presence in iraq that it would have destabilized the talks with iran, and may have triggers them to respond in time with attacks from their agents to the shia militias. >> what is your principle argument against an iranian deal that seems to be on the table now? >> my primary objection to it is allowed iran to retain the capability to produce enriched yareanium. assuming they want it there's a way to do it. the way many other countries around the world do by importing the material. the fact they can retain a country that has had that
7:01 pm
sponsors terrorism all over the world, a country that is developing long range rockets a country that we know has been working on acquiring a nuclear weapon capability despite and has always had a secret component to their plan will retain the ability to process uranium. >> there's a reduction in centrifuges and in term tz of what they can do, in terms of research and development and the secretary of energy has laid this out clearly. >> here the problem. number one they retain all the infrastructure they wid need to break all those caps. second enforcing such a deal requires there to be open, full inspections. iran is saying they will not allow access to military facilities. that's problematic. >> the united states does not acknowledge that would be the reality. they said these would be the most intrusive inspections yet and they have a year to stop any
7:02 pm
uranium development. >> we should never have retreated from the position that iran does not have the right to enrich uranium. we should have insisted they stop work on long-range missile technology that has no other purpose but placing a warhead to launch abroad. we should have insisted that they be open about all their secret programs in the past, that we have a future monitoring activity, and what iran is gambling on is simple. once the sanctions expire, they will not be reimposed. they believe they can evade the sanctions, and some ways they have learned from the north korean experience on how to follow this, and i'm convinced at some point maybe not next year, but at some point they will pursue a nuclear weapon capability, and in the interim they will exploit any ambiguous language any ambiguttys or loopholes to advance their nuclear ambition. >> let me talk about iraq and an issue that came up yesterday with jeb bush, talking about the
7:03 pm
invasion, looking back. he was asked a question by megyn kelly and he said he misunderstood the question. i'll ask the question i think she intended to ask. if you look at the iraq war, after finding out there were no weapons of mass destruction, would you, if you knew that, have been in favor of the iraqi invasion. >> not only would i not have been in favor of it, president bush wouldn't have been in favor of it. >> vice president cheney and others have said we would have gone ahead not withstanding. >> president bush says he regrets the intelligence was faulty. but let's be fair about the context. yes, there was intelligence that was faulty but there was a history with iraq of evasion. a country that had mobile units in the past that it used for cw chemical weapons and biological capabilities. a country that had actively and not so long in the past at the moment that decision was made had invaded a neighboring
7:04 pm
country in kuwait. it was a country that had an open dispute going on with international bodies about inspections and allowing international inspectors to come in and view things. ultimately, though, i do not believe that if the intelligence had said iraq does not have a weapon of mass destruction capability, i don't believe president bush would have authorized a move forward. >> with respect to israel, you obvious obviously have seen a lot of people across the country who are republicans. is your view on iran any different than the view of prime minister netanyahu? >> i view them as the same threat he does. the difference is he lives a lot closer to them than i do. and he's the prime minister of a leader of a country who ever friday afternoon iran says they want to destroy in their prayers and a country who iran's leader posted on a twitter page, a 12-point plan to eliminate from the face of the earth. so obviously, it's a threat he faces is more immediate and
7:05 pm
real. that being said, my interest in israel is not about people that will support me politically. it's a longstanding belief and it's based on two principles. the first is a moral one. israel was created as a homeland for the jewish people in the aftermath of the holocaust so never again would there not be somewhere where they couldn't see refuge or seek relief. the other is this. the it is the only free enterprise democratic pro-american country in the middle east. if we had more free enterprise pro american democracies in the middle east, my speech would be shorter. >> do you continue to support a two-state solution? >> i don't think the conditions exist today. that's the ideal outcome but the conditions for a two-stateclusion do not exist. >> we should forget about the possibility of a two-state solution. >> the reality is there cannot be a two-state solution. >> there's no unity in the
7:06 pm
palestinian government or no responsible leadership. they teach their children it's a glorious thing to kill jews. they mismanage the current system of government they have in place today, and they have rejected not one but two generous israeli offers for peace. the conditions don't exist. i think the most we can hope for in the short -- >> what's the alternative? >> continue to hope that the palestinian authority and its law enforcement agencies will be able to provide a level of stability in the territory so they'll be allowed to grow their economy and their prosperity, and ultimately, the conditions will rise up with new leadership that will allow something like that to happen. >> i brought this paper with me because the pope, as you know, has said that he thinks we should support a palestinian state, as you know. he also seemed to be part of the renewed relationship with cuba. he went raul castro went to see the pope. he said raul castro said, i'll consider returning to the church. you're a good catholic. >> try to be. that's going to be a pretty long
7:07 pm
confessional when raul castro sits down. >> what's wrong with the pope here? >> well, the pope is a shepherd of a faith. his desire of peace and prosperity, he wants everyone to be better off. his job, he's not a political figure, although he's the head of state of a nation a sovereign state of the vatican, he's trying to shepherd the faith to the flock and there are many roman catholics in cuba, and he desires a better future. anything he can do to open up more opportunities for them he's going to pursue. my interest is an elected official. it's not good our country or cuba to have an anti-american dictatorship 90 miles from our shores. a nation that harbors terrorists fugitives, advanced intelligence gathering facilities for china and russia. >> if elected president, the
7:08 pm
first thing you would do among the others among the first things you would do is undo everything the president has done. >> i would reimpose sangszs that could only lifted on resipciprocal steps. >> they would have to allow more freedom of the press, they would have to allow more democratic opening for alternative groups and societies. the convictions are actually in law right now. the embargo, which is separate from what the president has done, could be lifted tomorrow. >> they have been in place for 50 years and they have achieved none of the objections you want to achieve since the year the sanctions have been in effect. why not try something new? >> what he's saying is untrue. he's talking about the embargo. the purpose of the embargo was not to topple castro. the purpose of the embargo was to prevent the trafficking of stolen goods. if you travel to cuba, you stay at a hotel you're staying in a stolen property.
7:09 pm
when you go to cuba and buy any product produced in cuba, you're usually going to buy a product produced in a stolen property. over $7 billion in property was stolen from cubans, americans, and others never compensated. imagine for a moment if the government here in the united states went into your business, seized your property forced you into exile in canada, and a year later, canadians are buying your product from your stolen property. >> understandable, or is that the rule or the exception in revolutions. >> in terms of? >> simply taking over a country, taking over the property, and not necessarily thinking about restoring it to those who might have owned it beforehand? >> it's not about restoring it. >> in terms of property rights. >> well, ultimately, it's not about restoring. they never compensated for the property. what the embargo said is we're not going to allow you to traffic in stolen goods with our economy. let me take another point to you. there is no japanese embargo on cuba. there is no south korean embargo on cuba. why isn't cuba full of samsung
7:10 pm
phones toyotas. why does everyone drive a car from 1956? >> why. >> because of incompetence. they view themselves of a leader of a plantation of 13 million people who they control. there is no cuban economy. the entire economy is owned by a holding company which is run by raul castro's son-in-law. the hotels, the telecom companies, the rental cars, everything is underneath the umbrella of the holding company. we don't have an opening to cuba. we have an opening to them. >> let me end this so i can give members an opportunity to talk to you. this is in today's "new york times," and it says the following. this may very well be what you were talking about in the speech earlier in this session. it's a mood of over reaching uncertainty and profound anxiety, talking about america today, and it's so engrained at this point that we tend to overlook it and it continues. if one of they can give credible voice to america's insecurity and trace a path out of it, hero
7:11 pm
she will be victorious. >> frank's piece. >> that's right. >> he's right. americans have been getting bad news. we are the american century, economically, a country like my parents fount -- >> the question. >> i'm sorry, my parents came here, right? they had no skills they were immigrants, and they were able to achieve a middle class lifestyle. they owned a home raised a family, were able to retire with dignity, able to leave their children better off than themselves and they took enormous pride. now in the early years of this century, there's a feeling none of this is true. globally, we no longer appear to be able to shape events, and de domestically have millions of people who are working hard maybe at the same job from 25 years ago, but now they're no longer firmly in the middle class. they live paycheck to paycheck. why is this happen? why do the old ways of doing things no longer work? the answer is because the world
7:12 pm
is undergoing an extraordinary economic and geopolitical tranceination, and we need leadership to help us. >> something could assume everything you said before is the answer to this question. what is your believable path? >> i think the 21st century has a potential to be better than the 20th century, but it will require us to be comppetitive in a global economy. that's why tax reform and reggial torreg yl regulatory reform are important. technology has changed the way we work. all the better jobs in the 21st century require advanced education. and again, it goes back to the things i talked about national security. in a globalized economy foreign affairs has never mattered more from an economic perspective. >> let me take questions. mary? >> mary a lawyer. china has been aggressively
7:13 pm
building air strips and ports in disputed territories in the south china sea such as on mischief reef. they have not denied that they can in fact be used for military purposes and that appears to be their purpose. how would you show american strength and leadership in the asia pacific area with respect to this kind of activity by china? what is your red line and what would you do? >> that's a great question. first of all they're not just building air strips. they're building islands, entire islands. second, it's an illegitimate claim. it's part of their idea that they own that part of the world. third, i think, i was encouraged that's the u.s. navy is thinking about challenging that. we should never accept it as a truce that they control that. i would take all sorts of naval action maybe not military action but naval transits through the zone to show this is international waters open for transit for anyone who wants to go through there.
