how long will the gent were those held onto before they were the disclosed, were they exploited before they were disclosed, we really we really don't have any kind of that information and so i think the first step here in deciding how to quantify the process, i think some kind of version of this should be in law to protect us, i think the first step would be actually having hearings about it and having an engaged congress working on it and looking at it. >> i would also point out that this is an example where the devil is entirely in the details we can all agree on very high-level principles that no one would disagree with, there there will be these cases on one end of the spectrum, and that's almost none of the cases. there's this large middleground in making sensible judgment about that middleground is going to require a norma's, technical

and policy expertise. this is a nontrivial task that whoever the arbiters on the vulnerability equities process are, they have to be both technical and policy expert with access to a very set deep set of detail about what's going on. this is not something that can simply be people who meet every quarter. >> to bring us almost back to where we started, now that congress has allowed the changes to go in effect, there are several measures introduced to postpone those changes, just to give them time to address what they should do in light of government hacking and i believe senator cornyn is the one who blocked all of those postponements from going into effect.

now they are going to enter 2017 and this really should be at the top of their agenda. all of the issues we have talked about. the vulnerability equities process, potential title three or rules for warrants for government hacking ,-comma what transparency measures need to be in place, congress has really put it on themselves then they need to be considering this first and foremost as we enter into the new year. this activity is basically implicitly blessed. they've allowed this argument by not acting, they've said that this is okay and i'm not sure a lot of them would agree with that, but that's going to be the argument in court. >> next time you talk about the need for judges to also have greater technical expertise were understanding of the issues that they are ruling on, and also the participants to have that. do think there's a need for

technical judicial advocate in the court and another technical expert on the bench? >> i wouldn't say how to actually structure it, but i would say that almost all parts of this require a significant infusion of technical expertise at almost every level that is not currently there routinely. certainly, in the case of a judge who is being asked to find a warrant that isn't fully understood, there is room for judges to ask question and do things like appoint special masters, i can imagine mechanisms for doing this, and i'm not going to say, or be too prescriptive about what we

should do accept that we urgently need to do quite a bit or this could have far-reaching unintended consequences. >> i'm curious, judges have a bunch of of young people working for them every year or two years, these law clerks. it would be great if they started favoring hiring young law students who also have a tech background or hire some non- law lawyers who serve as clerk simply to assist with technical cases. i think that could be one of the easiest injections of tech expertise into the bench. >> some lawsuits are starting to set up joint programs with computer science departments. >> i would agree absolutely there should be greater technical understanding in our court system. i would moderate that a little

bit by saying except that this is not a new problem for them, they been been dealing with technical issues extensively, and we have patent suits and all sorts of other suits in the courts that require technical understanding. my experience with federal judges is that they are not shrinking violence and if they don't understand that they will ask questions and get to the bottom of things. i don't want to underscore that they're not able to figure out difficult questions are getting the briefing and testimony to get to the point where they can make good decisions on these things. let me respond, the alternative to whether or not we need new rules for searches is to say well, we have a bunch of safeguards and clarity that's going to be coming, maybe we

should wait and see whether they are able to see if it comes to light. i think we will see activity on the cases coming up. from the department perspective, we are committed to being good partners in figuring these out. i think it's an interesting question and one that will be interesting to see what the next congress wants to do with it. >> in terms of unintended consequences, i think there's been kind cases where the law-enforcement agency, in 2013 he think the fbi obtained something like 300 individualized warrants to target specific users of anonymous e-mail service, but

according to some press reports, apparently the way in which the fbi deploys this software ended up infecting everybody who logged into the actual form out one page engine home page so it seems that even though that may not have been the intended consequence, it did end up infecting innocent people. i guess richard, does this mean sometimes there are unintended consequences that arise? >> i can't comment on a specific case but in general, no activity in human life is completely free of all chance of error or whatever, although i would

dispute the point that there has been some systemic problem with greater issue that's gone on. i think we've done a pretty good job so far in making sure the tools are acting in the way that they are, and if you think about a situation where you know a particular defender is using a particular e-mail account and you set up this remote search to affect only that person, that's actually a pretty targeted search and not an overweening kind of thing. >> have you known that approach to actually work? >> have you used individualized wants to target them. >> absolutely, there are situations where that is going to be the more common case, not this idea of the mass search or mass activity, but if you have an individual who is threatening to kill a government official and you have pretty good reason to believe it's real and very short time deadline to figure out who the individual is, you

can imagine law-enforcement is going to be trying to find a way to identify the individual and it will be targeted and specific because you have that probable cause to do that. obviously these are going to be case-by-case and they have to be particular and they have to have probable cause and all those built-in safeguards are going to be true. if we mess it up we can get sued. if it's overbroad then the defendant can bring a motion in the things will get worked out in the court. i really think we do have a strong court system and a strong system that can be and will be applied to these warrant situations the same as it has for the past 200 years. >> i'm curious, maybe you can't say this, but were all of those people notified that they were searched such that they could challenge the fact that they had their indications. >> that's another rule of the process but indeed it requires

the person be notified. of course, it doesn't require completely and endlessly exhaustive efforts, it requires reasonable efforts. you have to do your best and it may vary and it will probably have to be run by the judge, but in the cases for example where people are using child pornography website to exchange images, most often that's can be followed up with a search that will be used in the trial to come. they are obviously going to be notified. rule 41 requires that this is part of the transparency. what you don't want us to have something done outside of the court system or not with the review of the judges, or not not within the transparent and protective process we've developed in court. >> one quick reaction, you mentioned you think you're doing a pretty good job of making these robust and secure and i believe that's true, but i just

want to point out, microsoft and apple and len x and android and adobe and so on are also doing pretty good jobs of securing platforms, and we are in it terrible cyber security mass. the pretty good job that is being done is, unfortunately, still not so great. software is hard, and i think it's really a mistake to get to overconfident that these terribly imperfect software development processes are always going to work the way we want them to. >> i'm not suggesting that we should be overconfident. i think we should be very careful and as mentioned before we do look carefully and test and validate our tools before we use them. i think there's a slightly different?

whether you can create a truly secure piece of software that will not let anyone in. avidly as you say that's a big problem. we have hackers who can break in all the time and isn't the government's activity activity pretty similar to the hacker side of the equation. you just need one particular activity to get the narrow piece of information that you need. >> this example, this was basically a bunch of people who i would say suffered a fourth amendment level search and seizure of their data. ironically, because they were using a service to protect their privacy, but basically this affected everyone using the service at the time, that may have been an unintended consequence which is worrisome, especially when you think of the others said scenarios where other consequences my impact hundreds of thousands of people,

there's even another worrisome possibility that the doj after getting those warrants decided that we think how we are implementing this is the best the most reasonable way to do it and we will be affecting these people but we will minimize that data and some legal memo in the intellectual property section of the doj has never been in front of a brief in the court that has not been tested. that goes back to my theme of this curious and worry some ratcheting of authority based on some time extreme legal theories that haven't been put to any test and may not be put to any test unless and until someone moves to a press a criminal case. >> my understanding is just by depositing malware the government was unable to

actually identify the ip addresses of the 300 individuals that they wanted so it basically made that effort pointless which to me doesn't make any sense. >> it would be a good question for them to answer but yet because they don't want to talk about any of these details it's hard to even have the conversation. >> i'm not not answering because i don't want to tell the public about it. there's continuing investigations. we have a firm and reasonable reason that we can't talk about this. i'm not indicating mallon 10, i'm just just pointing out the problem that this raises we can't actually discuss and yet they will be notified but i would say these are all speculation by you supporting

people who are dreaming up ideas about what might've happened. >> so all the innocent users will be notified,. >> it requires you to notify the owners of the property. >> are you talking about the amendment to 41. >> the amendments require reasonable efforts in certain circumstances, yes but that is not no effort, if we are able to identify the individual then that person will get noticed so it's possible it didn't work, we didn't do any searching or not, notify anyone because the search didn't happen. there's all sorts of permutations here but in any case this takes it into account and requires the kind of noticed that are reasonable and people will get noticed that the

property was searched. in a physical world analogy as rarely happens but does happen, the police get it wrong and may search the wrong house. there across the street where they thought they would be. do they get noticed? of course. that house was searched and they will get noticed even though it was unintended or mistaken. >> i would like to switch over for a minute to encryption and lot devices and i think matt raised something you said you have advocated which is one alternative to the decryption mandate mandate. exceptional access or backdoors is to allow the government with the warrant to essentially hack the endpoint or create an exploit that will allow them to remotely access the locked phone tell us why you think that's a good idea. i would like to get your response. >> so i think we've been hearing

