behind the fences in a camp somewhere. yesterday in his interview the president said the u.s. special operations were backing up the iraqi forces. it's unrealistic to believe that when the shooting starts the special operation forces are going to retreat and watch it happen. the american people need to know if they will be engaged in combat.

[inaudible] >> it's to protect our national security. there is not been an attempt at any point to downplay the significance of the operation their undertaking. that is true if you're talking about our military pilots flying combat operations through ten or 11000 airstrikes now been taken against isil targets in iraq and syria. it's true of special operators been informed and station throughout iraq to carry out raids when an opportunity presents itself to try to take out a senior isil figure were to capitalize on a treasure trove of intelligence that may be there for the taking. it's also true when you talk about our military service members are engaged in training efforts. in some cases, particularly earlier in our efforts you had u.s. military members who are in

dangerous parts of iraq who are working to try to train several iraqis to make them more effective on the battlefield against isil. we had not not at all tried to downplay the significance of those operations, of of the risk of those individual members are taking, or the bravery they are displaying when carrying out their mission. what is true is that when these kind of operations are undertaken, the decision to convince the operations are made by the iraqi government and leaders in the iraqi military. that the operations are focused on being carried out by iraq he forces, those forces are supported by the u.s. military. in some some cases those are supported by u.s. military

pilots that are conducting airstrikes and supported their operations. in other cases that is this special operators who are in proximity who cannot read vice about specific tactics that can be deployed on the battlefield. in order to make the completion of their operation more likely to be successful. there is an important role for servicemembers to carry out. it is a role that requires avery, it is a role that requires a willingness to assume some risk, but it is different than the kind of combat mission that previous u.s. military servicemembers were asked to undertake in the invasion i rack in 2003. >> so you would acknowledge them that it is likely, are very possible that those forces could indeed being ground untrained involved in ground combat even though it's not the primary mission. >> the way we've described is that they are engaged in

missions described as offering advice, assistance and training try iraqi forces. that is different from a mission exclusively focused on combat. but we have never come and i certainly am not good to start from here, seek to downplay how dangerous and how much bravery is required to carry out the kind of advice and assistance missions that are servicemembers are undertaking on a daily basis in iraq. >> also in his interview with charlie rose his remarks are being widely interpreted that the president meant to say that given the acceleration in u.s. participation in assisting the iraqi forces that muzzle would fall by the end of the year. did the president mean to say that? >> i think what the president was trying to make the case for was to set expectations that we are hopeful that the conditions

can be created where muzzle could fall this year. what the iraqi forces have been engaged in for some time this year is essentially undertaking operations around their two lay the groundwork for more significant operations around there. they are at work trying to create the conditions where it had fallen. trant two is a place where they have started to concentrate on.

>> let's just clarify something. you said at least three times that i've heard quoting from the 911 commission report that there is no evidence that that government or other officials have supported al qaeda, senator had said that we had not exonerated the saudis. when you quote that line are you saying that the white house believes the saudi's were exonerated? >> what i am merely doing, let's back up. the reason i quoted that quoted that line frequently is because the suggestion has been raised that by refusing to release 28 pages of classified material that your network has been talking about, is somehow a secret attempt to cover up

verified, damaging information information about the complicity of the saudi government in the 911 attacks. what i have been trying to do is to point you to the conclusion by this independent blue ribbon panel that took an unvarnished look at what happened to the lead up of 9/11 and in the after math so it would never happen again. so i think it is irrelevant to a discussion about whether or not there is no tear your motive to this question about the 20 pages. >> but what you think that phrase means? what does that mean to you? >> again, i think people can take a look at the report and draw their own conclusion based on people who looked at reams of

evidence. the 911 commission has been given extensive access to information and material that were relevant to their investigation. these were individuals who had expertise in those intelligence matters. they were in a position to evaluate to and examined the evidence, to consider where they should look to find evidence, and they wrote a report that was made public so that everyone could see it and other conclusions. so what i have done is try to point to to their conclusions because i think they're relevant to the question about whether these 28 pages are going to be declassified. i obviously have obviously have not done the kind of investigation they did. i would encourage people that if they had questions, whether or not the saudi government as an

institution or senior officials in the saudi government were complicit in knowingly assisting the trans- heaven. >> the 911 had any indication. that is their conclusion and they can make that conclusion. is there people that want to ask different questions or seek additional evidence they are entitled to do that. the conclusion of this particular commission is relevant to the question at hand. >> as far as the suggestion there some damaging information in the 28 pages, bob was asked what you believe, who in saudi arabia's responsible, the government, charities, and he said all of the above. he clearly believes that there.

he clearly believes that there are some involvements with the saudi government and the 28 pages points to that. >> again i have not read the 28 pages. even if i had i would not be in a position to in a position to talk about it because they're currently classified. we don't have to go over this territory again. i think what is relevant is that there is a can mission that did take a look at it. they did make public their conclusion. people can certainly evaluate the pages and draw their own conclusions accordingly. let me just say something else that happens to be true, it is undeniable that since 911, we have seen the saudi government focus more intently on combating and countering those who propagate extremists ideology. if if it wasn't clear to them before it is certainly clear to them in the aftermath of 9/11.

we certainly have welcomed the efforts of the saudi government to counter the propagation of that ideology and that is just one sign of the improved security cooperation between the united states and saudi arabia since 9/11. it certainly does not eliminate all of the disagreements we had between the two countries. it is an indication that since 9/11, because of important work that was done both by the bush administration and by national security professionals in this administration, the relationship between the two countries has been enhanced in a way that has important benefits for national security. >> if the 9/11 counties cannot sue the saudi government what other recourse do they have?

can diplomacy do something to satisfy what they would like to see happen? >> as mentioned, i will let the 9/11 family speak for themselves. they can set their own priorities as in terms of what they want to see. i know reading the public comments of many of those individuals they are quite concerned of american national security, about protecting the u.s. homeland, and making sure the tragedy on the skill of 9/11 never happens again. what is true is that by using diplomacy, not just just with saudi arabia but with countries around the world the united states is safer than we were the 9/11. we have made progress. osama bin laden no longer threatens the american people. al qaeda has been decimated, we have made progress in putting pressure on al qaeda affiliates run the world. we have deepened our counterterrorism along and with many countries throughout the

world. i don't want to downplay the risk. it is because the risks exist that this administration has been so vigorous and countering them. i think that is a policy priority and a set of policy accomplishments that anybody who is concerned about u.s. national security would be pleased about. >> secretary carter in the uae and the president's trip to that region, wondering if we should ask backed any announcement from the summit about future commitments from these countries on the counter of isis. >> i don't know whether secretary carter is prepared to make any announcements today. obviously the leaders of those countries the president obama will an opportunity to meet in riyadh starting tomorrow. actually starting on thursday,

this overnight flight thing has really got me confused. president obama will arrive in saudi arabia on wednesday, thursday he will convene a series of meetings with g d.c. meters leaders including with saudi arabia. you all will have an opportunity to hear from president obama the conclusion of those meetings. he he will be in a position to talk to you about any progress we have made in the context of the negotiation. >> understand there's a car bomb that killed several people and injured hundreds, the taliban has said -- and wondering what the responses from the white house and whether or not that affects the president's decision rather to draw down the troops? >> let me start by saying the united states strongly condemns

the cowardly attack on afghan forces this morning that killed dozens and wounded hundreds. our thoughts and prayers are with their victims, families and loved ones. at the outside of this years fighting season we remain committed to supporting the afghan people and their government. we also called the taliban to pursue peace instead of continuing a military campaign responsible for the senseless deaths of afghan civilians. we remain steadfast partners with afghan security partners as we work to for peace in the region. i don't have an updated assessment in terms of what, if any impact this attack would have on our military position going forward. the president will have the opportunity to talk about this at the end of last year. this will be among the important policy decisions that the

incoming president, president obama's successor will have to make. when president obama took office you will recall in 2009, he did so bowing to follow through on a campaign promise, to ensure that the united states international community would focus on the terror threat that was emanating from this region of the world. in the sense was, not just the sense of president obama but for the american people that our attention had drifted and had been diverted into the situation in iraq. president obama bowed to recalibrate that situation to ensure that we were reinforcing our efforts in afghanistan that region of the world where we know al qaeda leadership under the protection of the taliban had carried out the 9/11 attacks against the united states. president obama has executed a

military and diplomatic strategy that has decimated the core of al qaeda, took osama bin laden off the battlefield. it has supported an afghan government to that is committed to the kind of security approach that we are supporting. there is note to my denying that we have made tremendous progress in afghanistan. it has made american safer. there are years of work, decades of work that still needs to be done in that region of the world. in order to continue to advance our national security interests. >> one more quickly on the bill, the treasury secretary making it announcement about the you have a mockup of what the bill may

look like question. >> this is a policy issue made by the treasury department. it is not at all uncommon for the treasury department to consult with the white house where appropriate. i do not have any news to make on their behalf at least today. >> new york voters have been told to the happening in the democratic party, it's not apris in the delegate count,? >> there is no denying that when you compare the campaign and they dissuaded by the democratic candidates that it has been much healthier and more productive than the campaign that we have seen being waged by the other side. the president has obviously been

pleased to see democratic candidates who are giving voice and prioritizing the kind of values that he spent his career fighting for. that has been a good thing. the president is obviously been pleased by that. ultimately the individual candidates will have to decide for themselves how this campaign will play out here in the remaining weeks of the democratic contest. in 2008 there was a vigorous contest between then senator clinton and then senator obama that dragged on longer than people expected. longer than anybody expected. but with some departures it was primarily focused on policy and

articulating a vision for the country. that longer than expected democratic primary and positive benefits for the party as a whole and certainly improve the performance of the democratic nominee in the general election and certainly resulted in a democratic campaign organization , stronger then democrats had competed in. i look at indiana who had a primary in may that had rarely been contested by democratic presidential content. but there is a vigorous contest in 2008 between senator clinton senator obama at the time. there are some that concluded that it would be a bike then for the democratic party. instead what was once resulted was a democratic party infrastructure being built in indiana to support both candidates that

then went on to greatly contributed to the democratic candidate success in the general election. that led to president obama winning the state of indiana in the general election of 2008, something a democratic presidential candidate had not done in decades. that is just one illustration of how a longer than expected primary contest can yield positive results for the party of the party's nominee. as i could happen this time around? it's too early to tell. hopefully will. we will see. >> how closely is the president following campaign and the campaign trail? is he reading about things online on the newspaper, how is he following the campaign? >> i think he is following the election closely. he obviously has a stake in who

will succeed in office. i do not believe the president has spent much, if any time watching live election returns. i know i know he is not spent much time watching the debates but he certainly is following the course of the broader debate that is taking place on both sides. at some point the president will have an opportunity to be an active participant in that debate. that will be when we shift to a general election. >> i give you the last line and then i got to get ready for my overnight flight. >> to have any sense about the follow-through of the 50,000,000,000 dollars in u.s. assets what kind of damage that would do to the u.s. economy and for that united states in general question work. >> you certainly have access to

more sophisticated analysis analyst than i do, thank goodness. that's welcome news to the readers of your business pages for sure. what i will just say in general is that our concern is that a hypothetical transaction or series of transactions like this would destabilize the global financial market and that kind of instability and volatility is not in the interest of any of the advanced economies around the world. both the united states and saudi arabia would be in the advanced economies that would not benefit from situation like that. that's the observation i have

made, i know the suggestion was raised in your newspaper that could be a potential response, i don't know, as i recall it was not in on the record a statement by the saudi official. i i think it is hard to assess exactly how seriously something like that is being considered there. given our shared interests in protecting the stability of the global, financial system, i suspect it's not something that would be considered for long. >> i think there is increasing concern on the saudi's i think washington has become far lists his billable place for them both from a policy from a diplomatic perspective they see the obama administration far less warm to

them the previous administrations had been. they see legislation on capitol hill arising in what they worry is a growing anti- saudi sentiment, should they feel worried about this, it's president obama's third trip to saudi arabia this week, do the studies himself in either gcc members generally feel that they have deemed their and seen their place in washington decline in several years, are those those worries justify? >> what i would encourage people to harbor that concern, what is to take a close look at president obama's the record. just last year he can veined the first ever gcc summit at camp david. that is a location that many world leaders are not invited to

enjoy. but it is an indication of how important the president considers the relationship between the united states and our partners in that region of the year. the fact that he is following through with a second summit less than one year later is an indication that he is committed to following through on the discussions that were at camp david last year. the president has talked about the impact of the international agreement of preventing iran from getting a nuclear weapon. part of the case we made our partners in the region who were initially skeptical of the wisdom of this dramatic approach is that it would yield important national security benefits for them. that it has proven to be true. in the national security position of saudi arabia is strengthened if they know that

one of their chief rivals in the region is verifiably not in pursuit of a nuclear weapon. that's a good good thing for saudi arabia. that enhances their security. that advancement would not have been possible without the united states leading the diplomatic efforts to prevent iran from obtaining a nuclear weapon. me give you another example. the kingdom of saudi arabia has been justifiably concerned about the security situation in yemen. they share a border with yemen. the united states has offered them the kind of logistical support that has been critical to their ability to apply military pressure to rebels and extremists in yemen. the united states and saudi arabia have worked together to apply pressure to al qaeda in

yemen. these are dangerous extremists that have designs not just in carrying out attacks on shared u.s. saudi interest in the region, they have designs on carrying out attacks on u.s. interest around the world. we are mindful of that threat. we have worked effectively with the saudi's to counter it. we have also worked effectively with saudi arabia and other gcc partners to add important resources to our counter isil campaign. that includes not just important military contributions both in the form of military actions, but also in the form of military assistance to fighting forces on the ground, we've also obtained important saudi assistance in countering i efforts to

radicalize people online. we have worked closely with the saudi's and and other gcc partners to shut down isil's efforts to finance their operations. some of the countries the president will be meeting with have capitalists who are regional financial center. by blocking or at least countering isil's ability to access the services available on those capitals is important for longer-term success we have made progress in that effort because of their cooperation with the united states and because of their support for coalition. there are a variety of ways in which the partnership between the united states and saudi arabia has been enhanced under president obama's leadership in a way that is good for the united states. that is good for national security. and it's good for homeland security. that's always what the president's focus on his making these decisions and engaged in

this diplomacy. this is a good example of the president focused on the right goals in pursuit of the kind of common ground that benefits the citizens about the united states and saudi arabia. thank you everybody. see you next week. >> [inaudible conversation] >> coming up tonight on c-span2, house energy and commerce subcommittee examines encryption and law-enforcement. then, hearing on how isis is using the theft of antiquities to finance its operations. later, senators mark the 21st anniversary of the oklahoma city bombing at the alfa p murray building. >> next, representatives of apple, the tech industry and law-enforcement testify about the use of encryption technology