7:14 pm
beyond that, it's critical for us to create a stronger alliance to truly pivot to the asia pacific region. i think the trade agreement is a big part of that. creating an increased military alliance that expands and includes increasing the capacity of the philippines, australia, and others nations to change the calculus japan would have to face if they move forward on athing on their territorial claims that are illegitimate and completely change the cost benefit analysis. one more point i would make is military spending is critical in this realm because china is investing billions of dollars in anti-access technology designed to make it too expensive for american power to get close to the region. we also have to invest in the ability to defeat those anti-access capabilities they have committed. >> yes, sir, right there. yes. you. you. >> senator mark rosen.
7:15 pm
president putin has -- >> stand up, please. >> has invaded georgia some years ago, more recently crimea and all the problems on the border of ukraine, the invasion there as well. what would you do i think governor romney when he ran for president said that he thought that russia was a major foreign policy problem for the united states, and he was laughed at at the time. it turned out to be much more accurate than it seemed then. how would you deal with the threat of russia and its expansion policies? >> let me clarify the threat. it's not necessarily russia or the russian people. it's vladimir putin who wants to be the leader of a great country. wants to put behind him what he feels was a humiliation of the 1990s and reestablish russia as a power on par with the united states and potentially even china in his mind. the result is because he could
7:16 pm
not achieve that economically, he's decided to do that militarily by making clear any nations in his periphery must turn in his direction. i think the sanctions put in place, although i would like to see them increased, particularly on the part of the united states, the sanctions are going to prove to be long-term devastating and already have been for moscow and for the russian economy and for their ambishzs. beyond that, i think it's critical, whether it's the baltic states, those who are members of nato now or the ukraine, who is not a member of nato, to have the necessary equipment to provide for defense of their own territory. for many years one of the things we asked for nations to join nato in particular was we want you to increase your capacity to help us. help us in afghanistan help us in other far flung places of the world to handle crises there, but these nations did not invest enough in the ability to protect their own territory because everybody felt the cold war is over, there is no threat from the east anymore. we now see that is true. the point is, putin believes he
7:17 pm
can take aggressive action in ukraine and potentially in other countries that have russian speaken populations under the guise of moving in to protect them, because he feels there's no consequence to doing so. he doesn't believe these nations are going to be able to inflict enough pain on him militarily, he'll pay a price domestically. it's one of the reasons they have been so paranoid about care covering up the death of russians which reveals over 200 in the ukraine in the last year and a half. >> you would welcome a ukraine initiative be part of nato and you would support it? >> i'm open to ukraine joining nato. but their capacity if we won't provide them offensive military capabilities, to say they're going to join nato is a longer reach in terms of this administration. we need to help them be able to defend themselves. >> senator zoey baird. you recognized the relationship between the u.s. economy and the
7:18 pm
transformations in the globe and the extraordinary growth in the markets around the world of the growing middle class. you also have acknowledged that most of the job growth in the united states comes from small businesses businesses. so could you talk for a minute about how you would get americans in small businesses to understand that the world is their market and how we can transform the culture of this country to be part of the world? >> well, the first thing i always explain to mepeople is that we americans are 4% to 5% of the world's paulopulation. there's only so much prosperity if all we do is sell things to each other. we need there to be millions around the globe to buy the products we make, the services we provide. in order for that to happen you need global stability. which is why american leadership is important. beyond that, we need to have access to these markets. that's why i support the free trade agreements. they need to be finalized and we need to see the details of them,
7:19 pm
but if we don't have trade agreements with the pacific rim that includes nations in latin america and the pacific rim, but we're denying access to half a billion people or more. these are consumer markets. if we're not engaged in the fastest economic growing area in the world, all our businesses are not going to prosper. beyond that, i have an advantage. i come from miami. in south florida many of our businesses are directly impacted by global affairs. the colombian free trade agreement has been a bonanza, from the guy to drives the truck and brings in fresh flowers every day, to the people who export them. it's critical to understand to people we have access to millions of people around the world who can afford to become their customers because today you can buy things online. they don't have to come here in order to transact business. >> yes, sir. >> neal ferguson. senator, i was delighted to hear you refer to radical islam as
7:20 pm
one of the threats we face. the great idealogical of the presidents you referenced faced, truman, kennedy and reagan was communism. is radical islam the equivalent idealogical threat we face? if so, what is your strategy for defeating it? >> first, that's an interesting question. all these different threats have different characteristics. communism was most certainly an economic and political view of the world, but it also tried to basically create nation states that would implement the policies. radical islam, while there is a desire to create a caliphate involved interconnected groups that could conspire together to take action but don't necessarily have an easily understood future governance behind them. there's no economic model behind them, per saw, and the history is once they take over their town, they do a terrible job of picking up the garbage and providing sunchs to the people
7:21 pm
they're governing, but they're brutal in the way they govern. the strategy is multifaceted. they can only prosper if they have a safe haven. that's why libya has become a premier space. it provides a safe haven. it's become a safe haven not just in libya a launch point. iraq became a safe haven, syria before that. 9/11 was possible because al qaeda had a safe haven in afghanistan. the first part of the strategy is we can not allow safe havens to emerge anywhere in the world. the ungoverned spaces where they can set up camps and do not underestimate where isis is involved. they're trying to absorb al qaeda elements and even into pakistan. they're present almost throughout all of north africa. they are virtually in all of the countries in the middle east to some capacity, and they do as admitted by our own law enforcement agencies, have individualed who have never traveled abroad that are sympathetic to their cause,
7:22 pm
radicalized online, and plotting attacks here at home and elsewhere in the west. denying them a safe haveb is a key part and taking action acting in that regard. that's why i thought being involved in syria early and not providing that safe haven was critical to preventing the growth of isis later on. >> richard, go ahead. >> as far as we know, hillary clinton supported early intervention in syria. and you were critical of her just before. can you tell us specifically where she went wrong? >> well, first of all, what is the success of her tenure as secretary of state? the reset with russia was a disaster because it misunderstood putin's ambitions and his motivations. i don't know that she was openly supportive of a libyan engagement. perhaps that was reported in a book somewhere. i'm sorry. in syria. i thought the libyan engagement i just mentioned a moment ago was not handled appropriately. the united states intervened for
7:23 pm
a very short period of time military. i believe it was 72 hours, and then the rest of the operation was left to the brits and the french, loyal allies who were hard but do not have our capabilities. the result in libya was a protracted conflict that killed people and left the rise of multiple militias. i traveled to libya after the fall of gadhafi and came back and warned if we allowed the conflict to go too long if we did not get engaged on the front end, not only would libya become a failed state it would also become a haven for extremism to take root as it happened now. they're completely negligent on affairs in russia. particularly with countries that are prospering and doing well or moving in the direction that we think the world should move. mexico and chile and perrue and colombia, and we ignored the
7:24 pm
direction of countries in the opposite direction. so i just don't believe that there's many successes they can point to during her tenure, and she was the chief architect and spokesperson of a foreign policy that will go down in history as a disaster. >> right in the back. >> you spoke beautifully early on about the importance of holding other nations to high standards in terms of human rights and our moral authority around the world. i think many would argue that's been eroded through continuing, the continuing opening of guantanamo bay, even some of our own criminal justice issues in the united states. can you talk a little bit about your view of how to resolve guantanamo if we're going to invist on human rights, high level human rights attention from the rest of the world? >> sure, i believe that innocent people, peace loving people deserve to have their rights respected. and i think terrorists who plot
7:25 pm
to kill americans and actively are engaged in plots to attack america deserve to be in prison and taken off the battlefield. that's the role guantanamo plays. it's also the only place we were able to gather intelligence. today, we're not gathering enough intelligence, and many people who were released from guantanamo have returned to the battlefields. i don't necessarily view the same, when you're of an active combatant against the united states in an effort to defeat us in a global war that seeks to kill and destroy as many americans as possible, you need to be taken off the battlefield and treated for what you are, an enemy combatant and that's the role guantanamo plays and should continue to play. >> yes. >> so what would you do now about syria? would you support the no-fly zone like the aybars arabs and iraqs s turks are asking?
7:26 pm
and you become president, what do you do then? especially that you call them radicalization. >> you have to choose one or the other. >> they're interrelated. briefly, one of the great sticking points between us and our allies in the region is they're interested in getting rid of assad as well. they don't think we have a plan that will continue, that will be next. and i hope someone will ask me the iran question. >> yes ma'am. i'm taking pleasure in so many women raising their hands. >> you're supporting the military quite strongly over various episodes today. right now, a great part of the defense budget goes for health care. so the military is becoming a health care organization, and this does not include the v.a. so how are you going to support the military's health care programs and the returning vets? >> the returning veterans obviously, they're out of uniform, will go into the v.a.
7:27 pm
system, which needs to be modernized. it was designed 87 years ago, is no longer responsive to the needs of veterans today. i would tell you a significant percentage of the workload in my senate offices in florida are v.a. claims. i believe veterans should be given the right to go outside the system if they cannot access in a timely way the care they need. and as far as military spending is concerned, military spending is not the cause of our national dent. every time we're drastically reducing military spending it has required us to come back later and make up for it in much more expensive ways. should we improve our contracting processes? absolutely. i wish our military contracting looked more like our space contracting. but i can tell you that the number one obligation of the federal government is the national security of the united states. and we are eroding our capabilities at a time when many potential adversaries are rapidly increasing their capabilities. >> senator -- >> excuse me?