a lot about the going dark problem, and the solution were certainly a centerpiece of the solution that's been offered by the government have involved some work of built-in backdoor or key escrow or design mandate to allow for lawful access. that, unfortunately is likely to make our currently horribly weak and fragile infrastructure much weaker and much more fragile, discourage the the use of tools like cryptography, discourage the use of good security practices and create centralized points of failure where none currently exists or need to exasperate i think there are compelling reasons to very strongly oppose any kind of design mandate of the kind that

are being advocated for. that said, as we can see by the expansion of rule 41, in many, and i would argue the majority of cases, search of the endpoint by exploitation of a vulnerability and so forth is a viable alternative to that. we are seeing it done, it's it's happening, the legal rules for that are unclear. the rule 41 changes the first place where we are seeing it addressed, and i think it really does need to be addressed by congress, but i think it's simply the case that this has been done for a while, it's going to fail up and we need to confront in law and policy what the rules for that are going to

be going forward as it scales up >> and on that a lot of people in the private community who are fans and want to say go government hacking, but we also, if there is going to be a continuing increase in the deployment of strong encryption tools which we are a fan of, and there is not some sort of mandate that that data be assessable by the government which we are not a fan of, there will be more government hacking whether we like it or not, in the the question is what are the rules for that activity. i just want to flag a big concern that sort of brings together both of these issues and highlights the need for congressional action which is how they might implement that government hacking in a way that would basically be a backdoor and hurt all of our digital

health which is subverting the software update systems through which we receive all of our security updates from the company's. this is an idea that is occasionally tossed around as a potential way to deliver malware to access encrypted data and i think it would be an incredibly dangerous thing and yet i also think our current technical assistance provisions around surveillance could be read potentially by a court to allow this sort of thing. why is this a bad idea? because we are basically in a digital public health crisis. we are facing many grave ill, the medicine that we get for that, the vaccines that we receive come to these channels for the company. if and when it becomes public that the government has subs

subverted that channel to actually decrease our privacy and security, you will have a lot more people avoiding those updates and it sort of like people who aren't vaccinating against diseases. by making that choice they are making us all less safe because they become host for the things that might affect us. i just wanted to put a strong stake in the ground to flag that this is a huge risk and it's a path we definitely don't want to take. for what it's worth our host has written about this point as well as christie and several others. >> i just want to pull it back to the international perspective on this because we have to remember that the internet does not stop at the atlantic and pacific ocean on either side of the united states and both from the going dark perspective, the u.s. rhetoric around whether or not we are going to undermined encryption or whether or not that's acceptable has provided a

lot of wiggle room for countries to pass laws or implement policies that actually do undermined encryption, either give them authority to outlaw an end encryption and in some cases there are laws that require end-users to install backdoors on all of their devices within specific countries and so there's that element, while at the same time we are talking about government hacking without having rules for it so we are seeing other countries also pick up on that and in the uk for example we had outlaw that formalizes uk government hacking authority that might allow the uk government from an objective read to do what was kevin was just saying which is to try to force companies to implement backdoors and security updates. so by not acting in and out

front way to protect privacy in law affirmatively, we are not only allowing these conversations to wither and die in the u.s., but we are allowing great room for security to be lowered across the board outside the country, and those effects are going to be felt in the united states without question. >> richard i know you're also very concerned about the international climate. >> certainly, speaking to the international question, this idea that u.s. policy which i think has been pretty equivocal on this subject is the main motivator that's letting other countries do things that some of us may not like, i think it's missing the mark. other countries face the very same public security and national security problems we do and i said that to they will try

to address those problems as best they can and within their own political system regardless of our positions on these things but certainly regardless of the middle-of-the-road that we seem to have taken over the last few years. let me address a couple other things. i think as far as is this a solution to the going dark problem, i think i agree with comments that have been made so far. i think it's sort of inevitably going to be part of what the government will end up doing and certainly when there is an opportunity like in the san bernardino case where tool becomes available that can be used to execute a warrant, it's going to be used. i think we should be clear that it's by no means a 100% solution to that problem for a couple different reasons. investigations, on the law-enforcement side, need to to be targeted and timely and calculated to produce admissible evidence. each of those three things can have difficulties. targeted, if you have a offender

who you believe may be committing serious crime, it can't be a perfect solution if you are lucky enough to have that person be using an operating system that happens to have a vulnerability you happen to have a tool that will address. also, it is timely. is that tool available now or do we have to wait a long time as in months and months from the san bernardino case or in the case of hackers trying to break into something, they generally do it over a period of time and we spend a lot of energy doing it. that may not be acceptable in the context of law enforcement investigation. and the admissible evidence that's been dealt with already. let me offer one other counterpoint here. matt said the common thing that we have heard from a number of places about how creating a mandate or backdoor solution or

whatever word you want to use for that would have egregious security harm to the average person end-users, i would encourage us to ask for the evidence on that, to sort of probe this question a little bit further. if you look at the way that companies and agencies and individuals pay for these and solutions are solutions that don't allow there to be any interference in the middle, they are not the norm, and if you look at the department of justice for example which is extremely concerned about security, there is an app that sits in the background on my phone that lets the government have access to the device when needed, and yet that is exactly what the problem was in the san bernardino case with the ios. similarly, if, if you talk to network defenders, they're actually pretty worried about end to end encryption because when you have fishing screen schemes that are going after

access to their networks, it's much harder to intercept those things and block them at the gateway. if the communication is encrypted and and unavailable to the individual. then you would have to ask questions like why is it that gmail which doesn't use that kind of encryption that makes it inaccessible to the provider, why is that not a backdoor if that's how you want to characterize these things, and why are we not saying to gmail, how dare you access your customers e-mail in order to sell advertising to them or put another way, if were okay with gmail doing that, why are we not okay with having the public security benefits of it, are those just as important? i would encourage you to ask this question in a more deep way ,-comma what is the security benefit and is that benefit in fact worth it when it comes to public safety

: i think we should be, there are a lot of people especially in politics and hollywood right now that are starting to use e-mail less because it is riskier. no one is saying gmail is super insecure by it is certainly less secure than an end to end solution. we need to be promoting the spread of that technology rather than trying to dampen it considering just how dire our

cybersecurity situation is. >> how were those computers hacked? was a fluke fishing? if it was that would make it worse in a situation were into and encryption comes into play. >> we could go on another hour on this topic. let's open it up to questions. we will bring microphones around. please identify yourself and ask your question in the form of the question. thank you. >> i thought for a second from what we've seen bandied that i forgot effect. tour was created by the government by enable employee who gets royalties every time it's used. it was released by the government under the clinton administration. all these domain names that everybody is using for uploading nude photos that they shouldn't take anyhow and for isis is all

done through, out of california which in september went to switzerland. let's remember where this all started. my question is why aren't you talking about the correct origins of icann and tor? these dark things did not just pop out. government and academics had access to them. e-mails actually exchanging festive maybe we should be using this stuff. >> i'll briefly respond. i'm not sure how icann is relevant but in terms of tor, it was developed by naval research. i don't think anyone receives royalty but it's important to understand its origin was to protect our own spies. they need secrecy, too. it also was heavily funded later by our own state department to help defend human rights outside of the u.s. the rights of dissidents and others. and all i would say is if it's

good for them it's good for us, too. right? if the u.s. supports people outside of united states having these tools they should support people inside the united states having these tools. >> i chair the board of directors of the tor project and i assure you if there are royalties -- yeah, there are no royalties the faulty software and so on. i should also point out one of the reasons that tor is open to everybody to use is that it's simply not possible to protect our own size and own government employees who are using it without the cover of the general public using it. anonymity and privacy loves company in that sense. that's simply part about the technology has to work. >> if i could just add one quick thing. i think there are people out there asking questions of has it outlived the value come is

benefit worth the cost? as a mission investigation of sites where there's rampant criminal activity going on. i think it's a fair question to ask how does a balance work today? >> there's a woman in the green sweater. >> the national association of criminal defense lawyers speeded could you speak more directly into the mic? >> is this better? the national association of criminal defense lawyers. i just think there's been a huge missing piece of this conversation when we talk about the process and the notice and how it works. and this is based on a middle east in the states the ability to incarcerate someone, to deprive them of their liberty. so it comes a question of notice of the techniques used i think the government often has these blanket comparisons, sledgehammer as if it's one uniform think that only operates

one way. i want to get to the point that when you talk about using these techniques to break into computers to investigate people and prosecute them and potentially deprive them of their liberty is extremely important that notice it's there. think the government knows full well there are many ways in which that can be done in camera, not open court, not in a way that releases the information to everyone like it's the defense of opportunity to examine how a computer was broken into, searched, where the parameters. and so i would like someone to address the piece, to differentiate the peace between what traditional search what does, the ability to challenge it which is quite limited, and how this technology being used changes that considerably. it is not a place we can go and look and say they searched my home, they hit the three places because i can tell, or i was a bit.

