douglas, and a recent biography of 1940 presidential candidate. part of book tv and prime time each night this week on as soon as on c-span 2. next on book tv a interview with michael chertoff, from the commonwealth club of california in san francisco this is justice over an hour. >> good evening everybody. we have to try it one more time. i know you have more energy than that. good evening everybody. that's the energy we saw when you came in.

my name is george i'm the program director. thank you for coming to the program, we hope you will all write a lot of questions to submit. before we begin take a moment and turn off the cell phones and any other noise making deviceses. let me tell you about a few upcoming programs. on august 21st, university of california janet paul tono, will be in conversation with disaster expert lucy jones on reducing our personal risk from earthquakes, fires and other environmental threats. on august 30th, former democratic candidate will be here to talk about guns politics and the future of the democrat party. that program will be moderated by ellen tosher who you may know who is a congressional representative.

and a member of the common wealth's board of governors. and september 25, steven pinker will be with us to talk about science and reasoning. if you're not a member this is a good time to join. are you enjoying the new building? we do to. we feel lucky to be here. it's a great time to see many events in our building and lots of interesting ones coming up. if you join yew the first to know when we have guests like april ryan coming if the fall, and a noted chef and many others. there's a gentleman in the back named billy, our own billy bean, raise your hand. there he is. he won't talk about money ball but he will save you money on great memberships, and he will tell you the details about joining the club. finally let me tell you there are question cards on your seats for our distinguished speaker tonight. they'll be collected and brought to our moderator. we want to remind everyone that

copies of michael chertoff's book are for sale outside the room and he will sign them after the program. we want to mention the commonwealth club of california is a nonpartisan organize, and the speakers be able to make their are speeches without interruption. welcome to everyone. >> thank you george. good evening. and welcome to the common wealth club. i'm ellen tauscher. former member of congress and member of the common wealth's club board of governors and i'm your moderator for tonight's program. it's my pleasure to introduce tonight's guest michael

chertoff, former homeland security under george bush. and author of the new book "exploding data" 'reclaiming our cyber security in the digital age' as secretary of the u.s. department of homeland security from 2005 to 209, mike chertoff led the country in blocking would be terrorists. before heading up the department of homeland security secretary chertoff served as a federal judge in the u.s. court of appeals for the third circuit. currently, as cofounder and executive chairman of the chertoff group he provides high-level strategic counsel to corporate and government leaders on a broad range of security issues. today, we will discuss secretary chertoff's believes that the growth of the internet has made our greatest threats. not physical, but digital. please, welcome secretary chertoff.

[applause] >> michael: thank you i just want to say when i saw the gavel i thought wow i haven't had a gavel since i was a judge. [laughter] i felt like banging it a little bit, but actually real life when you're on the court of appeals you don't use a gavel, but -- >> i used to use a gavel when i used to prez-iez over the house when nancy was the speaker, and it was five times that size of this. [laughter] and the trick is you don't bang the gavel, you go like this. tap tap tap -- so, it's only effective if you have the look that my mother taught me which can make anyone turn into a pillar. let's get down to our conversation mike, this is really a great book. "exploding data," and i was interested in it not only because of the world we all live

in, is your data safe? is facebook really building communities or are they just selling your data? as you know they had the largest stock decline in the world today. and so i approached the book and wondered this is really one of these technical, sometimes really ponderous kinds of subjects. you have done a great job of weaving in stories so that people can understand what exactly is heaps and why this is such an important subject. so i dog eared a bunch of ima paged and i wanted to go through, you put the world into three types of data, data 1.0, data 2.0, and data 3.0, why don't you talk about how you organized, this so people can approach it. >> michael: well, let me say i

was trying in part to describe the fact that the technology is really have stripped the architecture of our laws and policies and that there comes a point where you can't shove it into the old architecture anymore. you have to say we have to go back to the drawing board. as i thought about it, i thought when has this happened before? i went back to the founding of a country in even before that england, back in the last millennium when we first began to have a right to privacy, which became the fourth amendment, and it was all about property. it was every person's home was their castle and all of your discussion about the right to privacy was about who could come into your house and who could take your stuff and look at it. that's what i call 1.0. basically the way we generated data was we talked, and wrote things down on paper. that was basically it. then in the 19th century, you wound up with photography and