, particularly in relation to smart phones and mobile devices. the house energy and commerce oversight and investigations subcommittee is is examining national security and privacy issues. this is three hours and 15 minutes. [inaudible] >> good morning and welcome to the oversight and investigations of committee hearing on the debate over corruption industry and law enforcement pray before some a statement i want other people to know that we have multiple hearings going on today and tomorrow hearing as well. you'll see people coming and

going. especially for witnesses so you do not think it is chaos, we have members trying to juggle a lot of things at the same time. it is ks, okay. so. we are meeting today to consider the complex question, should the government have the ability to lawfully access encrypted technology and communication. this is a question at the center of a heated public debate, catalyzed earlier this year when the fbi obtained a court order for apple to assist on mocking an iphone of one of the san bernadino terrorists. this is not new question. strong encryption has existed for decades. for years, motivated individuals had access to tools necessary to conceal their activities from law-enforcement. for years, the government has repeatedly tried to limit the use of or obtain access to encrypted data. the most notable example came in the 1990s when encrypted information, in response the nsa

developed the clipper chip. this would enable encrypted communication but also provide the government with the key to access those communications if necessary. the so-called backdoor spark debate between government and technology community about access to encrypted technology. an argument is that such a backdoor would create a vulnerability that could be exploded by actors outside the government. the concern was validated with a critical flaw was discovered in the chips design. i should know one of our witnesses today, identified that vulnerability which made the governments backdoor work into a front door. as a partial solution congress passed the communications assistance to law-enforcement act called kolea. kolea addressed the concern about rapidly evolving technologies were curtailing their ability to conduct surveillance.

by requiring them to provide assistance in executing authority, however the law included notable caveats which limited their ability for encrypted technology. the crypto wars and it appeared of relative quiet. so what has changed in recent years to renew the debate? part of the concern is once again the rapid expansion of technology. at its core however this debate is about the widespread availability of encryption by default. while encryption has been open for decades it's been cumbersome to use. it took everton sophistication, because of this law-enforcement was still able to gain access to the majority of the digital evidence they discovered in their investigation. now the encryption of electronic data is the norm. as the default. the natural response about the security of digital information.

the decision by companies like apple and the messaging application means more than 1,000,000,000 people, including some including some living in countries with repressive governments have the benefit of easy, reliable encryption. at the same the same time however, criminals and terrorists have the same access to secure means of community and, they know it and will use it as their own mission control center. that, is the crux of the recent debate. access to secure technology beyond the reach of law-enforcement no longer requires coronation or sophistication, is available to anyone and everyone. at the same time more of our lives become dependent on the internet widespread encryption is important to all of us.

the circumstance may have's changed and so too must the discussion. we can no longer be a battle between two sides, choice between black and white. we take that approach, the that approach, the only outcome is that we all lose. this is of issue a public safety and netflix. it requires a very thoughtful approach. that is why were here today to begin moving the camera conversation from right versus wrong to constructive dialogue that recognize this is a complex issue and therefore we are all in this together. we have very strong panels, expect each will make strong arguments about the benefits of strong encryption and the challenges it presents to law-enforcement. i encourage my colleagues to embrace this opportunity to learn from the experts to better understand the multiple perspectives, layers and complexity's of the issue. it's time to begin a new chapter in this battle, when i hope you can bring resolution. this process will not be easy but if it does not happen now we may reach a time when it's too late and success becomes

impossible. so, for everyone calling on congress to address this issue, here we are. i can only hope moving forward you'll be willing to join us at the table. i now recognize ranking member from colorado for five minutes. >> thank you mr. chairman and thank you for holding this important hearing. issues surrounding encryption, in particular the discriminant between law-enforcement and the tech community gain significant public attention in the san bernadino case. but i am absolutely not interested in redoing that dispute today. as he said the conversation is to be broader than just that one case. i missed it unequivocally that i, like you and the rest of us here today recognize and appreciate the benefits of strong encryption in today's digital world. it keeps our communication secure, critical infrastructure safe, and her bank accounts from being drained. it provides each is us privacy protection. also like you you, i see the flip side of the coin. why corruption does provide these invaluable protections it

can also be use to obscure the communication and plot of criminals and terrorists and criminals and increasingly at great risk. it's our task is to find a balance between those competing interests. we we need to ask both industry and law enforcement some hard questions today. last month the president said for example, we want strong encryption because part of us preventing terrorism or people from disrupting the financial system is that hackers state, or nonstate cannot get in there and messed around. but if we make systems that are impenetrable or warm proof, how do we stop criminals and terrorists? if you can't crack the systems, president obama says then everybody is walking around with the swiss bank account in their pocket. i've heard the tech community is concerned that some of the policies being proposed like reading a backdoor for law-enforcement will undermine

the encryption that everybody needs to keep them safe. and as they remind us a backdoor for good guys ultimately becomes a front door for criminals. the tech tech community has been particularly vocal about the negative consequences of proposals to the encryption challenge. i i think many the arguments are valid. i've only heard what we should not do, what not what we should do collectively to address this challenge. i think the discussion needs to include a dialogue about how to move forward. i can't believe this problem isn't retractable. the same thing seems to be true for law-enforcement which razors legitimate concern that doesn't seem to be focused on workable solutions. i don't promote posting industry for back doors that will tell us will undermine security or privacy for all of us. at the same time, i'm not

comfortable with impenetrable, warm proof proof spaces for criminals or terrorists can operate without any fear that law-enforcement could discover their plot. so what i want to hear today is from both law-enforcement and industry, about possible solutions going forward. for example, if we conclude that expensive waterproof bases are not acceptable in society's and one of the policy options? what happens if encryption is the reason law-enforcement can't solve or prevent a crime? if the holder or transmitter of the data or device can't or won't help law enforcement will affect? what are suitable options? last week the washington post reported the government relied on hackers to circumvent the san bernadino iphone. well, thank goodness, i don't think so. i don't think relying on the third party is a good model. this recent san bernadino case

suggests when the government needs to enhance its capabilities when it comes to exploring ways to work around the challenges posed by encryption, i intend to to ask both panels what additional resources and capabilities does government need to keep pace with technology? providing government with more tools or capability require additional discussions rick about due process and the protection of civil liberties. enhancing the technical capability is one potential solution that does not mandate backdoor. finally, the public, tech community, government are all in this together. in that spirit, i really do want to thank our witnesses are coming today. i'm happy we have people from enforcement, academia and industry. i'm happy that apple came to testify today. your voice is particularly important because other players like facebook did climbed our

invitation. the tech community has told congress, we need to solve this problem and we agree. i have to tell you, it's hard to solve a problem when the key players won't show up for the discussion. i'm here also to tell you is a longtime member of the subcommittee, relying on congress to, on its own pass legislation and is very complex situation like this is a blunt instrument at best. i think it would be in everybody's best interest to come to the table and help us work on a solution. thank you again for holding this hearing. i know we will not trivialize these concerns. i look for to working with everybody to come up with a reasonable reasonable solution. i yelled back. >> i recognize chairman of the committee for five minutes. >> thank you. for months we have witnessed an intense and important debate between law-enforcement and the technology community about encryption. much of the recent debate is focused on the fbi and apple, this issue is certainly much

bigger than anyone into tea, device, or piece of technology. at its core it's a debate about what the society is willing to accept. if you paid attention to the debate it might appear to be a black-and-white choice, either we side with law-enforcement and grant them access to encrypted technology that is weakening the security or privacy of our digital infrastructure, or we can side with technology community prevent law-enforcement from accessing encrypted technology, thus creating a a warrantless, safe haven for terrorists, pedophiles, and other evil and terrible actors. it's important that we move beyond us versus them mentality that is encompassed this discussion for far too long. this debate is not about picking sides, it is about evaluating options. it begins by acknowledging the equities of both sides. from the technology perspective there's

no doubt that strong encryption is a benefit to our society. as more of our daily life become integrated with the digital universe, corruption is critical for the security and privacy of our corporate edits evidenced by the breaches over the past year, data theft can have a devastating effect. it affects our personal privacy, economic strength the national security. in addition, encryption doesn't, encryption doesn't just enable terrorist wrongdoers to do terrible things. as we look to the future and we see more and more aspects of our lives we become connected to the internet including cars, medical devices and the elected grid, encryption encryption will play an important role should these technologies be compromised. from a law-enforcement technology it helps text lives

opposes a serious risk. >> as will hear today this cannot always be offset by alternative means by metadata or other investigative tools. there are certain situations such as identifying child expectations or access to content is critical. these are but few reasons on both sides of the debate. sitting here today i don't have is a complex issue that really require difficult decisions but that's not a reason to put her head in the sand or default. we need to confront head-on because they're not going to go away they're only gonna get difficult as time continues to tick. identifying a solution includes

trade off and compromise on both sides but ultimately comes down to what society excepts is appropriate balance between government access, for that reason others money have called on us, this committee to confront the issues here. that's why were were holding this hearing, that's why chairman goodlatte and ranking members have established a bipartisan joint committee working group to examine this issue. in order for congress to successfully confront the issue it will require patience, creativity, courage, and more importantly, cooperation. it's easy to call on congress to take on an issue but you better be prepared to answer the call when we do. this issue is too important to have key players sitting on the sideline, therefore i hope all of you are prepared to participate as we take to heart what we hear today and be part of the solution moving for.

they'll back. >> i now recognize senator for five minutes. >> thank you mr. chairman. i welcome the opportunity to hear today from both law-enforcement and the tech community as we seek to understand and develop solutions for this encryption debate. encryption enables the privacy and security we value but it creates challenges for those seeking to protect us. law-enforcement has a difficult job in keeping our nation safe and finding some encrypted devices and programs are hampering their efforts to conduct their investigations. even with a warrant they find themselves unable to access information. this raises question how comfortable we are as a nation with these dark areas that cannot be reached by law-enforcement. at the same time, the tech community helps protect our most valuable information and the most secure way to do that is by using intend encryption meeting the device or manufacture does not hold the key to that information.

the tech community provides backdoor make their job of protecting our information that much more difficult we should heed that warning work toward a solution that will not solve one problem by creating many others. it's clear both sides have compelling arguments, simply repeating those arguments is not a sufficient response. we need need to work together to move forward. i hope today's hearing is the beginning of the conversation. in the last several months and years we've seen major players of the debate look to congress for solution. in 2014 fbi director said, i'm happy to work with congress and our partners in the private sector and with my law-enforcement and national security counterpart, and with the people we serve to find the right answer, to to find the balance when he. in an email to apple employees earlier this year apple ceo wrote about support for congress to bring together experts on intelligence, technology and and civil liberties to discuss the implications for law-enforcement

, national security, privacy and personal freedoms. he wrote apple would gladly participate in such an effort. if we have hope of moving forward we need all parties to come together. the participation of her witnesses today should serve as a model to others have been reluctant to participate in this discussion. we can move forward with each party remains in its court corner unwilling to compromise. both sides need to recognize it's never to strike a balance between the security and privacy of personal data and public safety. the public needs to feel confident their information secure, the same time we need to assure them law-enforcement has all the tools and needs to do their jobs effectively. i would like to yield the remaining time to the gentleman from new york. >> thank ranking member for yielding. first let me welcome chief thomas gulati was chief of intelligence from my hometown of new york city.