i would let someone to address that particularly from the technology peace but also from the rights of the accused in a criminal case for do have the right to confront the evidence against them. >> i think i touched on this briefly before, but i agree the courts have a lot of tools that are useful here in time to sort out these questions, and they're going to do that in due course. there is a long-standing rule for decades and decades. the are certain times when there is a technology or something that has particular investigative value that will lose its investigative value if it is this was probably. take for example, how a particular recording device is shaped. it is a useful to the future mobsters to know how we are concealing a recording devices. it's a would not that useful to the defense to know what exactly the shape of the device or the color or the battery life or whatever it is. that there was a recording is critical. that it happen and it certainly is of course critical. turning over all of the relevant

stuff to the defendant makes sense but whether it's useful to know the exact shape of the device, not so much. so courts have traditionally tried to balance these kinds of questions, and i expect that's the kind of debate we will have as we go forward. if there is a situation where the code is indeed needed in order for the defendant to be able to evaluate what the scope of the surge was, then yes, that's probably something that would have to be turned over with a protective order to the defense. if it doesn't have any materiality or relevance what we need to know is what was searched, how much, when, what was the scope. those questions can be answered through other means, and courts are likely to look at that and say we will use the traditional rules to say this piece, this technical specification does need to be disclosed. >> let me and reject one quick point. a lifetime of these tools is much, much shorter than the lifetime of a recording device.

it's entirely possible, particularly as this skill set, but on the timeframe of a criminal prosecution, by the time that disclosure would take place those tools are well on the way to being obsolete. >> do we have time for one more? [inaudible] >> but if you would join us upstairs will have lunch from noon until about 110 p.m. i think c-span cut away but those watching at home would like to see the lunch, you can catch our live stream at cato.org. please join me in thanking our panel. [applause] [inaudible conversations]

>> we continue with the discussion from the cato institute on the role of congressional oversight of spy agencies and private companies should cooperate with u.s. intelligence. >> welcome back, everyone. we are about to start the first three blocks of flash talks that will take place over the course of the afternoon. these are schematically paired short presentations which in interest of keeping things brief and moving, questions falling but i encourage you to bundle up speakers during the reception or a break if you have questions to follow up on. our first two speakers who again have biographies in greater detail in those bio packets will be interesting, sort of the oldest question of political theory, the phrase of the roman

poet juvenile, who guards the guardian? who watches the watchmen? how do you keep political power accountable once your seed authority and power to an institution with the aim at safeguarding your rights? this is a notoriously thorny question under the best of circumstances, our entire system of governance is an elaborate answer to that question but it is particularly crafty when it comes to surveillance authority, when it comes to authorities that are by their nature secret to the same kind of robust public and democratic accountability as much of the rest of what our government does. and so we're going to begin with begin to short talks exploring different answers to that question in a context of surveillance will have nathan leamer, policy analyst at the r street institute and invariably the best-dressed man and in the room he.

and mieke eoyang of third way, to talk about informing both the formal oversight checks and the u.s. congress and other formal oversight institutions as well as that check that technology companies can provide as necessary part of a electronic surveillance. nathan? >> first off, i should say the wind comes to wardrobe, i was inspired by our host julian sanchez. very few people can pull off that a suit in dc, and you do it very well, so i had to keep up with julian. good afternoon. thanks for having me. as julian said my name is nathan leamer and i'm a policy analyst at the r street institute. before that i spent a few years working as a staffer for admission representative just in a mosh who's at an as well and so working for him and he contid that on this is an opportunity to continue that work and rain in executive overreach.

as you may know quietly and in t on capitol hill and think tank conference rooms around d.c. that is this conversation brewing that's consternation over concerns that maybe congress is really doing its job like it should be as was mandated in the constitution. and as you know whether it's this president of the president before and, there's this growing question about whether the executive branch is overstepping its boundaries. a whole host of issues, not just budgetary questions or questions about the economy but also questioned over national security. the collation of checks and balances between secret and primers are constantly at odds. what begs this question is, is there a way we can make congress grade again? to do a better job of engaging congress to take its responsibilities to heart and

know the executive branch accountable. over the past year the r street institute along with our friends at the new america foundation have been hosting a legislate branch capacity working group, we'll call it working group for short. basically this a group gets together once a month to discuss with hill staffers told think tank scholars, there are a policy experts to discuss ways we can improve the way congress does its job in many different facets. the appropriations process, can we improve the way committees are structured in the way they work? can we stop the problem of a high staff turnover? can we improve staff quality? can we pay staffers more to keep them on the hill and bring staffers here, i got your back. one of the issues we've also been thinking about is how can we rein in national security concerns in the intelligence community. this is a glaring example of the way congress has not always done its job, and this is particularly to in the house of representatives where there is a

bottleneck of information sharing out of the membership of 435 members of congress, there are only 13 republicans and nine democrats who make up the house permanent select committee on intelligence. this body is a committee that in many ways in secrets and in ways controls information sharing for the rest of the members of congress. here's the problem. they access to information that the rank and file do not. they system that's different from the other committees. if you're interested in budgetary issues, if you're not on the budgetary committee you can easily go find out what's going on. there are open hearings, document and memos available. this isn't as easy as you can imagine on intelligence issues. there are reasons to be concerned about our confidentiality and security clearances but at times those constraints limited the ability of the rest of congress to do their job. after discussing these issues

and working with staffers enough aspects -- experts went in identified a few major concerns about the way congress conducts oversight. in the weeks following the still revelation, my old boss, represented amash, would say when you hear from the chairman of the intelligence committee that members can come to classified hearings and asking questions they want, the reality is you have been to one of his classified briefings pick you will discover it's just a game of 20 questions. you ask a question. if you don't ask it exactly right when you don't get the answer. so if you use the wrong pronoun over to the summit to a wrong agency, villages it doesn't happen, it doesn't exist. and representative amash talked about how they would go to different briefings and ask different questions and try to make a jigsaw puzzle of what's going on. a representative from florida alan grayson also made the comment sometimes he feels like he knows more about what's going

on in the intelligence issues from media reports than does from the intelligence briefings. this isn't to say they are doing their job. it's a question of how the structure as done aloud to the rest of congress to know what's going on? with that in mind the other concern is communication between the rest of the rank-and-file. for example, 50 plus members of congress signed a letter calling on them to give information about, the revelations of the innocent was automatically scanning or emails from yahoo, bring them into some epic story that reuters broke. they sent this letter said dear colleague system and five minutes later, five months later they are still waiting for a response. that's kind of ridiculous. even though the news story has moved on these members still want to know what the restraints are in what's that they pick these are types of things we could mitigate the better communication. the "washington post" described

a memo that was specific from the executive branch to all those of congress si expect was going on with metadata programs. they still have an answer. sorrysorry, say that back at wht happened was the memo was never sent to the members of congress. they were diverted rather to a briefing to region and to the question that the memo would have done. so this question of dan hipcc as a committee to a better job of community with members so they feel better and should what's going on. the other problem that i will mention is staff are not always trained properly to not engage with her boss. something we talk a lot about is there's this sort of classification hearing that happens where it's not always clear what a member can share with the step even if the staffer may have clearance. remember every office has one person who can get clearance but even that begs the question which is the high turnover because of the lack of paperlike about the problems going on, there's such a high turnover so it's not always the case and never can have someone with

clearance. an offic officer talked to saide best qualified person for this i would be the best person to go through the process is in a process for 50 months before he has gotten clearance. in that time he was a freedom act was voted on, the backdoor amendment has been voted on and they all have clearance. they don't have anyone to talk to. it's like this member is going into the holiest of holies by themselves and they don't have staff to help them. so three quick ideas we can use to fix this. first to address some of these problems, we think hipcc members should also have staff like their counterparts in the senate do, the senate then daft that works with them particularly whereas in the house the members rely on committee staff. the committee, the hipcc committee staff are two of the guardians of the keys. that's something to consider. the other idea would be for the rest of the members of congress rank-and-file do better training for the staff to know how to handle these different difficult

question. make sure they're not flat-footed when revelations like a writer article comes out. the yahoo! story. a lot of members were choice as to what's going on. they had no idea. they or the staff at not been briefed. another idea that would be worth considering is something r street has been talking about is bringing back the ota or the office of technology assessment. while it wouldn't fix all these intelligence issues, it would be an office, it's an office that existed from 19702-1995 that basically was wer for congress d go to get technical expertise. now that it's gone for the past 20 years, especially as technology has grown and changed, members don't always know what these words mean. what is going dark actually mean? what is encryption and how does it work? they don't have the technical expertise at their disposal. if ota was that could mitigate a