for the first time we were generating data not face-to-face or in handwriting or typing. endless to say as soon as the technologies became widespread. issues came up about whether the government could get them and make use of them. for example, in. photography there's a case where a young woman her boyfriend took her picture, and then without her consent gave it to a flower milling company that put her picture on the bags of flower, so she got upset about it and she sued. her argument was it caused her distress by using her image to promote something she didn't want to promote. the reaction of the court was to go back to 1.0. well no one invaded your house, you agreed to the photograph being taken, and you're not

being defamed, so it's not libel. so you don't have a claim. but eventually, what the court said is you know there's something about using your image for commercial purposes that is something you ought to have some right to control, and so they created a right against misappropriation. similar example wire tapping. initially, unless you penetrated the home, or the premises that you were wire tapping, so that it was a technical trespass, if you're just on the wires eend by the phone company, the courts took the attitude you don't have privacy right, this is conversation intercepted outside of your property. but eventually, in the case called cats, the court said we're missing something here. there's so much being done on the telephone now. we need to change the way we protect this. so i laid these out in that the law does change, but often it requires a tipping point, where finally the courts or congress or both say you know, we've

gotta go back to the drawing board and understand what it is we're trying to protect. >> so i think that that's a very interesting analogy to how to think about this, but talk about angry birds. angry birds is now breaching through into data 3.0. >> michael: correct. because as we engage with any kind of app, it is now often in a very kind of opaque fashion, collecting data about where we're going to visit sites, other things we're doing with our device. if we're using the same device to play a game or use an app, and we're not always aware of what they're doing, or if they do make us aware by writing a 60-page disclosure statement that makes your house buying contract look like a comic book you're not going to read it. and an even more challenging issue with respect to some

applications you don't have a choice. because effectively there are monopoly, and if you want to participate in the interchange, you either surrender your data for all purposes or you don't play, and i think that's also an issue which i talk about in the book that we have to start to come to grips with. >> and so the other thing that i found that you really highlight that causes people to stop and think is i think most of us know about moor's law, which was developed by the founder of intel, which effectively said that every two years processor size will double, and then immediately everybody will move into that space, and two more years later. you said that the interesting part about this is people don't understand that there was a simulate growth of storage capacity. so, the idea that everything you do lives on forever, really i

think people don't understand that. >> michael: and there were really two developments actually three developments that have transformed the way people think about how they're publicly generated data is used. one is storage capacity. week not store everything forever. and in the old days, let's say you did something in public. people could take a photograph but in the end it would get lost or it wouldn't be distributed. it wasn't the ability to michael chertoff a lot of use out of it. that's changed because of storage. but there's a second development. storage would be worthless if you can't really analyze where you stored. it's like that scene from the movie invaders of the lost ark, raiders of the lost ark in the edged they take the ark and put it in a government warehouse where 10,000 boxes and you know it will never be seen again. analytics allows you to make use of the stored data. so it doesn't get lost, it actually can get

operationallized. and the third thing is the advent of the cloud or related thing about selling data. you might think that if single individuals record you, takes a photograph, you go to the store and you use your loyalty card and you buy your groceries, there's data being collected but it's all separate, in separate buckets. what you're not necessarily focused on is if it's all uploaded to the cloud, the cloud provider may very well have the ability to scan all the data that comes in from all the different sources, and identify things about you. or it can be sold to a data broker who will then go out and harvest from various different sources all the data about you. so all of a sudden, this indefinitely stored and analyzed data from all these different collection devices, get merged together and now they become available for analytical purposes to whoever biez them or operates to cloud platform.

and i think that's what takes even what goes on in public, and makes it very different now than it would have been let's say 30 years ago when season public were exposed, but they had a short shelf-life, and their ability to be used was really limited by time and space. >> and that brings us to something that's really bothered me, i'm sure many people. it's not only in the data analytics of being able to aggregate a bunch of data and analyze it and then keep it forever, it's the weaponizing of data. and that's the capricious side of all of the developments that have happened which have goods to them. we can process things now in hospitals much more quill traumatic brain injuries, we have the ability to use fast computers to be able to look at someone who's been injured within hours and decide what to do, for something that even just a few years ago they perhaps

couldn't be helped because by the time the information went through the computer, they were either too far gone or couldn't be helped. so there's a lot of good things about data, but at the same time, there's the whole weaponnization that bothers a lot of people. you talk about fake news, talk a little bit about that mechobviously we be had things in the last couple years, or discussion about what the used to be called operation measurers, by the russians or other countries that use variations of this, and this is the use of media in order to propagate stories that are exaggerated or false, or one-sided in order to drive behavior social discord, and even hatred. now i have to say in preface, this idea is not new. if you go back 10 years to the