7:28 pm
the money is there. i think the question you're asking is what are we not going to pay in exchange for doing that? that is the question about the debt. the driver of the long term debt is not discretionary spending. the cause of the long term debt are two very important programs, social security and medicare that as currently structured will not survive. my generation will not know medicare and social security if it continues on the road it is on now. that's why i called for reform that leaves people like my mother on social security and medicare exactly the same way they are. we wouldn't change the system for them or people near retirement age but my generation is going to have to accept a hard but fundamental truth, and that is medicare or social security will look different or it will not exist by the time we reach retirement age. the next president of the united states will not be able to fully serve two terms without confronting this reality. because those programs were designed when there were 60 workers for every retiree in the case of social security. there are now three workers for
7:29 pm
every retiree. it will go down to two workers for every retiree and the math does not add up. we need to reform the programs or they will not exist for me or my children. if we do it now we can do it in a way that doesn't disrupt current beneficiaries. >> senator rubio i promised i wouldn't go beyond -- >> is that the iwatch? >> i promised i wouldn't go beyond 4:40, and his wife is giving me ugly -- she must have some kind of pressing appointment, but i know -- so we'll get to her appointment for sure. i assume you have other things you need to do as well. thank you for coming and speaking to us. >> thank you for having me. thank you very much. is that the apple watch? >> yeah, it's really great.
7:30 pm
>> on the next washington journal, vermont congressman peter welch will discuss rail safety, the upcoming vote on transportation funding the expiring patriot act. and steve russell talks about government waste, tax reform and the national defense authorization act. as always, we'll take your calls and you can join the conversation of facebook and twitter. washington journal live at 7:00 a.m. eastern on c-span. here are some of our featured programs for this weekend on the c-span networks. saturday morning, starting at 10:00 eastern on c-span at the internet and television expo in chicago for what consumers can expect for the future in innovation. speakers include comcast chairman and ce o'brien roberts, technology columnist kara swisher, and fcc chairman tom wheeler. sunday morning at 10:30, president obama is at georgetown
7:31 pm
university discussing ideas of how to alleviate poverty in the united states. c-span2, book tv we're live from city hall in gaithersburg, maryland, for the book festival with david shipler former u.s. representatives tom davis and martin frost, and former obama adviser, david axelrod and sunday evening at 9:00 president of the american constitution society, caroline frederickson on the impact of labor and employment laws on working women and their families and on american history tv on c-span3, saturday afternoon at 2:00 eastern on oral histories, remembering the liberation of nazi concentration camps with an interview of a woman on her life in the jewish ghettos after the nazi invasion and the 1945 death march she barely survived. and sunday night at 6:30 on the presidency, war college professor on the relationships winston churchill developed with
7:32 pm
american presidents in his political career. get our complete schedule at c-span.org. first lady michelle obama was the commencement speaker at tuskegee university. she discussed race relations in the united states. her remarks are just under 30 minutes. >> yay. thank you, all. thank you so much. let's let our graduates rest themselves. you've worked hard for those seats. let me start by thanking president johnson for that very gracious introduction and for awarding me with this honorary degree from an extraordinary institution. i am proud to have this degree. very proud. and thank you.
7:33 pm
thank you so much. i want to recognize major general williams congressman sewell zachary colonna to all of the trustees, the faculty the staff here at tuskegee university. thank you, thank you so much for this warm welcome, this tremendous hospitality. i'm so glad to be here. before i begin i just want to say that my heart goes out to everyone who knew and loved eric marks jr. i understand he was such a talented young man. a promising aerospace engineer who was well on his way to achieving his dream of following in the footsteps of the tuskegee airmen, and eric was taken from us far too soon. and our thoughts and prayers will continue to be with his family, his friends, and this entire community.
7:34 pm
i also have to recognize the concert choir. wow, you guys are good. well done. beautiful songs. and i have to join in recognizing all of the folks up in the stands, the parents siblings, friends, so many others. who have poured their love and support into these graduates every step of the way. yeah, this is your day. your day. now, on this day before mother's day, i've got to get a special shout out to all the moms here. yay, moms. and i want you to consider this as a public service announcement for anyone who hasn't bought the flowers or the cards or the gifts yet. all right? i'm trying to cover you.
7:35 pm
but remember that one rule is keep mom happy. all right? and finally most of all, i want to congratulate the men and women of the tuskegee university class of 2015. i love that. we can do that all day. i'm so proud of you all. and you look good. well done. you all have come here from all across the country. to study, to learn, maybe have a little fun along the way. from freshman year in adams a young hall. to those late night food runs to
7:36 pm
the coop. i did my research. to those mornings you woke up early to get a spot under the shed to watch the golden tigers play. yeah. i've been watching. at the white house we got all kinds of ways. and whether you played sports yourself or sang in the choir or played in the band joined a fraternity or sorority after today, all of you will take your spot in the long line of men and women who have come here and distinguished themselves and this university. you will follow alums like many of your parents and grandparents, aunts and uncles, leaders like robert robinson taylor, the groundbreaking architect and administrator here who was recently honored on a postage stamp.
7:37 pm
you will follow heroes like dr. buoyantant robinson who survived the billy clubs and the tear gas of bloody sunday in selma. the story of tuskegee is full of stories like theirs. men and women who came to the city seized their own futures and wound up shaping the arc of history for african-americans and all americans. and i'd like to begin the day by reflecting on that history. starting back at the time when the army chose tuskegee as the site of the air field and flight school for black pilots. back then, black soldiers faced all kinds of obstacles. there was a so-called scientific study that said that black men's brains were smaller than white men's. official army reports stated that black soldiers were
7:38 pm
child-like shiftless unmoral and untruthful and as one quote stated if fed, loyal and compliant. so while the airmen selected for this program were actually highly educated, many already had college degrees and pilot licenses, they were presumed to be inferior. during training, they were often assigned to menial tasks like housekeeping or landscaping. many suffered verbal abuse at the hands of their instructors. when they ventured off base, the white sheriff here in town called them boy, and ticketed them for the most minor offenses. and when they finally deployed overseas, white soldiers often wouldn't even return their salute. now, just think about what that must have been like for those young men. here they were, trained to operate some of the most complicated, high-tech machines of their day, flying at hundreds
7:39 pm
of miles an hour with the tips of their wings just six inches apart. yet when they hit the ground, folks treated them like they were nobodies. as if their very existence meant nothing. now, those airmen could easily have let that experience clip their wings. but as you all know, instead of being defined by the discrimination and the doubts of those around them, they became one of the most successful pursuit squadrons in our military. they went on to show the world that if black folks and white folks could fight together and fly together, then surely, surely they could eat at a lunch counter together. surely, their kids could go to school together. you see, those airmen always understood that they had a double duty. one to their country and another
7:40 pm
to all the black folks who were counting on them to pave the way forward. so for those airmen the act of flying itself was a symbol of liberation for themselves and for all african-americans. one of those first pilots a man named charles debow put it this way. he said that a takeoff was in his words a never failing miracle, where all the bumps would smooth off you're in the air, out of this world, free. and when he was up in the sky, charles sometimes looked down to see black folks out in the cotton fields, not far from here, the same fields where decades before, their ancestors worked as slaves and he knew that he was takeing to the skies for them to give them and their children something more to hope for. something to aspire to. and in so many ways, that never
7:41 pm
failing miracle the constant work to rise above the bumps in our path, to greater freedom for our brothers and sisters, that has always been the story of african-americans here at tuskegee. just think about the arc of this university's history. back in the late 1800s, the school needed a new dormitory, but there was no money to pay for it. so booker t. washington pawned his pocket wash to buy a kiln, and students used their bare hands to make bricks to build that dorm, and a few other buildings along the way. a few years later when george washington carver first came here for his research, there was no lablaboratory so he collected trash bottles and tea cups and jars to use in his experiment. generation after generation students here have shown that same grit, that same resilience
7:42 pm
to soar past obstacles and outrages, past the threat of countryside lynching past the humiliation of jim crowe, past the turmoil of the civil rights era. and then they went on to become scientists engineers nurses, and teachers, in communities all across the country, and continue to lift others up along the way. and while the history of this campus isn't perfect, the defining story of tuskegee is the story of rising hopes and fortunes for all african-americans. and now, graduates, it's your turn to take up that cause. and let me tell you, you should feel so proud of making it to this day. and i hope that you're excited to get started on that next chapter. but i also imagine that you might think about all that
7:43 pm
history, all those heroes who came before you, and you might also feel a little pressure. you know? pressure to live up to the legacy of those who came before you. pressure to meet the expectations of others. and believe me i understand that kind of pressure. i've experienced a little bit of it myself. you see, graduates i didn't start out as the fully formed first lady who stands before you today. no, no i had my share of bumps along the way. back when my husband first started campaigning for president, folks had all sorts of questions of me. what kind of first lady would i be? what kind of issues would i take on? would i be more like laura bush or hillary clinton or nancy reagan? and the truth is those same questions would have been posed to any candidate's spouse. that's just the way the process works. but as potentially the first
7:44 pm
african-american first lady, i was also the focus of another set of questions and speculations. conversations sometimes rooted in the fears and misperceptions of others. was i too loud or too angry or too emasculating? or was i too soft, too much of a mom, not enough of a career woman? then there was the first time i was on a magazine cover. it was a cartoon drawing of me with a huge afro and a machine gun. now, yeah it was satire, but if i'm really being honest it knocked me back a bit. it made me wonder, just how are people seeing me? or you might remember the onstage celebratory fist bump
7:45 pm
between me and my husband that was referred to as a terrorist fist jab and over the years, folks have used plenty of interesting words to describe me. one said i exhibited a little bit of uppityism. another noted that i was one of my husband's cronies of color. cable news charmingly referred to me as obama's baby mama. and of course, barack has endured his fair share of insults and slietsghts. even today there are some folks questioning his citizenship, and all of this used to really get to me. back in those days i had a lot of sleepless nights worrying about what people thought of me wondering if i might be hurting my husband's chances of winning his election. fearing how my girls would feel that they found out what some people were saying about their
7:46 pm
mom. but eventually, i realized that if i wanted to keep my sanity and not let others define me there was only one thing i could do. and that was to have faith in god's plan for me. i had to ignore all of the noise and be true to myself. and the rest would work itself out. so throughout this journey i have learned to block everything out and focus on my truth. i had to answer some basic questions for myself. who i am? no, really, who am i? what do i care about? and the answers to those questions have resulted in the woman who stands before you today. a woman who is first and
7:47 pm
foremost a mom. look, i love our daughters more than anything in the world, more than life itself, and while that may not be the first thing that some folks want to hear from an ivy league educated lawyer it is truly who i am. so for me, being mom in chief is and always will be job number one. next i've always felt a deep sense of obligation to make the biggest impact possible with this incredible platform, so i took on issues that were personal to me. issues like helping families raise healthier kids, honoring the incredible military families i had met out on the campaign trail, inspiring our young people to value their education and finish college. now, some folks criticized my choices for not being bold enough. but these were my choices. my issues.