lot of those concerns. as we know from the san bernardino case and a conversation about going dark and having a back door and all that, it goes back to the question of like do members know what's going on? how many members had given email? i was in an office remember just learned how to use e-mail, often. they should probably learn more before they engage in his questions especially as the intelligence issues are so intertwined with the future of her technology whether it's the internet of things things, whets her iphone, whether it's our latest version of computer. all these things are really worth considering and we should make sure our members are its brief, best brief as possible going forward. the last thing i will say is, if congress doesn't fix it, who will? congress as an entity has control to fix the way it does things. the house of representatives does. our think tanks on the outside, our surveillance coalitions at our conferences are great to raise wages by the consent of members fixing the problems

themselves. they have the tools to make themselves great again. they have the tools to address these problems, to find a way to allow the confidential information to flow to the right people but not to get to the outside. they had the opportunity to embrace the challenge they have which is the article one responsibility to hold themselves accountable. the best example of this and why is it important, in the past couple of weeks as we seen the question, debate about russia's involvement with the dnc hack over the summer. the fact is the senate has been briefed on these issues. rankin members are all home doing town halls hopefully and engaging with the constituents but they don't know what's going on. they are getting asked these questions and they don't know. if they are getting their news from the media, they're getting information not from the guardians of the information. they are not getting it on the senate or hipcc. they're getting it from press

reports. a read the "washington post" and that's what they're getting. if we're going to hold them accountable, congress needs to step up. [applause] >> and now mieke. >> thank you, nathan. even though i was a staffer had the keys to the kingdom as nathan said come on equity give it to congress or talk about how congressional oversight is really essential. what i want to talk about is what happens when congress isn't aware of what's going on, and how do we think about of the mechanisms that we can use to put checks on the intelligence community? especially in the area of electronic surveillance. so i'll tell you a little story. in 1975 a young congressional staffer much like i was once upon time drove out to maryland to have a conversation with a retired in us a employee about competition staffer was on the

church committee and they had discovered that the nsa was receiving copies of all of the telegram communication going into and out of the united states. this program known as operation shamrock had not previously been briefed to congress. it was a voluntary program that u.s. communication companies were voluntarily handing reels and reels at it over to occur your everyday who took them on the train. congress was understandably appalled but as of this young staffer talk to the nsa employee about it, the interface concern was what about the company? we did the companies cooperation. cooperation. they are the ones with the communication. how do we ensure that we will be able to get their cooperation so that we can connect, click intelligence when you going forward? please, do not reveal the names of the companies because this is technically illegal and we know you're not supposed be doing wiretapping but the attorney

general at the united states has made assurances to these companies it's legal. he's given them letters. if you named the companies, that customers will go into an upper and can't possibly do that. the young staffer says, but they are collecting the communications of americans. this is an okay and it doesn't matter if you went through the taser didn't. this is a privacy violation. and if the employee said but this is patriotism. this is national security. we need this. as a result of discovering that program and the church church commission report there were two electronic surveillance programs they talked about the congress passed a statute called the fourth intelligence surveillance act, and and in the foreign intelligence surveillance act, they thought very carefully about the companies interests. we often think of electronic surveillance and privacy debates as between the government and individual. and like the nsa employee as the

congressional staff not to come we don't talk much publicly about the role of the companies in these surveillance statutes. but in the statues the role of the companies and their interests are not only taken into consideration as an interest in statute, but the statutes themselves are structured around the company interest. in fives of the act passed after operation shamrock -- fisa. the government said how do we incentivize the companies interest to ensure that the government gets the right permission slip before it gets the information that it wants? so what it did was a put the companies on the hook for liability if they gave over the information without the appropriate permission slip. and at that time and given those communications that permission slip was a work that we were talking communications of americans inside the united states. so i and that congress thought about all right, how do we make the companies, the only ones

received information, how do we incentivize the companies to think, the government has to prove something to me before i give over the information. fast-forward to 9/11. worst terrorist attack in american history to editing changes in the security and private. again, the government comes to the companies and says, hey, we need to know who are these terrorists that are communicating with people inside the united states? we need all your information so we can sort through it. again, they government says to the company, we have a letter from letter from the attorney general. we will give you the letter that shows that it's legal. the companies comply. it wasn't until five years later when a program was revealed in the "new york times" that the government realized it had a problem. that permission slip, the letter from the attorney general, was not sufficient. the fisa court when looking at these things did not feel like it was sufficiently protective

of the companies liability or the privacy interests of americans. so the government comes back to congress again and they say, we need a different permission slip. slip. we can't do this individualized warrants. the amount of data with email el communication is not just like telegrams. its magnitude larger than that. we can't individualized for all of this. we will get buried in the paperwork. we needed both warrant. congress look at it very carefully. -- bulk. in passing the fisa amendments act, the statute that they gave the government a new permission slip, for accessing this communication, they said yes, you can have your bulk warrants. it has to be from the fisa court. the fisa court has to look at the information and decide whether or not it is okay. and then when faced with the question of whether or not they companies should be let off the hook for not insisting, the first time, based with the

liabilities that they could have run into the billions, congress blank. a number of members of congress, this is a central issue in the passage of the statute, was was not congress would give liability to the companies and that the nsa is concerned was if they didn't get the protection to the companies, the companies would refuse to participate going for it and we could bankrupt the american telecommunication industry. many members voted against that statute did so because they thought if you let the companies off the hook this time you will let them off the hook for ever going forward. so eventually they said okay, yes, we will, you get a pass this one time but they're still liability going forward or we are putting that in. fast-forward again to edward snowden. we never statute on the books that says u.s. companies give over information to use government on vast quantity of people communicating outside the united states. u.s. companies are now and within operating not just in the

united states but globally. now there are international customers upset that the u.s. companies. and deprivation slip again is viewed as insufficient. we saw and the debate over privacy shield and the european attempts to ratchet down or to insist on additional privacy protections that the probation slip is not in the right place and it could bring transatlantic internet traffic to a screaming halt. so how do we think about using the companies interest now in order, and understand, use them anyway we can craft a permission slip the right way so that we know that if the government comes to the company, and congress doesn't know about it, the courts don't know about it, the companies say i know this permission slip as right one and i will give you the information you seek. so think about a few guidelines.

for how you can structure permission slip the right way so that the companies know that it's okay to turn over the information to the government. first, a permission slip is not a blank check. one of the concerns jeff is if the companies received a permission slip and turn over access to all of their communications, what's the value of the permission slip courts this is why people are concerned about bulk collection. the government might not use it for the specific purpose of the statute at issue or the are the investigation but they could hold onto the data and rifle through it for all kinds of other purposes. the permission slip is not written by yourself. this is a lesson we should all about in elementary school. you should not write your own permission slip, right? you got to go to a grown-up to get the permission slip. in this case we're talking about a quart, talking about an independent form of government or branch of government that can look at the permission slip and ensure that it meets the requirements of the law.

and that's why the fisa court is in the process. and the permission slip has to be appropriate to the activity that you are engaged in, right? and what people often don't realize is that the activities, or the permission slip that is necessary for u.s. intelligence activities operating abroad where the constitution doesn't apply is different than a permission slip that is required for u.s. government activities inside the united states and that u.s. persons and activities that will take place here. here inside the united states, the constitution applies, still, we help, and continue after january. but the constitution has a very specific kind of permission slip. it requires a warrant. that wards must be individualized. so that we have to think about very carefully when we are looking inside the united states

the permission slip that you need here in the united states is different than the permission slip you may need overseas and that is not a one-size-fits-all solution. then at the companies have the appropriate permission slip, blessed by the right grown-ups can limited appropriately, then they can give the government access to what they need, and then they can have the liability protection that ensures that you actually stand up for american interests. the reason that chatted with the companies in the middle like this is that it is, in fact, their self interest. slightly different from your self-interest and my self-interest. they have to worry about their overseas customer base. they had to worry about their global competitiveness. have to worry about the privacy and security of the data that they hold. but they also worry about the security of the united states, of the world at large.