common term where the soviet union existed they had a propaganda machine. now the tools were very primitive, and they were not particularly skilled, but the idea of using propaganda or trying to persuade people or manipulate them is not a new idea. here's what's changed. the media is much more ubiquitous. the ability to target susceptible groups in a very efficient way allows the people who carry out active measures to be more productive in terms of what they want to do. it's often difficult to know who's actually conveying the media. part one of the issues that's arisen is people masquerading as your friend or pretending to be americans when they're really russians or bought nets acting as they're humans. or troll forms, the rra, the internet association, in russia.

pretending their acting like individuals so there's an element of pretense and fraud about who was communicate communicating. now we have to be careful with this, because i believe in the first amendment, and i think that the fact that something is untrue doesn't mean necessarily you can ban it, but at a minimum as i say in the book i think you can certainly require people to identify themselves honestly, indicate if it's a foreign government or foreign power, perhaps they can't be required to identify themselves and maybe even be restricted because they can't effect our elections. and you may be able to do other things that signal that there's something funny about the source. but i also have to say in the end ellen, it's on us to pay attention. and there are many people whose attitude is i want to hear what makes me feel good about what i believe, and they don't care. so, there's an educational process within that is part of the response to this.

>> that's great. we have a question from someone in the audience. what do you believe data 4.0 will be, and in connection with terms of service, what do you think about the ability to skip reading the terms or should there be something more about opt in, versus opt out. >> michael: great question. so 40 it's might be a couple of the following things. artificial intelligence, the use of machine learning and machine speed to even accelerate what's being done now, and to make it even more precise, and to be predictive. so that it's not only a matter of people learning what you've done but acting based on what you're going to do. another thing i recent heard is called deep fakes. the ability to take video and audio marry them together and fabricate what appear to be completely accurate and convincing audio and video clips that are just totally

fabricated. so that you become almost unable to trust what you see with your own eyes because people are manipulating it. as to the second part of the question, i think this is part of what i'm suggesting in the book. that the ability to protect your privacy, and your freedom by holding your data to yourself is not really going to be there anymore. just as the advent of telephones you can no longer have your conversations behind closed doors. so i think it becomes about controlling the data even after it's been collected by someone. what is your right to say yes or no to the use of a your data for other purposes and that's where i think europeans in california have just pass ad law that say you have a right to require that before someone uses your data and you get asked to consent or not. and i think that is where we're going to have to go. one of the challenges is it has to be real consent.

it means you have to be told in plain language what they're going to do, not 60 pages of stuff, and you have to have a real choice. so if you have a what is effectively a monopoly, they should at least give you the option of participating, maybe by paying a fee, but not necessarily having to give up your data so that you're not given the choice of being shut out of something entirely or having to give your data over for whatever purpose someone wants to use it. >> i think everybody wants to support local stores, and people retile. but i think most of us use amazon a lot. i have family all over the country, it's easy to send gifts, they know more about me than i want them to know. that's a benign part of this. this is the good side of it, but there's a lot of other things obviously that where people worry about. you talk about in the book, you talk about new laws. that you think shood promulgated

that can help block these scenarios. but part of it is educating people so they become empowered and know what to ask for and to protect themselves. >> michael: this is about being mindful about what you do online. now i am not totally off the grid. i don't use social media but i do things. but i make a decision, why am i doing this and what information am i generating? so for example, if you routinely get asked when you go to a new site can we use locational data to better send you notices and stuff. so if i'm using google maps, or gps, yeah, i give them my location because otherwise it doesn't work. but for most of the things no. it's okay, i'll do without the notice of what you can offer me. so it's mindfulness like that. also, to be honest, i am mindful of what i search online. and if i'm going to use my

device. now one thing i do, which is kind of mixes up the algorithm, i like crossword puzzles so i do a lot of online searching for crossword puzzle clues. and i want to say to the machine if you can figure out what this means, good luck: >> speaking of the grid, with the grid at huge risk, why does a power system have to be connected to the internet, and maybe you can talk a little bit about skata. >> michael: so we know that skata systems are vulnerable. there were cases in the ukraine, in the last few years during christmas that the lights went out for several thousands people because the russians hacked into the control systems and either resulted in false readings that caused the engineers to shut them down or interfered with the opposition of the system. that issue of industrial control system security is at the core of the biggest concern people