7:48 pm
and i decided to tackle them in a way that felt most authentic to me in a way that was both substantive and strategic and also fun and hopefully inspiring. so i immersed myself in the policy details. i worked with congress on legislation, gave speeches to ceos, military generals, hollywood executives, but i also worked to insure that my efforts would resonate with kids and families. that meant doing things in a creative and unconventional way. yeah, i planted a garden and holoa hooped on the white house lawn with kids i did mom dancing on tv, i celebrated military kids with kermit the frog. i asked folks across the country to wear their alma mater t-shirts for college signing day. at the end of the day by staying true to the me i've always known i found that this journey has been incredibly freeing. because no matter what happened, i had the peace of mind of
7:49 pm
knowing that all of the chatter the name calling, the doubting all of it was just noise. it did not define me. it didn't change who i was. and most importantly, it couldn't hold me back. i have learned that as long as i hold fast to my beliefs and values and follow my own moral compass, then the only expectations i need to live up to are my own. so graduates, that's what i want for all of you. i want you all to stay true to the most real, most sincere most authentic parts of yourselves. i want you to ask those basic questions. who do you want to be? what inspires you? how do you want to give back? and then i want you to take a deep breath and trust yourself to chart your own course and
7:50 pm
make your mark on the world. maybe it feels like you're supposed to go to law school but what you really want to do is teach little kids. maybe your parents are expecting you to come back home after you graduate but you're feeling a pull to travel the world. i want you to listen to those thoughts. i want you to ak with both your mind but also your heart. and no matter what path you choose i want you to make sure it's you choosing it and not someone else. [ applause ] >> because here is the thing the road ahead is not going to be easy. it never is especially for folks like you and me. because while we've come so far, the truth is that toes age old problems are stubborn and they haven't fully gone away. so there will be times just like
7:51 pm
for those air men, when you feel like folks look right past you or they see just a fraction of who you really are. the world won't always see you in those caps and gowns, they won't know how hard you've worked and how much you sacrificed to make it to this day. the countless hours you spent studying to get this diploma. the multiple jobs you worked to pay for school, the times you had to drive home and take care of your grandma the evenings you gave up to volunteer at a food bank or organize a campus fundraiser. they don't know that part of you. instead they will make assumptions about who they think you are based on their limited notion of the world. and my husband and i know how frustrating that experience can be. we both felt the sting of those daily slights throughout our entire lives. the folks whos crossed the street in fear of their safety,
7:52 pm
the clerks who kept a close eye on us this had all those department stores the people at formal events who assumed we were the help and those who have questioned our intelligence, our honesty, even our love of this country. and i know that these little indignities are obviously nothing compared to what folks across the country are dealing with every single day, those nagging worries that you're going to get stopped or pulled over for absolutely no reason the fear that your job application will be overlooked because of the way your name sounds, the agony of sending your kids to schools that may no longer be separate, but are far from equal. the realization that no matter how far you rise in life how hard you work to be a good person, a good parent, a good citizen, for some folks it will never be enough.
7:53 pm
[ applause ] >> and all of that is going to be a heavy burden to carry. it can feel isolating. it can make you feel like your life somehow doesn't matter. that you're like the invisible man that tuskeegee grad ralph ellis son wrote so many years ago and as we've seen over the past few years those feelings are real they're rooted in decades of structural challenges that have made too many folk feel frustrated and invisible and those feelings are playing out in communities like baltimore and ferguson and so many others across this country, but, graduates today i want to be very clear that those feelings are not an excuse to just throw up our hands and give up. not an excuse. they are not an excuse to lose hope. to succumb to feelings of
7:54 pm
despair and anger means that only in the end we lose. but here is the thing our history provides us with a better story a better blueprint for how we can win. it teaches us that when we pull ourselves out of the lowest emotional emotional depthing and we channel our frustrations into organizing and building together then we can build ourselves and our communities up. we can take on those deep rooted problems and together -- together we can overcome anything that stands in our way. and the first thing we have to do is vote. hey, no. not just once in a while. not just when my husband or somebody you like is on the ballot. but in every election at every level all of the time. because here is the truth
7:55 pm
approximate if you want to have a say in your community if you truly want the power to control your own destiny then you've got to be involved. you've got to be at the table. you've got to vote, vote vote, vote. that's it. that's the way we move forward. that's how we make progress for ourselves and for our country. that's what's always happened here at tuskeegee. think about those students who made bricks with their bare hands. they did it so that others could follow them and turn on this campus, too. think about that brilliant scientist who made his lab from a trash pile. he did it because he ultimately wanted to help share croppers feed their families. those air men who rose above brutal discrimination. they did it so that the whole world could see just how high black folks could soar. that's the spirit we've got to
7:56 pm
summon to take on the challenges we face today. and you don't have to be president of the united states to started a dressing things like poverty and education and lack of opportunity. graduates, today -- today you can mentor a young person and make sure he or she takes the right path. today you can volunteer at an after school program or today pantry. today you can help your cousin fill out her college financial aid form so that she can be sitting in those chairs one day. but just like all those folks who came before us you've got to do something to lay the groundwork for future generations. that pilot i mentioned earlier charles debeau he didn't rest on his laurels after making history. instead after he left the army he finished his education, became a high school english teacher and college lecturer. he kept lifting other folks up through education kept
7:57 pm
fulfilling his double duty long after he hung up his uniform. graduates, that's what we need from all of you. we need you to channel the magic of tuskeegee toward the challenges of today. and here is what i really want you to know. you have got everything you need to do this. you've got it in you. because even if you're nervous or unsure about what path to take in the years ahead, i want you to realize that you've got everything you need right now to succeed. you've got it. you've got the knowledge and the skills honed here on this hallowed campus. you've got families up in the stands who will support you every step of the way. and most of all you've got yourselves and all the heart and grit and smarts that got you to this day. and if you rise above the noise and the pressures that surround you, if you stay true to who you
7:58 pm
are and where you come from, if you have faith in god's plan for you then you will keep fulfilling your duty to the people all across this country. and as the years pass you will feel the same freedom that charles debeau did when he was taking off in that airplane. you will feel the bumps smooth off, you'll take part in that never failing miracle of progress and you will be flying through the air out of this world, free. god bless you, graduates. can't wait to see how high you soar. love you all. very proud. thank you. [ applause ] i think we can do a little better than that, tuskeegee
7:59 pm
university. [ cheers and applause ] with live coverage of the u.s. house on c-span and the senate on c-span 2 here on c-span 3 we compliment that coverage by showing you the most relevant congressional hearings and public affairs events. then on weekends c-span 3 is the home to american history tv with programs that tell our nation's story, including six unique series, the civil war's 150th anniversary, visiting battle fields and key events american artifacts, touring museums and historic sites to discover what artifacts reveal about america's past,ist ri bookshelf with the best known american history writers, the presidency, looking at the policies and legacies of our nation's commanders in chief, lectures in history with top college professors delving into america's past and our new series, real america, featuring archival government and
8:00 pm
educational films from the 1930s through the '70s. c-span 3 created by the cable tv industry and funded by your local cable or satellite provider. watch us in hd like us on facebook and pole us on twitter. ton on c-span 3 the house financial services committee looks at protecting consumers pnl data from computer security breaches. the leader of the scottish national party discusses their historic gains in last week's parliamentary elections, and later a house hearing on the tsa and airport security. today the house financial services committee held a hearing on protecting consumer' financial data, it's partly in response to high profile data breaches at banks and retailers. congressman jeb hence erlg chairs this three-hour hearing.
8:01 pm
[ inaudible ]. financial data security in the age of computer hackers, given that the pa just turned on, it is a testament to the fact to members welcome home. i assume we have many of our colleagues who are furiously running from hvc-201 as we speak. for our witnesses and our the audience we have been no mads since the beginning of the year. so you will notice a few changes in the room.