they have an interest in ensuring that come ensuring that clients are stopped, that we have an apartment that allows everyone to flourish and, of course, they have responsibilities to their shareholders. when we think about the company interest and we think about that closed room where the government has, so often and said please give us the information we need, we have to make sure that not only rewritten out what the right permission slip is that we put enough steel inside the companies that they can say when they don't have it, they don't get the information. thank you. [applause] >> more now from the cuneiform on government surveillance. over the next hour and 45 minutes we will hear about countering violent extremism, police use of body cameras, facial recognition technology and the use of social media

intelligence gathering. once again, i am patrick patrick eddington, policy analyst and civil liberties and homeland security at the cato institute. i want to welcome all of you here in the auditorium as well as all of our folks watching online, either c-span or art direct webcast. appreciate that. what we're going to be dealing with this afternoon on this panel is an issue that has become a genuine political flashpoint both domestically and internationally. a concept that is loosely defined or known as countering violent extremism, or cve for short. the united states has been dealing with extreme is politically ideology and a violent manifestations since at least the rights of the ku klux klan in the aftermath of the civil war. in some cases the threats from domestic political radicals have been real and lethal. president mckinley was assassinated by an anarchist

extremists, an incident that led to a nationwide crackdown of anyone who professed anarchist beliefs whether not they represented a genuine violent threat to the public. it's only been since the mid-twentieth century that we've seen the federal government create an entire bureaucratic structure designed to counter politically theologies that were used as a threat to the prevailing political and economic order. in many cases the employment or the coercive power of united states military and federal law enforcement back by legislation and the courts to harass harassl and even kill domestic political activist deemed to be extremis extremists, violent or otherwise. during world war ii an estimated 120,000 of our fellow citizens were rounded up and place in concentration camps on the orders of president roosevelt strictly because those american shared and ethnic heritage with the people who had attacked us on december 7, 1941.

and despite the fact that not in japanese-american had any involvement or in any way facilitated the attack on pearl harbor. during the cold war the attorney generals this up subversive organizations and activities control board and incredibly name house in america committee, engage in political witchhunts and the personal and professional harm that they cause to literally thousands of innocent americans using -- was incalculable that guilt by innuendo was the hallmark of governmental domestic surveillance and political oppression in the 20th century. many of these incidents were of course the subject of the church committee investigation over 40 years ago. some of her previous panels have alluded to that if that discuss some of the specifics. still others were uncovered by the senate foreign relations committee in the 1980s under then chairman john kerry. while it would be comforting to

believe that such episodes are a thing of the past, confined to an earlier darker era of american history, recent events have demonstrated that this is unfortunately not the case. in the post-9/11 era it is primarily the arab and muslim-american communities that become the targets of increase screening by federal, state and local authorities. that's good has come in the form of overt and covert surveillance by the federal period of investigation at the national student agency as well as the race and issues billed as outreach efforts carried out under the auspices of programs and offices in the departments of justice and homeland security. entities of us who received tens of millions of dollars of taxpayer funding as a result of recent congressional decisions. we all know in the wake of the 9/11 attacks individuals inspired by the philosophies of terrorist groups like isis and al-qaeda have committed horrific acts of violence on our soil. from boston to chattanooga, the san bernardino, orlando.

but should those acts by specific individuals lead to the spain and scrutiny of entire ethnic over religious committees courts are the discrete reliable indicators of radicalization that we can use t identify those at risk of engaging in terrorism? and how these policies whether in the form committee outreach or covert surveillance impacted communities with ethnic, religious or family likes to the middle east and southeast asia? deflation are taken on a heightened sense of importance and the views of president prest trump, several members of a transition team and a number of his cabinet level national security sector nominees. over the next hour our panelists droit unde on own experience and research will examine these questions, and we have what i think it's an absolutely outstanding group of folks joining us today who come from across the political spectrum in some respects and to have a wide variety of experience, starting

to my immediate right is my friend michael german, former fbi agent of 1 16 years and currently fell at the brennan center liberty and national security program where his work focus on law enforcement as well as intelligence oversight reform. seated to my left is assistant chief reynolds of montgomery county police department where he has been a 26 year veteran of law enforcement and been involved in a number of relatively high-profile response entity in the d.c. metro area. seated to his left is the director of law and policy at the sikh coaltion and like me, at georgetown hoyas alone. i really didn't like plant unpacking this panel with point columba senna i managed to do it. seated next to arjun is transix, georgetown law graduate and a practicing attorney in the oregon department of justice in your civil litigation division found my friend tranfour,

executive director of the arab-american institute. thank you all for being here. i want to make it very clear that that views that are expressed by the panelists are their own and do not necessarily represent the views of their respected organizations. unless otherwise explicitly stated in the aftermath of 9/11 attacks that authority front of arab muslim-american men and immigration enforcement sites as an effort to identify al-qaeda sleeper cells and some of those cases involving this instance i think are still working their way through the courts in less i am badly mistaken. i've read myself some of the department of justice inspector general reports in this incidents and they in essence admitted that ethnic and religious bias help to drive those roundups and those activities. that mentality unfortunately helped to ensnare the family of one of our panelists, in that case sharia mayfield here and she and her father had written a

book about the experience. it's called in probable cause, the war on the bill of rights. we happen to have a few copies of it available. it's $15 cash or check. she will autograph during the break for those are interested and we have right out in the hallway. i have a kindle version. it's a great read, a chilling read, but the process best equipped to kind of tell the tale is sharia mayfield herself spinning is a great honor to be here. amongst all these painless so much experience and knowledge. i feel like i'm the youngest one here, but i also have a unique experience that i want to share. i will reiterate that these views are my own and do not represent the oregon department of justice or any past employer. i did work for senator wyden for a couple of years as an advisor as well. and gained a lot of experience through that. for those of you don't know about my fathers case, brandon,n

mayfield, back in 2004, and may come he was arrested in connection the madrid train bombing that happened just a couple of months prior. these train bombings were perhaps the biggest terrorist attack that spain had ever experienced and would be equal to our 9/11 for that. and he was connected to this train attack by a 100%, or allegedly 100% fingerprint match that was actually a faulty fingerprint match. and throughout this experience of being targeted because fest on what i believe happened, my family is muslim, or muslim-american. my dad is a convert. he goes to the mosque regularly. we all go to the mosque fairly writerlregularly but especially. he's also a lawyer. he represents clients was representing clients, previously the portland seven. i don't know if you guys know of

those people but those were alleged terrorists who wanted to go to afghanistan to fight their and my dad represented one of those individuals in a custody case because he get a lot of family law. so you start to build this network of folks that you associate with, especially as an attorney. i'm also an attorney. you have association with people who are not so good. that's part of being an attorney and i strongly believe that due process needs to be afforded to everyone, even the most heinous of individuals. so to think that you could be implicated in some sort of network because you happen to represent bad people he is very chilling the practice of law, on freedom of association. that's something i strongly would speak out against. the back to 2004, may six, 2004, my six, 2004, my dad was at his office practicing law.

two fbi agents came to the door, arrested him. he had no idea what was going on. we had no idea as a family member what was going on. i came home from school that day. i was picked up from school very urgently, and the first thing i thought was this is a big joke. this is must take it. the fbi, the federal government is out to get my dad. it was like one of those double '07 movies. it seemed so surreal at a time. but after just a few days of learning about the allegation which eventually did one of those allegations and hearing over and over that it's 100% finger match became very diverse reads and very scary. that's an understatement. i'm now 12 years detached from that moment and it's still very harrowing, as my dad describes it, thinking back to coming back that they not see my dad and being told by lawyers that at best even if he is innocent it would take eight months or more just to litigate, and at worst he could be deemed an enemy

combatant. he could be sent to guantánamo bayguantánamobay, face the deat. very serious allegations. but there's a lot of stuff happening behind the scenes. you would think how could my dad be implicated in a terrorist attack that he had nothing to do with? he had never been to spain. his passport was i think over 10 years expired. he was very patriotic, served in the military, was practicing law, upstanding citizen, very nonviolent. once we are chickens at one time and he slaughtered want and you so upset after that, that he said he would never do it again. and i was also upset, and i'm a vegetarian. so he's a very nonviolent person. none of it made sense. when we heard about the allegations we were very scared and then we start learning more especially after he was in there for a while we started going through everything, going

through the legal basis of which was arrested, fisa. you guys differed from fellow panelists about fisa and about section 702, hopefully about section 215, freedom act and so on. fisa and to think patrick was talking about this briefly but during the macarthur era when that was passed -- mccarthy era it was better than what it was today i say. you could get a warrant at the primary purpose was to gather foreign intelligence. well now all you need is a significant purpose, and if you look at some of the congressional history on what that actually means in practice you can listen to senator hatch i think in 2002 after the change in the law had occurred in 2001 after 9/11, he made it clear that even if your primary purpose was to do a criminal investigation, so long as significant purpose was still together for intelligence, it was okay. that's exactly what the fights

awards were not supposed to do. they were supposed to be focused only on situations where a criminal investigation would not work where you are targeting foreign folks with foreign intelligence. and that would've been used against u.s. citizens for potentially criminal investigations, or primarily criminal investigations. that's a very dangerous. so my dad was released after two weeks. as we say, thanks to god and the spanish police. the spanish police did own investigation and the fact they were pushing back against the 100% fingerprint match for a very long time, and since months before when they first got the latent print off the blue bag of detonators in spain. they said that only did they say that they had some, you know, thoughts and might not be a match. they said it was negative. it wasn't a match.