have about literally cyber warfare or cyber attacks. the short wr answer is a lot of this stuff should not be connected to the internet, but for example many of you will have a thermostat you can adjust when you're outside the house. that's on the internet. and you can understand there are engineers particularly for deal with a wide system where there are a lot of different elements on the pipeline they don't want to visit each one and take a reading. the other problem is this. often, people think they're disconnected, but there's some part of the system that is connected, that is the door to everything else. so, some years ago, the chamber of commerce in washington got hacked because although they had a good security system they had a remote connection to a thermostat in another building, and that became the entry point for a foreign nation to get into

their data system. and we think about the internet of things, that's going to be a big issue because many of these "smart things" don't have any security. they use a default password like 1, 2, 3, or they have no capacity to update or patch, so the kind of things we saw recently can target them, and that becomes a problem for everything that is connected. >> yes. this is another take at the fake news piece. how come government control the distribution of fake news or foreign manipulation of our describution system without infringing on the first amendment rights. >> michael: you can't control fake news content without censoring, and believe me there are many people who would love to do that. in fact the number one guy to sign up would be putin, because the russians believe that cyber

warfare includes information they don't want to have their citizens read. so i'm very first amendment fund meantalist on this issue. i think there's some things you can do without infringing the first amendment, i don't think there's a first amendment right for me to -- or a right if i'm a russian if to pretend i'm an american. if you're a foreign government and want to take out an ad, or want to advocate for a election. we have laws that prohibit foreigners from contributing to those. there's a lot you can do to preventing the use of large-scale bot nits to artificially theskt search engine and ranking of particular things on a platform. because again there's no first amendment right to promote your story by misleading or generating something if you're

robots. but when you get into contact with specific exceptions we generally in this country say the right answer to false content, a message defamatory or frawj slnt to have more speech. in europe to be honest they go in the other direction. now there's a move in europe to go and say that certain kinds of speech should be outlawed. hate speech, fake news, i don't know where you draw the line there, and one thing in our country we're very skeptical about letting government have that kind of power, and it will also create a problem for platforms that are global, because if you get punished for putting a story that the generallens don't like, online, it could wind up in americans not being able to read the story which would infringe our rights. this is a challenging area which is one of the reasons i highlighted it.

>> there's another great question here. we often speak a lot about educating the public about cybersecurity. is the nature of the problem more education or the incentive of individuals and corporations to do what's right. >> michael: you need both. i think on the security side the reason -- my education because frankly some of the worst hacks have been because somebody clicked on a link that turned out to have malware, and often people don't understand how you -- at least make a reasonable effort to assess whether something's real or not. i think in the security area as well, the institutions have to be incentivized to secure themselves. that typical gets done through the legal system one way or the other, whether it's a law or regulation, for example with personal identifiable information, or people get sued. i think on the fake news piece, that's going to be a lot of that will be an educational process,

teaching people how to critically vault things and honestly this has to start in grade school. i remember when i was a kid, television was still relatively new. and there was a little bit of worry, like now they have these commercials, is everyone going to believe that what's on the commercialicize true, and you know eventually your parents would tell you when you're little, don't believe that, a lot of that stuff is nonsense. you're not going to grow to your adult height in two seconds if you eat wonder bread, and you would wind up going -- or wheaties. you get a sandwich instead of watching commercials. so we have to start that educational process. >> so, this is another tough question. how did we not see this coming? [laughter] and what were the insurmountable barriers to our not seeing it coming? and since we didn't, what might

we see in retrospect to get ourselves ready for the next thing? >> michael: that could be a whole separate book. let me say this. i do think you have some early warning about this. but for a long time, i think there were a couple things that tend today have people avert their eyes from the challenges. one was i think there was fun new technologies and people were excited about being able to use them. and also, there was a little bit of a sense that silicon valley and the tech community were glamour children. it was innovation, it was disruption, and by the way i want to say when i grew up disruption meant you got sent to the principal, but i know here disruption is a positive thing. the thing is we do good because we want to make the world better, and between that and the excitement of playing with new things i think we were slow to realize some of the problems.