many refer to the new york city police department as new york's finest. but i like to think of them as the world's finest. welcome. at its core our constitution is about the balance of power. it's about balancing power among the federal government, state government, the rights of individuals. through the years getting that balance right has been challenging and at times tension filled. but we have done it. the encryption versus privacy rights issue is simply another opportunity for us to again recalibrate and fine-tune. the balance in our democracy. as the old cliché states, democracy is not a spectator sport so it's time for all of us to participate. it's time to roll up our sleeves and work together to resolve this issue as an imperative, because it's not going away. i'm glad that we're having this hearing today because i do believe that working together we can find a way to balance our

concern and to address this issue physical security with our right to private security. i look look forward to hearing their perspective our witnesses today and i yelled back the remaining of my time. thank you mr. chairman. >> thank you. i do ask unanimous consent for the written statement be entered into the record. i would like to introduce witnesses of our first panel. our first witnesses amy hess was executive director at science and technology the federal bureau. she was responsible for the executive oversight of the criminal justice information services laboratory and technology divisions. she has an in fbi special agent, the bureau's headquarters in washington d.c. and we think msr testimony look forward to

hearing your insight. we want to welcome chief thomas gulati from the new york city police department. a 32 year veteran of the new york city police department and currently serves i've's chief of intelligence. he is responsible for the activities of the intelligence bureau, the western hemisphere's largest municipal law-enforcement intelligence operations. thank you for testimony today we look for to hearing your comments. finally for the first panel we welcome captain charles: the indiana state police, currently he is the commander of the office of intelligence and investigative technology where he is responsible for the cyber crime, surveillance and internet crimes against children. we appreciate his time today and we appreciate and thank you for being here. chevron hickman of the harris county sheriff's officer office

will not be here due to the tragic flooding in the houston area. our prayers and thoughts are with people of houston. we know there's been several tragedies there. we certainly understand that travel logistics makes this impossible. i would ask that his testimony be entered into the record. to our panel is, as you are where the committees holding a basket of hearing it when doing so takes testimony under oath. do any of you have objections to testimony under note all. they all say no. under the rules of the housing committee you are entitled to be advised by counsel. do any of you wish to be advised by counsel today? they all say no. please rise and raise your right hand. do you swear the testimony you're about to give is the whole truth, nothing but the truth? all the answers answer in the affirmative and you are now under oath.

you may now give a five minute summary of your opening statement, ms. has you are recognized for five minutes. >> thank you. good morning thank you for the opportunity to appear before you today and engage in this important discussion. in recent years with the new technology transformer society, most notably by enabling digital communication of facilitating e-commerce. the conceptual to protect these to promote free expression, and safeguard sensitive information. we support strong encryption. we have seen how criminals coming including terrorists are using this to their advantage. encryption is not the only challenge we face in this landscape however, we face significant obstacles in tracking suspects because they can communicate well changing from a known a known wi-fi service to a cellular connection

to a wi-fi hotspot. they can move from a communication application to another and carry the same conversation or multiple conversations simultaneously. medication companies do not have standard data retention policies and without historical data it's difficult to put the pieces together. some poor communication providers have millions of users in the united states but no point of presence here making it difficult if not impossible to execute a lawful court order. think counter platforms that are anonymous, critical leads and evidence may be lost. the problem is increased when we face one or more these challenges on top of another. since our nation's inception we have had reasonable expectation of privacy, this means only with probable cause in a court order and law-enforcement listen to an individual's private conversation or into their private space. when changes in technology hinder or prohibit our ability to use authorized investigative tools we may not be able to root

out child predators hiding in the shadows or violent criminals targeting our neighborhood. we may not be able to identify and stop terrorists where using today's comedic asian to plan and execute attacks in our country. where in this quandary. maximize maximize security as we move into a world where increasing information is beyond the reach of judicial authority and trying to maximize privacy in this era of rapid, technological advancement. finding the right balance is a complex endeavor. it it should not be left solely to corporations or to the fbi to sell. must be publicly debated and deliberated. the american people should decide how we want to govern ourselves in today's world. as law-enforcement's responsibility to the american people that the investigative tools we have successfully used in the past are increasingly becoming less effective. the discussion so far has been highly charged at times because people are passionate about privacy and security. this is an essential discussion which much include a productive, meaningful and rational dialogue on how encryption poses

significant barriers to the enforcement's ability to do his job. as the discussion continues we are committed to working with industry, academia and other parties to develop the right solution. we have an obligation to ensure everyone understands the public safety and national security risks the results from new technologies and encrypted platforms by malicious actors. to be clear, we're not asking to expand the government authority but rather continue to obtain electronic evidence pursuant to the legal authority that covers has provided us to keep america safe. there is not a will not be a one-size-fits-all solution to address the firing of the of challenges we face. the the fbi is pursuing multiple avenues to overcome these challenges but we realize we cannot overcome them on our own. we believe the issues posed by this, gravy mix from the

complex. we must continue the public discourse on how best to ensure privacy and security can coexist and reinforce each other, this hearing today is a vital part of that process. thank you for your time and your attention to this important matter. >> thank you. reckless chief for five minutes. >> on behalf of mary diblasio police commissioner bratton and myself thank you for the committee to speak with you this morning. years ago, criminals and their compline should store their information in closets, drawers, safes, glove boxes. there was and continues to be a next dictation of privacy in these areas but the high burden which it requires lawful search, warranted and authorized by a judge has been deemed sufficient protection against unreasonable search and seizure for the past two to four years. now it seems that legal authority is struggling to catch up with the times. because today, nearly every live their life on a smart form on trick bone including criminals there now archived in an e-mail or text message.

the same information that would catch a rapist is stored on that device. law-enforcement has legal asks us to the file cabinet is shut out to the phone. not because of constraints of built-in to the law but limits to technology. when mom forced mrs. cannot access information prosecution and prevention of a crime, despite the lawful right to do so, call this going dark. everyday wastes have this this dilemma on two fronts. first is data at rest. when the actual device, the computer, the tablet or the phone is in law enforcement's possession. >> .. >> locked out of apple devices.

in addition, there are 35 non- apple devices. of these apple devices 23 felonies attend homicides to my two rapes, and to police officer shot in line of duty. in every case we have the file cabinet, so to speak and legal authority to open it but lack the technical ability to do so because of encryption. in every case these crimes deserve our protection. the 2nd type is data in motion. legally permitted through one or other process to intercept and access communications. encryption built in the applications forced this type of lawful surveillance. we are unable to understand why.

again legally obtained to alert the police officer. now we are literally in the dark. recently her to defendant make a call from rikers island were here 1st to apple ios and encryption software is a gift from god. what is even more alarming is that the position is not dictated by elected officials. controlled by corporations like apple and google. as a bureau chief and agency charged with protecting residents i am confident ceos cannot hold themselves

in the same safety standards how do we keep people safe? the answer cannot be more improved encryption and outside legal authority to establish jurisprudence. apple use this master key to comply with court orders. there was no documented incident or code why not now? ramifications stretch far beyond san bernardino california. all kernel prosecutions at the state and local level. families, friends, the

police departments that are able to do everything within the law and deserve corporations. i applaud you for holding this hearing today. it is critical we work together because criminals are not bound by jurisdictional boundaries. increasingly they are aware. we must all take responsibility. for the new york city police department that means investing more in people's lives that in quarterly earnings charts. thank you and i will take any questions. >> pull the microphone close to you. >> thank you for allowing me to testify. i serve as task force commander. problems that do not have

easy technological fixes. we need your help. as far as i know the fbi is not exaggerating are trying to mislead anyone but i say there is no way to recover data from iphones. it actually acts as a locked container without a key. since sodium information that people keep in bank deposit boxes and bedrooms. have a technical means to access deposit boxes but lack the access to newer cellular phones. they are often asked how encryption works. there are numerous waiting for a solution, legal or technical to the problem. some want to murder victims and six crime victims. both victims and newer

iphones. i'm confident that if they were able to examine the phones, but unfortunately they were able to give consent investigators working to solve the murders they chose to buy phones with the encrypted operating systems by default. talking not just about suspect phones were victims phones and not just about evidence but what may not be recovered. the child victims that are not being rescued in the sex offenders who are not being arrested. but the investigation, prosecution helps to shed light on the type of evidence being concealed by encryption. during the course of an investigation computer hard drives with the -- seized. not possible to forensically

examine the encrypted data despite numerous attempts by law enforcement. he provided law enforcement with the passcode that open the encrypted partitions but not the thumb drive. found thousands of images. to the state investigators believe the thumb drive contains homemade child pornography. continuing an ongoing access to children. access to justice the site -- that they so richly

deserve. ideserve. i hope congress takes the time to understand what is truly a stake. there is a cost associated with an encryption scheme moment there is a much greater and real, human cost because investigations of fail due to default hard encryption. my daily work i feel the impact. it is a strong feeling of frustration because it makes the detectives and forensic examiners but for crime victims and their families it is altogether different. it is infuriating, unfair, and incomprehensible. i have heard some say why enforcement can solve crimes using metadata alone. that is simply not true. that is like asking a detective to process a crime scene by only looking at the street address on the outside of the house where crime was committed. anchorage committee members to contact your state

investigative agency and ask about this challenge. i appreciate your invitation and i'm happy to answer questions. thank you. >> i now recognize myself for questions. >> sometimes the concerns about encryption are broadly characterized. concerning the fbi's work on investigation, i have a tough time believing your organization is against technology. clarify what is the fbi agree strong encryption is important for economic strengthen national security? >> yes, sir. >> can you elaborate on that? >> yes. and you are correct. as i stated in my opening statement comeau we do

support strong encryption because it is all the things you just said. we recognize that we have a continuing struggle and increasing struggle to access real information, content of communications caused by that encryption that is now in place by default. >> that brings this question up, are you witnessing an increase in individuals intentionally or unintentionally evading the law through availability of default encryption? >> it is difficult to discern whether they are intentionally doing so, but we are significantly seeing increases in the use and deployment because it is a default setting on most devices. >> related to that, would you say the default application of encryption can create significant hurdles were law enforcement? >> yes, sir. the encryption a lot of the apps being used today, even with legal process you

cannot intercept those conversations. often we hear criminals and term cases, people encouraging participants to go to apps like telegram. >> you know, your testimony is moving about those cases you describe, murder and victimizing children. you know, this debate has often times been about picking sides, most notably apple the fbi. that spiel i understand people want encrypted technology, but based upon the response, do you think this is an us versus them debate? you are on the front lines dealing with these cases.

is there an answer? >> i definitely do not think it is an us them. we see a challenge with default encryption that functionally cannot be turned off. the difference, the example i gave you was that after two prior convictions even learn to do something to protect himself better and went out in search of encryption and ways to do so. the difference is now what we are seeing increasingly tall we are seeing now is discussion among a wide variety of criminals command i see a daily. discussing the best possible systems to buy, the best combination to prevent encryption. please make no mistake by criminals are listening to this testimony and learning from it.

they also learning which messaging app has no brick-and-mortar in the united states, which are located in countries we have mutual security and which ones we don't. criminals are using this as an education. >> what answer will we have here for cases where whether the terrorists are planning or have already killed some people are trying to find out the next move forward is a child predator. bolivian answer? >> yes, and to clarify my earlier statement comeau we do see individuals, criminals, terrorists encouraging others to move to encrypted platforms. the solution to that process now investigator, no agent will take that as an answer. they will try to find whatever workaround they possibly can.

they may not be effective. may require an additional amount of resources. >> we understand privacy. child predator hiding in the bushes what -- waiting to snatch a victim you can find it. given this cloak of invisibility it is frightening. better find an answer. my time is up. >> well, to follow up on the germans questioning, the problem really is not default encryption because if you are limited to default encryption criminals can still get encryption and they do. is that not correct?

>> that is correct. >> the problem is that criminals can have easy access to encryption. and i think we can stipulate that encryption is great for people like me have bank accounts who don't want them to be hacked, but it is just really the horrible challenge for all of us as a society, not just law enforcement you have a child sex predator trying to encrypt or ju so what i want to no is comeau what are we going to do about it? and the industry says that if congress forces them to develop tools so that access can be had, that then we'll just open the door. do you believe that is true? >> i believe there are certainly going to be no such thing as 100 percent

security. industry leaders today have built systems that enable us to be able to get a receive readable content. >> and what is your view? >> i believe that in order to follow don't want to call it a backdoor, but rather front door, if the companies to provide law enforcement come i don't believe that it would be abused. >> why not? >> 1994, and that was not abused. i don't see how. >> once they develop the technology that anyone can get access to it. they can break the encryption. >> i believe if we look at apple, they have the technology going back to 18 or 19 months ago, and i do

not -- i am not aware of any cases of abuse that came out i could see. >> i will ask. they are coming out. >> it might be helpful to look for real-world analogies. if you think of an iphone is a safety deposit box the key , the private key encryption, but what the bank does is build firewalls there is a difference between encryption and firewalls. >> you think that technology exists? >> it does. >> i do not have a lot of time. now, there is something else that can be done forcing industry to comply, or like in the san bernardino case, the fbi hired a third-party to help them break the code in that phone, and that was what we call a great hack

them of people who are in this murky market. what do you think about that suggestion? >> yes, ma'am. that is one potential solution which takes me back to my prior answer, these solutions are case-by-case specific. they are dependent upon the fragility of the system, vulnerabilities we might find and our time intensive and resource intensive which may not be scalable to enable us to be successful in our investigation. >> do you think there is an ethical issue? >> i think certainly there are vulnerabilities that we should review to make sure we identify the risks and benefits, exploit those vulnerabilities in a greater setting. >> i understand that you are doing it. do you think that it is a good policy to follow?

>> i do not think that that should be the solution. >> if third-party individuals can develop these techniques to get into these encrypted devices for programs, why can we not bring more capabilities in-house to the government? >> certainly these types of solutions and as i said, this should not be the only solution, these types of solutions require a lot of highly skilled,skilled, specialized resources that we may not have immediately available. >> can we develop them with the right resources? >> no, ma'am. i do not see that possible. we need the cooperation of industry, academia the private sector in order to come up with solutions. >> the gentle lady's time has expired.

