narrow, basically narrow the search of the greatest extent practical and then also specifically saying you can't use overbroad terms like a geographic area, city or state or the name of a service provider to do your search or other similarly broad types of terms. so that was the key element. there are number of other provisions in the bill that we think have meaningful, provide meaningful reforms. one of them is to include what was discussed on the last panel, a panel of special advocates to argue for the foreign intelligence surveillance court that would come and there was a provision in the house bill that permitted this but we wanted to make sure that when those advocates came into course they had resources in the information they needed to be effective. we also added a provision that would allow for additional appellate review in the fisa court.

since 1978 when the fisa court was created there have been two appeals of the lower court's decisions. i think that's a really amazing statistic. we wanted to include a mechanism that would create the opportunity for additional appellate review given the types of things that the fisa court has been reviewing especially in the last decade or so the bulk collection programs of course being a prime example of that. >> it also included information related to the nondisclosure orders that, long with section 215 orders and national security letters and this gets to some of the transparency issues we have been discussing. when you receive a section 215 order or fisa court order or national skirt a letter comes with something that says you can't tell anyone about it. there have been federal court decisions and kurt can probably speak to this as well that says

that violates the first amendment in the current statutes. so we have statutory provisions to address the problems and provide judicial review of those gag orders. there was also a small but significant reform section 702. it's not the backdoor search fix that people have talked about which was an issue that we could not come to consensus on. there is a smaller but importa important -- important six to 702 and critically especially given the conversation we have been having there were very important transparency provisions in senator franken was deeply involved in that and deserves a lot of credit. they came in two types. one is additional mandatory government reporting on a range of surveillance. that really goes far beyond what's in statute today. institutionalizing that in the statute is part of what's so important to be able to continue

going forward to have these kinds of debates and conversations. the second was related to company reporting and this would give for sedans of fisa orders the ability to say publicly that they received a certain range, a number range of orders, something that many of the companies have worked very hard for. so those are the most important provisions of the bill. >> don't forget declassification of fisa court on the transparency front. >> thank you ised the. that's exactly right. another important transparency provision was providing for the declassification of fisa court and the fisa court i think is now realizing and many more decisions have been declassified. i think they are writing their opinions in a way that makes it easier for that to happen but the bill would again create the

statutory structures for that. >> you could get the bill, you have gotten to that point and it took months and it was blood sweat and tears. you got a lot of people from disparate decisions on board and national security agencies to the aclu together to support this yet you couldn't move it through. so what makes you think and now you have republicans in control of both houses and you have got rising concern about islamic state violence and threats to the homeland. what makes you think you can get it past the finish line this next congress? >> a few things i would say. number one congress often requires an act in her forward reinforcing and we have that here. june 1 section 215 of the usa patriot act if nothing happens, the legislation is passed to the version of section 215 that existed before the original patriot act in 2001 so there is

the sun set day coming. there's an expectation that there will be a real desire to move forward with legislation before then. also the coalition built around the usa freedom act, we had co-sponsors and we had great republican allies in the senate from senators mike lee dean heller and ted cruz and we are working with democrats, all over the democratic spectrum, dick durbin, sheldon whitehouse. we have support from the aclu the brennan center, the nra, tech freedom and the coalition is not going away. the coalition is going to continue to be working hard together. i think it's going to actually be a really interesting process as we go forward in the new congress under republican congressional leadership because the republican caucus with congressman massie being the prime example of this from today his remarks showed its split on this issue.

and coming into the senate we have two new republican senators who were co-sponsors of the original broader version of usa freedom act. we heard from congressman massie that he has been talking to many of the new republican house members and he thinks there's going to be quite a number of them who are going to be in a civil libertarian pro-reform camp. i think it's going to be a very interesting run-up to june 1 and i can't predict what's going to happen but i think we have got an interesting road ahead. >> he did put together a broad coalition that there were significant minority of advocates who opposed it because it didn't go far enough. i think marcy wheeler has written eloquently about how she opposed it. how do u.s. advocates kurt and liza how do you decide when something is good enough to support? what is your thinking in terms of what battles are worth

fighting and wear your red lin lines? give us some examples to talk about. >> sure. i am on the litigation side at our activism team will look very closely at legislation and we will determine discussions about whether goes far enough. if you get something passed and it doesn't go far enough it's harder to get the next thing pass down the road. but if you don't get something passed then things are at the status quo which is also a bad result. also we try to be very principled and stand behind something that is a good thing that is not making too many compromises or compromising core values along the way. so as they evolve we will support it or not trade.