this is not unique to technology. the hardest thing is to know the next thing that's going to happen. the good news is to come back to where you talked about 4.0. on issues like artificial intelligence, face recognize, other things that might be the harbingers of new technological advances you're starting to get people asking questions about earlier what should the limits be. and there was a thing in austin with the folks from the ieee, the engineers that do a lot of the work on this am. they were bringing humanists and novelists into their program because they said we need to start teaching engineers about the humanities and philosophy, and we need to teach humanity and philosophy professors about engineering and that's much as what happened when the neural age dawned, you have to make

sure you're developing new technologies you're not so excited by the bright shiny object you don't start to sigh where can this object wind up? >> that's great. traditionally secular governments have left basic behavioral values in construction to religion. in today's world should promoting civil peace values, education be seen as a duty of government and civil society? >> michael: i think we've -- as i grew up, we did have civic focus on american values. it wasn't particular religion but the values of the first amendment, fourth amendment, tolerance, we didn't also honor them in execution, but i think that i remember that this was part of education. we did have a civic religion. you may say what the constitution was. and people still invoked the constitution. they may not understand what it

says but it's invoked as an iconic symbol of what america is. one of the great things about the country has been for the most part, that when people do come in as immigrants or new americans a they're not unlike in some places in europe where you're not really french if you haven't been there for generations, we don't measure your being in american based on your longevity of ancestors or is that right, it's based upon your willingness to embrace and be faithful to the constitution and american values. i remember when i used to swear people in, as i did sometimes as a subject of homeland securities new immigrants, i would say you're much an american, the die you take the oath. you're as much an american as i am or the guy whose great great grandparents came off the mayflower. >> the idea of community has been embedded in the constitution and bill of rights,

and almost phew think about it it's a primer on how to do it. there's so much about the world today, you think of terms of weaponize, and another term tribalism, we see a lot of tribalism. my dad passed away a few years ago but he want watch anything but msnbc. because he was a democrat and he wanted to have people reinforce what he knew. my mother i would have watch fox news once a week so i would know what was going on. she was reliable source. but, there is a way of knitting together communities, and the way we live now, the way people have moved around, the whole pace of things, how do we get ourselves back to the sense of signing up to some simple premises, and some simple ideals, and reinforcing them with our children, and in

different generations but also making sure that we don't lose touch with what has always been the west of us, including welcoming diversity and immigrants. >> michael: a lot of people are talking about this question and i have a couple of thoughts about it. my wife does work in this area in her work. some of it is actually what the europeans called subsidiary. it's about pushing decision making in government down to the lowest level you can comfortably make a decision in. so with national security that's a federal issue. but if you get into towns, and states, generally you get a lot less of this kind of dysfunction at because you know when you're on the local school board you have to look your parents in the eye when you go to the grocery store, and if you're not delivering you're going to hear about it. i think reinvigorating localism, and federalism, not in a negative way but as a way of

creating stronger bonds i think is important as well. of course that also means we've lost some of the community organizes we used to have, whether they're religious or not, is that bowling alone phenomenon. which is also contributed to a little bit of the sense of tribalism. oddly, the internet orbitale i remember people thought this is going to form community because you know your kids are going to be communicating with kids in other parts of the world they're going to learn we have a lot alike. i think what was maybe misunderstood or misjudged was that for a lot of people when they can communicate with anybody they want to gravitate to people who believe what they believe, and it becomes a mutually reinforcing loop, which embeds people even more firmly into their own prejudices. i think i would say one other thing. i think something that was maybe lost when we eliminated national

service. was the idea that you would go in and spend a couple of years with people who were a lot different than you, but were working with you in a common effort, and 1 think i talked to people about. there's a generation of young folks, not that young, they're like 0s or 40s who served in the military they went in after 9/11 and they're now beginning to talk about getting involved in the political process, and i say amen to that. they worked with people from a wide variety of different backgrounds, they worked with people when they were in iraq and afghanistan. they have locals they worked with and understand them as human beings and they're also patriotic and they've seen a bit of the world. hopefully there's a generation rising that will have immunity against some of these insolar attitudes. >> i always believed that

community service we had to graduated broaden the aperture and it was a lifetime opportunity not just military service is laudable and wonderful, but it could be reading to children, it could be many, many different things. it could be local, it could be obviously the peace core, but there should be a sense of obligation, and a sense that sometime in your life, no matter whether you're young and have the time or maybe you don't have to time until you're old like me, where you can go and do things that are going to really give back to the community. everyone should want that and want communities to thrive. i think we've become more bullconnized unfortunately than we really should. let's talk about propaganda and data manipulation in the last election. what do you think we have to be looking out for in the november election, which is 14 weeks