federal law enforcement did not mention this to the courts. in fact, they said after meeting with the spanish police they thought that the spanish police was satisfied with the findings. but when you actually listen or read the interviews of the spanish police and spanish forensics folks, they're saying no, no, that's not the case. they were out to get my dad. and so i had to put it to be a muslim-american. i think the situation has been very depressing since 9/11 for muslim-americans and probably for muslims around the world being targeted by these surveillance laws. i think the cve, the accounting violent extremism program you will hear more about, i'm very wary of that, very skeptical. i think there's been a lot of damage done in the muslim community of being targeted for surveillance even your are a completely law-abiding citizen. to repair that is going to take a lot of work. i haven't seen much on the part of federal law enforcement to repair the damage that's been done to the muslim community, the lack of trust in portland,

oregon. we had the mohamed case in 2010 and while i think that individual obviously had some evil in them to even think that the ideal would be a good idea to blow up a christmas tree with people surrounding it, i also think the way that the federal law enforcement but the fbi handled the situation was very badly. the dad had reached out to the interest about concerns of his own son. you are told "if you see something, say something" and moses are doing it and then what happens is now your kid is facing 25 years in prism when ii think that situation could've been avoided if he was a provided that fake bomb which is what the f i had done. it took them a couple years talking to them and coaxing him to get him to that situation. so i hope as you listen to the other panelist you will think of the negative impacts of these surveillance laws have a muslim-americans and it's not just going to be muslim-americans.

a special light of our new president-elect. things could get very bad very fast. even worse than they are. cora matzo, the japanese internment camp is one example of very negative point in our history. i'd like to remind you all that the supreme court has never overruled that decision. it is vacated. that's a total copout. that should've been overruled. it's completely contrary to our constitutional rights at its its discussing the something like that might recur. potential in the next few years. so i will leave it on that note. osu books and hallway or cope with you by the most because i don't want to carry them back. into the airport o are culturaly that you some context around my views, on the situation and on the situation that i experienced with my dad. i also hope that for the people to look into forensic science or network and forensic science you look towards blind testing and

eliminating cognitive and confirmation bias in the field as well because bias exists there as well, not just an law enforcement agencies but in the labs. that's a huge problem as well. thanks spirit thank you. i should note when the department of justice ultimately, the inspector general of the department of justice ultimately issued the report of the fbi mishandling of the mayfield case, one of the things that explicitly acknowledged was about bias did, in fact, play a role. i think it was a decisive role quite frankly but it played a role in the very thing that happened to brandon mayfield and to sharia which is a what i think the work is try to do in this area forensics is so incredibly important. my friend mike german as i said spent 16 years in the fbi. i don't expect him to defend the fbi today, but what i would like for you to do is, since you're

dealt with terrorism yourself, you worked undercover for almost two years, penetrating right wing, essentially white supremacist type organizations in this country looking at the scripts and thei activities at e potential threat that they posed, you say that there is a right way and a wrong way to do this essentially. can you kind of walk us through your world view on this in terms of how we approach this threat? because when a lot of folks in this country that all of us are aware who are deeply concerned about his terrorism threat pick it is real to her we have seen it happen. so we don't want to at the end of the day none of us want to minimize the idea that there is no threat. there is we see. americans have suffered from it. but at the st. andrew's at least in your view i think a right way and a wrong way to go about this. so give i us your perspective on that. >> i think if we could imagine a perfect world, what we would

want is all of our security resources focused on people who are doing harm with none of the impact of that affecting anybody who's doing anything in essence. my former colleagues in law enforcement and my colleagues in a civil liberties committee would agree on that. we want to catch the bad guys and let the innocent go about the business without interference. so the question is, how do you achieve that goal? i think my biggest problem with the countering violent extremism program is that it's based on this flawed premise that people move from adopting bad ideas to becoming violent. and there are any number of studies now of actual terrorists, people have committed violent acts in the name of a particular political cause or other reason, and what it shows is that they are not typically very ideological.

that's what i found for my own experience. i was undercover in neo-nazi groups and prepared for cases and other groups as well. what i found is that the people who are committing the criminality and acts of violence did not really appreciate the people who were writing the books and the manifestoes and hosting the online forums. that stuff was illegitimate today. it was a waste of time. they needed to take action pics of the idea that we are taking this program and focusing it on the expression of ideas, of ideas and ideology, is misdirecting our resources. we should be focused where there is actual evidence of criminality. and, unfortunately, what has happened is a government has taken this theoretical model of radicalization that posited that people move in a very linear

pathway from adopting bad ideas, expressing those bad ideas to become a terrorist, to justify the surveillance of entire communities based on their ideology. we have seen that taking place in any number of contacts throughout history. none of this is new. the fbi's radicalization or radical as division was formed in the early 1900s led by a young j edgar hoover. this isn't a new phenomenon, this idea that if we can suppress the bad ideas, somehow the violence will resolve. there's no evidence of that. in fact i would argue the evidence shows the opposite. you open up the argument for someone who wants to commit an act of violence. >> to build on that point briefly from a historical standpoint, i'd use the assassination of the late president william mckinley as kind of an example of someone with a particular ideology,

ultimately turning violent and acting that literally on the president of the united states. in the wake of all that as images you saw this crackdown nationally but one of the more interesting things that took place was his passage of legislation in 1903 call the anarchist exclusion act, which basically said that if you're an immigrant and you want to come to this country but you have expressed support for anarchist, you are yourself a self-declared anarchist, we will not let you into the united states. the reason i bring that up is that our present elected during the course of the campaign had talked about this man essentially on folks coming from countries out of the fear of a particular idea that they might necessarily bring. of course the problem today is the same as the problem then do it with our technology in 1903 wasn't quite as sophisticated as it is today, you still have the

telegraphic distillate newspapers. within a few years of the act being passed, you had pretty widespread use of telephones police and government and elsewhere. and, of course, it did not stop anarchism and the trend. i would argue that that man and the governments attempt to suppress the idea actually make it kind of a sexy forbidden fruit from a political standpoint. you alternately did see yet a second wave of bombings that were carried out by anarchist in the 19 19-20. when we talk about some new thoughts and ideas about trying to suppress speech, ideas, things of that nature, our own history kind of tells us that she was not exactly ultimately the way to go. correct me if i'm wrong, but i thought it on their own surveys on this particular topic in which they found that when you look at all these past cases

that where there was no identifiable pattern. emma wright? >> right. virtually every empirical examination of actual terrorists has concluded that there is no profile, no pattern, no predictable pathway. there are no clear indicators of who's going to commit harm. for every person who commits an act of violence, there are 10,000 people who have that same ideology who behave in the same way, have the same sort of behaviors that in these radicalization models are identified as what to look for. and the problem is there are a lot of bad ideas out there, and the government tends to come once this model is allowed, expand out. it started with anarchists but those labor organizers were kind

of expressing similar ideas, so let's go ahead and suppress them through surveillance. by the way, a lot of the labor organizers who are resting under these programs are being defended by civil liberties lawyers who must share the same ideas so we won't suppress them as well. and so if we stay with this model that the problem is extreme belief rather than terrorist violence, it's going to justify all the surveillance. it's going to justify all the aggressive law enforcement activity targeting communities because of what they believe or because of the political opinions they express. >> that's a terrific segue, arjun. earlier this year you had a sensational piece in politico magazine, talking about your own experience and discoveries with respect to the fbi's so-called shared responsibility

committees. can you go into that? can you help educate us on exactly what they are supposed to be, how you came into possession of the data and so on? >> sure. i was invited by the fbi to preview a countering violent extremism program called a shared responsibility committee. typically when these meetings happen, they are confidential. what ended up happening later was that an anonymous official from the department of homeland security gave quotes to political magazine about shared responsibility committees. ..