>> thank you, mr. chairman. in 2001 after i was appointed us attorney i began work with the indiana crimes against children task force which was led primarily by us attorney steve quiroga working hand-in-hand. i want to thank you so much for being here because prior to that time i would say that i was certainly not aware about what really went into and what horrific crimes really were being perpetrated against children back at that time, 2001 --dash 2002. we talk about child exploitation we must realize , this involves babies up to teenagers. this is not all about willing teenagers doing -- being involved in these setbacks. these are people praying on children of all ages. and i want to walk you through what some of the impediments are, how this works, how you are being

thwarted in your investigation and want to wrap up and make sure we have time you did explain. first of all, if you could please walk through with us, offenders command i am talking about older kids who have access to social media, they are making connections through social media platforms,platforms, correct? >> yes, ma'am. >> others typically unencrypted are encrypted. >> unencrypted, not typically encrypted. >> i love my service and 07. then in the 2nd step the conversation moves to encrypted discussion. they encourage particularly young people to go to apps like what's app, kicked, kicked,what, cake, and others. >> they will go trolling for a potential victim. once they have a victim they think they can perpetrated against they will move to

encrypted communication. >> we be fair to say through the relationship that has been developed they encourage them to send an image. >> correct. one compromising at that they can then exploit. >> and that images sent from one smart phone to another or from one smart phone to a computer. >> this doesn't just happen in our tree. >> correct. >> in fact out of country perpetrators as well as and country perpetrators. >> correct. >> that's one of our challenges.

>> and you presenting that image to a jury. it is imperative for you present the actual image to a jury. >> yes, ma'am. the metadata alone does not matter. it is the content of communication, the images that were sent and received. >> if you cannot get these encrypted images and the encrypted discussion, what do you have in court? >> nothing. >> how do you find a victim? >> often times we don't have a way. >> can you please talk to us more about what it is you do to find the victim? >> everything we can. we look for legal solutions,

trying to identify them through the app. the challenge we find is because of retention periods the records no longer exist, and then we tried to get the communication and often times we are not able to because of encryption. >> when you find one of these their usual thousands of villages involving multiple victims. >> encrypted clouds or sites >> to you please expand on what you previously started to answer, potential solution. >> find a better firewall. think of that is the doors to the bank. while you think of the actual lock on the bank deposit boxes and encryption those firewalls can be opened up, but if we go back

to the search warrant the bank uses there key comeau we get a drill and drill a customer's life. >> thank you. >> yield back for five minutes. >> thank you. october 2014 fbi director call me gave these remarks on encryption. we in the fbi will continue to throw every lawful tool. we need to fix this problem. we need assistance to comply with lawful court orders. we need to find common ground. we care about the same

thing. other than tech companies creating backdoors what do you believe are some possible solutions to address the impact between law enforcement's need to lawfully gain access to critical information and the security benefits of strong encryption. >> as previously stated i believe that certain industry leaders have created secure systems that they are still yet able to comply with lawful orders, still able to access the content to either provide some protection for customers against malicious software or some other types of article. in addition there would do it for business purposes or banking regulations, for example.

in addition to the solutions we certainly do not stop there. we look at any possible tools in our toolbox which might include the things we previously discussed, whether that be individual solutions, metadata, whether it could be an increase in physical surveillance. all of those things are not as responsive as being able to get the information directly from the provider. >> there is some common ground. >> i do. >> the solution we had in place, as was mentioned, that was never compromised. essentially what happens is apple solve the problem that does not exist. >> i would say the law

enforcement having to go outside of those to find people that can get a solution. there going to be out there. >> in the san bernardino case private sector 3rd parties to work around the encryption of an iphone in question. this raises important questions. so i have questions about whether this is a good model or whether a better model exists. he procured the help of the third-party. while you are not able to solve this problem?

>> technology is changing very rapidly. to keep up with that we require the services of specialized skills that we can only get through private industry. >> i think that it does. private industry provides a lot of opportunity. the best people out there are working for private companies are not the government. >> we need the help of private industry. we need industry to act and help us. over 18,000 police agencies in the united states.

over 90%90 percent of the investigations are handled at the state and local level. >> i yield back. >> now recognize mr. griffith. >> thank you for being here for this important discussion. we have to figure out the balance from a security standpoint them to make sure that we are filling our obligations under the constitution with real-life circumstances in mind. we'll want the government to come in and get everything. used against john wilkes in the founding fathers were also where of james otis which cheyenne said from

warehouse to warehouse looking for smuggled goods. researchers recently published the results of the survey. two thirds of them are foreign products. if we force the companies that we do have jurisdiction over to weaken the security of the products, redoing a little more? a different format.

>> right now google and apple act as the gatekeepers if the app is not available a customer in the united states cannot install it. based outside the united states, us companies ask the gatekeepers as to whether those apps are accessible. >> companies outside the united states can comply you can't get every app blackberry the canon android. >> what you stated is correct. i think that certainly we

need to examine how other countries are viewing the same problem. they are having similar deliberations as to how law enforcement might gain access. as we move toward that the question is what makes consumers want to buy american products. more secure, actually cover the types of services that consumers desire, just because a personal preference? at the same time we must make sure balance the security as well as privacy that the consumers have come to expect. >> i appreciate that. he talked about the fletcher case and indicated that the judge ordered, but then he did not get access to the thumb drive. was the judge asked to force them to do that as well?

>> not encrypted. his defense expert says it was encrypted. herein provided a password and failed polygraph as to test whether he knew the polygraph of filters close it. every indication is intentionally chose to not give the passport for that device. >> was he held in contempt for that? >> i do not believe he was. >> look, obviously if you can get an image of a better chance of finding a victim. in the four encryption there is a great difficulty. >> it is always very difficult. >> it is. i like the concept, able to drill in to the safety deposit box but not the encrypted computer telephone.

is there product out there? one of the problems i know is they don't want to have a backdoor to every single phone that of the folks to get a hold of than other folks could use it will. do you know of any such product? >> again, the specificity would be similar to what we had prior to apple changing meaning that the legal process, and apple is the one to use it. that helps provide another layer of protection against abuses by governments other than ours. molly have the capability those outside would have no ability to get access. >> the gentleman yields back. >> thank you very much. i want to thank each of you for the work that you and your departments do.

the kind of crimes happening , the expectation on the part of the public. so i think all of us appreciate your work. this issue is very difficult. if any of us were in your position will we would want is access to any information the 4th amendment allowed. but there are three issues that are difficult. difficult.difficult. one is the law enforcement issue that you clearly enunciated. probable cause, go through the process of getting a warrant, entitled information. because the technology we have these impediments. i think all this want to get the information you rightfully can obtain. the 2nd issue that makes it unique is that in order.

the information you have to get the active participation of an innocent 3rd party who had nothing to do with the events but he potentially can get the information for you. it is a very complicated situation because it is not as though if you can with a warrant to my house, it is one thing if i go in my drawing give it to you and quite another if it is buried deep in the backyard and i have to buy a backhoe or rent tobacco and go out there and so digging around until i find it. so that is the issue. how much can the government require a third-party to acally use their own resources to assist. and then the 3rd issue to

obligate a backdoor key and trust you that have other governments and companies are doing business with you pressure to provide that same key. the key is lost and then things happen with respect to privacy and security that you do not want to happen and we don't want to happen. this is a genuine -- genuinely tough situation. i am not sure there is an easy balance on this. a couple of questions. what would you see is the answer? i know you want information, but if the getting of the information requires me to hire a few people to work and they are with tobacco or apple to deploy high cost engineers to come up with an intricate are you saying that that is what should be required?

>> yes, sir. iyes, sir. i think that the best solution is for us to work cooperatively with technology and industry and academia to try to come up with the best possible solutions. at that i would say no investigative agency should forgo that for all other solutions. they should continue to drive forward. >> i will ask you. you are on the front line. is it your view that the policy now with the four you to protect us? we are on the same page there, to force the technology company has significant effort and expense to assist in getting access to the information? >> i would say up until a couple of years ago technology companies have

law enforcement liaisons that we work closely with. for example, facebook, google, even apple, the ability to go to them in process and they are providing us. >> my understanding is that if it is information, this is the situation in san bernardino.bernardino. relatively easy to retrieve, and they do provide that i cooperate. they do everything they can to accommodate. has that been your experience? >> it does have some issues. if the phone is not uploaded to the cloud there is -- >> would you just acknowledge, a significant distinction between a company turning over information that is easily retrievable in the cloud comparable to me going in my

house helping adoring getting any information requested versus a company that has to have engineers try to somehow cracked the code so that they are energetically involved in the process. >> yes, it is a difference. when they create the operating system they must make that key available so that they do not have to spend resources. >> one last thing. i just want to say, to let you do some of this work on your own makes a lot of sense. some of these will be tough to resolve. >> now recognize mr. mullins for five minutes. >> as you can see, both

sides on this, here in this committee comeau we want to get to the core problem and be helpful. we want to be safe and make sure we offered within the constitution. the technology is changing at such a pace that i know law enforcement has to do their job. like it or not. and if it changes crimes change we have to change the way that we operate. the concern is privacy. some have argued the expansion provides law enforcement with the surveillance tools. recently they argue the internet of things could offset the government and

ability to access encrypted technology for providing new passport surveillance and monitoring. what is your reaction to the idea the internet of things prevents and potential alternative. >> certainly i do think that the internet of things and associated metadata presents us with an additional opportunity to collect information and evidence that would be helpful in investigations. however, that is merely provide us with leads are clues whereas the real content is what we seek in order to prove beyond a reasonable doubt in court. >> could you expand on the content, what is in the device. >> what the people were saying to each other as opposed to just who is communicating are at one location. it is important to law enforcement to know what they said in order to prove intent.

>> is there something that we in this panel or committee should be looking at to help you to gain access to that were since it is connected does it even take any extra steps for you to access that information? >> yes,yes, and exactly to the point of the discussion, we must work with industry and academia so that we can access the content. >> we are. >> are other challenges or concerns? technology changing rapidly. what are some challenges you are facing? >> there is an increasing demand for encrypting this particular services and devices and capabilities and

that as well warranted unmerited but presents a challenge for us as metadata is increasingly encrypted. we must be able to access information but more importantly content. if the suspects toaster is connected to the car so that they know we will commodity certain time that is helpful but does not help us know the content of the communication. >> is there a difference between the fbi and the way that you operate? >> there is not much of a difference. initial challenges. apple announced it plans to tie the same encryption key to the iphone account. apple has announced publicly they plan to make that encrypted and accessible. that is one of the challenges that you asked about. we will lose that area of

content as well. >> i assume everything i do online is out there. i don't assume any privacy. could that analogy hold true or should we be expecting a sense of privacy? we put it out there. >> ii believe we should all expect a sense of privacy from the internet. but that cannot be absolute. we need a search warrant as an example. so we have private companies without checks and balances. >> do you have an opinion? >> i agree also. you have a right to privacy.

i think when you get in to the criminal element, that is when law enforcement must have the ability. >> thank you, and i yield back. >> recognized for five minutes. >> thank you, mr. chairman. amazing how complex an issue this is. much of the public debate is focused on simplified versions of the situation and they're seems to be some misunderstanding that we have cyber security or no protection online at all. the limitations placed on law enforcement endanger going dark. law enforcement now has access to more information than ever.

there is a report that concludes the communication of future but other be a close to the darkness. that is a useful framework not as a binary choice but rather a spectrum. fair to say there have been and always will be areas of darkness. how much is too much? i want to ask you all about some key questions on the spectrum. where should we be on the spectrum? let me start. >> yes, sir. the amount of information we can see today, it is true.

we receive more information today than the past that would draw the analogy to the fact that the haystack is gotten bigger and we are looking for the same meal. the challenge is to figure out what is important and relevant. the problem initially with that is that we are collecting and are able to see is who is communicating with two a what ip addresses are communicating with each other, location, time, iteration, but not the content of what they are saying. >> i agree. more information to police. find public records. to police the internet has made things easier. the encryption is taking

those gains away. the harder it will be to investigate and conduct long-term cases. you have a lot of cases in new york, and it is vital, the information we get, people on the internet. but now it is encrypted and making long-term cases similar to rico cases very difficult to put together. >> i see it, we have a lack of information that i have noti have not seen before in my 20 years of investigation. retention of information and the lack of legislation related to data retention. our inability to serve legal process and companies.

in a related issues which conspired to make it more difficult for me to gather the information i need to functionally conduct an investigation. >> thank you. my 2nd question, to some extent the already answered. i would comfortable with her bareheaded? leaving us too much darkness. >> yes. >> yes, sir. >> with the increasing technology platforms continue to change and present challenges for us

that provided in my opening statement. in addition to try to figure out how we might be able to use what is available to us and are constantly challenged by that as well. some companies may not know what exactly or how to provide the information we are seeking, and it is not a matter of needing that information to enable us to see the content and what people are saying but a matter of being able to figure out who we should be focusing on quickly. >> i'm going to end with that. continue to engage with us. not just with what you are saying but a constant dialogue. thank you, mr. chairman. >> thank you. and i recognize doctor

burgess for five minutes. >> there is another hearing going on upstairs. let me just ask you a couple questions if i could. his mother subcommittee command we are working closely with the federal trade commission on the issue of data breach notification, component of that effort has been in the push for companies to strengthen data security. one of those ways could be through encryption. look at the company's security protocols for handling data, whether or not the company is fulfilling its obligations. as the fbi had any discussions with the federal trade commission over whether the backdoors are access points that might compromise the secure data?