>> what were some of the red lines laura? >> well, i guess i want to add to what kurt says which is in theory he would support any legislation that is an improvement over the status quo and a better practice you will often only get one bite at the apple and you know that going into it. so for us certainly the question is do we think that there is a nontrivial chance we will get something better and that's really the question we ask. does this make significant improvements in them assuming they are not as significant as we would like them to be do we have a realistic chance and up until the end the fight to get additional improvements that we want but at the end of the day if we feel we don't have a realistic shot of something better coming out of the process we are going to support it but we are also going to tell the truth about our reservations and concerns because we are in it for the long-haul. i would say and obviously if it

makes things significantly worse in even one respect we wouldn't want to support it. there are also red lines around things that maybe it won't make things worse but we enshrine the principle that has a problem. you could design a bill for example that would create improvements and surveillance but only for u.s. citizens in the country and other people, other legal residence in the country would not be protected. that would be something that felt discriminatory to us in that way even though it made things better in one exchange for another would be a red line i think for us. but on balance you have all these considerations and it was easy for us to support the usa freedom act. a number of absolute frank admissions about things we didn't do and things that need to be done in the future which there are a lot of things that usa freedom didn't even try to take on. nobody pretended they did.

they said okay 702 we will just deal with that later. >> and laura what do you think? do you think the incoming congress will start with usa freedom? do you see a chance to improve on it? do you think there is a prospect that it could be weakened or greater? do you think this is something congress is not likely to act on until the very end? what do you think? >> it's hard to know exactly how this is going to play out. the senate is still in session today so there are still a lot of people who are trying to deal with the final days of this congress. next year i next year i'm sure there will be a range of legislation in various directions. it's hard to imagine for those who have been supporting reform is hard to imagine doing something less than the usa freedom act given the broad

coalition that has supported that. but i can't predict how it's going to play out. and whether for example in the senate it will be a bill, what bill will be moved by the senate republican leadership? i think in a house you are going to see, last year in the house he saw congressman goodlatte and congressman rogers and of course he is leaving but who was the chair of the house intelligence committee and goodlatte is the chair of the house intelligence committee but it was the usa freedom act of moved through the house. senator leahy and his allies will want to be usa freedom act. >> thank you. kurt tell us about some of the cases that you are involved in on both the appeals level and the lower court level.

>> we are involved in a number of cases. right now we are the council in three cases that are against the nsa for the warrantless wiretapping program and the phone records program, one of which is that the appeals level. i was just arguing before the ninth ninth circuit earlier this month on december 8 and then we have two cases that are at the district court level, one of which was essentially filed in 2008 long before the snowdon leak but based on the information at that time based on "the new york times" and "usa today" reporting. we have an earlier case before that against at&t for their cooperation in the program but that was shut down by the congresses retroactive immunity and the fisa amendments act. and we have to two cases that are consolidated on appeal dealing with national security letter power.

the district court, the federal district court in san francisco ruled that that power was unconstitutional and struck it down so she stayed her decision pending the appeal so we just argued that in early october before the ninth circuit court of appeals. we are trying multiple frontier and multiple strategies to try to get the courts to rule that these programs are unconstitutional and try to unseat some of the legal theories that the government has been really relying on in the secret courts. one of the underlying problems in the secret decisions in the secret courts that have interpreted statutes in ways that would not -- were not readily apparent from the language of the statute on the breaking point. >> section 215 post data

collection. >> the language of that statute relevant to an authorized investigation when you interpret that relevancy inning all the records and all the people all the time you have written relevancy out of it. and it's the same thing whether you have that statement or not. that is not a traditional statute. also the supreme court has indicated in the u.s. the jones case that they have some doubts about smith v. maryland and those doubts existed and opinions written by five of the justices. not all the same opinion but that shows there are some support there for a reinterpretation of smith and smith v. maryland is the opinion of a lot of the programs and interpretations. so if you can get the courts outside of the secret court to hit these issues and find

something's unconstitutional this makes it much more difficult for them to twist the words and make a creative argument in the secret court to expand on things even if we don't know what they are doing in accord. and if we end up having a special advocate that gives them something to work with in those courts. so we are hopeful that through judicial change on this we can set the stage iv what reform. >> and if the courts rule against you are you worried about setting an unwelcome precedent? >> our plan is to win. >> are you company you can win? >> this is a good court. unanimous opinion and i think there was the necessity for warrant for a cell phone incident that led to an arrest.

