know how to answer that. you know, there's always kinds of stories -- i don't know how true they are -- about americans showing up in canada in the middle of summer wearing winter clothing. it's not quite that cold all the time. i think the greatest -- maybe not myth. the greatest misunderstanding, the greatest challenge canada has in the united states is the relationship between us is so deep and so close and for the most part so seamless that in spite of its ef normous size, americans simply do not understand the scale and economic consequence of it. and that is the greatest thing -- the greatest challenge that we face. it's the greatest challenge we face is often getting getting attention in the united states to issues that are important to

us. as i say, partly because it is such a smooth and seamless relationship for the most part. that's really the big challenge that canada always faces. it's been a profile challenge in the united states. and occasionally we often will find ourselves on matter that are before congress or before the administration, we find ourselves sometimes getting side swiped. like take the buy america provisions, there will be other things. we'll often get side swiped significantly by poll signatures that have actually nothing to do with canada. i like to quote tom donahue on this. he always reminds me never to take any of this personally or take it badly as canadians sometimes do. heap said the only reason americans, the united states,

sometimes treat canada badly is because we view canadiens not really as a important country but we view canadiens as family and that's how we tree our family. >> ross: on that fot, love to making this your only stop. i think enjoyed your human, your substance and your commitment to our shared relationship. >> thank you. thank you lot. [ applause ]

this morning a look at the rise in social security disability claims. we'll be live with a forum hosted by the national academy of social insurance at 10:00 a.m. eastern on c-span2. coming up on c-span, international monetary fund managing director christine leg ard. you can watch that live starting at 10:0045 eastern on our

companion network c-span. the congressional internat caucus advisory committee hosted a briefing on the frustration administration's new internet privacy plan. the plan calls on congress to pass a privacy bill of right and gives the government new enforcement powers and calls on the commercial department to work with private industry on new rules. daniel weisner leads this 40-minute discussion. >> welcome, everybody. thank you so much for coming during recess. i appreciate it. today we have a briefing by the white house on their proposal on privacy in the digital age called consumer data privacy in a networked world. we're very fortunate to have a deputy chief of technology at the white house here.

his name is danny whitesfehr. this is part of a three-part privacy hearing we're doing on government professional poe als in this digital era. we had the director general of justice and european commissioner here to brief the congressional staff on their data directive, which has been in effect for the past a 15 years. they had an update proposal she briefed the staff on a few weeks ago. the european commission is proposing this update to the privacy regime and frankly many, many, many u.s. companies abide basically bit the framework established bit european commission because of the data flows across the atlantic. the second one is today's briefing. in a few weeks we hope to have julie brill staff on fre a

couple week ago. they intermentioned, kind of for dan oo to explain what the white house is -- this held by the interknelt -- congressional internet caucus advisory committee. the white house issued its paper on the 23rd. it followed a green paper. this is not fair to say it's just a proposal for legislation. it's an imbishs process that seeks a stake holder process among industry and consume who are provide a framework for privacy.

i would link to the report, it on our web site. weir being -- we're being green so we didn't print out a lot of paper. i would direct your attention to part five, which is enacting consumer data privacy legislation. we really think it's very important that the white house proposal be discussed at up here and we're happy to provide this format. let he flous dintroduce danny w in. prior to this, danny worked at mit and taught at mit and before that at the worldwide web consorti consortium, the governing body for web standard across the

internet. before that he was a co-founder of the -- before that he was with the electronic front tear foundation. with that let me introduce danny whitesner. >>. [ applause ] . >> thank you, tim. thanks to everyone. let me add my appreciation to the co-chairs of the internet caucus. it's great to see many of you here. our colleagues from the hill, colleagues from the ftc, from different departments, from the press. it's certainly been a very broad policy suggestion we've had over the last couple of years since we came in as an administration. it was clear to us from the beginning we needed to take on these questions of consumer privacy protection.

not on because of how important privacy is as an american value but also because many of our key initiatives, many of the priorities that we came in with as an administration, whether it's health care reform or environmental conservation or education reform, all depend in important ways on innovative and sometimes unexpected or unfamiliar uses of personal information. so we really wanted to make sure we had a strong privacy framework across the wide range of sectors. i want to really start from ground zero, if you will, on privacy. when we announced this consumer privacy of bill of rights at the white house and tim noted there's a white paper on the web site, you can find it online as well as the internet sights.

government has always had a role in it's fair competition laws, trade laws what are i, we've always relied on government to create a baseline of trust so markets could the internet is no different that that sense. we need a strong government role to make sure the consumers are con for theable with their new environment, that they could sin o'vat based on new products and and what it. we bother this as a pifs to development and something to be addressed in a straight forward way. while it is the case that we believe government has a pretty

california as to be thought of this a somewhat different manner. as i think you all know very well, the kek jis are the businesses are evolving quite rapidly. we want to make sure businesses have a clear sense of what their obligations are as these new technologies developed. we proposed what is really a four-part blueprint i want to talk you through very quickly and then i'm hoping you'll ask me a lot of questions. in the roughly months since we've released this report, we've had an opportunity to come out and tark with a lot of different organizations and talk about n a lot of venues about what ou pror pose als are.

eve -- what our proposals are. at this point i'm hoping you'll have a lot of question because i've been giving this speech for about a month. but here we go. we've got four key components of our blueprint. the first is the consumer privacy bill of rights. privacy rights that we believe consumers are entitled to and businesses ought to make available. we've proposed a process by which we believe we can implement the privacy bill of rights in fast paced, plex books flexible manner to make sure as new services developed, they are respecting those privacypin talls. thi -- principals.

