tv Director James Comey Says FBI Doesnt Take Sides CSPAN April 4, 2017 11:32am-12:38pm EDT
>> thank you for that kind introduction. i did take a shot at the new england patriots on live television, which i heard about from one of my brothers who betrayed the family when he moved to massachusetts and became a patriots fan. what i want to do very briefly is share with you some thoughts that are top of mind today for the fbi. then, i want to shut up and take questions that i will try to avoid answering from the great mike lighter. i am determined not to make news, for those of you who are following this. the first things that are top of mind, i want to talk very, very briefly about how the fbi is thinking about our cyberstrategy. you hear me okay. how the fbi is think being our cyberstrategy and then a unique challenge to all of our work in the form of ubiquitous strong
encryption and explain why that matters so much to the fbi and why we are determined to continue to talk about it. first, our cyberstrategy. to state the obvious for this room, all the threats the fbi is responsible for come at us through the internet. counter intelligence, all the criminal threats we are responsible for and terrorists in the following way. to prosser teletize, to communicate, to inspire, to direct. not yet to use the cybervector as a way of doing actual harm, inflicting harm on infrastructure. logic tells us that is inevitable for the terrorist mind to find that vector. all the threats the fbi is responsible for come at us in that way. the first part of our strategy is humility. we are standing in the middle of the greatest transformation, i think, in human history, the way we learn, the way we work, the way we love, the way we connect, the way we believe, all is
affected by the digital era, the digital revolution. we stand there with an attitude of humility, because it would be foolish to say, we know how the fbi should grow and change and adapt to meet a transformation that has never happened in human history. we don't know for sure. what we are trying to do are things that are thoughtful, that make good sense to us and then get feedback from our own people, from our partners and from our colleagues around the world about whether it is making sense. then, we will it ter rate. our strategy has five parts. two parts i want to spend some time on. first part of our strategy is, we want to focus ourselves. there are two aspects of the way in which we are trying to focus. the first is the way we assign the work in the fbi. traditionally, in the fbi, the physical manifestation of an event is what drives who works on it. so if the bank robbery happens
in chicago, the chicago field office works the bank robbery. if the fraud is based in seattle, the seattle office. we have come to the conclusion that the physical manifestation of a cyberintrusion, specially, isn't all that meaningful. it is being committed likely by somebody far away from the physical manifestation. it is being committed at the speed of light and it may be quite random as to where the intrusion pops first. so we're approaching our work in a very different way for the fbi. we now assign computer intrusion work whether that's a nation state, whether it involves a criminal cindy cat, a criminal cindy cat working for a nation state, whether it involves activists or somebody else, the motley crew of people that are engaged in intrusions. we assign it based on talent. we make judgment as to which
field office is showing the best chops as to the threat proposed by a nation state and assign it there, because they have demonstrated the ability. because physical manifestations of intrusions are part of the real world, there really is a chief information security officer and there really is a cfo and a ceo of a company that's been victimized, we are not blind to physical manifestations. so we assign the threat to the talent and snanyone we allow upo four other offices to help. the first office is called a strat office for strategic. the other offices are called tac offices for tactical and we air traffic control from washington. this has great effect inside the fbi, because it has fostered an intense competition among field offices to demonstrate, generate and demonstrate the talent against various dimensions of the threat. so little rock shows us they are best against a particular intrusion set from a foreign nation. it goes to little rock
regardless of where the hits are from that intrusion set. so far, it is work pretty well. so far, the air traffic control has worked well. again, we stand here with humility. if it isn't working in some way, we are going to iterate. that's the way we are assigning the work. the second way we are trying to focus ourselves is on stealing your talent. here is what i mean. the challenge we face from the fbi is to have a special agent working cyber, we need a variety of things, high integrity. we need fitness. we are going to give you a firearm on behalf of the fbi. you have to be able to run, fight, and shoot. we need integrity, fitness and then we need smarts, intelligence and then we need specialized knowledge to make you a cyberagent. that collection of attributes is rare in nature. we may find integrity, somebody who can't do a push-up and who
has great sfepecialized in genel intelligence or somebody with specialized knowledge that can pump out a push-up and wants to smoke weed on the way to the interview. so we stare at the pool of talent. we have two reactions to the pool. we can't compete on money. in the pry sivate sector, you h more money than we. we acknowledge that to the people we are trying to recruit. make sure they understand life with you is soulless and empty. he said, half kidingly. if you want to do work with moral content, come to us. it is not about the living. it is about the life. a pitch that i know worked for a lot of you in this room of ours. so we try and recruit on moral content and then we are trying to think differently about how might we generate that talent in a number of different ways. we are considering, do we really
need gun carrying special agents making up an entire squad. we have squads of eight. should we have six and people of integrity, high intelligence and specialized knowledge. we don't give them guns because they don't have that physical attribute. if we can find that integrity, that physicality and basic high intelligence, should we grow our own? should we build our own university to take that talent and raise it up to be cyberta cybertalent. should we also do something else? should we try to make the barrier between us and the private sector semi per meable so that special agents might work for the fbi and work in the private sector and come back. the current rule requires anyone that leaves for 24 months to go back through quantico. that's a painful experience for
people in their 40s. they all want to come back, because they discover your lives are empty and soul-less. they want to come back. we have made real barriers to their returning. might we be able to encourage people in the private sector to come work with us as that something else, don't have to go through quantico to learn to run, fight, and shoot and then return to the private sector. our minds are open to all of these things because we are seeking talent in a pool that is increasingly small. you are going to see us experiment with a number of different approaches to this. i hope when you see us doing something that doesn't make sense, you will tell us and when you see us doing something we ought to do more of, you will tell us that as well. it will be met with an attitude of humility. focusing on our work and how to get our best talent is the first part of our strategy. the second part is we need to make sure that we, inside the government, have our act together in such a way that it doesn't matter to whom a victim