maybe a youth coach or a mental health professional, a social worker who assembles and convened for the purpose of helping a muslim american who the fbi determined is at risk of becoming a violent extremist. so the idea is, the identification fbi identifies a youth who might become a violent extremist and they convened local committees consisting of the various types of professionals i just described, in an effort to stop this youth from one day becoming a violent extremist. three critiques. first, the fbi never disclosed that the the criteria for determining a muslim american

youth is at risk of becoming an extremist. is it based upon things like protected speech. are they trying to convene committees because a muslim american youth asked preston newfound interest in religiosity , participated in a protest, posted a controversial article on facebook. this isn't far-fetched. according to government documents, the types of indicators they are looking for are things like becoming confrontational at home. ideological differences. second, we know based on other programs, and i think it's important to look at the intersection of cbe with other overreaching law-enforcement programs as well. for example, we know under the suspicious reporting program which asks local law-enforcement to report activity they believe

are indicative of pre-terrorism planning that muslim americans who have visited costco and purchased large pallets of water, muslim muslim americans who search for video games online, muslim americans who have played made large purchase orders for home computer systems at best buy have been visited by the fbi. we know it's like the watchlist program. you can be branded a terrorist based on a single social media post. that's a fact. again, within within that we know that dearborn michigan, a city with less than 100,000 residents has more watchlist residents than any other city in the country except for new york. that's the first critique that the fbi never actually specified the criteria for determining that a muslim american will, one

day be at risk of becoming a violent extremist. second, they never specify the actual technique that they use to determine that a muslim american will one day become a violent extremist. for example, thinking about something like the doj racial profiling items. in late 2014, the department of justice promulgated this guidance that specifically lays out the rules and the circumstances under which federal law-enforcement and local and state law enforcement can profile on the basis of anything, gender, sexual orientation, faith, race. specifically, in that document that allowed for the tsa, customs and border patrol to profile on the basis of any category they see fit, and of course customs and border patrol, their jurisdiction extends hundred miles inland and they are the largest enforcement agency in the country by far. this guidance also allows for law enforcement to use confidential informants absent

of any kind of suspicion. it also sanctions intelligence gathering programs like the nypd demographics program that some say has been disbanded, but i will leave that to another discussion for another time. it's also important to think about the tech night techniques that are being used to determine that a muslim american is, at some point in the future going to be a violent extremist and i would submit to you that just like with respect to the first argument i made, the techniques that are being used are extraordinarily overinclusive. even in the event that they might actually find a muslim american who might one day be at risk of this, the techniques don't justify the ends. the only other point i will make regarding the actual committees, i would just say they are flawed in general. that is because the fbi, under these committees there is no

protections from disclosure for mental health professionals, for lawyers, they can later be called so as a member helps an individual and the individual is later charged, private confidential notes that a mental health professional has with a particular individual individual could be subpoenaed. this professional can later be called to testify and soak with the lawyer. furthermore the fbi said if the committee determines that a youth is no longer at risk of becoming a violent extremist, the fbi can still investigate them. they can still monitor them. there is no point for a committee to be convened if the fbi can continue to monitor the individual while the committee is working with them and even after the committee has made the determination that this

individual is no longer risk in becoming a violent extremist. suffice to say, i was very critical of the program. i remain critical of the program. it is not clear where it stands right now. there was this disclosure they were being beta tested. there were semi private conversations in which the fbi said that they had been discontinued, i am skeptical, i would also add and i think we will get to the soon, there was also state analogs to these programs that are being developed and being used so i would submit that they are very likely coming to a city near you. >> thank you. we heard his personal experience , meyer, as the executive director of the institute, your organization represents thousands of arab and muslim americans and arab christian americans around the country. i know your organization has had issues with a lot of these kinds of programs, going back into the

1970s when the palestinian students that really started to kind of take off and republican intellectuals came under fbi surveillance, give us, if you will kind of a historical perspective from the arab american community standpoint of what we have seen over the past several years, and the concerns in the hopes that you have going forward. >> thank you very much both to you and to cato for hosting this conversation and for the leadership that the institution has shown on these issues. we are very grateful for.

i apologize in advance that i have prepared remarks because i'm being sensitive to time and i will try to be concise. i really appreciate the way you are opening our conversation on this and that is that as patrick said, we are a community not unfamiliar with the idea that unpopular political speech ends up in a problem with government interaction and you correctly noted that the president of our organization is among the people who were profiled then and it is literally the foundation for the institution that i work for. we were established in 1985 specifically to deal with a history of political exclusion so it's in some way a foundational reason for why we are here today. the institute is a political enterprise. we represent roughly 3.7 arab americans. potentially 35% of whom are american muslims, but the question would be why you would be engaged and i think that's logical. why that wasn't an issue we decided to engage on. before the terror attacks of 911 i was engaged on a variety of

concern from using secret evidence with the old immigration law, its application and immigration proceedings. we have demanded that our government strike a better balance between our national security and our civil liberties. basically, keeping us safe and free. we we do not believe that the obama administration programs have done that and that is one of the reasons the principal reason why we are engaged on the issue. 2.0 i'll highlight before i really start getting into it, ct does not equal cde. our government should not conflate counterterrorism policy with countering violent extremism policy and i certainly don't intend to do that and my comments today. further, the nature of this counterterrorism programs internationally are not my focus. i am specifically limited to the concerns that we have about the mastic countering violent extremism programs for the

question legitimately could be how did you get here. in 2011, the white house released a document called the strategic implementation pack plan for empowering local partners to prevent violent extremism in the united states. the plan was introduced as a domestic terrorism in recruitment efforts like al qaeda and isil. this report became the foundation for the government's counter and violent extremism program and while the movement was at foot, efforts were challenged within policymakers to slow the pace of the development of these programs to be more critical of what had been done. for example, a white house summit that was scheduled for october 2014 was delayed. there was additional examination and i would take critical thinking applied to programs like the uk model which we have gotten into yet but i think is important for the same reason that they know.

i think there was a successful internal effort to say let's examine these programs were critically let's decide whether or not there is scientific evidence to suggest whether one could step in and prevent an act of terrorism from taking place. the horrific attacks occurred on january and then they announced it would take place in 2015. efforts are explained to counter what is commonly described as the process of radicalization of violence. mike talked a little bit about that but i want is a little bit more because i think it helps understand and frameless civil rights issue that i think it is. our framework is modeled after the controversial and highly problematic problem in the united kingdom launched in 2010. the major differentiation, they

are so upset saying you don't understand it, it's not based on prevention. prevent was government initiative. the program that we are doing is community lead. you take government resources and dollars, you give them to community-based organizations and you say were not doing prevent. the reality is it hasn't been very successful of why it did not work. we have several anecdotal examples that show that they have not been a community led program, indeed it is ignored community concerns and frankly without community buy-in. the government mantra may be community leading community designed but claiming that it is as wide community support is misleading narrative in claiming that it's an initiative is outright wrong. i will defer to my colleagues on the panel on the rich scholarship that exist but i want to highlight a few assumptions that are supported by evidence. domestic terrorism comes from many sources including groups with violent antigovernment and racist agendas.

they can demonstrate their undercover work in that area. therefore programs as we know him address a problem that is small within a larger landscape of terror, not to mention the much larger problem of terror in our society in general. not minimizing the threat that exist, putting in proper context before we decide we are going to launch millions and millions of dollars worth of expenditures that it intentionally violate the spirit these programs are based on the theory that suggest as an addict and a viable past that an individual can ultimately commit an act of violence but we are told they are indicators like grievances with u.s. foreign policy that is often an indicator that we see even though our government tells us indicators are not used. having observed those indicators we look for what they call off ramps. again we can do something to prevent them. an unsound theory, feeding what used to be an industry that now operates with the way major think tanks and the price tag of an known numbers and i say

unknown not because i haven't done the research but it's very difficult to determine how much is actually being sent spent on these programs. congress stepped in more recently by allocating 9,000,001 year end year end 10 million another specifically for community engagement, 49 trillion then 10 million of that was made for community engagement grants that are just now getting ready to be awarded. we will hear about those soon. >> because of the approach of these programs, there was a problem in in my community that must be addressed in these problems further securitize the relationships and as such are unproductive. when secretary johnson vote visits local mosque after local mosques to talk about community resilience, while dhs market such visits with hashtags referring to the wonderful city

of dearborn michigan which he already pointed out a second only too new york city in terms of people on the watchlist, city of roughly 90000 people, it has the highest concentration in the entire country. it is clear that these programs view our community as a specific terror threat. this is profiling from the highest level of our government because while there have regrettably been some people traveling to join isil, these cases are limited in number and cannot justify a communitywide approach. the securitize relationship exploits community-based engagement to promote this program and you must demand better accountability. a securitize relationship with my community and the programs that exceeds still have fear of attack. while this is something we should always work to oppose and counter, we should be particularly concerned about this in light of the most recent surge we've seen. finally there are many efforts

but on the most basic level programming should at least adopt a policy of do no harm. these programs run the possibility of alienating young people in our community that they are tasked is different by their own government. we have, the president of our institution has responded saying we have a successful program called the american experience. it is the reason we are not having the same experiences as france and other countries in europe. with cde, kids who have never seen themselves as anything but american are now being asked to be vigilant because they may in fact be at risk youth. this is not only ineffective, it is harmful. programs of this nature require more oversight than they have received. the members of congress have began to look at these issues and provide some oversight. they are conducting a current review with a report suspected to be out in the spring,