>> we have engaged on a number of conversations among the interagency. academia. i can get back to you as to whether we met. >> it would be helpful because we're trying to work through the concepts, more on the retail space the data security regardless of who is on the the process. so that would be enormously helpful. let me ask you a question that is a little bit off topic. encryptor stuff and then they will get it back to less euphoric over several thousand dollars in bit coins. what is it that the committee needs to understand?

>> an increasing problem. seeing it on a regular basis, and certainly to exercise good cyber security hygiene is important, to be able to backup systems to have the capability to access that information is important, to be able to talk to each other about what solutions might be available so that you are not beholden to ransom demands. >> that is important. hospitals, medical facilities and editorial comment for what it's worth. i cannot imagine being told it is been encrypted by an outside source and you can't have it. i think the appropriate punishment is to shoot at sunrise. thank you.

>> thank you, mr. chairman. i find it hard to come up with any question that will elicit any new answers. the testimony in the discussion is an indication of how difficult the situation is. it sounds to me like there is a great business opportunity here somewhere but you'll have the budgets to pay a business what they would need to be paid if the information your after. i do want to ask one question, in your budget request for fiscal year 17

deal with the going dark issue. and there. >> says it is not personnel. >> every possible solutions. the different challenges we encounter and whether that is giving us the ability to be better password guesses for the ability to try to develop solutions or be able to exploit some type of vulnerability or is a tool where we can make better use of metadata. try to come up with solutions to get around the problem we are currently discussing. >> unless anyone else is

interested in my time i will yield back. >> recognize mr. mckinley for five minutes. >> i have been here for five years. we have been talking about this for five and a half years. i don't see much progress being made but here the frustration. i was hoping we would hear more specifics. what is the solution? you head toward it but did not get close enough. one of the things i would like to try to understand is how we differentiate between privacy and national security. i do not feel that we have covered. i don't know how many people on both sides of the aisle.

we have had just this past weekend very provocative tv show. about a year ago, it was not classified. the impact that could have. a foreign government can have access. just this past week twice people raise the issue shutting down the electric grid. it reminded me of some testimony that have been given to us about a year ago one of the presenters like yourself said within four days a group of engineers could shut down the grid

from boston down through new york. just were days. i am concerned about that. if i could ask you the question, how confident are you? the adequacy of the encryption is protecting our infrastructure. >> cyber security and infrastructure is complicated and we have another section police department, we work closely. >> everyone comes in here.

power company, but we think we got it. during a discussion this accurate i was there i can break into the system. how confident are you that the system is going to be protected? >> with all the agencies involved and there is a big emphasis in new york working with multiple agencies for vulnerabilities to the system, i do think that is an encryption issue. terrorism related offenses beyond your jurisdiction. >> that is not an area. >> out by you in indiana?

>> control systems being compromised, firewalls, not encryption, the ability to get inside the system. so encryption of data in motion as an example would not protect us types of things you're talking about. it is noteworthy that i saw 60 minutes peace. that is a separate system related to how ourselves system works. separate and unrelated from the issue of encryption. having more robust encryption, and i lack the background to be able to tell you specifically what i feel confident are not about how the firewalls are.

>> my question, same to you, how would you respond? >> first off, i don'ti don't think there is any such thing as 100 percent secure. the purely secure solution. it is incumbent upon all of us to build the most secure system possible and present to you today the challenge law enforcement has to be able to get her access be provided pursuant to a lawful order to get the information we seek to improve have evidence. >> i yield back my time. >> thank you, mr. chair. i am encouraged that we are developing dialogue. and there is no denying that we are at risk with more and

more threats to national security, but there is also a strong desire to maintain the rights and opportunities to store information and understandably that it is protected. the you believe there is better dialogue, communication, formalized training that would help the law enforcement community? i am concerned we don't always have the information required.

with that said there is still no one-size-fits-all solution. we work closely with covers like google. this encryption debate.

their will to comply. >> also, the fbi asking apple and others to create a backdoor that would potentially we can encryption? how they might be able to build some type. >> that type of assistance lead to unintended consequences. >> i believe it'si believe it's best for the tech companies to answer that question.

>> another potential unintended consequence may be the message they are sending other nations. right now even if other countries such a demand such a workaround, the legitimately argue they do not have it. how would you respond to this argument, establishing precedents new line protected communications to seal them. >> yes, sir. first in the international community, number of conversations with our partners internationally.

this is a common problem. as we continue, there are international implications to any solutions that might be developed, but in addition what we seek is through a lawfula lawful order with the system that we have set up in this country for thethe american judicial system to be able to go to a magistrate judge to get a warrant to say that we believe we are probably cause to believe that someone or some entity is creating -- committing a crime. if other countries had a way of doing business that would be a good thing for all of us. >> to you have anything to add? >> being prepared for testimony, several stories so that apple provided the source code. ii don't know whether they are true or not. i did not find it.

did not provide a backdoor to china. i know they have not provided the source code. >> my time is exhausted. >> you are recognized for five minutes. >> more and more of our lives become part of the universe. becomes all that more important. individuals the become available on the internet, does this present opportunity for law enforcement to explain new creative ways? we talked a little bit about

metadata. other options. maybe we have discussed it. >> i do believe we should make every use of the tools that we have been authorized by congress and the american people to use. they technologies and certainly we should take advantage of it in order to accomplish our mission, but at the same time these things present challenges. >> have you and others engaged with the technology community or others to explore these types of opportunities. >> we are in daily contact with industry and academia in order to come up with ways that we might be able to get evidence in our investigation. >> what you learned from

those conversations? they can readily provide us with that information. they might not want to be able to readily provide that are they just may not be set up to do that because of resources for the proprietary way the system set up. >> do you have any opinion on this? >> as technology advances complete investigations.

>> i recently read about the ceo the technology company, a way for government access without building a backdoor to encryption. the government and the manufacturer possess a unique encryption key and that only with both keys as well as a device in hand could you access encrypted data on a device. i am not an expert. as such a solution achievable? have the vanity discussions between you and law enforcement with the tech community or tech industry regarding a proposal like this or something similar allow access to data? >> that paradigm would work.

you have two different keys. >> what i was going to say. >> a good chance to hear from industry. the map defined luke. you have to put them together. anyway, i think it is important law enforcement technology work together. i want to thank the chairman for giving us this opportunity to do that and i thank you all for being here. >> the vice chair of the full committee. >> thank you, mr. chairman. thank you to the witnesses. i am appreciative of your time. i am appreciative of the work product of our committee has put into this.

some of the numbers on the dais who served on privacy and data security task force , looking at how we construct legislation and looking at what we ought to do when it comes to the issues of privacy and data security going back to the law, congress authorized wiretaps in 1934, and in 67 you come along and there is the language. you have cats versus the us, reasonable expectation of privacy. and we know that for you and law enforcement you come up on that with this new technology and that

sometimes it seems very concise between technology and law enforcement and the balance necessary between that a reasonable expectation and looking at the ability of your ability to do your job. which is to keep citizens safe. so i thank you for the work that you are doing in this realm and considering all of that i would like to hear from each of you. we will start with you and work down the panel. do you think at this point there is an adversarial relationship between the private sector and law enforcement? and if you advise us what should be a framework and what should be the penalties that are put in place that will help you to get these criminals out of the virtual space? and help our citizens know

that the virtual use, the presence online is going to be protected but that you were goingare going to have the ability to help keep them safe. kind of a loaded question. two minutes 36 seconds. who will move right down the line. >> as far as whether there is an adversarial relationship i hope not. certainly from our perspective and the fbi want to work with industry and academia and do believe we have the same values, share the same values that we want our citizens to be protected. we also very much value privacy. as you noted, for over 200 years this country has balanced privacy and security. these are not binary things. how do we do that?

i do not think that is for the fbi to decide, nor do i think it is protect companies to decide unilaterally. >> it will be for congress to decide. we need your advice. >> there are so many things we must work, twitter, google, facebook. they are cooperative. this is a new area, but right now it is not adversarial. >> as you mentioned, some of the statutes that authorize wiretaps authorize a collection of evidence, technology next financial place, some of the statues have not evolved to keep up with them. we lack the technical ability to properly execute the laws that congress has passed. >> we would appreciate

hearing from you. the physical space statutes are there, but we need that application to the virtual space command this is where it would be helpful to hear from you.you. what is the framework, where are the penalties comeau what enables you the best in force. if you could just submit to us, i am running out of time, but submit your thoughts and it would be helpful and we would appreciate it. i yield back. >> recognize mr. cramer for five minutes. >> thank you. it isyou. it is refreshing to participate in the hearing where people asked me the questions and don't know the answer until you give it to us. i want town specifically on the issue of breaking modern encryption by brute force, the ability to apply

multiple passcodes, an unlimited number of passcodes until you break. that is the trick. with the iphone specifically there is the issue of the data destruction feature. with removing the data destruction feature sort of be a partial solution? in other words, we are not creating a backdoor but we are removing one of the tools command i am open-minded and looking for thoughts on that issue. >> if i may. certainly that is a potentiala potential solution that we do use and should continue to use. to be able to guess the right password is something that we employ in a wide variety and number of investigations. sometimes is pascoe links

make it longer and longer command all alphanumeric characters, present to us special challenges that it would take years if ever to solve the problem. regardless of what type of computing resources we might apply. we asked investigators to help us be better guessers in order to put information orcome up with information or intelligence that might be able to help us make a better guess, but that is not always possible. >> ten tries and you're out, the destruction feature, that makes your job all the more difficult. expanding that, i am not looking for magic formula, but it could be some way to at least increase your chances. >> and that is one of the things that quite clearly presents a challenge. usually it takes is more than ten guesses before we get the right answer if at

all. in addition many companies have implemented services or types of procedures so that there is a time delay between guesses so after five guesses if the wait aa minute or 15 minutes or a day in order to guess. >> i don't think personally the brute force solution would provide a substantive solution to the problem. oftentimes the delay is built-in. ios went from a four digit pin do a six digit pin. so if you were to legislate that it would not wipe the data and override. you have to write in the passcodes to only be of a certain complexity or link. we want security but need a

way to quickly be able to access data. >> thanks for your testimony. >> if they want to ask questions. >> i think the chairman for the courtesy. i heard at least one of you state that congress is the correct form to make decisions on data security. however, they are technical and complicated. it is appropriate to review

the issues. do you agree with that approach? >> i believe we need to work with industry and academia. >> do you agree that is the right approach? cyber security, privacy, so on. >> i believe that construct, there are varying aspects. that premise i would agree with. i do agree we need to work together. read a panel of experts. i do believe the answer is in congress. i agree with the principle of it.

>> whenever paradigm helps members of congress feel comfortable. civil liberties and security versus the ability for law enforcement. >> you have eliminated some of the information that is available but is no longer available because of encryption, and i thank you for doing that. what have we not heard that information that is now available but was not in the past because of technology. >> i am havingi am having a problem thinking of an example of information that is available now. from my perspective to take you through investigations when you combine the encryption issue, keeping

the records, metadata and data, find an example of an avenue that is available it was not before. >> i would only say i've been the police department for 32 years. i think there are a lot of things we are able to obtain today. technology has helped law enforcement. however, the encryption issue is definitely eliminating a lot of those gains. >> requiring backdoor or exceptional access to drive customers to overseas suppliers and if so comeau we would gain nothing. >> i disagree from the sense

that i think many countries are having the same conversation and discussion because law enforcement has the same challenges we do. this will continue to be a larger issue. i don't think that is the majority. the majority of consumers want good products. >> i appreciate that. my neighbor and i represent the part of california where the products are developed. there will always be countries where products are available that would supersede whatever requirements we make also requiring backdoor access, there are weaknesses designed in the system.

do you agree or not? >> i do not believe there is anything such as a 100 percent secure system, so there will always be people trying to find and exploit vulnerabilities. >> if we design weaknesses and everyone knows they will be looking for those. those are designed weaknesses. i don't see how that could further security critical infrastructure and so on. my time is expired. >> thank you. the chair recognizes congressman a bill for five minutes. >> thank you. >> appreciate it so very much. thank you for participating today. the entire panel.

law enforcement technology, imperative in my opinion. the question about timing. the recent debate using strong end-to-end encryption. what will a hearing like this look like one to two years from now? what do you perceive as the next evolutionary step so that we can attempt to get ahead of it and as processors become fast with the ability to encrypt. >> yes, sir. if things don't change this hearing a year from now will be sitting here giving you examples of how we are unable to resolve cases.

how we might be able to come up with solutions working cooperatively together. >> again, the next question some successful collaboration lessons dealing with encryption and other any building blocks for success stories that we can build upon, or have the recent advances made any previous success obsolete. >> yes, sir. i apologize. i am not 100 percent clear on the question. >> some successful collaboration lessons.

that is the 1st question. either building blocks are success stories that we can build upon or have recent advancements halted any previous success? >> certainly we deal with industry on a daily basis try to come up with the most secure ways of being able to provide us with that information and still be responsive to requests and orders. building on successes from the past there are certain companies as has already been stated, the providers have ways to be able to respond to appropriate orders which is perfect has with the path. >> sir. >> i'm sorry.