of an intrusion or a cryptowear attack or some other attack, it doesn't matter who they tell in the federal government. we are in that place when it comes to counter terrorism. you walk up to an fbi agent, a deputy sheriff, a police officer with a piece of information about counter terrorism, about terrorism threats, it will get to the right place very, very quickly. it doesn't matter who you tell. we have to get to that place inside the federal government. we made a lot of progress trying to understand the rules of the road. we still have work to do. the third thing we are trying to do is impose costs. i don't know the cyberintrusion that has ever been committed high on crack or inflamed by finding a lover in the arms of another. these are crimes, these are intrusions. these are attacks that are committed with reflection and calmness at a kay board. we think that's an opportunity for deterrence, for influencing
behavior. we are keen to make sure that that attacker, whether it is somebody sitting in a government office halfway around the world or in a basement somewhere in the pacific northwest, that they feel our breath on the back of their necks, maybe literally but at least metaphoricily as they begin that infrugs activity. we think we can shape behavior by locking people up and when we can't, by sending messages of pretty scary deterrents, faces on wanted posters. people sometimes say to me, yeah, but the hacker is somewhere halfway around the world working for another government or they are sheltered by a government. how are you ever going to get them? my response is, life is long, the world is short. we are dogged people. we just gave up on d.b. cooper and that took us about 52 years, i think. for those of you who were young, a guy that jumped out of an airplane over the pacific
cascades. we are pretty sure he is dead now. we are giving up. when your face goes on a wanted poster, we are not going to give up in your lifetime. that can change behavior. you will see us trying to send those messages to shape people as they think about intrusions. the fourth aspect of our strategy, i won't spend a lot of time on, is to help our brothers and systems in state and local law enforcement raise their digital game because everything they do requires digital literacy. in the good old days, a narcotics detective would roll up on a location, execute a search warrant at a drug house and find not just drugs and money but one of the black composition notebooks and the dealers would have written who got how much and how much they were and that had to be photo copied and exhibit sticker put on it. there noise black composition notebook but a pda, a thumb drive, a laptop. there is a digital device. we have to help our colleagues get to that work in a quality
way, because there is simply no way the fbi could be part of helping with all of it. i'm told people get e-mails from me when i'm in nigeria asking for money to be wired. i usually identify myself as the president of the federal bureau of investigation. don't send me any money. people do get ripped off. the bureau can't reach all of that. the fourth part of our strategy is, help our partners raise their game. there is a lot behind it. i will leave it there. the fifth thing, which is the one i want to spend a few minutes on. we must get better at sharing information across the boundary. there should be a boundary between the public sector and the private sector. we have to find ways consistent with law and policy and tradition and culture to make the barrier between us and the private sec for semi perm eable
in some fashion. nearly all of the activity hits the private sector, all the victims are in the private sector. all the indicators are in the private sector. all the evidence if we want to go criminal is in the private sector. we are not nearly good enough at getting information from the private sector to us and getting information from us to the private sector. this,ib this,ible, i believe is a probt so much of law but of lore. the biggest problem is that people like i was who are spotting risks and calling them out. if we give that information to the government, will it be used against us in a competition? will it be disclosed to congress in some way that becomes public? will we get sued? what will our share holders say? how will this hurt the enterprise? i see too many risks. you ought to hire one of the firms that can help us remediate and get back on with our
business. yes, our files are locked up with ransomware. let's pay the ransom and get on with it. most of the intrusions in this country are not reported to law enforcement. that's a very bad place to be. people are foolish and short sighted to think that their interest in the private sector are not aligned with ours when if comes to this. you are kidding yourself if you don't realize that the hackers will be back, if not to you than tower subsidiaries in your supply chain. those with the ransomware will be back, specially if you paid them off. our interests are aligned. the challenge we face, is having the private sector know us well enough to realize we understand what a victim is and we treat victims for what they are, which is victims. we do not revictimize people. whether that's a sexual assault case or an armed robbery case, a mafia or computer intrusion
case, we have lots of practice at this. our challenges, people don't know us well enough. too much confusion and skepticism and distance derived from miss undersfaning and myths. the fbi's mission is to get out and talk to the private sector and let you know what we are like. now, i liken this actually to a journey that the cia and the fbi traveled since the mid 1980s. that's what i mean by the difference between law and lore. most of the people in this room know that in the mid 1980s, the classified information procedures act was passed that offered us certainty about how sources and methods would be treated and protected if the government decided to use a criminal prosecution to incapacitate, to reassure the intelligence community that we are not going to blow sources and methods. there is this framework. here is how it will work. that did not get the job done. that is law. it took us 20 years of building
trust, case by case by case. so the intelligence community came to realize, this really works. we really can trust the fbi to protect our sources and methods, to use these tools that have been on the book since the 1980s and use them in a way that protects us. that took us two decades to build that trust. it is in a very healthy place today. it is not in a healthy place when it comes to the private sector. my ask,those of you who run companies, who are the chief security officers, the general councils, the cicos, if you don't know someone at the fbi office where your facilities are, you are failing. you are pushing on an open door. come and talk to us to understand in the event of an intrusion, in the event of an attack, what is it we need? you will discover, we don't need your memos or your e-mails. we need indicators of compromise. we need to know how did the bad
guys come, what are the signals, the indicators that we can use to tribute and impose costs and help you get over this attack. the sony attack was a vicious, hugely damaging attack. it would have been worse if sony hadn't invested the time to know us before the attack. every single one of you works in a facility that your local fire department knows the general layout of. they don't know your intellectual property. they don't know your secrets but they know where your stand pipes are and where your elevators are. they know the general layout so that in the midst of a smokey disaster, they can save lives. we knew sony in the same way. we didn't know their secrets or their intellectual property. we knew the key people, the facilities and the layout of their network generally. that day, within hours, we were on the ground helping to stop the bleeding. the private sector has to get to