away. >> michael: so i do think as director of national intelligence coach said that the russians will attempt to effect elections. now this is not a single national election, so they don't have to effect everything. they're probably going to figure out using analytics maybe stolen an likelylytics, maybe what the 30-50 key races are and then you can see several things. there could be attempts to interfere with the mechanics of the election. it's tough to change votes but they could do things like make it difficult to determine who's registered and who's not registered. and some years back i think in 2014 in ukraine they tried to hack into a media out let in order to get a false report of the results. they knew in the end there would be an accurate count but they thought this would create confusion. i think the more likely issues are efforts to just undermine turnout, and undermine

confidence in the result by doing things that either interfere with the ability of people to get to the polls, maybe you knock the power out or do something to mess up with the mechanics of the voting system, but more than that just an intensification of the fake news stuff, and the effort to drive social division. and by the way, it's not just at election time. they have attempted to cement civil disorder by encouraging right-wing and left-wing groups to go and demonstrate and rev them up, and then they have the ability then to interfere with the police response by hacking into their ability to communicate and things like this. so i do think we need to be mindful of this element of manipulation, and just to put it in context. back in the 60s when the soviet union existed they did the same thing. they did embed people in left-wing political groups to

try to generate violence. but again it was not scalable, and it was rather crude, but if you -- the americans it's not new. but again the scale is much greater. >> so most people that understand that elections even national elections are run on the county level. and it is a disaster depending on who had the money, who cared, who didn't care. you have this and that, even inside of counties, you have indifferent communities, different ways of voting. in the west, oregon is completely vote by mail now. increasingly in the bay area most people vote by mail. so the idea of getting challenged when you go to vote physically doesn't happen. but, there's a lot of people that worry about going to the polls and getting a provisional ballot because somebody sells well little marry sunshine i've never seen you before, i don't

think you live here, here's a provisional ballot. and they get pushed off to the side. can you talking mike about shouldn't we be egg doing something now. . i.

as well as awareness of some of the threats not just to the u.s. but all of our allies in north america and europe. so there is work being done but we are not where we need to be. claire mccaskill's campaign in fact today don't know whether they did or didn't do thi this e kind of thing that even if we look at the summer of 16 i don't know if i can do that without crying but if you look back and you hear a lot of things that were happening about john podesta is e-mails, you realized that it wasn't a e-mails. it was what was on those

e-mails, the data analytics of the campaign. it was her schedule, the polling data. this was really important information that was apparently sent around and used by the campaign. what do you see coming up because these things tend to happen in the two weeks of the campaign when it's too late to react and people can't get themselves organized. what do you think people should be doing? >> it's not limited to online.

remember when they held the hostages because i don't know if they wanted to ronald reagan that they didn't like carter and they were going to try to affect the election. obviously we want to do the best we can so there's no interaction in the registration process and things like that and to the extent you can identify things of that sort, but i also can imagine other things. imagine they ferment a civil disturbance and then wind up doing something to interfere in the ability to respond to a. turnout becomes a big issue.

you can change a lot but you can make people not go and that has an effect so i would watch for those things and i would o be on my guard for that last minute thing it even creates a disturbance of some kind. you can get americans to do this as well how can we use data to prevent gerrymandering? we have to draw the new congressional wine and then in the first year of the decade be organized to accommodate and move the populations to 435 members of the house. so we look at where people move and they analyze the data and

subtract the industrial states and add them to mostly southern and western states and redistrict them. gerrymandering is another issue. the issues make it easier to gerrymander because you see these pictures and now you could almost get down block by block to see where people are and take most of your people from the other party and put them in one district and then the other districts, you know, you have more favorable to your party so

there is a big problem in the solution turns out not to be data but there's got to be a formula for drawing the district based on coherent geography rather than population. and then where the parties get involved in drawing the lines. >> it's part of the national case law but it's called communities of interest. people moved for lots of reasons, for their jobs, to be closer to family, but they also tend to move because they find that people in a certain place to be like them. so it's not surprising if you look at a color map, it isn't pixelated. people tend to go to places where people are like them and it's interesting but you know,