>> i concur. they provide a legal solution. >> next question for the panel. what percentage is jeopardized, whether as a cell phone, laptop, or something else. i recognize it may be 100 percent impossible to charge someone with unencrypted the storage device, but what about the other cases with physical evidence or other evidence may be available. >> yes, sir.

increasingly seeing the issue. currently the 1st six months of this fiscal year starting from last october. the number of cell phones that we have seized as evidence, encountering passwords about 30 percent of the time. we have seen those numbers continue to increase which presents us with a challenge. >> i will give you numbers. have approximately 102 devices, 67 of them being apple devices. ten of them are related homicide, to the rapes, when the criminal sex acts, into are related to two members of the police department that were shot. we are seeing an increase as we go forward of not getting

information out of phones. it does not always prevent us from making an arrest, however it just is not present all available evidence prosecution. >> and to expand on what the chief said, that can be incriminating or exculpatory evidence. we asked a series of questions of the investigator. five us are newark. we don't even take that as a lack of evidence anymore. so we never know what we don't know. the victim is not capable. >> i yield back the time.

>> thank you very much. extending courtesy to join in on this. apple had disclose its source code to the chinese government. i believe you said that. that is a huge allegation. can you confirm this? >> what i said was i found

several news stories. unable to find anything to confirm or deny. >> i did not hear all of your presentations around the allegation, but it is important for the record that we set this straight. that takes my breath away. a huge allegation. the san bernardino case is really illustrative for many reasons. one of the more striking aspects to me is the way in which the fbi approach the issue of gaining access to the now infamous iphone. we know that the fbi went to court to force the private company to create a system solely for the purpose of the federal government, and i think that is quite breathtaking.

it takes my breath away just to try and i just that. and then to use that information whenever and however it wishes, some disagree, some agree, but this is a worthy and very, very importantvery, very important discussion. this came about after the government missed a key opportunity to backup and potentially recover information from the device by resetting the ipod password in the days following the shooting. now, congress has appropriated just shy of $9 billion the fbi. now, out of that $9 billion and how those dollars are spread across the agency, how is it that the fbi did not know what to do?

how can that be? >> if i may, in the aftermath of san bernardino we are looking for any way to identify -- >> did you call apple right away point this is what we need to get. how do we do it. >> we had discussions with apple. >> when after it was essentially destroyed? >> i'm not sure and will have to take it is a question for the record. >> i would like to know your response to this. i served for almost a decade on the house intelligence committee. during my tenure michael peyton was cia director.

americans are safer with unbreakable end-to-end encryption. tell me what your responses. i think cyber crime is embedded, but i would like to hear your response. >> yes. from what i have read and heard he certainly i believe emphasizes and captures what was occurring at the time he was in charge of those agencies. >> stopped time he was cia director and he does not understand encryption a longer? >> it proceeds of such a rapid pacea rapid pace that

one must be constantly in the business in order to keep up with the iterations. >> let me ask you about this. once criminals know american encryption products are bolted the government surveillance will stop them from using encrypted products and applications that fall outside of the jurisdiction of american law enforcement? i have heard you repeat over and over again talking to people in europe, i don't know, is there a body that you're working through? has it been formalized? because if the stops in our border, that does not include boat to have others. >> the gentle lady's time is expired. >> we are working with the international community. >> is there some kind of

national body? >> do you want to finish your marks? >> there is no one specific organization. the members of the full committee of been asked to supplement verbal questions. >> without member seeking to be recognized i would like to thank the witnesses. our like to call witnesses from the 2nd panel. ..

[inaudible conversations]

[inaudible conversations] >> let's start the second panel and i would like to introduce the witnesses on the second panel for today's hearing starting to lea bleed off on the second panel is apple general counsel senior vice president of legal and global security. he serves on the company's executive board and receives all legal matters including corporate governance, security and privacy. we thank you for being with us today and look forward to comments. we would also like to welcome -- close enough? the president of rsa security.

an american computer network security company and its president he is responsible for developing the strategic vision and operational execution across the business. thank you for appearing before us and we appreciate the testimony. next we welcome doctor matthew believes associate professor of computer information science at the university of pennsylvania. doctor believes is a researcher in the area of secure systems and trust management. he's been at the forefront of these issues for over a decade and we appreciate him being here today to offer his testimony on this important issue. finally i would like to introduce doctor daniel who is director and principal research scientist at the computer science intelligence laboratory. he centralized information provide the massachusetts institute of technology. he previously served the united states deputy chief technological officer for

internet policy in the white house. we thank you for being here with us today and look forward to learning from the expertise. i want to thank all of the witnesses for being here and we look forward to the discussion. as we begin coming tomorrow where the committee is holding an investigative hearing, and in doing so, has had the practice of taking testimony under oath. do any of you have an objection to testifying under a? seeing none to the chair advises you under the rules of the house and the rules of the committee, you are entitled to be advised by counsel. do any of you desire to be represented or advised by counsel during your testimony today? seeing none. in that case if you would please rise and raise your right hand, i will swear you in. >> do you swear that the testimony you are about to give us the truth, the whole truth and nothing but the truth? thank you. you are now under oath subject

to the penalty set forth in title 18, section 1001 in the united states code. you now have a five-minute summary and each of you may be able to give a summary of your written statement. thank you chairman murphy, members of the subcommittee. it is my pleasure to appear before you today on behalf of apple. we appreciate your invitation and the opportunity to be part of this important discussion. hundreds of millions of people trust apple products are the most intimate details of their daily lives. some of you may have a smartphonsmartphone in your poc. if you think about it, there's probably more information stored on the phone than a thief could get by breaking into your home. and it's not just a phone. it's a photo album, while it, it's how you communicate with

your doctor, your partner and your kids. it's also the command central for your car and your home. many people also use the smart phone to authenticate and gain access to other networks, businesses, financial systems and critical infrastructure and we feel a great sense of responsibility to protect that information and access. for all of these reasons digital devices and our entire digital lives are increasingly and persistently under siege from attackers. and attacks grow more sophisticated every day. this quest for access fuels a multibillion-dollar cooper's world of thieves, hackers and crooks. we are all aware of some of the recent large-scale attacks. hundreds of thousands of social security numbers were stolen from the irs. the u.s. office of personnel management has said as many as 21 million records were compromised in as many as 78 million people were affected by an attack on the anthem health insurance records.

the best way that we as a technology industry know how to protect your information is through the use of strong encryption. strong encryption is a good thing. it is a necessary thing and the government agrees it is the backbone of our cyber security infrastructure and provides the best defense we have against hostile attacks. the united states has spent tens of millions of dollars through a technology fund and other programs to fund strong encryption and the administration's review group on intelligence communications technology urged the government to fully support and not in any way to subvert, undermine or weaken the generally available encryption software. with every release of software for thsoftwarefor the offense t, security and data protection securities in our products. we work hard to assist the enforcement because we share their goal of creating a safer

world. not a day goes by when someone on my team isn't working with law enforcement. we know from our interaction with law enforcement officials the information we are providing is extremely useful in helping to prevent and solve crimes. keep in mind the people subject to law enforcement represents far less than one tenth of 1% of our hundreds of millions of users of all of those 100% would be made more vulnerable if we were forced to go back. aas you've heard from our colleagues in law enforcement they have the perception that encryption will hold off information from them. the technologist and national security experts to see the world that way. we see a data world that seems to be full of information and information that law enforcement can use to solve and prevent crime. this difference in perspective

would suggest the american people must choose between privacy and security is to present a false choice. it's not about privacy at the expense of the security. it's about maximizing safety and security. we feel strongly that americans will be better off if we can offer the best protection for their digital lives. that is where i was going to conclude my comments but i think i go to the committee to add one additional thought and i want to be very clear on this. we haven't provided the source code to the chinese government. we didn't have the key 19 months ago.

;-) members of the committee, thank you for the opportunity to testify. this is a very complex and nuanced issue and i applaud the committee's efforts to understand all aspects of the debate. i am the president of rsa. i would like to thank my mom for coming here to hear my testimony today. in case things go sideways, i assure you she is much tougher than she looks. i have spent over 20 years in the cybersecurity field and in my role i strive to ensure that we provide industry-leading cybersecurity solutions. we have been a leader for more than 30 years. more than 30,000 global customers we serve represent every sector of our economy. fundamental to the understanding of the issues at hand is our heritage and encryption per the basis of cybersecurity technology. our cyber security products

securities, retailers, hospitals and schools. at the core we believe in the power of digital technology to fundamentally transform business and society for the better and have the pervasiveness of the technology helps to protect everyone. let me take a moment to say that we deeply appreciate the work of law-enforcement and national security communities. where it is encouraged many companies have a regular ongoing cooperative relationship with law enforcement in the u.s. and abroad. simply put, it is in all of our best interest for the the law te enforced. i have four points i would like to present today all of which i've extrapolated on in my testimony.

first, this is no place for extreme positions or decisions. the line connecting privacy and security is a delicate to national security as it is to the prosperity of the nation. i would encourage you to continue to evaluate the issue. second, law enforcement has access to a lot of valuable information they need to do their job and i would encourage you to ensure the fbi and law-enforcement agencies have the resources that are prioritized in the tools and the technical expertise required to keep up with the evolution of technology and meet their important missions. third, strong encryption is foundational to the good cybersecurity. if we lowered the bar we expose ourselves even further to those that would do us harm. as you know, recent attacks reinvigorated the coals for exceptional access mechanisms. this is a call to allow law law-enforcement access to the encrypted information.

exceptional access increases the complexity and introduces new vulnerabilities. it undermines the integrity of the infrastructure and reduces and introduces more risk by plus to the national interest. creating a backdoor to encryption means creating opportunity for more people with various intentions to harm us. sophisticated adversaries and criminals wouldn't knowingly use the methods they know that law enforcement could access particularly when the foreign encryption is readily available. therefore, any perceived gains to the security from the exceptional access our greatly overestimated. fourth, this is a basic principle of economics with very serious consequences. our standard of living depends on the goods and services we can produce. if it will require access from the u.s. companies, it would make our information less secure. the market will go elsewhere but worse than that it would weaken our power and utilities and

infrastructures, manufacturing and healthcare to the defense and financial systems, weakening encryption would significantly weaken the nation. simply put, exceptional access does more harm than good. this is the seemingly unanimous opinion from the entire technical industry, academia, the national security community as well as all industries that rely on encryption and secure products. in closing, i would like to thank all the members of the committee for the dedication and understanding of this complex shoe. >> thank you. >> thank you mr. chairman and members of the committee for the opportunity to testify before you today. the encryption issue which as you know, i've been involved with for over two decades now has been characterized as a

question of whether we can build systems that keep the good guys and bad guys out. much of the debate focuses on the questions whether we can trust the government with the data but before we can ask that question, and that is a legitimate political question of the political process but well equipped to answer there is an underlining technical question of whether we can trust the technology to actually give us a system that does that. and unfortunately, we simply don't know how to do that safely and securely at any scale and in general across the wide range of the system that exists today and that we depend on. it would be wonderful if we could. could. it would solve if we could build systems with that kind of

assurance it would solve so many of the problems in computer security and in general computer systems that have been with us since the beginning of the software-based systems but unfortunately, many of the problems are deeply fundamental. the state of computer and network security today can really only be characterized as a national crisis. the cheer about large-scale data breaches, compromises of personal information, financial information and national security information literally on a daily basis today. and as the systems become more interconnected and become more relied upon for the function of the fabric of our society and for our critical infrastructure,

the frequency of the breaches and consequences has been increasing. if computer science have a good solution for making large-scale robust software, we would be deploying it with enormous enthusiasm today. it is really at the core of the fundamental problems that we have that we are fighting a battle against complexity and scale that we are barely able to keep up with. i wish my field had simpler and better solutions to offer but it simply does not. we have only two good tools, tried and true that work for building reliable robust systems. one of those is to build the systems as simple as possible, to have them included in the

functions to decrease the surface of the systems. unfortunately, we want to systems that are more complex and more integrated with other things, and that becomes harder and harder to do. the second tool that we have is cryptography that allows us to trust fewer components of the system and rely on fewer components of the system and manage the inevitable insecurities that we have. unfortunately, the proposals for exceptional access methods that have been advocated by law enforcement committee heard advocated by some of the members of the previous panel work against the only two tools that we have for building more robust systems and we need all the help we can get to secure our national infrastructure across the board. there is an overwhelming consensus in the technical community that these

requirements are incompatible with good security engineering practices. i can refer you to a paper i collaborated on that i referenced in my written testimony that i think describes the consensus of the technical community pretty well. it is unfortunate that this debate has been so focused on this narrow and potentially dangerous solution of the mandate or backdoors and exceptional access because it leaves unexplored potentially viable alternatives that may be quite truthful for the law enforcement going forward. there is no single magic bullet that will solve all of the law-enforcement problems here or anywhere but a sustained and committed understanding of things like exploitation of data in the cloud, data available in

the hands of third parties, targeted exploitation of devices such as described in the testimony, it would require significant resources that have the potential to address many of the problems law enforcement described. ..