know us better if we are going to be more effective. it doesn't stop there. it is bad that people don't share information with us. we don't do a good enough job of pushing information to the private sector. we have a cultural impediment, which is, which is we have this information. if i give it to them, are they going to jeopardize sources and methods? sometimes we forget you don't need the sources and methods. you need indicators of compromise so you can figure how they are coming at you. and all of you in the room know this, oftentimes private sector partners don't realize what orcon means. often thiems the fbi will have a piece of information, we can't just give it over to you. we have to go back to the people that own the information and gave it to us, but we can do that so much better than we're doing today. we will get better. i hope you'll help us get better, as well. and the last thing i want to leave before i start avoiding mike leiter's questions is this, i intentionally did not talk a lot last year about the
challenge we face from ubiquitous strong encryption. our option at the fbi was this was a complicated issue with legal aspects, technical aspects, policy aspects, values, it was too complicated to discuss during an election year. but we decided that we would not force a conversation about it, but we would use the time to try to collect data so we could show people what's happening to our world, and here's what's happening. if you imagine we work, the fbi works in a room. the corner has been dark 50 years. sophisticated actors could always find encryption. sophisticated actors, nation states, near nation state actors. what's happened since the summer of 2013 is, that dark spot has started to spread through the
entire room. ubiquitous default encryption on devices. ubiquitous has spread the shadow so it's starting to cover more and more of our room. i'll demonstrate this from facts with our encounters with devices. october, november, december, 2,800 devices were presented to the fbi in the united states with lawful authority to open them. some from fbi investigations, others from state and local partners. they gave them to the fbi saying, we have a court order, can you help us? in 43% of those cases, we could not open those devices with any technique, any technique. that is the shadow falling across our work. you may say, who cares? i don't know, but i think america needs to have a conversation about this, because i care deeply about privacy,
treasury, i have an instagram account with nine followers, they are all immediate relatives and one daughter's serious boyfriend. i let them in because they are serious enough. i don't want anybody looking at my photos, but i treasure my privacy and security on the internet. my job, like a lot of people in this room, is public safety. those two values, privacy and safety, are crashing into each other, but i believe something more fundamental is happening. especially with regard to devices, those devices contain so much of our life. our lives are on those devices we wear on our hip and carry in our pockets. that's a great thing. that's made us better in lots of different ways, but it's also introduced with ubiquitous default encryption a concept new to america, which is absolute privacy. we've never had absolute privacy
in this country. this country was founded on a bargain, which is your stuff is private unless the people of the united states need to see it, and then with appropriate predication and oversight, obvious example being enshrined in the fourth amendment, the government can see your stuff, go through your safe deposit box, sock drawer, car, they can compel you to say what you remember in appropriate circumstances. we've never had absolute privacy. the bargain was, we have this privacy that can be invaded with this predication oversight so we achieve a balance between privacy on the one hand and security on the other. what's happened to us now is, we're drifting to a place where absolute privacy is a huge feature of american life. there are wide swaths of american lives that are now off limits to judges, and i'm not offering that as a value statement. that's just a fact. that's a different way to live. if we are going to change the fundamental compact at the heart
of this country, it should not be the fbi that does it. it should not be companies that are making amazing devices that do it. the american people ought to do it. and so what i'm determined to do is not tell you what we ought to do to solve this problem, but to tell you there's a problem and urge all of you to participate in this conversation. maybe at the end of the day we say, you know what, the benefits of privacy in this instance are so important that we'll put off with the tradeoffs or maybe we'll say, you know what, tradeoffs are so significant, we ought to see if we might find a way to optimize those values better than we are today. and i actually reject the idea that it's too hard. i actually don't think we've given it the shot that it deserves. i don't know anybody in the private sector that's actually making devices who's incentivized to figure out how to optimize those two values. they sell privacy, i get that. we're responsible for public safety. somehow we have to bring those two together. the fbi is an example how it can be done. we give devices to some of our
agents that are here today. we give them devices that we work very hard to make secure, but we retain the ability in appropriate circumstances to access that content. it does not require weakening encryption. it does not require giving the government a back door of some sort. i could actually imagine a world where some day if you're going to sell devices in the united states, you're required to be able to come ply with traditional orders. you figure out how. i don't know whether we're going to go there, but first we have to have a conversation about it, so you're going to see the fbi trying to provide data to this conversation so we can foster an informed debate, because what i don't want to have happened is, six years and a few months to go, that six years from now people say to me, hey, how come you didn't say something? well, i'm going to say something. this is affecting our national security work, counterterrorism, counterintelligence, and all of our criminal work in profound
ways, which you would expect because we're now living in a different way. we should talk about it, and i thank you so much for joining that conversation. now i look forward to mike's questions. >> so, thank you, director comey, for those comments. i think he's covered a lot of topics that mike's going to explore further. i think there's a couple more issues mike will probably get into, as well, as we go along, but i want to introduce mike a little bit, and, you know, it was an interesting exercise for me today. the thing i'm going to introduce mike, i know mike, i'm going to say a couple nice things and so forth, but i actually went back and read the bio, and -- and i guess i would suggest to all of you, every once in a while when you're going to do something like this, go back and read the
bio, because sometimes people you think you know, it's a good idea to get to know them a little bit better. so as i got into that, you all know mike was the director of ntct for four years, i think, right? left there in 2011. you see him a lot on nbc news doing some commentary stuff. very good. he's been in industry. he's been with us on the industry side, as well, but i kind of went back and looked at a couple things. mike was a naval aviator with service in iraq and yugoslavia. got out, went to law school. was the 113th president of the harvard law review. left there and clerked for steven breyer on the supreme court. went from there and was an assistant u.s. attorney for the eastern district of virginia.