it's important i think we've done a good job in california. our commission to draw the districts you have almost nothing. that's actually a good thing because you're not trying to influence one party or the other but it's improved our situation a little bit but it's still not as good in the rest of the country. we only have 53 seats in the 218 so we need the rest of the country to cooperate a little bit and do something more like we are doing. how do you feel about big data in healthcare? it is optimizing the data efficiency and i think we should be doing for should we be concerned about the authorized breach and commercialization of the product data? >> there are things that can be

done in healthcare. we monitor it with remote. the other day there was about the ability to pass more when they are picked up by the ambulance because you have somebody controlling a robot arm into basically corresponds to the robot arm. that's all good and this is an area there are rules about the private data and so therefore it does have restrictions that require both keeping privacy secure so that's a good thing. there are two risks you have to watch to make sure you are not slipping and that's why you want to keep it separate and have a firewall between that and your

business data but the other problem is what happens when your insurer decides they want to look not just that your at yh data but other things. they are looking at what kind of clothing you buy because if you start to buy a larger size of clothing they think you may be overweight and want to raise your rate. then imagine all the other things. if you change your name they think you're getting married or divorced and that could lead to stress. the main nightmare i was present in the book is the idea that everything you do can result in some either reward or punishment and the chinese are actually working on this but the social quest for. this will be looking at everything you do can meet your

friends are coming for behavior day-to-day to determine if you are a good citizen or bad citizen. this person says since we can't trust trump to protect against cybersecurity what are we doing to help and what is the top priority to us >> i do think the department are trying to help. you saw the fbi did do the investigation and a lot of work went into investigating that. that. the department is working now to bring the private sector in closer to help them manage

cybersecurity to what the threats are and that's a good thing to. there's a controversthere is a g now because some of the chips they have to invest in ask critical questions about their suppliers are in is engaging on their network to make sure they are secure to do not the kind of things that often result in downloading malicious tools onto your network.

>> in many ways the reduced fun to play and the truth is a lot of people were hurt by globalization and of jobs moving offshore. but trade is interesting because we have 4% of the worlds population. we need access to the other 96 in order to sell our good. a pair of estate tax by the way so what do we do about the data issues on this and what about companies like the cte where we have concerns about what they are doing and that these trapdoor issues? >> the u.s. has done very well

to the point that a lot of countries sometimes use their privacy law to handicap american companies or they drive towards the data localization and requirements to hold the citizens of the country which is a way of fragmenting the global reach of american companies. so, we've gone out of the global reach of data and you do have to have a seamless set of rules or you don't have an intranet, you have many internets. we do need to recognize countries have an interest in protecting the privacy of their citizens and i think part of what we are talking about now at least with respect to countries of a similar value system, democratic countries how do we synchronize a way to have a kind of common picture of the rules

to govern the data and the rules of the road so we don't wind up with conflicting situations in terms of how we manage the data? that's going to continue to be a big thing now. i don't believe in tariffs and balanced free trade is good for the country although it doesn't always spread winners and losers and we have to figure out how to compensate for that but there are areas where it's been correct the chinese in particular have been adamant about trying to get our intellectual property. there was a report a couple of days ago from the counterintelligence folks in the

government you have to worry about buying the technology andd acquiring the company is getting intinto the supply chain we tald about. if they are not going to interfere with that that is goinit that is goingto become am and they are going to pay a price in terms of people's willingness to play by the rules. >> do you have an opinion and this is an elaboration of things do you have an opinion on whether content on the internet should be regulated and if so, who would be responsible for the regulation? a government or web provider, what you think and can you talk a little bit about the data

privacy quite >> we need to control the data even after it's been collected. they have to get your permission and it's got to be in plain language. i've even gotten some notice this if you want to keep receiving the wonderful market material, please click here so that's where we need to go to give people more control over their data. that might mean by the way that to get a service, you have to pay for it. you have to pay for a newspaper behind a pay wall but at least it gives you a choice in terms. i am as i said earlier not a fan of content regulation except for

narrow issues and i'm not a fan because who is going to do the regulating? i certainly wouldn't want to see the government regulates that censorship and that is at the height of the constitution. the private sector i would get a little more leeway although again when you have a dominant organization that could become pretty inhibiting. you don't want the power to control discourse in private sector hands so to deal with driving certain stories or impersonating people or doing things to me it easier where you are manipulating the algorithms i am completely on board with putting that on limits but other