8:02 pm
this renovation was caused by an upgrade of the audiovisual systems, although i did not specifically request it i saw notice there are twice as many microphones in our hearing room as before. i wish to notify members that does not mean they can speak twice as long. that doesn't go along with the microphones. in addition you will notice that our witnesses are quite a ways away. that we have less room for the public, as hearing rooms are renovated they must be made and should be made compliant with the american -- americans with disabilities act. this room complies with that ada statute, which means every rojas been enlarged, which means we
8:03 pm
have lost part of our gallery, but the overflow room is still alive and well. in addition for those who have ever moved into a new home or new apartment, there is such a thing known as a punch list. so for some of the subcommittees, you may be kicked out of this room over the next five to seven days as that punch list is attended to. another change in our committee room, if you will look over my left shoulder you will see our -- the portrait of our most recent chairman, spencer bachus. for those who have some tenure on the committee myself and the ranking peb to have barney over one shoulder and spencer over the other it kind of seems like old times. we certainly know of barney's fears intellect and tenacity but i also hope that members
8:04 pm
will remember spencer's gentle and kind leadership of this committee and sometimes when emotions and passions start to run high let's remember the example he set for us with respect and decency and, yes, humor and somehow any moment i expect for these two to carry on one of their classic debates. we'll see if that actually happens or not. i believe that is all i need to say about the hearing room at the moment. in which case the chair now recognizes himself for three minutes for an opening statement. today's hearing we will be focused on protecting consumers and their private financial information in an age of computer hackers. the world has experienced a technology revolution one that has brought remarkable benefits to consumers and the broader
8:05 pm
committee, but it has also increased some risk on consumers by making the theft of their personal financial information a profitable enterprise for cyber criminals and computer hackers. in the era of big data large scale security breaches are unfortunately all too common. every breach leaves consumers exposed and vulnerable to identity theft, fraud and a host of other crimes. we have certainly all read about the high profile headline grabbing breaches at target and home depot. according to the identity theft resource center there were 783 u.s. at that time at that breaches in 2014, an increase of more than 27% over the prior year. the center for strategic and international studies and mcafee security estimate that such attacks cost the u.s. economy $100 well, billion with a b, annually. american consumers rightfully expect their personal information to be protected by their financial institutions by
8:06 pm
their retailers card networks, payment processors and, yes, by their federal government. consumers shouldn't be left to hope and pray their personal information will be safe every time they swipe their debit or credit card or enter their information online. they deserve pro teb. so today the committee will hear from representatives of organizations whose members constitute the major participants in the payment system. we welcome their expertise and insight. my hope is that this hearing affords members on both sides of the aisle an opportunity to better understand what security measures are currently am place to pre dent data breaches, how consumers are notified following a breach what times of emerging technologies will help reduce the frequency and severity of breaches and what steps are being taken by the merchant and financial services communities to address the problem and where additional federal legislation may be warranted.
8:07 pm
i further hope that the committee will engage in a taughtful and constructive dialogue on a bipartisan basis and in that regard i wish to thank chairman nothing bauer and the gentleman from te, mr. carney by starting this bipartisan dialogue off on the right foot by introducing a bipartisan bill to address this important problem. i will now yield back the balance of my time and recognize the ranking member for three minutes. >> thank you, mr. chairman. americans are increasingly reliant on electronic means to communicate, shop, and panning their finances. while new technologies bring substantial opportunity, they also brick a range of new vulnerabilities for consumers. massive attacks on some of our nation's largest retailers and financial institutions are impacting virtually every sector of our economy and our national
8:08 pm
security. consumers are not the only ones who pay the price of a breach. the most of recovering losses by retailers and card issuers can be extent sieve and weigh particularly heavy on small community banks and credit unions. we all know companies face a physical of challenges in determining how best to secure customers' financial and personally identifiable information. if addition we know that there are significant costs to complying with various state laws and providing notice after a breach. however, as we consider setting national standards for safe guarding consumer' personal information and ensuring timely notification, we must again acknowledge the good work of those states that for years have been at the front lines of this fight. i believe that any federal preemption should compliment
8:09 pm
states' protections and ensure at a minimum that state attorneys generals continue to play an important role in enforcement and notification standards. in setting minimal standards we need to be careful not to hamstring our state and federal regulator's ability to continue adapting and strengthening protections for consumers. otherwise, we will limit regularitiers' ability it to keep up with technological change and we must preserve a private right of action for krrnss and financial institutions to ensure that affected entities and breach victims have legal recourse. further, consumers must be consistently provided with clear disclosures of the rights and remedies available to them so that they remain aware of the various ways in which they can protect themselves from identity theft and from fraud and other
8:10 pm
cyber crimes. mr. chairman efforts to guard against cyber threats are critically important and shouldn't dee voluntarily of into the same partisan fault lines we have seen on far so many other issues before this committee, such as the baseless attacks on watch dogs like the cfpd and blocking efforts to reauthorize the charter of the ex port/import bank which expires in just 22 legislative days. with that i look forward to hearing from the witnesses today and i yield back the balance of my time. >> the chair now recognizes the gentleman from texas, mr. gnawing bauer, chairman of our financial institution subcommittee. >> thank you mr. chairman. we live in a world where a global marketplace is supported by global payment system, delivers payment services to consumers in the blink of an eye, add midst amounts of sensitive consumer information is transferred and pro he is issed and stored in any one transaction. the security of the system is only as strong as its weakest
8:11 pm
link and today i look forward to learning more about the new payment technologies that continue to facilitate payment efficiency, speed and security. i'm hopeful we can have a robust policy discussion about what new data security standards are needed to level the playing field. this month congressman carney and i introduced a bipartisan legislation which builds on the work of senators aarper and blunt. our startering point was to look at the graham leach bilie. almost 16 years later this framework has worked very well. the data security standards in hr 2205 is based on certain core principles, first because we have a global payment system we need a national data is security standard and national breach notification standard. this standard minimize regulatory requirements but carry with it strong federal enforcement mechanism. second the data security standard must be technology neutral and process specific sp.
8:12 pm
it must be -- must reasonably identify core elements in the absence of an ftc rule making. third is absolutely necessary, that the data security standard is scaleable based on the size of the business, scope of the operation and the type of information that it holds. legislation must recognize that the corner market could not and should not have the same standard as the largest retailer operating in 50 states. while i'm confident in our bipartisan legislation i'm hope to working with any member of interested groups to minimize unintended consequences and continue tayloring this legislation. we have shared interesting in seeing this legislation signed into law giving consumers the safest payment system possible. with that i want to thank our panel for being here in morning and i look forward to looking at based on -- based on looking at the testimony that's been entered i think also going to be informative for our members and i think it's good that we have these different interests at the
8:13 pm
table today. mr. chairman i look forward to a very informative hearing. >> the chair now recognizes the swra from delaware mr. carney for two minutes. >> thank you, mr. chairman. mr. chairman over the last decade alone data breaches have compromised nearly a billion records containing sensitive consumer financial information. experts estimate that when data breach occurs in the united states it directly costs consumers an average of $290 per victim. studies show that cyber criminals are costing u.s. companies approximately $100 billion a year. the current patchwork of 47 state data breach laws is failing to prospecttect american cbs. that's why we've worked together to develop a security breach notification framework that all relevant stakeholders can operate within. we think consumers and the companies that handle the personal financial data should know the rules of the road when it comes for the standard for protecting this at that time day.
8:14 pm
hr 2205 builds off the efforts by sfarts carper and blunt across the capitol. a strong national data preach standard a at that time at that speck writ program that's robust and scaleable and with the goal of protect itting cbs' personal information from breaches and sets a reasonable standard for accurate and timely notice to consumers when a breach occurs. importantly, the bills' requirements avoid a one size fits all approach, allows companies of varying sizes and complexity to find a program that is tailored an effective for his business. as with any comprehensive piece of legislation our bill can be improved. the example clarifying that the preemption provision was does not have unintended consequences outside this bill merits further attention. i look forward to look working with my colleagues to make improvements to this legislation where necessary. the fact is though that the white house, congress and the private sector and consumers all agree that the status quo is not
8:15 pm
acceptable. and i'm encouraged that that committee is having this hearing today and that we're moving forward to protect consumers businesses and the american economy. i'd like to thank mr. nothing bauer for his liter shipd on this issue and i look forward to hearing the witness' testimony and feedback this morning in this hearing. >> swra yields back. indeed it is time to hear from our witnesses. we welcome each and every one of them to the panel. first the honorable tim pawlenty the president and chief executive officer of the financial services round table and former governor of the state of minnesota. mr. brian toj is the executive vice president of communications and strategic initiatives at the retail friday sliders association. mr. jason oxman is the chief executive officer of the electronic transactions association. mr. steven or faye is the general manager at pci security
8:16 pm
standards council, last but not least ms. laura moy is a senior policy counsel at the open technology institute. several of you have testified before congress before i'm not certain of all of you, so we have a rather simple lighting system green means go yellow means hurry up because the red light is soon to follow. red means stop. the yellow light comes on with one minute to go. each of you will be recognized for five minutes to give an oral presentation of your testimony. without objection each of your written statements will be made a part of the record and since we are brand-new in our refurbished space, in the old hearing room you had to pull these microphones very close to you, i think now you can keep them a somewhat comfortable distance from your mouth. governor pawlenty you are about to be our beginy pig on the new sound system.