went from there to the wmd commission, where he got involved in things like how should we restructure the fbi and something called a national security branch, and so you see some interesting parallels between some careers. and i just wanted to share that with you, and also to say with a sort of background that we know we get with our director of the fbi and with mike, we are very lucky to have people like that that want to serve, so thank you both. >> i just wish that when we stood up, my head was parallel to jim's. no such luck at 5'10". jim, first of all, thank you for those comments, and i think all of us really do owe you, and i would ask a round of applause for an american public servant
who has been through -- has had an incredible career and has been in the midst of one of the most difficult times, i think, in recent u.s. history. i want to thank you for your service. and i've got to say the nice stuff so i can now hit you. and i'm going to jump right into what i think everyone in this room and many people watching on c-span probably want to know about. a big question, what do you think of how the fbi has changed the uniform crime reports? is that not why you're here? quite seriously, jim, a lot of people talk about bob muller having one of the most incredible early tenures as director of the fbi, coming in a week before 9/11.
you didn't get hit with that tragedy that we all experienced the beginning of your tenure, but since july of this year, you have been in the midst of what we now know are two criminal investigations involving broadly the presidential campaign. and without asking about that, because i know you would just evade the question anyway, can you reflect just a little bit on your approach to decision making through all of that? especially being the director of an fbi for two presidents, carrying over between administrations, as the statute of congress intended the position to be, but your decision making through all of that and how, as someone who is part of the intelligence community, part of law enforcement, part of the department of justice, has to build that trust with a first customer and simultaneously so deeply involved in incredibly
sensitive counterintelligence or criminal investigations? >> yeah, that's an easy one. thanks, mike. first, i think bob muller's early tenure was much harder than mine. i'm not just saying that. i think it was much harder. came a week before 3,000 people were murdered in our country, and then he had to not only deal with that, oversee the investigation, but transform the fbi. the last year, it's been almost a year now, has been both difficult and easier than you might think. and i'll tell you, i've never been prouder of the fbi. what makes it easy is we're not on anybody's side ever. we're not considering whose ox will be gored by this action or that action, whose fortunes will be helped by this or that, we just don't care, and we can't
care. we only ask, so what are the facts, what's the law, what's the right thing to do here? often we find ourselves choosing between bad and worse and having difficult short menu of options, but in a way that's been easy, because that's who the fbi is. so people, i think, sometimes look at me, look at what you did, look at what you did. actually, the fbi made these decisions in a high quality way. now the painful part is, that we confuse people. and the reason we confuse people is, most people see the world differently than we do. especially in a hyper partisan environment. most people are wearing glasses that filter the world according to side. and this is a challenge i face when i testify in front of congress, and it's not a criticism of congress, it's they see facts as to how it will affect my side. how's that argument affect my side, and when they encounter people, and i'm just one of 37,000 like this at the fbi, never consider side, it's
confusing. okay, you're trying to help this person, that person. one of my daughters shared with me last summer, maybe late last summer, a tweet. and actually i'm on twitter now, i have to be on twitter, but she showed it to me and it said, that comey is such a political hack, i just can't figure out which party. and i smiled, and i took that, and i shared that with my senior staff. i said that is the greatest compliment. we confuse people because a lot of people can't imagine people who aren't considering side. now, we're not fools. i know that when i make a hard decision a storm's going to follow, but honestly, i don't care. if i have thought about it carefully and am doing the right thing, making the right judgment, it doesn't matter what's going to follow, because it's not about that. and honestly, the death of the independent fbi would lie down the path to considering impact.