>> >> but the up problem here that every single one of us. so it is a little too easy to drill into then everyone is a risk.

not just a couple thousand customers who are at the one bank that is why political leaders projecting the idea of mandatory back doors parker recently secretary of defense ash carter said i not a believer in the back door. robert can begin to said in a talk he delivered last month that mandatory back doors are not the solution. the encryption and should not be weakened by the there is it true that nothing could be done without weakening the encryption. so tellingly. former of dystonia those who vote online trust the results of the election.

to break into the system. and a few suggestions of how to approach this challenge. you have heard us all say we have to avoid introducing new vulnerabilities in to an already quite vulnerable infrastructure. it would be nice if we could choose only the bad guys thought we conscription the rest of us pass stronger encryption but we'll understand that is not possible. we also heard reference to legislation in this committee jurisdiction that addresses the difficult question by simply extending to internet companies but if you look closely it shows how hard it is to solve the problem with a one size fits all questions -- solution for those that provided the

same product in a stable way of the fcc's the internet of the mobile apps and industry there is no regulatory agency that governs those services that is by design as a try to impose the top down regulatory solution so that simply won't work so going for word number one in the efforts of the encryption working group it is important to look closely at the specific situation at the specific court orders that were issued that were satisfied systemwide full abilities and which could be pursued. there is a lot to be learned

as law enforcement and technology companies that could up their game and how to approach this issue. i also think it is important that we make sure to preserve public trust in this environment. we understand in the last five years there has been significant concerns of the public the powers of government and private-sector organizations. the house judiciary committee moving forward with the electronic communications privacy act and if we can do more of that to assure the public the date it is projected with government surveillance and private-sector use we can move forward. thanks very much i am looking forward to the discussion. >> i will recognize myself

for the first five minutes. you made a point you have not provided the source codes to china to come up with a panel were you ever asked to provide by anyone? >> the chinese government? >> we have been asked by the chinese government but refused. >> recently? >> the past two years. >> okay. i have a couple questions i was taken aback when you said don't rush of the solution it is five and a half years i hear everyone talking about it and nothing is getting done. i don't know what we're waiting for there has to be a solution by now we have

the of solution but if i might i can understand your company was founded by the original creators of the algorithm of the cryptography that is your company's dna. for anyone understands protecting encryption that is your company. apparently several years ago somebody stole your seat keys that generate keys it used for remote access by members and their staff. if a company like yours as sophisticated as it is how could we have confidence in others with the ability to do the same? >> you bring up great

points. the first statement is a tremendous amount of cooperation. so that we have made no progress to understand that level of effort to reply and supported the efforts of law enforcement what is occurring is a line in the sand for law-enforcement has now gotten to the point where they are requesting a mandate that our products are less secure to have a tremendous never found a negative effect the second point that highlights the critical role of encryption plays in the entire cybersecurity puzzle the

fact that sophisticated threat actors are going to target the supply chain where those capabilities come from. we're dealing with a sophisticated adversary to put forth a tremendous effort in the security systems and that highlights the importance of transparency the of cybersecurity issues. >> with the first testimony talk about the security of infrastructure and i think the response was a long bow line it is not encryption

but a firewall problem i am not sure the american public understands the difference. how comfortable p.m. we be that to have protection from security firms like yours that energy or transportation systems particularly we are subject to it so what more should we be doing in? >> the point made by the response provided was wrong by taking corruption plays an incredibly important role not thises a firewall solution or encryption solution knows that truly understand have a diverse set of products and

applications in many layers of adversaries that will get through the fire walls not only adversaries that are created in firewalls because the appropriate parties can communicate through them as well. >> are you cryptology and he were still very vulnerable to the electric grid? >> you are vulnerable with any infrastructure that leverage is technology how much of that is localized i believe the utilities are exposed. >> if you a 1/2 suggestions how we could address this with our grid system i'd like to hear back from you what we could do with that so real to the next question from the member from colorado.

>> following up of a bite to stipulate that most members feel that it is critical to national security. feet -- we need to give law enforcement the ability to apprehend criminals when they are utilizing this technology to commit their crimes and cover-up after words. i believe you testified your company works with law-enforcement. >> and nt would also it knowledge while encryption and does provide benefits for consumers and in society

we also need to address the issue of how we deal with criminals and terrorists that using in curve did devices is that correct? >> it is a very real problem i will start by saying the conversation now is something of a conflict apple verses the fbi. >> you don't agree with that. >> absolutely. that it is technology verses law enforcement. do you? yes or no. >> no. >> i assume you? >> no. >> no. i asked the last panel is it a good idea for the fbi and other law-enforcement

agencies to get access for data? >> i don't think that is a good idea. >> no. >> no. >> no i take if i could clarify the fact they had to go through a third-party that they had devoted to their resources to finding a solution. >> so it isn't a good model. here is my question so do you think the government should enhance its own capabilities to pursue those worker rounds for the information they cannot obtain from the user directly for this service providers should they develop that? professor do you think they

have that ability? to make it requires enormous resources it is likely they don't have that ability. >> we may not be internet experts that we have resources. >> it is the unsolvable problem. >> space certainly should have the resources the key question is if they have a person no it will take some time. >> i understand that can they develop those resources? >> absolutely. so another question. do you think all of us supporting the development of increased capability is a reasonable path for word as opposed to relying on third parties?

>> is that a better approach? >> you agree? >> we should spend their resources on the fbi. >> is apple willing to help them develop those capabilities? >> reactive lead to. >> your answer is yes? >> we would participate in training. >> we help them understand the ecosystem. >> i guess that your answer is yes you're willing to help us to solve this problem. is that correct? >> just like everyone else in a very willing to work with law enforcement and congress? >> we work with them every day. >> yes or no. >> yes.

>> yes. >> yes absolutely. >> yes. >> i deeply appreciate this. as a small college history major and and as a part of that do you agree that in the history of mankind it took as thousands of years of civil liberties maybe that is not such a long time to find a solution to this issue. the answer is in the affirmative. lawyers that created that concept.

is that true? >> there is no dc answer. so with that analogy. but i would ask if there isn't some way, i cannot do what you all do. is there some way to create the vault the banks have with the safety deposit and then once you are inside if you want that security because not everybody has that, then there is a system with a separate keys with the individual holding the other key.

with a proper search warrant to have law enforcement to get in? i try to break it down to a concept i can understand which is the appropriate way to get the information it is difficult in the electronic age. >> we have not figured out a way to create an access point and then create a set of locks of our reliable to protect access through that access point that is what we struggle with we can create locks so the keys to that lock are ultimately available somewhere in if they are available anywhere there accessible to good guys and bad guys. >> so with that analysis the problem is we don't have the key to one safety deposit

box to everyone who has the information. >> i just want to see this analogy that we don't put much in our safe deposit box i don't have one to be honest. there is a core concern to the framework that somehow that it will take over the world. if you follow the safety deposit box analogy what we know is that information it is important can exist in many places and i don't question there will be some time when law enforcement cannot get some piece of information that once but what you hear from the technical community is it is widely distributed and much

of it is acceptable one way or the other with the information that is produced by other third parties in that path forward to exploit that with the investigation so we're not all focused on the hardest part of the problem. what do you do if you have something in scripted and can you get? it may not be the best place to look because it may not be available. >> want to caution as attractive as it sounds with that clipper ship where we started i have to tell you your written testimony in particular was a mining if

we do shut down the u.s. companies there may be a saving created by those that are not our friends or our enemies i wanted to ask a series of questions that my time is expired sly required to yield back. >> let's get the other panel members. >> of light to start with a comment made in the first panel whether or not you can share with us, does apple plan to use encryption in that cloud decree? vitter we made no such announcement i don't know where it came from. >> i understand that but is that explored? >> it would be irresponsible to say we're not even looking at that but we have

made no announcement or decision. >> readies helping to do default -- inform apple's decision are they communicating about the possibility? >> they are enormously helpful so they're extremely important we're being very mindful of the environment. >> i know many companies have policies and procedures with compliance with legal processes. so i assume you have regular conversations with policy makers with fbi or other agencies on policy issues. is that correct? >> barry. direction is set to levels one is the operational level

my team supports daily and rework very closely and actual investigation. to were recently found children were deducted we could save lives working directly with our cal -- colleagues so we have a good relationship and that is lost. >> on the other side with a different level working with my counterparts with the fbi the most senior people in the department of justice a local law enforcement on these issues. >> the key for cooperating and working on these issues but is seen as most recently there is enough of the discussions and why we need to have these hearings to have that dialogue and the

technology companies will be tremendously helpful to prevent future crimes. with respect to terrorism and the types of costs are associated as well as the personal needed so with that built-in encryption to the belief that is inappropriate method for investigators to use? in this. >> it'll think we have a firm position that has to be user with respect to the outcome of that hacking or the product.

i don't have a formal corporate positions. >> that has been promoted as a way around this difficult issue to you have those policy discussions with apple's view of those discussions happening. >> but the question is does it get disclosed or not? >> day you have an opinion on lawful hacking? >> not specifically but doing it grips improperly is very hard trying to keep information secret in the world that we live in is very hard and i would

suggest it is harder not easier it is much more they and the metadata over the last several years but the cloud application providers have sensitive information not just on the ice phone but law-enforcement has access because it cannot be corrected the past to be accessed by the cloud provider. >> my time is expired. >> pc no other members of the subcommittee now those members of having given privileges to speak now we

have the ping pong game. >> thank you, mr. chairman chairman first of all, i love your suit and tie. [laughter] that brings the flavor of my district and a warm welcome to your mother. it is great to have her here. i know associate professor talked about the full their ability and our country relative in - - relative how they are vulnerable but i would like to ask for the record 90 percent of the breach in her country are due to the two major factors

those that our less than hygiene or unhygienic or very for security management so congress should come up with the floor at least so we can move that away from this but we can do something about that. it cost money to keep the system up and those that don't invest but that can be addressed. a very healthy hearing. unfortunately what the american people heard was a powerful federal agency within moments of the tragedy the demand of the

private company otherwise we will be pitted against one another with the swing a door to go in and out. the american people have a healthy obsession of big brother. . .

>> how does third-party access impact security? how likely do you think law-enforcement could design a system to address encrypted data that would not carry with it the on anticipated weaknesses of its own? i'm worried about law-enforcement in this. i want to put it on the record as well. i think it says something that the fbi doesn't know what it's doing and that's not good for us. it's not going to track smart young people into an agency because what it says is they

don't seem to know what they're doing. can you address this third-party access and what kind of effect it would have on overall security? >> thank you for the question. if you allow third-party access you have to give the third-party a portal in which to ask exercise that access. this is fundamentally the definition of a backdoor swinging door. there is no way that we know of to create that vulnerability, to create that access points and more particularly to maintain it. and senate bernadino is not just to give us an access point but to maintain it in perpetuity to get in over and over again. that for us we have no way of doing that without undermining and endangering the entire encryption into infrastructure.

we believe strong encryption is the best way we can maintain the safety, security and privacy of all of our users. that will be fundamentally a problem. >> thank you for your legislative courtesy again. thank you to the witnesses this is been most helpful. >> i think the witnesses two, i've been out for a while, like to ask a questions to follow up. we can all understand the benefits of strong encryption whether it's keeping someone's own bank statement or financial records encrypted so we don't have to worry about hackers there. it's also a compelling testimony about law-enforcement, criminal activity, child predators, homicides, etc. based on. based on your experience will here today, can you acknowledge this encryption doesn't prevent a challenge for law-enforcement. >> i think it absolutely doesn't

i would not suggest for a moment that law-enforcement is overstating the same claim that has been made by other panelist, i think the problem is there is a fundamental disconnect between the way we see the world and the way law-enforcement sees the world and that's where we ought to be focusing. >> at the disconnect has to do with it evolution of technology in society. what you've heard from our colleagues in law-enforcement is that the context in which encryption occurs reduces the scope of useful data that they have access to. this going dark problem. if you talk to technologists we see see the world in a very different way, we see the impact of technology is actually emerging. there is an abundance of information and this will only increase exponentially as we move into a world where the internet of things becomes our reality. so you hear once were going dark and on the other side there is an abundance of information.

that circle needs to be squared the only way we can do that is by cooperating and talking, engaging in the kind of activity that the matter was suggesting. >> i appreciate that but i have no idea what you just said so let me put this into terms we can talk about. your testimony from the first panel child predators were able to hide behind this invisible cloak or a murder scene were perhaps they could've caught who did this. we know when it comes to crime people will not commit crimes because they have a good moral compass. many will commit because they have none. we also those also those that can be deterred because they think they might get caught. when it comes to other issues such as terrorist acts when you can get into a cell phone or something from someone who has committed an act, you know you can find out that their planning more and saving other lives, so what you tell a family member

who has their child abuse, salted and unspeakable forms, what you tell them about technology. tell me what comfort we can give someone about the future. >> i think in situations like that of course they're tragic. i'm not sure there's anything that i or anyone of us can say to ease that pain. on the other hand we deal with this every day, we deal with cases where children had been abducted, we worked rectally with law-enforcement to try to solve those crimes. we had a 14-year-old girl from pennsylvania that a 14-year-old girl from pennsylvania that just recently was abducted, we worked immediately to use ip logs to identify the location where she had been stashed. we are able to get feet on the ground within a matter of hours, find that woman, rescue her, and every hand. >> that's good and i appreciate that. i look at this case that's presented though, would someone may have a lot of information hidden and if they could get in there whether it is child

predators, or a terrace where we could prevent more harm. >> were missing the point of technology here. the problems were trying to solve don't have an easy fix. >> i know that. i i need to know that you're working in a direction. >> photo dna, hashing images so that when those images move across the internet we can identify them, we contract them. them. the work that we do with operation railroad is extly that. it's an example of taking technology, taking feet on the ground law-enforcement techniques and marrying them together in a way that fundamentally changes. >> and people were using encrypted sources with us by default or intention to hide their data and their intention and their harmful activity that they're planning on hurting more, what what we tell the public about that. >> we tell the public that fundamentally we are working on

the problem and that we believe that strong, ubiquitous encryption. >> does that mean apple is working with the fbi on the. >> i know the responses we should look at a commission. you're looking at it. and we want to find solutions a work with you and i'm pleased you're here today. you heard many of us say we do not think there is right or wrong absolute. we are all in this together we want to work on it. i need to know about your commitment to and working with law-enforcement. >> can i tell you story. >> i sat apps that my counterpart at the fbi, person i know very well. we don't talk frequently but we talk regularly were adversely basis. i sat opposite him and i said amidst all of this clamor and rancor, why don't we set aside a day, will send smart people to washington are you send smart people to us and what we'll do for that day is we'll talk to you about what the world looks

like from our perspective. what is this explosion of data that we can see, when we think is so important. and you talk to us about the world that confounds your investigator from the moment they wake up in the morning. how do they think about technology how do they think about the problems are trying to solve. we're going to sit down together for a day, we are planning that at the time of the san bernadino case was filed. that hold. that offer still exists. that's way were. that's way were going to solve these problems. >> mr. chairman. >> can you yield for one second. >> you know we can facilitate that meeting in any way, i'm sure the chairman and i would be more than happy to do that. we have some very lovely conference rooms that are painted this very same color, and we will have you there. >> madam if we can get out of the lawsuit world. >> you know what, that would be great. >> we want that to be facilitated.

we have too many lives at stake. this is core. i know i'm out of time. >> thank you. i appreciate it so very much. i want to thank everyone here on the panel for your technology leadership that help keep us safe. that is where top priority is in the united states congress, at least it's mine and i know many of many other of us on the panel. were trying to balance security and privacy and not continue to put them against each other. i i think you'll agree with that. how quickly does one lifecycle of encryption last in a secure system until vulnerabilities are found and exploited? will this continually be a game of cat and mouse or are we had a level now where software and the processes are strong enough to make and to end encryption a stable system.