8:17 pm
you are now recognized for your testimony. >> good morning, mr. chairman, rank member waters members of the committee. thank you for the opportunity to share a few thoughts with you this morning and that is the emerging growing and expo mention alley threatening cyber warfare that's taking place both commercially and otherwise across the globe and being visited upon american businesses and consumers in ways that i think deserve the congress' attention. just to give you a sense of a few measures 80% of the companies that were breached in 2014 did not know they were breached until somebody else told them, a third party told them. sometimes the government, sometimes a vendor but a third party. in the average length of time between the breach actually happening and the discover was months after the fact. in addition ear is another interesting fact. over half of the adult american population had their personal data exposed last year according to a cnn published report. and the list goes on, including that we now know through public
8:18 pm
and confirmed reports that this is no longer college kids in their basements having some fun trying to get into some systems. these are nation state actors, including or semi-state nation actors including china north korea, iran russia former soviet union sponsored states and individuals and enterprises associated with them and very sophisticated international crime end cats. so if one of those entities trieng glats on a company it's likely not going to end well for that company or their customers. we need a more robust, more muscular response to these threats and the fact that this committee is paying attention to these issues, we appreciate it very much. mr. chairman thank you to the house for passing on more than one occasion threat information legislation, we hope the senate does the same and, again, we're not talking about sharing personal information but that threat information sharing bill is very helpful to this cause and making the country more
8:19 pm
prepared to defend against these threats. as it relates to the financial service sector and the payment system our sector as the chairman mentioned has been dealing with these issues in a regulated context for quite some time, graham leach bliely passed in 1999 part of that act was to visit upon this industry data security standards an enforcement meck fichls including part of the examination process. that i think has served the friday well. as you look at the percent of breaches that have taken place in recent years or sector has the lowest breach incident rate still have a lot of work to do, but compared to other major sectors it's progress and that's because of some of the good work that's been ton. we're about to launch more secure domains which should help with these issues. we've been involved in an information sharing and analysis center. the fsi sac and more. as it relates to the payment system, it's about to get a lot better. we're going to move as a next
8:20 pm
step to the chip enabled cards it's already happening the networks have said if you want to avoid fraud liability you've got to make this transition towards the end of 2015 some are saying we're not ready, but over the course of the next couple of years almost all cards are going to be chip cards and that's going to help. don't be focused just on that that's technology from the 1960s, magnetic strips were incented in the 1960s, pins were inn represented in the 1960s, chips for recently, but it's moving well beyond that discussion, the technologies that are coming forward and being actively considered include voice recognition, facial recognition bio metrics location confirmation, gesture recognition and a lot more. so this space is evolving extremely rapid and is going to continue to evolve as new technology emerges. as to the legislation that's before you congressman nothing bauer, congressman cashy thank you very much, we strongly support hr 2205 and think it's
8:21 pm
an excellent piece of work may need some modifications as congressman carney mention approximated but it does some important things. it creates for all sectors not just healthcare or financial service, a data security standard which is really important and it's flexible. we're only as strong as the weakest link in the chain. if we've got strong standards but one of the other links in the chain don't the whole system is exposed. so thank you for putting the marker down on a strong national data security standard. we strongly support thachl another important piece of the bill is a university data breach note fik law. many states including my own have strong laws in this regard but as you think about cyberspace and how commerce gets conducted now it doesn't make a lot of sense to have 50 different standards, approaches, responses to a breach and the notification relating to it. in closing as you think about this we're not asking for any current state initiatives to be dit luted we think if you set a standard, make it high and i'm out of time mr. chairman. again, thank you for the chance to be here this morning. thank you to congressman nag
8:22 pm
bauer and carney for their leadership on these issues. >> thank you governor. mr. dodge you are now recognized for five minutes for your testimony. >> thank you and good morning. chairman hensarling, ranking member waters, members of the committee my name is brine dodge. thank you for the opportunity to testify today about data security and the steps the retail industry is taking on this important issue and to protect consumers. the trade association of the world's largest and most innovative retail companies. retailers embrace technology to provide american consumers with unparalleled services and products. while technology presents great opportunities nation states criminal organizations and other bad actors are using it to attack businesses institutions and government's. as we have seen no organization is immune from attacks. retailers understand at that defense against cyber attacks must be an ongoing effort. as readers in the retail community we are taking new and significant steps to enhance
8:23 pm
cyber security throughout the industry. so that end last year we formed the retail cyber intelligence sharing center in partnership with america's most recognized retailers. the study opens a information sharing between retailers law enforcement and other relevant stakeholders. also they have recently established a normal working relationship with the financial services i sac, a move that will among other things ensure collaboration on these issues. real applauds the house for passing cyber sharing legislation and hope the senate will take up and adopt hr 1560s flexible approach to electronic sharing. while i expect we will discuss many cyber security top picks today one area of security that needs immediate attention is payment card technology. the magnetic stripe on cards is the chief vulnerability. retailers are estimated to be investing more than $8.6 billion
8:24 pm
to upgrade card terminals to accept chip terminals by later this year however they will not be issued with pins. chip and pin technology has bron to dramatically reduce fraud around the world. chip and signature technology falls short of providing american consumers the best security available today. retailers believe that the two factor authentication enabled through chip and pin will prevent cripple false from duplicating cards with ease and devalue the dat that retailers collect at the point of sale. ultimately these steps have been proven to substantially reduce the economic incentive for cyber criminals to launch these kinds of cyber attacks. before i discuss what rela believes important data breach policy conversations i will briefly highlight the significant data security and data breach notification laws with which retailers comply. 47 states, the district of columbia, guam, port rio and
8:25 pm
virgin islands. retailers are subject to robust at that time at that security regulatory refresh seems. prosecuted more than 50 cases against businesses that it charged with failing to pain tan reasonable data security practices. these actions have created a common law of consent decrees that spell out the data security standards expected of businesses. inadequate data security express state data security laws. that can be used to enforce against what attorneys general team deem to be unreasonable data security practices. finally retailers voluntarily and by contract follow a variety of security standards including those maintained by pci, nis and iso. while retailers diligently ply this this a carefully crafted federal data breach law can clear up regulatory confusion and better protect and notify
8:26 pm
customers. rela supports legislation that is practical and proportional and sets a single national standard. rela supports data breach legislation that creates a single national notification quickly providing affected individuals with actionable information. that ensures the targeted notice is required only when there is an actual risk of identity theft, economic loss or harm. it ensures that the responsibility to notice is that of the entity breached but provides flexibility for entities to contractually determine the notifying party. that establishes a precise and targeted definition for personal information. that recognizes that retailers already have robust data security obligations and that security must be able to adapt over time. i think the committee for inviting me today and look forward to answering your questions. >> mr. oxman you are now recognized for five minutes for your testimony. >> thank you mr. chairman. thanks to you ranking member waters and the committee for the
8:27 pm
opportunity to be here. i'm the ceo of the electronic transaction association. we are the association of the payments industry. more than 500 member companies are focused on providing the world's most secure, reliable and functional payment systems to american merchants and consumers. electronic payments in the united states are largely invisible to consumers because simply put they just work. u.s. consumers carry 1.2 billion credit debit and prepaid cards in their wallets and they can use those cards to pay electronically at more than 8 million merchants in the united states. indeed eta member companies process more than $5 trillion in u.s. consumer spending every year. that means thousands of transactions are moving across our network every second. now, consumers enjoy a wide variety of ways to pay electronically, in person, with a card or mobile device or watch or remotely via phone or over the internet.
8:28 pm
from the moment that a consumer initiates a payment the transaction is securely transmitted, authorized and processed within a matter of seconds. eta member companies take very seriously the obligation to protect the security of their customers' information. consumers in the united states choose electronic payments because they benefit from zero liability for fraud, making electronic payments the safest and most secure way to pay. today criminal fraud amounts to less than 6 cents of every $100 processed in transactions, it's a fraction of a tenth of 1%. now, even though fraud represents a tiny percentage of overall transaction volume we're deploying cutting edge technology and using self regulatory guidelines to bolster the fight against fraud. i'd like to highlight three concrete steps our industry is taking to protect consumer information and prevent data breach. first, eta members are tee employing emv enabled chip cards
8:29 pm
to fight the number one cause of card fraud counter fit cards. counterfeit cards represent 2/3 of card present fraud in the u.s. today. chip cards prevent cards from being counterfeited. they don't some data breaches but to make it harder for criminals to reap the rewards of those data breaches. chip migration happening now in the united states it's the most complicated overhaul of our payments technology system in the 40 years since the magnetic stripe card was introduced. our banks need to replace more than 1 billion cards, merchants need to upgrade point of sale equipment at more than 10 million locations but we're working together and getting it done. second, our industry is deploying new token sfwlags technology that replaces card information with a one-time use token. even if intercepted by cribbing nals these tokens cannot be used to generate fraudulent
8:30 pm
transactions. think of a toek en as a mathematical crypt owe gram that can't be reintroduced. one well known implementation of toek en zags is in mobile payments where the customer's phone or watch generates that token for use. tokens can also be used in card environments as well and we're working with our partners to deploy toek en zags technology at both brick and mortar and online retail. third, eta members are helping merchants secure the point of sale by deploying new en description technology, point to point en description is a way to secure all entry points against an attack, it denies cyber criminals the access they need to install malware and other cyber hacking tools. as our industry deploys all of these layered technology i also want to affirm eta's strong support for legislation that creates uniform national data standards and data protection breach standards as well. such standards must be industry
8:31 pm
neutral, they must be preemptive of state law and this is the approach set out in hr 2205. which eta strongly supports. we applaud chair pan gnawing bauer and mr. carney for engaging in this important dialogue with this legislation. eta also supports legislation to promote information sharing sharing of information across government and across technology and manufacturing companies will support prevention of and investigation of breaches and ensure against cyber attacks. cyber criminals are increasingly sophisticated sophisticated, global in scope and we're working proactively to address every threat. we must not forget that these data breach of merchants and consumers make them victims of crime. we share a desire to stamp out fraud and we take seriously our responsibility all you have our customers to do so. thank you for the opportunity to be here. i look forward to your questions, mr. chairman.