if we ever start to think about who will be affected in what way by our decisions in a political sense, we're done. so we never will, and in that sense it's easy. the misunderstanding of a lot of people about us can be painful, but the easy part is, we know what our north star is and we're fixed on it. >> let me follow up with -- [ applause ] follow up a little bit on that, in that the intelligence community writ large and the fbi is part of that, as i think always relied on the select committees on intelligence to provide you the breathing room to do those things in a nonpartisan way, and the reason those were select committees is to make sure their oversight was more nonpartisan, if not perfectly nonpartisan. how much harder does it make your job when partisanship starts to enter into those
realms of oversight, those groups that are supposed to say, don't worry, jim comey can't tell you everything he's doing, but trust him, he's doing it right, following the law, we're doing the oversight and you as americans should feel both safe and as your privacy is protected. >> that's a great question. i don't want to comment on current events, so maybe i'll just talk in general. it's vital we, the intelligence community, need to be able to share with the american people through their representatives the most important things we're doing. for a bunch of reasons. first, they ought to know, and second, there's a danger in all humans and especially when you're an authority in the government, it's captured on something john adams said to thomas jefferson, which is, power always thinks it has a great soul. there's danger. look, i think i'm an honest person. there's a danger i'll fall in love with my own view of things, so that checking and that balance is the genius of the design of the founders, so it's
vital that we be able to tell them what we're doing so they can ask hard questions about it. and in my experience, it is highly productive. sometimes people outside of that world don't understand it. how come you're only telling a select few? because of the nature of the work. there are things we can't let this nation's adversaries know. we have to be able to share them with our oversight committees, and by and large it works very, very well. the challenge in general in a polarized environment is that, again, those glasses of side can get in the way of a robust oversight, and make it sometimes difficult for the intelligence agencies, but here's the truth, we find a way. we find a way. we need each other too much because we all believe deeply in the design of the country and find a way to make it work. >> by the way, i'm happy when you check back into government, you got your soul back, having been in bridgewater. >> left it at a bus station. i got it back. >> so i'd like to ask a little
bit about signals intelligence, not just signals intelligence, but electronic exploitation writ large. one might be the device you find after a raid versus what you're intercepting, and i want to push a little bit. i'm just a middle-aged country lawyer, but i want to push you a little bit on that fourth amendmentage ji that you drew that we've always had this agreement of this balance between privacy and security needs or law enforcement needs for the government. it strikes me at least two things have changed, though. one, there's more information out there than ever before. so in 1787, you couldn't figure out what jim comey was saying to mike leiter for the past five, ten, 20 years. you could maybe just listen at that moment or just look at his papers and not have everything. second, in those days of a court
or magistrate approving that search warrant in 1787, that privacy protection that he had didn't cause any problems for anyone else. and one of the criticisms of what went on with the iphone experience was that by asking for a back door for one, you were not just impinging on that individual's privacy appropriately, but potentially on everyone else who used an iphone on their privacy. so how do you think about those and probably other differences from the construct of 1787? >> yeah, that's very fair, and you pointed to two things that make this a hard debate, to take both of them. there's no doubt that there is more digital dust about all of us out there than ever before. couldn't even imagine even 30 years ago, and that we're able to communicate in ways that were
unimaginable. i have two reactions to that. one is, the bad guys are able to communicate in ways that were unimaginable 30 years ago. best example is isis is reaching into this country through twitter, especially the summer of 2015, to find people willing to kill on their behalf and then moving them to an encrypted end to end app. that would have been unimaginable when you and i began our careers, and so the opportunities, there's no doubt the opportunities for law enforcement or the intelligence community to gather information have gone up dramatically, but so have the ability of the bad guys. second thing, meta data is great, incredibly useful to try to establish patterns of connection, but especially when it comes to the fbi whose business is incapacitating through conviction beyond a reasonable doubt, it does not get you there. you will not be able to -- in some circumstances i can't imagine, meet that threshold to a jury simply by saying i see
these connections between them without any sense of content. that's the first piece. what was your second one? i forgot already. >> impeaching on other people's privacy. and let me, sorry, let me add something to that. when you went to the vendor in the iphone case, the argument was, well, we can keep it safe, but since then i don't know who, but someone has sued trying to get the name of the vendor and the justice department is saying we don't want to do that because a vendor might not have the same protections the fbi does, and, hence, we'd be putting at risk what we use if we disclose the name of the vendor. doesn't that very much go to the argument that any back door causes privacy implications for others? >> yeah, i think it's a reasonable argument to raise that whatever solution we have should optimize in the best way both security and privacy and there are clumsy ways you could do it that would expose all
devices to an intrusion, which is why i say this until i'm blue in the face, i'm not in favor of government mandated back doors. if i was asked to imagine the future, it's a world companies are saying you want to find devices in the united states, you figure out how to do it. look, the problem with this debate is, too much people tweeting at each other. it is a complicated conversation, but i don't buy that it's too hard. there are plenty of companies today that are providing or selling devices that are default encrypted and their cloud services are not. i hope they are able to sleep at night. i happen to think they put reasonable security around their cloud, and so when we serve them with a search warrant, they produce what's in the cloud. and so the notion that we're all fatally at risk or exposed if the government is able to serve a judicial process, i'm just not buying. a lot of work's been done over
the last year inside the government to figure out what could be done to optimize both of those. i'm not going to go into the details now, but it's not impossible. >>. >> you talked about cyber a lot and some really interesting things you're doing for the work force and control of investigations outside of an individual field office or the traditional responsibility. do you see other changes that need to happen in the u.s. government that we haven't seen the e.o., executive order yet, but in terms of organization? although -- i think the fbi did amazing work with sony, for example, sony also dealt with two or three other federal agencies and there were sometimes confusion and has been in other cases. who's in charge, who's responsible, the capabilities of each of those work forces, how can we do better optimizing all these various pieces of this puzzle? >> yeah, it's a great question. i think where we are today, the lanes in the road that the obama administration laid out, which to my mind simply just captured