>> systems are attacked and vulnerabilities are exploited almost continuously once computer systems, mobile mobile devices are put on the internet. >> wants crypto methods are published, there is research community that goes to work depending on the strength of the encryption vulnerabilities may need to be discovered immediately or they may be discovered decades on the road, in which case all of the information may have been at risk while they system was in use frequently the exposure and expectation is not based on the strength of the algorithms themselves but on how they're implemented and how the systems are interconnected. i might not have the key to get information off of a particular device but because i can break into the operating system because i have physical access to account because i can read the chips or do all sorts of things i can still do

information. it's a very complex system. it has to has to work perfectly in order for the information to be protected. >> next question is for the entire panel. we have known for the past two years that any significant threat to her homeland will likely include cyber attack, will you agree on that? >> can you elaborate on the role that encryption plays in this process of national security, certainly the military has used forms of encryption for decades, can you give us a contemporary snapshot of how encryption used by government or nongovernment use to protect us against cyber attack today? we can start over here please. >> i will answer the question but i'm not at all the expert in the space. i think the other panelists are much more expert in the notion of encryption. one point i will say and try to emphasize is that we should not forget about some of the changes that are happening in terms of

the way that infrastructure can be accessed, i think we sometimes lose sight of the fact that phones themselves now are being used as authentication devices. if you can break the encryption and you can get into the phone, that may be a very easy way to get into the power grid, to to get into our transport system, into our water system. it's not just a question of firewalls or access, it's how does and was instrumentality to get into those things. >> thank you. >> i believe fundamentally security is actually on the same side as privacy and or economic interests. is fundamental, it's fundamental in the national security community but it's also mandated by law to protect all sorts of other data and other infrastructure systems such as financial services, healthcare records, even folks who might not gain an advantage of having strong encryption of billable.

>> lake general rogers of the nsa, and james clapper, clapper, director of national intelligence on the record saying they believe it's not in the best interest we can encryption. anyone else wish to comment? >> encryption is used in protecting critical of structure the same way it's used in protecting other aspects of our society. it protects sensitive data when it's transmitted and stored including on mobile devices and over the internet and so on. i just want to add that vertical infrastructure systems are largely based and built upon the same component that we are using a consumer-oriented business devices as well. critical infrastructure system essentially depend on mobile phone operating systems that you and i are using in our day to day life. so when we weaken them we weaken the critical structure system.

>> i had very briefly that i actually thought your answer was pretty good. and what's critical about those systems that we rely on to protect our critical infrastructure is that when we find flaws in them we have to pass them quickly have to fix them quickly. as mr. -- said these are constantly being that looked at. i'm i'm concerned if we and up imposing requirements on our security infrastructure, the process of identifying and fixing them, putting out new versions rapidly is going to be slowed down to figure out whether those comply with the surveillance requirement i think that's the wrong direction for us to go in. we want to make these tools is adapted as possible. we want them to be fixed as quickly as

possible not be caught in a set of rules about what they have to do it not to. to accommodate surveillance. >> thank you very much. thank you mr. chairman for allowing me to participate. i you'll back. >> thank you. i ask unanimous consent for letter to be admitted to the record without objection. >> i would ask unanimous consent a letter from technet dated april 19 that we would like to be put the record. >> iso ask unanimous consent that deb documents and staff making reductions without objections they'll be added to the record. in conclusion i want to thank all the witnesses and members that participate in today's hearing. i remind members they have ten business days to summit questions i ask witnesses all agree to respond promptly. thank you so much. we look for to hearing from you more. we will get you together. >> thank you mr. chairman.

[inaudible] [inaudible conversation] [inaudible conversation] [inaudible conversation]

[inaudible conversation] [inaudible conversation] [inaudible conversation] [inaudible conversation] >> the houses approving the rules of approving oversight bills tomorrow. join me to talk about this is aaron lorenzo. from bloomberg dna. thank you for your time today. >> sure. >> the houses considering for bills involving oversight into the internal revenue service. why are these bills coming up this week in particular and what is the purpose of the bills overall? >> and others relevance this week connected to our tax bills.

stress had to pay her taxes by yesterday, i think residents residents of a few states have an extension until today because -- the republican leadership looks to tie the timing to win everyone has to pay their taxes. your income taxes are due. and that's never a fun time for most of us. so that's the occasion. >> and we briefly touch on what each of these bills would do and they give us a sense of how republicans are looking at each of the member measures and then do the same as democrats. let's start with the no hires for delinquent irs act. >> so if an irs employee has any sort of what they term a serious outstanding tax bill or tax delinquency that person should be terminated. that person should not be able to work at the tax collection agency. republicans think that is fair

if any of us with tax delinquency the irs would be coming after us so why then should an employee be able to continue to work their. >> and democrats what is their view on that. >> democrats generally just don't see it as a real problem. a number of of them pointed out during a hearing last week where these bills were prepared they pointed out the tax delinquency rate in congress and in the house of representatives in particular, this is a staff on the staff of house of representatives side, the numbers the delinquency rate there is a five percent, the delinquency delinquency rate in the irs or the treasury department is about half of that. so they asked the republican counterparts wise and their bill to get rid of tax delinquent house staffers? >> how about hr 4885, the irs oversight while eliminating spending.

>> so that relates to banning bonus payments to irs employees until the secretary puts together a customer service strategy, actually congressman bill hr 4890, let's go back to the old spill by congressman jason smith. >> i apologize i talked about the user fees the irs collects. a big sticking point in this issue is money frankly. the irs said that congress for the past five or so years has either flatlined or reduced funding for the agency. that has impaired irs capabilities an irs administration to collect taxes and enforce laws and prevent security breaches from getting worse than they apparently are.

congress and smith put out the bill that says he feels the irs has authority over the money does get including user fee money, not money appropriated from congress. he believes the irs has misdirected that funding. the the irs could use some of that user fee money to improve in those three areas that i just pointed out. that is the background there from congressman smith. >> in the final bill is congresswoman bill that would prohibit the irs from rehiring former irs employees that are previously fired for misconduct. >> how are republicans and democrats viewing the. >> republicans are supportive. they feel if an irs employee is lost their job for failing to do their job, why would you rehire that person? why would you in effect may be reward someone for not doing their job correctly.

democrats in general, on all for these bills they will just generally say republicans are doing messaging with these bills, they're not terribly effective, they're not making serious improvements. this is just kind of a waste of time. that is the democrats position in general. the white house has issued a statement opposing all of the bills, what is the white house reasoning on the. >> the white house i think has generally taken the position that the irs has been underfunded by congress. we know from the president's budget proposal for this coming fiscal year the white house requested more money for the irs and we know republicans in congress are resisting this. it gets back to money and the white house just is not agree that these bills will improve efficiencies at the irs, they think the irs needs better money to implement better procedures.

thank you for joining us. >> thank you. >> coming up on c-span two, a a hearing on how isis is using effective antiquities to finance its operation. then senators mark the 21st anniversary of the oklahoma city bombing. later, a house energy and commerce subcommittee hearing on encryption software national security. c-span's washington journal, live every day with news and policy issues that impact you. coming up wednesday morning north carolina republican congressman on combating terrorism of the role of the congressional task force on terrorism and unconventional warfare. there is also tell us whether he

thinks the 2016 presidential candidates are well-versed on the issue. then california democratic congressman brad sherman talks about president obama's trips to saudi arabia. national park service director jonathan jarvis, he joins us to talk about the upcoming 100th birthday of the national park service, trends in visitor ship and the latest budget challenges >> c-span's "washington journal" begins live 7:00 a.m. wednesday morning. >> wednesday, british prime minister david cameron response to questions of numbers of, parliamentary weekly question time. live coverage starts at 7:00 a.m. eastern on c-span2. >> saturday april 23 is a 400th anniversary of william shakespeare's death. on that date the folger library in washington d.c. which has the largest collection of

shakespeare documents and memorabilia in the world will be hosting an event commemorating his life and impact on our literature, language, politics and artistry. book tv will be covering that event live, it begins live at noon eastern time. afterwards will have a have a live nationwide call in with shakespeare scholars so you can join in the conversation as well. henry folger was the president of the standard oil company and a shakespeare buff. he and his his wife spent many years in many dollars collecting shakespeare artifacts, documents, memorabilia, is the, is the world's largest collection of shakespeare related documents. join us on saturday april 20 third, we'll we'll be live beginning at noon from the folger library, with 400 years of shakespearend book tv. >> president obama departed on a six-day trip starting in saudi arabia on wednesday.

he will meet with the country's king and stay in riyadh. on thursday, mr. obama meets with leaders and delegations from the gulf cooperation council countries including bahrain, kuwait, and the united arab its. friday the president is in the u.k. for lunch with the queen at windsor castle followed by meetings with prime minister, david cameron. sunday, the president travels to hanover germany for meetings with the chancellor. >> next, look at how isis is profiting from the theft and looting of antiquities, artifacts and cultural materials taken from historic locations and museums. the house financial services committee heard from witnesses including the author of the monuments, this hearing is two hours.

>> the title of today's tests were securing is preventing cultural genocide, countering the plunder and sale of priceless, cultural antiquities basis. without objection the chairs authorized to declare a recess at any time. without objection without objection all members will have five legislative days in which to submit materials to the chair for inclusion in the record. without objection members of the full committee who are not members of the task force may participate in today's hearing for the purpose of making an opening statement and questioning the witnesses. the chair now recognizes himself or three minutes for an opening statement. i want to thank everyone for joining us today for the eighth hearing of the house financial services committee task force to investigate terrorism financing. again i would like to thank the chairman and ranking members as well as my colleagues for their unwavering support as we

continue to investigate the threat of terror finance. since it has surface, i isis has remained substantially different than other terror organizations and its ability to self finance due to its diversified revenue streams. pulling in funds from ransoms to oil production. one of the must discussed methods have been the exploitations of antiquities from syria and iraq. while not while not as lucrative as oil or extortion, iraq used believe they could be generating as much as one heard million from the sale and track any of antiquities alone. recent events have attributed this listener. practice but make no mistake, the plunder of art and antiquities has regularly been utilized by transnational groups operating around the world. it has been estimating that the prophet of the traffic and sale of these cultural properties may range between anywhere from 3.4 and $6.3 billion annually.

this crime has and will continue to be a global problem. it it will require coordinated international effort to combat. furthermore, this issue hits close to home. the fbi has credible reports that u.s. persons have been offered cultural property that has appeared to have been removed from syria. the united states must do its part in curbing the demand for this cultural and artistic pieces by taking another look at customer due diligence, and improving coordination with our international partners. this is a revenue stream exploited by illicit actors around the world. it cannot continued unabated. i believe that today's hearing with this expert panel of witnesses will help illustrate the scale and severity of this issue as well as offer measures to best combat and does diminish this practice. at this time i will recognize the task force ranking member, mr. lynch from massachusetts for four minutes. >> thank you mr. chairman. i also want to thank chairman canceling and ranking members as

well as weiss chairman for holding today's hearing. i like to welcome and thank our distinguished panel of experts this morning for helping our task force to this important work. today's hearing will focus on how the united states can counter the plunder and sale of priceless antiquities buys the islamic state and others the relevant themes of today's hearing while focused on antiquities are analogous to what we have seen throughout our task force hearings especially those concerns related to trade base money laundering. to cut off the floor financing to terrorist organizations we need better information sharing on all fronts. this includes includes improvement and information sharing between government agencies between countries and with the private sectors we also need to be of the track the true owners of property whether that's an agent artifact or a high-rise apartment building.