8:32 pm
>> mr. or figure you're now recognized four your testimony. >> my name is steven or faye i'm the general manager of the pci security standards council. i had the privilege of leading a talented and deeply committed membership organization that is responsible for the developing and maintaining of the global data security standards for the payment card industry. our approach combines people, process and technology. continuous effort in applying our standards is the best line of defense against organized crime, straighten had funded actors and criminals who threaten our way of life and attempt to undermine our confidence in the financial system. everyone has been victimized by these criminals and we know the very real harm caused by breaches. developing standard to protect payment card data is something the private sector and specifically pchl ci is uniquely
8:33 pm
qualified to do. consumers are understandably upset when their payment card data is put at risk. the council was created to proactively protect consumers' payment card data. our community of over 1,000 of the world's leading businesses tackling data security challenges from simple issues for example, the word password is still one of the most commonly used passwords, and to complex issues like en description. our standards are a solid foundation for a multi-layered security approach. we aim to remove payment card data if it is no longer needed. simply put if you don't need it, don't store it. if it's needed then protect it and reduce the incentives for criminals to steal. here is how we do that. the data security standard is built on 12 principles covering everything from logical to physical security and much more.
8:34 pm
it's updated regularly through feedback from our global community. we manage eight other standards that cover card production, pin entry devices payment applications and much, much more. we work on technologies, best practices and provide market guidance. we have laboratories that solutions that we list on our website. all of our information is free, our mission is to educate, empower and protect. now, our end game strategy is to devalue the data so that it is useless in the hands of the bad guys. we have three technologies that will allow us to do so. e mflt v at the point of sale, point to point en description and token zags. when bundled and implemented properly the data becomes useless. then there's no reason to break in. that's why the council supports
8:35 pm
adoption of the vmv in the u.s. through organizations such as the migration forum and other standards and our standards support emv today in other worldwide markets, but emv chip is not a silver bullet. additional controls are needed to protect the integrity of payments online and in other channels. this includes en description tamper resistant devices, malware protection and more. all are vital parts of the pci standards, effective security requires more than just standards. for standards without supporting programs are just tools, not solutions. the council's training an certification programs have educated tens of thousands of security professionals and make it easier for businesses to choose products that have been lab tested, certified and as secure. finally, we conduct global campaigns to raise appearance of payment card security.
8:36 pm
the committee's leadership on this critical issue is important and there are clearly ways in which the federal government can help. for example, by leading stronger cooperative law enforcement efforts, worldwide, by encouraging stiff penalties for these crimes and recent initiatives on information sarg are also proving to be invaluable. the council is an active collaborator with government, we work with dhs, treasury, secret service and many other government entities including global law enforcement such as inter poll and euro poll. in on collusion, payment card security is complex. silver bullet solutions do not exist. unilateral action is usually a disappointment. apply wranss, partnerships, information sharing and collaboration between the public and private sector is critical. the pci council stands ready and willing to do more to combat
8:37 pm
global cyber crimes that threaten our way of life and confidence in the financial systems of the world. we thank the committee for taking a leadership role and seeking solutions to one of the largest security concerns of our time. thank you. >> thank you. ms. moy, you are now recognized four your testimony. >> thank you. thank you so much, mr. chairman. thank you. good morning rinking member waters and other members of the committee. thank you for your commitment to addressing data security and data breaches and for the opportunity to testify on this important issue. consumers today share tremendous amounts of information about themselves. consumers benefit from sharing information, but they can be harmed if that information is compromised. for the most part the states are k a tifl dealing with this issue in ways tailored to address the needs of their own residents but with a large body of common elements. at least 29 states have introduced or are considering breach notification bills or
8:38 pm
resolutions this year alone. bills in 27 of those states would amend existing laws to account for changing needs and changing threats. only three states have no breach notification law on the books and two of those states have considered bills this year to change that. consumers would best be served by a federal bill on this subject that sets a floor for disparate state laws not a ceiling. to the extent congress considers broad pre sempgs any federal standards should strengthen or preserve important protections that consumers enjoy it the both the state and federal levels. because any broad leave pre semp testify bill would bring an end to the legislative activity taking place in state ledge lay tour it would also need to for quickly adjusting the law in the future to match developing technology and new threats. unfortunately a number of recent legislative proposals would diminish consumer protections in a number of ways by replacing
8:39 pm
strong and broad state protections with a weaker federal standard. in addition a number of the bills do not provide the flexibility we need to make sure consumers personal information remains protected as the information landscape change. don't get me wrong many -- post of the bills we have seen would certainly offer some new benefits for consumers, but many consumer and privacy advocates, myself included question whether those new benefits joet weigh the potential harm to state jurisdiction and to consumers existing protections. i will therefore, focus today on four potential shortcomings of federal legislation that would need to be addressed in order to ensure that any new bill represents a net gain for all consumers. first, federal legislation should not ignore the serious physical, emotional and other nonfinancial harms that consumers could suffer as a result of misuses of that i remember personal information. a bill that would reemt state laws and condition breach
8:40 pm
notification on demonstrated risk of financial harm could actually reduce consumer protections in 33 states and the district of columbia where the existing law either has no harm trigger or has one that is not limited to financial harm. second federal legislation should not eliminate data security and breach notification pro techs for types of data that are currently protected under state or federal law. some current legislative proposals feature a narrow class of protected information along with broad preemptions. such lengths lags would eliminate protections consumers currently rely on at the state and sometimes federal level. for example, many bills would eliminate protections in ten states for health information or eliminate medical protections for telecommunications, cable and satellite records. third, federal legislation should provide a means to expand the range of information covered by the bill as technology develops. the ten state breach notification laws that now cover health information represent a clear trend as states are
8:41 pm
currently updating existing consumer protections to respond to the growing threat of medical identity theft. we can't always forecast the mention big threat years in advance, but unfortunately we know that there will be one. federal legislation on this topic must provide flexibility to meet new threat. whether by continuing to allow states to protect classes of information that fall outside the four corners of the bill or by establishing agency rulemaking authority on the definition of personal information. fourths and finally, federal legislation should include enforcement authority for state attorneys general. thousands of data breaches are reported each year. many of which affect only a small number of consumers. federal agencies are well-equipped to address large data security and breach notification cases but could be overwhelmed if they lose the complimentary support of state ag's when it comes to handling smaller cases, providing guidance to small businesses and providing resources for local
8:42 pm
consumers. i and many of my fellow privacy stakeholders are not opposed to the legislation but any such legislation must strike a careful balance between pre emting existing laws and providing consumers with new pro techs. the open tech tolling institute appreciates your close examination of this issue and i'm looking forward to your questions. thank you. >> the chair now yields himself five minutes for questioning. so based on my unofficial survey of good folks if the fifth district of texas that i have the privilege of representing data breach although they don't typically use that phrase, certainly makes their top 20 anxiety list and probably their top ten when they think of identity theft other forms of theft, privacy law, so it's a very serious matter, but as ms.
8:43 pm
moy was positing in her testimony there is a cost and a benefit associated with anything we do around here, so state the obvious, we are lawmakers and there is a law made about 15 years ago, graham leach bilie that dictated standards. there's been a lot of integration since graham leach bliely was written into law. so let's start with you, governor pawlenty. what exactly is broke? what needs fixing here? where does graham leach bliely work and where doesn't it work. >> mr. chairman if you just step back from how individuals might characterize it and ask them these questions how is the current system working? half of the american -- adult american population has their personal data he can pose nd one year, it is not a stretch of the imagination among somebody could get into the electrical grid and shut it down in a big part of
8:44 pm
the country not for a day but months and months on end, you do that and lose electricity in your district, pressure for pipelines, points of sale goes down you can't transact anything electronically you are r. you've got a very dramatic impact on the country. so it requires i think a sense of urgency and a sense of understanding regarding the magnitude of the threat. as to graham leach bliely it works, it's flexible, makes accommodations for the size of the business, but it says begin the importance of this infrastructure to the country, if the payment system doesn't work, it's stalled or people lose confidence in it you're going to have a big piece of economy grind to a halt. there's trillions of dollars of payments that flow flew the northeastern united states per day. if that gets shut down or disrupted or interrupted you've got a material i would say bordering or existential let to the country. so this is an urgent deal, it is growing in terms of its concern expo mention alley. graham leach bliely works, however, no institution is
8:45 pm
immune. we have some of our biggest institutions that have been breached, the best in the borld the nsa. breach by an insider threat. so there is much more work to be done on all fronts and we're the best of class financial services gets breached from times, we manage it people get their money back it's inconvenient, but the other sectors that decent have these kind of standards and capability need to up their game and you can help lead that effort. >> mr. oxman you in your testimony i think were lauding the element of the legislation mr. nothing a bauer, mr. carney about pre sempgs, national standards it seems to be an open question in ms. moy's mind regarding preemption and perhaps national standards. why do you can consider preemption and national standards to be so important? >> mr. chairman, as a number of witnesses noted, we all share an
8:46 pm
interest in ensuring the consumers and merchants are protected, but when something does go wrong we also need to make sure that we get the word out as quickly and efficiently as possible and make sure those pro techs that are available under law quick kik in. the reason the cnns use electric trorng payments is because they are 100% protected against any liability for fraud, but we still need to get information out to them. there are 47 different regimes that companies have to subscribe to and it's not just the payments industry, it's every company in the country that has to subscribe to these 47 different regimes. they all appoint different time place and manner for the notification they all have different triggers for what kind of notification has to take place. some of them are even contradictory contradictory, there's one state that actually requires the breach notification consider include information detailed about the breach itself there's another state that makes it illegal to include any information about the breach itself. so in some cases they're contradictory.