attempting to figure out what actually is happening. we are pleased to see that the role congress will play in this area is being stepped up. i just want to mention this because in some ways it's very much like the point about the prevent program, we were told src, he think they have officially now said this publicly that they have been disbanded. the fbi will not be engaged with efforts anymore. just like we are told prevent is not what is happening in our country. the reality is, there is a program currently in l.a. that looks exactly like what they have been described to be, but because it's not federal lead, we are told this is different. the pivot on this still produces the same result and i think that's something to be very concerned about. i started by asking you, telling you why i engaged on this but i also want want you to engage on this issue. the reason why is i think you should oppose it for the fact

that it's profiling and discrimination, it's government waste and inefficiency, it is intellectually dishonest and it is a program that violates individual privacy and the freedom of expression. it has had a desperate impact on people in my immunity, but i think as we have often said in some ways on these issues we happen to be the canary in the coal mine, there are reasons why every american should be concerned about what our government is doing in this regard. >> miya, thank you. in my high school class, four of my closest friends went into law-enforcement. they are all missouri state highway patrolman. there is not a day that goes by that i don't think about them and worry about them because they have to deal with the public. if you've spent any time in law enforcement, it can be a challenge, i know. we ask are folks and law-enforcement to walk this very fine line between protecting us from the murderers

and rapists and the thieves and other criminals in our midst on one hand, and on the other hand, we expect them to constantly keep our rights in mind and not violate our rights and all the rest of that. that is attention that we deal with, law-enforcement deals with on a day in and day out basis. there is nothing easy about that job, and i personally am grateful both to my friends in high school who have committed the better part of their public lives to law-enforcement in that respect, and i'm very grateful for what you do over in montgomery county. it's obvious that the leadership in the montgomery county is very concerned about this problem. they have invested time, money and resources in a concern about extremism and what it might lead too. we would be very grateful if you could kind of give us the law-enforcement perspective on

this with what the experience has been ,-comma what you're all trying to achieve right now. >> i just want to thank the cato institute for including me and law-enforcement in this discussion. as i look around this diverse panel and i hear the discourse and debate and the disagreement, it's exactly where we need to be. we are in this together, it's very challenging, i don't i don't think there's an easy answer. we can't ignore this problem. we have to lead through it. there's only one way to lead through it and that's together. we have to do this together. with that, i'm just going to talk a little bit about what i believe policing in montgomery county, and a lot of agencies, to a large degree this is an extension of community policing. when i say that ,-comma what do i mean? there is a problem and there's a very real threat and it's

something that we can't ignore and it's something that we have a responsibility to do something about. we need to protect the people in our communities and so, as i think mike has done in the very beginning, how, how do we do that? we honor the constitution we create no harm, i like the way you said that, when were done we should be better than when we started. leadership is is leaving it better than what you found it. so i like that. i will take that away from today. we shouldn't create and i have heard a lot today and over the years that there has been farming created on the federal and state and local level. there is very significant concern today, more than ever about that, particularly postelection. one of the things that was mentioned early on and something i actually thought about before preparing for today is the trial that's ongoing with allen roof.

i hate even say his name because i think there's an element of evil there in what happened and how it happened, but one of the things we know, in a lot of these events that occur, mass casualty events, active shooter, other things like that, there are warning signs, and after the fact, a neighbor, a teacher, coach, a neighbor, a teacher, coach, a parent, a sibling will say, you know what, i thought the person was more isolated, i saw these notes that were threatening in nature, i saw a lot of changes in their approach to things, i saw things on social media i saw them going to the hardware soaked store and on his facebook page he was buying guns and ammunition and increasingly agitated so we know there are some things that we can learn after these events occur and so, the idea of see

something say something is really oversimplifying, it's a most like in the old days say no to drugs. that's great, i agree with with that, but that doesn't really address this very difficult challenging problem. the same thing with state agency something say something. that sounds great, but would you say it too. how do you structure that conversation. to start with there has to be trust. in many of the communities that need us the most and law-enforcement trust is the least. think about that. that's pretty powerful. the communities that leaders need us the most, trust us the least. we already have a significant challenge to overcome because many of those communities that need us are not willing or interested or are fearful to even report crimes, maybe because of the countries of the origin for they came from, maybe because of experiences they had

here in the united states, but we need people to engage with us to be able to report crimes and the witnesses to crimes and prevent and provide information so we can do a better job of protecting their communities and protecting them. a lot of communities are very underserved. radicalization and violent extremism is one of the myths i would say are not muslim centric. somehow in our country, that has been the narrative and it continues to be and that's not our narrative, i can i can assure you. we are brothers and sisters in our communities. i couldn't more strongly say we are with you, were together in this effort in this initiative. it has to be that way.

it's not us and them, and if it becomes that when i can be very successful. to some degree, that has occurred. how do we overcome that? how we build trust? and we build relationships? it it is easier said than done. community policing sounds great but how do we build those ties with communities that really need us. a lot of what you have heard today is part of our model, building resilience. i will go over the slides very quickly but this is a person i will call a subject matter expert who helped montgomery county develop some of these conversations, engaged in a lot of different people, particularly in the faith community, and not just muslim community, but all the faith community. we have a very diverse community. another myth is law-enforcement centric and i think there's a lot of pros and cons to it, but i would say very strongly hours as a community led initiative. it's not government lead, we don't have committees and panels, we don't have surveillance efforts, a lot of things i have been referenced at

the federal level and some of the very real examples of abuse and mistakes and hurt and harm that have occurred, we are very intentionally trying not to do any of those things. it is a collaborative effort involving a lot of different people in the community. this is, you referenced jay johnson and some of his visits, this is actually a visit where there was a large gathering large gathering of people in our community and just some of the areas, the main pillars that we focused on our very some similar to community policing which is engagement, education, training, a referral process, intervention in the example that i like to give, give, we are not qualified to do that. i have heard that. i'm not a hipper expert, i'm not a mental health expert, i'm not a psychologist and so i'm not the appropriate person to do a lot of the intervention, but there are examples of people,

and this happens almost daily in our schools throughout the country and locally in montgomery county where there's an opportunity, weathers trust, weathers relationship where we can do intervention. when i say intervention, because there's that trust we can maybe get somebody to help whose suicidal or somebody who's violent. maybe a kid who wants to harm somebody and has taken additional steps to do that. how can we be effective in navigating through those things but were not the primary ones leading the effort? >> so that's a challenging thing to be able to intervene and deal with these things effectively in a way that we prevent violent acts but in a way that we may be prevent somebody from going to prison, the example that was given earlier i thought that was great. maybe i don't don't know all the details of that case but had something been done earlier on maybe that individual didn't have to go to prison for 25 years. maybe there's something that could've been done to deal with that in a different way, and so

again, this is just another descriptor about the montgomery county model, and there are others in our region will have an interest. again it's very community policing centric. the idea of building trust in relationships with our communities and the university of maryland is actually the administrator of the program and there is some great money that have funded this and it does involve hhs and the chaplains and the ngo community. it involves a very large part of the faith community and we are one of many partners and we are at peace but were not the main piece. the idea is that we would have an involvement and when there's a more challenging hip a

situation where someone needs more training and more expertise and there are privacy issues, somebody else else would deal with those rather than the police. that is a segway at least into our efforts to try to navigate this in a way that were not creating harm, and if we do it right, were doing a better job of protecting the vulnerable communities that we have in montgomery county. were doing a better job of developing trust which i think was dated today is in disrepair to a large degree in our country, particularly postelection, and finding that balance. the last thing i'll say is as i was listening, one of my favorite quotes, i've been to the holocaust museum many times. every time i go i learn something new. there's a quote that says evil prevails when good men remain silent. there is evil in this world. dylan roof, in my opinion is evil. what he did, it's hard for me to even fathom, having been in law-enforcement almost my entire career, and people like that

should be dealt with. those people, if we are successful, maybe in the future they would survive that and maybe that event doesn't occur. we have an obligation to do what we can, to focus on and use our resources in a positive way to not create harm but to keep our communities safe. it is a very difficult time to do that. >> thank you for that overview. i will basically invoke moderator privilege to ask the first question. when a program get started there's usually some type of catalyzing event. are you familiar with the background of where this particular montgomery county initiative came from? whose idea was it. was catalyzing event, was there something specific that happened that made folks in the county government and the police department and maybe within the community say maybe we need to

take a look at this. maybe we need to think about that. was there catalyzing event? >> i think more from a leadership perspective there was a recognition of being in the capital region, knowing that terrorism was a real concern, knowing that violent extremism on a whole lot of different levels was a concern and also, the whole division with the muslim community, we have a very large muslim population and there's a lot of fear. i will tell you, anecdotally i have heard a little bit about it today. one of the things that have really touch my heart more than anything his children now are fearful. children are being bullied. there's all kinds of things that are going on just because of the very fact that there muslim. i think to answer your question ,-comma what was the catalyst