in writing what we'd already developed to, are fairly clear to us and make good sense. the fbi's responsibility is to investigate a response to intrusions, share information we gather from our investigations. dhs's responsibility in the main is to help with remediation and hygiene, and the dni and other parts of the intelligence community working through the dni are to provide threat indicators, intelligence about what's going on in the world. it's an interesting question i'm not expert enough to answer as to whether there's a role for nsa to play outside of government networks, d.o.d. networks, as part of their security function, defensive security function. i don't know the answer to that. i actually think we're in a pretty good place where everybody understands their role inside the government and i think moving to the place i said we have to get to where it doesn't matter folks call. you call us about something, looks like it belongs with the secret service, we share it, but
i think we're in a reasonably good place. that doesn't mean we can't be better, but that's how i'm thinking about it. >> getting away from cyber and electronics for a minute, we've clearly had a spate of leaks over the past really five years going back to chelsea manning moving into edward snowden, recent arrests also associated with nsa. a number of those have come from u.s. -- from contractors working for the u.s. government. do you have a perspective on that? is that part of the problem? is there something else that we should be doing to protect this data? not even touching some of the leaks that have been criticized over the past three to four months. >> yeah, and i'm not going to talk about anything that's been recently reported for reasons i hope you all understand. we don't ever want to be in the business of confirming that something was classified information by talking about something that was in the media, so i'll go farther back.
there's no doubt that there are improvements that we in the u.s.g. can make with respect to the way in which we know all the people working on our campuses, both employees and contractors, and jim clapper since snowden has been driving kbruchlts in that way. we're not quite where we need to be yet, but no doubt the answer is for all of us to know our people incredibly well and if we are relying on periodic investigations and the polygraph, we're not doing it enough. five years is too long to wait, and the theft cases by insiders remind me a lot of when you see on the news something about a terrible crime in a neighborhood, somebody always had a bad feeling about the guy. and -- or take our terrorism cases. friends and family almost always saw something. and so we look back at the cases we've hadded in the government, including inside the fbi over the last 30 years, there are all
kinds of flags. we have to get better at collecting that data in an appropriate way and popping the flags so we look at the person now and not five years from now, and we have to find a way for that to be true for contractors, as well as for our own employees. the last thing i think we need to work on is making sure we have a uniformed security culture. when this is a challenge when you have a lot of contractors on site, because sometimes they don't feel they work for you, so they don't feel they need to buy into your culture. somehow we together, private sector and public, have to figure out a way to drive a high security culture into everybody, no matter what color their badge is. >> another issue which has been in the press has been immigration and the fbi, obviously, does not have a role in determining immigration status and the like. but you have been quoted as to the u.s. government's ability to vet people who are coming into the united states.
and strikes me that there's a common misperception that you said we can't vet any of these people. the fbi does play a role in vetting. what is your view on how effectively we can vet people who are coming into the u.s. of any sort? >> yeah, we, the bureau, and our partners in the intelligence community have a critical role to play in vetting refugees and others looking to move to our country, and we can always improve that and i'm always looking for opportunities to improve it. we dramatically improved it after 2008 to 2010. we discovered some weaknesses in our system, so we have gotten our act together in a good way in making sure that if there is any dot anywhere in our holdings in the u.s. government, we are going to find that dot and connect it to that person. the challenge, which i've talked about before, and i hope people understand what i mean by this is, when someone is coming from a place where there are unlikely to be dots and things that connect to them, say from a
place like syria, we can have the great systems, talk to each other, we will not be able to buy down risk in a way we might if they are coming from another place where we have a robust relationship with that country, including iraq. lots of information we collected in iraq since 2002, 2003. the challenge of people coming from those places we don't have relationships is, as good as our systems might be, we don't have any dots to connect. i'm not involved in policy decisions about who should come in, how many, that's not our business, and we are working constantly to improve our vetting, but that's what i moent by that. >> i'm going to start transitioning to some of the many great questions we got from the crowd, and there were several about recent terrorist a attacks. san bernardino, the boston bomber. the question becomes lone wolves, is that a term that we should keep using? does that mischaracterize who
and what they are? and if you could also speak, jim, to the challenges you've faced after boston and the changes the bureau has snuted as a lessons learned from that unfortunate event. >> yeah, i don't like that term at all, because it conveys -- i worry it conveys to these wing nuts a sense of dignity and i don't want to give them any kind of dignity. they are troubled people seeking meaning in a misguided way that often leads them to killing innocent people, so i don't use that term. it is a -- continues to be a major feature of the fbi's work, because all of human experience is in some ways a search for meaning and there are troubled people all over the united states who are attracted to the idea of finding meaning through the hyperviolence offered by the group of savages that calls themselves the islamic state, so we have investigations in all 50 states trying to understand where are these people, these
troubled people, and i keep saying troubled, but people with drug problems, mental health problems, sexual abuse problems, all kinds of issues that lead them in a misguided way to seek meaning. so where are they on the spectrum from consuming the poison to acting on the poison? and that is really hard. it's a -- it's a nationwide search for needles in a hay stack, but it's actually harder than that. we're not just looking for needles in a hay stack, we're looking to find which pieces of hay might turn into a needle and it gets harder still, especially with the islamic state. if they found a live one, they would move that needle to a place where it disappeared. so it's invisible, encrypted needle in a nationwide hay stack, and it's the reason it's at the center of the fbi's work today, to find them and disrupt them before they kill. it is incredibly hard work. we're always trying to figure out how to do it better, but incredibly hard.