the analysis in the jones case. there are good -- indications that the supreme court is rethinking privacy or at least more understanding that some of the thinking that had been done in a different technological era highs how does this fit with new technologies than if you have it decision that says in smith that it was okay to look at the pin register for one person for short period of time for a particular crime. that might not mean you can do that for all the people all the time for everything and some of the theories that the government has. so in the riley case, it wasn't about the smith v. maryland case that came up up that the government had argued because you did share this information with a third party at some point

that retroactively you lost your fourth amendment on the phone because it was the kind of information. i mean the government is trying to move forward and interpretations that could strip out worth amendment protections for anything besides plot things inside your house and the court rejected that. they didn't spend a lot of time on that but it wasn't worth spending a lot of time on that. the current supreme court may be useful here and we still have to get through the ninth circuit so there is a ways to go. >> i want to jump in quickly if that's okay and to say the constitution is this wonderful document that has these timeless principles that are adaptable to new circumstances and new technologies that the courts have to do their part. they have to apply them to the new circumstances and the new technologies. they can wait 30 years before

they start to agree to hear these. we are still trying to avoid hearing a third party case and ruling on the most narrow grounds it can. they are applying it as if the principle applied to these new sets of facts. technology can be used so quickly that the 10 to 20 to 30 lifetime we have they seen the courts addressing new technologies this serving is very poorly. so the question of taking themselves out of the game is way after fact and no offense. i mean what are we left with? there really needs to be their institutional failures that we need to be looking at here beyond just the nsa collecting too much information. why can't we get legislation on this? y. at the courts taken almost 40 years since smith versus

maryland to look at this question again when we have had several technological revolutions since then. >> i think we have about 10 minutes left for a few questions from the audience so if you raise your hand and wait for the mic, you know the drill. >> while we are waiting for the mic let me add to that. think we see some attacks on smith versus maryland so i think we are singing a version of that doctrine and the most plain example is the rorschach case where the sixth circuit said he retained a reasonable expectation of privacy meaning a third party doctrine doesn't the laminate the constitutional right to privacy in the contents of your e-mail when held with an e-mail provider. that makes it -- may seem obvious to you but a great breakthrough for you but it is in that case is significant for providers who now, certainly all

of those in the ninth circuit which includes google and a lot of them being providers require warrants before they will disclose the contents of stored communications like your e-mail or the statute that governs us actually doesn't always require a warrant. so we do have some case law that could have gone the other way and said to the third-party dr. need need to send over some of that content. so we will talk about ecpa updates. >> that is exactly right and there's legislation to address this problem. it is partially being addressed by the courts but it's the electronic communications privacy act and senator leahy and others have bipartisan legislation to require probable cause for the contents of stored stored communications so it's another effort that's ongoing. >> chris.

>> mr. saad go to i'm from the aclu. janer 2010 google revealed two of the world that they had been compromised by the u.s. government but it wasn't until a story in the "washington post" that we learned it up in google's surveillance compromised by this foreign government so two-part question. why did we have to read about in the newspaper and at three or four-year period why did google not tell the world the surveillance rather than the baker information is some systems had been compromised and separately can you tell us and a few year cents has google surveillance been compromised in the additional times by any other governments that you know about? >> the attack back in 2009 was one that we got hit by this attack and we conducted an investigation into it.

at the time of the attack, this may seem odd sitting where we are right now but back in 2009, 2010 you may remember there weren't a lot of victims of consumer attacks out there announcing they had been attacked. within google we had a debate. we had just a company that was going to have this happen, clean up our systems and hope nobody notices. and the attacks could be continuing on other industries and other companies. particularly in the course of that investigation we discovered that there were some concerted attacks against some human rights activists. one of the things we decided was that we are just not going to do what other companies presumably have done and just fi fix it and move on.