than the narrow issues, we talk about i think i kind of honor the first amendment. you get in to some close cases where it's not protected. i could worry you a message that says to pick up a guy you can pull somebody is a message you can ban and the recruitment for terrorism and when you get into it instructing people to get into an areyou getinto an area w definitive it is that i would tread cautiously on the content regulation. >> as you talk about so eloquently in the buck there's a lot of politics behind some of

this. it doesn't seem as if the congress can do things these days the idea that we are going to come together. it was interesting to me that when mark testified a few weeks ago as kind of a gift in the first five minutes he said we are going to adopt gdp are. what is the push and pull? >> at the supreme court has began to tackle this issue so i talk about a lot of the court cases in the book one of them has to do with being placed on a car and used to survey all the individual in the car for like 30 days like 24/7.

you don't have the right to protection under the amendment and the court said in this case it is the volume is so qualitatively different from what you could have done when the constitution was framed. they went off on the idea when you put something in the car so that was a trespass but some of the justices sent whether it is video cameras were things on cars there is a limit to how much you can collect and in another case there was an effort

the court said you need a warrant it's not like what he would have searched for a piece of paper in someone's pocket. and that requires a warrant. the supreme court dealt with the issue of the subpoena of the locational data from your cell phone in the hands of the service provider and the rule has always been if it is in the hands of a third party like a bank, you don't have the right to prevent them from turning it over with response there's so much locational data it is beyond what we think is a reasonable expectation so we are going to require a warrant. he focused on the fact even when

someone has your data it doesn't mean you lose your right to it. it suggests to me they are thinking about these issues in the new technology and that is a good thing. >> should citizens be able to monetize their own data and how would the government regulates the transaction but what if instead we help people understand that their data is an asset and it should have maybe not be monetized value but a value to everyone that needs to be protected? >> i have heard people describe the data is valuable to

marketers and people who are politicians and people who are provided healthcare want to assess trends. it can be valuable in determining outbreaks. but it's every bit as significant as your house and bank account and i think that is part of the process we have to be educating people about. >> how do we put together an education campaign to understand that a how do we calibrate that so that it is operational for them? >> this is part of what we ought to be writing about and speaking

about the understand the data is being valuable in ways they may not understand as the need to both take responsibility for their own decisions but also let's talk to the legislators. people in sacramento paid attention and i think you could get other states. that will have an effect across the country. >> they've broken the mold and have done things for ourselves we could be an early adopter for things like that there may be other areas where in california and other states could be. >> we have about three minutes left i'm going to ask a question that will go into our closing.

at the end of the book you talk about specific frameworks that can block these problems. can you give people a sense of what they should be advocating for? >> to protect against the fiscal security. >> legal incentives to secure their data and also people who don't secure their data wind up >> we have become enormously defensive integrated and other parts of our economy and data

when does the spray to the offenses? let's not try this at home. the government has a role to play with hyperactivity but having the private sector do it is a great way to start a war. i would be against the idea that we take matters into our own hands. >> avoid fragmentation of the internet. >> we need to harmonize the rules with our allies overseas because otherwise you end up with a wad of different intranets. i recognize china and russia have a different set wind up going in their different direction but they will pay the price for that if they do.

the law must incentivize the parties to collaborate with government and protect against the vulnerability. >> we find the love of vulnerabilities. that means you have to have a trusted relationship when the government find some in the share it with the private sectors or they can protect all of us. >> i want to thank you for being here the forme former secretaryf homeland security and author of the new book exploding data reclaiming cybersecurity in the digital age and i want to thank everyone for being here and

everyone listening to us on the radio, the internet and on television. we want to remind everybody copies of the book are available for sale and he's pleased to sign books outside of the room following the program. this meeting of commonwealth club where you are in the know is adjourned. [applause]

i thought about it before i began the book and it occurred to me there might be something they had in common they were not forgotten but perhaps they were significant in some way. >> they did a lot to merit his impeachment and to look for mistakes and then when he made those mistakes and later testified in a way that was false for which he was later held in contempt by a judge for perjury bill clinton made his impeachment almost inevitable.

>> at the aspen institute in washington, d.c.. the book outlines the hidden security and safety risks in connecting devices to the internet. he's followed by a panel of computer security analysts to discuss how intelligence is handled cyber threats. this is two hours. >> i want to thank you for joining us for what's sure to be an engaging