one of the ways we've gotten better since the boston marathon bombing is, we are better sharers of information with our state and local partners. any time something happens we stare back and say, okay, what can we do different or better? every time something happens that involves a terrorist attack, we do that. and in boston one of the things we realized is, we can make clearer that the default is shared and we can make clear to our state and local partners what the inventory was in the joint terrorism task force, so now we invite the leaders of the agencies that are part of this on a regular basis, some as often as every two weeks, some once a month. talk about what cases came in, what we're closing, what cases are still open, and get your feedback on them, and if you want to follow up on some of them, you have the opportunity to do that. we've gotten better as a result of that. >> two quick follow-up questions. you talk about that transition from a piece of hay to a needle,
which is a beautiful, really terrible, but accurate picture. do we need a system like some of our european allies have of an ability to engage that person, possibly not with the fbi, not with law enforcement, some sort of diversion program like we have with low level drug offenders to try to keep them from becoming needles in the first instance and not just wait for them to become needles? >> all of us in the c.t. business have our minds open to try and find ways to do that. we've worked hard over the last four or five years to see if we, department of homeland security, and other partners could build such a thing. so far with limited success. the challenge is, there is no typical person, no typical journey, because the search for meaning is individual. we're talking about people from the age of 15 to the age of 62. all over the country, all different troubles, all different backgrounds, and so finding in a repeatable way indicators and then reliably
off-ramping people is -- that's sort of the holy grail of this work. and i haven't found anybody around the world who's doing it in a repeatable, validated way yet. >> second is, i want to weave something from your answer here to some of what your previous comments were about cyber and then pull in also counterintelligence. i don't think there's any doubt. we know we're probably in one of the most complicated and heavy flow of counterterrorism issues that we've had probably since 9/11. the volume and the speed with which they are coming is probably unmatched in the past 15 years. on the cyber side you clearly face innumerable threats at this point in your ability to do everything you want to do is challenged and i think it's also fair to say from public information that the counterintelligence world is not slowing down. if anything, it's probably speeding up. how do you have remotely the
capacity to do all of that and at the same time do all the other pieces that the fbi is so critical to, enabling state and local law enforcement for organized crime, white collar, public corruption, and do you have the budget to get that done? >> it's hard. it's a good thing our people never sleep, but the -- look, here's the truth. the fbi today is about twice the size it was when my friend louis freeh was director. we're on a path now to be at full strength by the end of this fiscal year, which means 38,000 people. and by and large we have the resources we need. there are challenges. summer of 2015 we were strapped, because we were following people all over the country who were moving towards very dangerous noodle territory and i was asked in congress do you have enough resources. answer was, if this keeps up, i will not. because we were pulling agents and analysts from work of all kinds to cover these people. and i guess i should say this,
it's only easy to follow people 24 hours a day on tv. it is really hard to do in a clandestine way, so we were strapped. that wave went away. in part because a number of the people who were with isis in raqqah, syria, were taken off the battlefield by our colleagues in the military, and so i think by and large we have the resources. we have to make thoughtful judgments about what we need to be addresses and what our state and local partners need to be addressing, and the fbi has a pretty complicated process to decide what to do, where we ask each field office to look around your area of responsibility and say, so what are the bad things that could happen here across all of the fbi's responsibilities? who else is working to address those threats, and given the magnitude of the harm and other efforts already in place, where would we rank that? and we rank without regard to discipline across all of our threats and do that at a national level and that drives our allocation of resources, so
what's going to happen is if a particular state is doing a great job addressing gang violati violence, we may pull away, but you always have to make tradeoffs. budgetwise, when i became director we had a problem, sequestration, made it worse, shut the government down, so we've been digging out of that hole the last three and a half years. quantico was shut down for a year. it's hard to turn a university back on, so we're at the place, hired 3,000 people last year, going to hire 2,500 this year, and my fondest wish is to be able to sustain those human beings. the fbi is people. we don't have satellites, we don't have aircraft carriers, we have great people and i need to pay them and support them and that's what i'll be working for for the next year's budget. >> we unfortunately only have time for two more questions, and i kind of know where this one's going to go, but about half my packet of cards includes something like this.
just so everyone knows, i'm not just ignoring it. >> i'm 6'8". thank you. >> i fear that you said that as a threat to me right before i ask this question. can you comment on your commitment, the fbi's commitment, to pursuing to its ends, whatever ends those are, the investigation that you commented on involving russian involvement in u.s. elections? >> i don't want to comment on that particular matter. i'll say generally, though, what i said in the beginning. we are the same today as we were yesterday, we'll be the same tomorrow. we are what are the facts, we really don't care whose political ox is gored by our work, and that is the passion at the heart of the fbi. we will always be that way. and that can make us annoying in different circumstances. i hope it's comforting to the american people.