8:47 pm
if we had a uniform national standard it would allow everyone on the eco system to work together toward the same goal which is to provide the reasonable notice that needs to be provided as quickly as possible. >> in my remaining time governor pawlenty back to you. so our colleagues on the energy and kpers committee have reported a piece of legislation with regard to a national breach notification law that only impacts retailers. should this committee not act from your vantage point what does the world look like if that enc, energy and commerce bill, becomes law? >> mr. chairman, i know time is short. don't let the perfect get in the way of the good. we'd like to have the standards apply across the board otherwise their effect is diluted. we can be good but if our partner in payments has a flawed outdated weak system at a point of sale or in a back room at fill in the blank retailer or different sector the whole cane of events gets compromised it's only as good as the whole chain.
8:48 pm
if you just do one piece you're missing a very important part or opportunity to up the game of the whole system. it's an eco system, it has to be addressed holistically or the whole system is compromised. >> my time has expired. chair recognizes its ranking member for five minutes. >> thank you very much, mr. mr. chairman. first i'd like to thank mr. carney and mr. nothing bauer for the work that we have done on this legislation. i believe that both sides of the aisle are concerned about getting a strong piece of legislation that will protect our consumers. this is a bipartisan issue and we should not spend a lot of time fighting about some aspects of this initiative but rather we should work out whatever the differences may be. from what i can understand, there are those who believe that
8:49 pm
the federal law should be a floor rather than a ceiling, and there are those who believe that where you have states who have stronger laws, we should not pre emt those states. as i understand it despite the fact that we have varying laws in our states now, they all have similarities. and so rather than thinking about it this as states with such different laws that would somehow cause great complications, let's think about this in in terms of the fact that we want our state attorneys generals to be involved. we want them to be involved in enforcement. i think that's very important. so let us take a look at what i think is the biggest obstacle to us getting the best legislation and deal with the preemption question. deal with the preemption question and think about states
8:50 pm
like california. ms. moy can you tell us, for example, my state, california what are we doing with the cyber security and is that stronger than what is being than what is being proposed here now? >> sure. yes, thank you. that's a good question and a good place to start, because california passed the first notification law years ago, and has really been a leader in this area. so thank you for your work on that. california for one thing, california recently passed a law to include log in and password for account authenticators. not just for financial accounts but other types of accounts as well. my e-mail account if my log in and password were breached. i would get a notification i would certainly want to because there's a lot of information in there that while it may not lead to financial harm, could lead to -- certainly to emotional
8:51 pm
harm if that information were breached and misused. california also has a -- it has a reasonable security standard much like the federal standard right now, california does enforce that standard, has had a number of cases over the past few years and along with that, has some very rich guidance for businesses attempting to comply with the reasonable security standard. one thing i think california is strong on is the type of guidance that the state ag's office provides to the consumers. and the way the state ag's office interacts with consumers and businesses to provide that important guidance. >> thank you very much. i'm sure that none of us would want to interfere with state's abilities to have the strongest possible laws for cyber security. and so don't you think the federal law should be a floor, and that we should certainly allow states that have tougher
8:52 pm
laws to be able to enforce those laws and that would require the attorneys generals to be involved. do you think that is the best way to approach this. you had mentions previously there is a discernible pattern among the states laws. i think that is the case. you look at the various breach notification laws, most of them cover a score of common information and have very similar requirements in terms of what ought to be provided in the notification, when the state ag and the consumer reporting agencies ought to be notified and in addition to that some states have added on to that, that's where for example some states like texas, and wyoming and just this year, hawaii montana have add eded information to the application.
8:53 pm
they see a developing threat that must be addressed. >> we would not want texas to be preempted with the good law that they have particularly as it relates to medical information, would we? >> thank you very much i yield back. >> the chair understood the subtle point. the chair now recognizes another gentleman from texas the chairman of our financial institution subcommittee for five minutes. >> thank you, mr. chairman. i would note that if you let the federal standard be the floor and then all the states have an opportunity to start running up each other, we're right back where we are now, and it defeats the purpose of having a federal standard. mr. dodge. in reading your testimony last
8:54 pm
night on our proposed security legislation there's a lot that i think you and i agree on. i'm hoping today that we can discuss some of the provisions where we maybe have a little bit of a difference of opinion. that we could have a better understanding of where everybody is on this issue. i look at page seven of your testimony, you state retailers support a carefully calibrated reasonable data security standard under hr 2205. we laid down a security standard that is process specific and based on certain key elements of data security programs that have worked well. to ensure the smaller retailers are not unduly burdened we calibrate the standard to match the size, scope of information that the entities hold. if they don't apply to you, you don't necessarily have to implement them. so the question is can you
8:55 pm
identify the specific processes we've laid out in our carefully calibrated -- that aren't carefully calibrated and reasonable in your estimation? >> thank you for the question. i think, you know, first, it's important that we be having this debate about proper national data security standards to help businesses address this growing and sophisticated threat. it's the perspective of retailers that the baseline for the legislation you introduced, especially the data security standards within it were expressly written for the financial services community. the industries are very different. anybody who's ever filled out a mortgage understands that the information that a bank holds is very different from that of a retailer. if we were to pursue legislation that replicated the -- or shoe horned the act to apply to the rest of the business community. we would be applying this law to
8:56 pm
industries beyond the retail industry, of course. well beyond us at high-tech internetapp makers big and small. we think that the history of enforcement to the federal trade commission provides a good standard that is very clear and strong for businesses to adapt to, to meet today's challenges, and it evolves in the future. we don't think you can regulate your way to security. that we need to employ layers of security, we need to start with the baseline that we believe is a strong standard emboldening the ftc, and look for other ways for us to work together. including advancing the security that's in that system today. >> now, you mentioned i think 50 ftc enforcement actions since 2001. if you believe that ftc is your
8:57 pm
enforcement agency do you support them giving ftc rule making authority to make a uniform standard? >> the ftc has enforced these cases under the unfair and deceptive practices act. we think that giving them the express authority from congress is the right way to go about it, and it would preserve that flexibility that they needed in order to adapt to the threats as they changed over time. >> the question is, would you support them promulgating standards that make sure that the playing field is level and that you are doing the things that are specifically necessary in your industry to have a uniform standard? >> we wouldn't support rule making, we think that's the purpose of passing the law. we think congress has the privilege of defining the law, and then leave it to the agency to adapt over time.
8:58 pm
they have the flexibility under current law. >> isn't that what we're trying to do then? congress is trying to pass a uniform standard? >> exactly. and we believe that providing the ftc the authority to enforce data security laws based on the case law today the commonwealth based on the 50 cases provides them with would provide businesses not only with the clarity that they need on what the expectations are of government. but the flexibility for the enforcement agency in this case, the ftc, to evolve over time, to meet new threats. >> do your members take steps to protect the data? >> there's no more important relationship in the retail business than that which they maintain with their customers. >> a data breach would be a breach of trust with those consumers. they work extremely hard to prevent breaches. >> if they're already doing it what's the objection to codifying the standards.
8:59 pm
>> they should be applied across the industry. >> you're speaking specifically about a law that was written for the financial services community? >> i'm talking about the bill -- >> it would be expanding under your legislation, to the rest of the business community. what we're saying is we should stick within the current regulatory structure as the ftc, the regulator for most industries in goba can remain -- >> we took principles from this, this is a uniform national federal standard. >> the time of the gentleman has expired. the chair now recognizes the gentleman from delaware mr. carnie. >> thank you, mr. chairman thank you to the panelists for coming today, i'd like to talk a little bit about this preempts issue, i know it's a concern for many of the members and we've worked hard to try to address
9:00 pm
it. i said in my opening comments. the prevention provision should not have the unintended consequences outside the issues covered in the bill. we don't believe it affects the medical debt issue that was raised a moment ago with respect to california 37 we would be willing to make that plain. >> you said -- i thought i heard you say that we shouldn't have 50 different standards is not the answer. is that what you said or did i mishear your comments? >> so what i have said is that i think the best for consumers would be to create a floor not a ceiling, so that states can continue. >> set a national standard? >> right and then -- >> allow states -- >> to protect judicial categories -- >> my understanding is that 13 states now currently have data breach notification and standards like this, and that our legislation, our federal legislation would be better than all of them except maybe

33 Views

info Stream Only

Uploaded by TV Archive on