we wanted this to be known and so it was somewhat at that time famously sergey brin wrote a blogpost describing the attack, describing the actions we were going to take as a result of our discovery and our investigation and i have to say i think that was exactly the right thing to do. as far as i know it was unprecedented in doing that. since then i guess this will be unfair but it's almost calm to -- to blog about it. we are proud of the result they came about that companies could talk about the attack and talk about being victimized and not feel the shame of it. it's okay to come out. we will have better secure systems as a result of this and let's let it be known that this is an environment aggressive state-sponsored in some cases attacks against these networks and we have got to take security

seriously. it's a turning point for a lot of companies and how we have to secure our systems and our data, both corporate which is really what was an issue they are but also in the consumer data as well that we have only had half of our users. we didn't go into the details of that attack and we are still not going to go into the details of that attack. so i will not go into the particulars of it but i do think it was the right thing to talk about to make sure the world understood that this is serious and network security is not just something you put a halftime technical engineer on your network to address. companies need to take the thread it really is and be realistic about it. >> the gentleman right there.

>> steve again. i would like to follow up with richard on that. also you emphasized how you keep the e-mail secure. but are you also arguing in court against this class-action suit, the statement that there is no expectation of privacy in e-mail and that is why you take the position he can scan e-mails without the provision of the people who put their stuff in gmail and that you can pass on that specific information cap or size -- advertisers to that individual so you are keeping it private because it has value to you and you monetize it. that's the other side of the coin so how given that he respond to the criticisms that eric schmidt alluded to from assange or more recently tim cook? >> i'm not sure about the last two but i think i understand your question.

if i answer this like a lawyer it's because i'm a lawyer and you can come back but what we are talking about, the world that i'm in in google is about securing the data vis-à-vis other entities in the world, not google. secure your data is a different thing. a reasonable expectation of privacy i'm talking about is your reasonable expectation for privacy. the government is not going to be getting into your business without there being probable cause established to do so. that is when surveillance is about, the government getting to your information in private communications, your metadata and subscriber information that we might hold on your behalf without being able to get it. the other part of that would be an external party that doesn't have the authorization to get on

the security site through when i type a reasonable expectation of privacy that's what i'm talking about. >> over here with the blue glasses. >> hi. i'm a technologist for the duro project. i actually had a curious question for richard. five years is a really long time in terms of technology so it's very interesting that google is not interested in the details of that attack. is this a vulnerability that still affects google in some fashion or says something that has been resolved? >> oh no, the attack that google had i think we described it somewhat but it was a fairly sophisticated one but it wasn't like there was a vulnerability that was exploited. i think if you talk to people who have been, had intrusions and attempts against them sometime successful and sometimes not it's not like

there is a single hole in the system that gets exploited. this is the kind of attack we are talking about is pretty sophisticated so it's little by little one method to get one place. you may be stay quiet in that one place and wait for your chance to move to another part of the network. presumably all along the way increasing your authority on the network to get into other networks. it's all cleaned up now but it's oversimplified to say of vulnerability that was not fixed. it's a sophisticated attacker on a network is not going to be picky about the tools they use to get into your network. sometimes they you stupid things but they work. it's great and sometimes they are going to turn to zero days and maybe burn zero days if they have to. it isn't as though there is some magic thing that gets u.n. and you are there. it's very smart patient attacks. >> in the back there on the

left-hand side. >> that will be our final question. >> john from mclean virginia. the last question about technology solution about perhaps an alternative to a backdoor, let me just remind them that in 1996 the federal reserve sponsored technology that went to the american national standards institute and created national standard in 1999 and renewed every five years by 150 companies in the technology would provide the solution. it has been frustrated by the nsa because of its game of messing with the commercial encryption business but i recommend that it be reviewed as a solution i will stop there.

>> map do you have a response? >> i don't know what x. 973 is off the top of my head unfortunately that there are many different technologies that can work in this space and we can talk about that one off-line. >> i hope you'll all join me in thanking our panel. [applause] ..