we are competent, honest, and independent. we were that way when i was lucky enough to become director, when i leave in six and a half years, we will still be that way. i hope that's reassuring to people. if it's annoying to people, doesn't matter. we're going to be the same. [ applause ] >> last question, and very relevant to many people in this room. clearly, the bureau is comprises 30,000-plus u.s. government employees, but is supported by many tens of thousands of people from industry, whether they are providing information technology or analytic support, or basic functional support for the fbi. what do you want to see more of? what would you like to see less of? where do you think you need help from industry in a way that you as fbi director can't get the u.s. government to move fast enough to face the missions you have to face down? >> that's a hard one.
i need you all to help us be smarter and better and know -- i talked about that attitude of humility when it comes to cyber. you will find that. the commander's intent is, you will find that in all aspects of the bureau's work. we do not have a monopoly on wisdom. we need you to bring to us smarter ways of doing things, cheaper ways of doing things, faster ways of doing things, and help us be agile. it's hard to be agile when you're 109. you tend to calcify and break a hip, but we are determined to be humble enough, proud enough of our century of achievement, but humble enough to be agile. you will bring us the opportunities to demonstrate that agility first. and second, i really do hope you'll urge your people, especially those who are in place for a longer term contract, to get part of our culture. one of my concerns is, with long-term contractors who don't feel part of the fbi and don't
act like they work for me, and i know they work for you, but i need them to be part of our culture. i have met contractors, some of whom are all in. i met a group one place where i sat down at the cafeteria to chat with them and they asked me to move out of the way because i was blocking the tv. >> you are tall. >> they knew i was the director of the fbi but they really didn't care, because they don't work for me, and that is something we can't have. as a business model, you don't want that. we need you to be not us, but of us in a way that will help us both be more effective at accomplishing the mission. >> well, i'll end where i started. jim has what i think we all know is one of the most challenging jobs in the u.s. government, if not the most challenging job other than president. and i don't think it's going to get any easier over the next six years, but i hope everyone is
heartened by the -- i know i am -- by the intellect, the integrity, and kind of the vision that you bring to this role. and i want to thank you for your past service and thank you for the next six years, because it will not be -- none of it, we don't know what's going to happen, but none of them will be easy years. thanks very much. >> thank you, mike. thank you. great job.
the president of the afl-cio, richard trumka, will be speaking this afternoon about trade and infrastructure issues and protecting workers' rights. we'll have live coverage from the national press club at 1:00 eastern here on c-span3. and the nomination of judge neil gorsuch of the supreme court continues in the senate live on c-span2. the judiciary committee voted yesterday to recommend his confirmation and democrats say they have enough members to filibuster a vote on the gorsuch confirmation. majority leader mitch mcconnell says he still plans to hold the final confirmation vote on friday. republicans are meeting this afternoon to talk about their strategy. we'll have live reaction from them after their meeting expected around 2:00 eastern time. saturday, book tv is live from the 15th annual annapolis
book festival in maryland. beginning at 10:00 a.m. eastern our coverage includes a panel discussion on income inequality with author of "$2 a day: living on almost nothing in america" and the author of "coming of age in the other america" then at 11:00 a.m. eastern a discussion on criminal justice from the author of "adnan's story." author brian stolar with his book "grace and justice on death row: the race against time in texas to free an innocent man." at noon eastern author of "pilgrimage: my search for the real pope francis." at 1:30 p.m. eastern, author of "playing to the edge." and at 3:00 p.m. eastern, author of "the speed of sound: breaking the barriers between music and technology." watch the 15th annual annapolis book festival live saturday at
10:00 a.m. eastern on c-span2's "book tv." in case you missed it on c-span, clinton watts of the foreign policy research institute at the senate intelligence hearing. >> through the end of 2015 and start of 2016 the russian influence system began pushing themes and messages seeking to influence the outcome of the u.s. presidential election. russia sought to sideline opponents on both sides of the political spectrum with adversarial views against the kremlin. they were in full swing in both the republican and democratic primary season and may have sequeled the hopes of candidates. >> lieutenant general gina grosso on the shortage of pilots in the military. >> the total force was short 1,555 pilots across all mission areas. of this amount, the total force was short 1,211 fighter pilots.
it should be noted that the cost to train a fifth generation fighter pilot to prepare him or her is approximately $11 million. >> nfl wide receiver anquan boldin at a congressional forum on policing. >> there are a lot of police officers that aren't involved in the communities that they are serving in or supposed to be serving in. so i have this crazy theory that if i know you, i'm a lot more likely to treat you a lot better than if i don't. so if i have a relationship with you, with that relationship i'm not going to be so quick to lock you up. >> general joseph votel on security challenges in the middle east. >> while we consider and establish accountability over our actions in this incident, i think it is also important to clearly recognize that the enemy does use human shields, has
little regard for human life, and does attempt to use civilian causality allegations as a tool to hinder our operations. >> arizona congresswoman martha mcsally at the american-israel public affairs committee policy conference. >> today the state of ids yale is a modern day david and goliath is the arsenal of hundreds of thousands of rockets and missiles aimed at the jewish state by terror groups like hezbollah and hamas, but this time israel has a major upgrade in technology that will help it take down the next giant. amen. the david-slaying missile defense system, which was co-developed by israel's rafael advanced defense systems and the american defense contractor. >> c-span programs are available at c-span.org, on our home page, and by searching the video library. the american israel p