we are very much looking forward to working with congress, to working with all of you, take the privacy bill of rights and enact it in statute. we think it important to do that, we're eager to do that and it's time to make that happen. fourth, we've proposed a framework to increase what we referred to as global inoperability of privacy regulatory frameworks from around the world. these are all connected but let me step through them briefly. number one, we introduced this consumer privacy bill of rights. it has seven principals. i'm going to talk about a couple them that are distinctive. for us the consumer privacy bill of rights does double duty. as tim mentioned, we are going to begin right away, we have begun already to start a process working with industry, with privacy advocates, with regulators, with academic experts and other consumer organizations to take the consumer privacy bill of rights,

the principles we've expressed in those principles and implement thoem in what we call enforceable codes of conduct, that is, specific rules that whole industries will take on that will be developed in a multi-state process in consultation with all the groups that i mentioned and that would be enforceable by the federal trade commission. >> part two is, as i said, we would look to these enacted in statute so they are ebb forceable correctly. let me just highlight three of the elements of the consumer privacy bill of right that i think will give you a flavor for where we're heading. i'll say at the outset that the consumer privacy bill of right are a set of principles that are based very much on the well established fair informing practice principles.

those of you who are privacy geeks know about the phipps, as they're called. you'll know they were developed in the united states in the late 60s and culminated in the early 70s and 1973 report on privacy detective put out by the department of health, education and well pair. they really are all around the world in different countries and embassy pressed in the. ecb 1980s practiced principals the fold standard tw these number two that was actually the first thing. number one we wanted to sure these phipps are accessible and understandable to consumers. they articulate a clear set of rights and expectations consumers out to have.

number two, we wanted to make sure that these rights, again, based on the fair information practice principles are tuned to the -- both the challenges and the opportunities of the internet environment, that they take advantage of the fact that we're in a much more interactive environment, that individuals can exercise control in many cases over their personal information if technologies are designed the right way but also that there's obviously quite a bit of collection of information, we want to could encourage that without trying undue prophecy actions. let me talk about the three principles. the first is called sid vol. conners have a right to exercise control of whver what personal .

to draw a contrast in the privacy matter we faced in the past in which personal matters are collected and it would get subjected into some database run by someone, you don't know who it is and really it left beyond the control of the individual. we want to restore control to the individuals to make sure as consumers they're interacting with entities that collect and use their personal information, that consumers are able to make clear choices to exercise clear control. we think that much of the work that the federal trade commission has done with the daj al. >> reporter: >> reporter:. is will a very good kul poll

also -- policy, it's called respect for context. it's meant to combine the traditional principles of purpose specification, that is principles in traditional privacy practice by which anyone who collects information about an individual ought to say what they're going to do with it. it's a pretty simple principle and secondly the principal of usage information that, when information is collected, there ought to be limits as to how it will be used or won't be used. we combine these on what we call the exfor wins. this is really the principle that is meant to account for the fact that on the one hand we've had tremendous innovation and tremendous opportunities for users based on a much more free flow of personal information. think about social networks, the

hundreds of millions of people around the world who are able to exchange information in all kind, of ways which they clearly find valuable. but think also about the down side that's argue particular lated about the social environment, that may be an interaction you thought you were having with your friends would all of a sudden be eased in coatly con. would you or that a company that was considering extending you credit or offering you health insurance might actually use informing that, again, you thought was really present, was being used in the social networking context, all of a sudden for a very important, significant decision about your life, we want to draw a very

close distinction that if information is going to be taken from one context and move to example, the individual control principle ought to kick in so that individuals would have some control over the fact that that context was changing. and i'll say that this principle in particular, we developed based on looking very carefully at the federal trade commission's report, the report that they issued the staff report that was issued in 2010, which talked a lot about material changes and use of personal information, which on the one hand tried to make it -- reduce the barriers for the constant notice and choice mechanisms that some companies have felt might be required that you keep getting asked a question, es this okay, is that okay, is the other thing okay? we all recognize that those kinds of overuse of notice and

choice perhaps to be compliant with some understanding of privacy aren't useful to individuals. but that -- that when the use is really going to be different, when the context is really going to be different, some other steps ought to be taken. this is something we learned from the ftc report, the final report issued a couple of weeks ago, you'll see quite a bit of convergence between our thinking about the respect for context principle and their thinking about how to evolve these ideas of individual control. third principle, i'll point out, is accountability principle. and it says simply that consumers have a right to have personal data handled by companies with appropriate measures in place to assure they add here to the consumer privacy bill of rights. even in advance of legislation, a point all companies might be subject to these set of privacy

rules what we want to make sure is that any company that handles personal information is careful, internally how it handles that information and there is a point of both legal and customer accountability, if you -- if a consumer wants to know how their information is going to be used if they have some complaint, a place to go in that company, to state that complaint. this is a particularly important principle for us in the global context. i think that you're all very well aware that many of the services that people use on the internet all around the world are provided by companies that might not be in the same country that that individual user is actually sitting at any given moment. this causes, i think, considerable and legitimate questions for consumer protection and privacy regulators and enforcers all around the world. they want to make sure they are able to protect their citizens, if their citizens have a complaint about the privacy practices of some service on the

internet that they have a way to help vindicate rights of their services. it's a base ex-obligation for any government. what we want to make sure, though, is that as we have services that are increasingly provided on a global basis, that we have -- that there's a streamline mechanism to handle that kind of accountability and responsiveness both to consumers and regulatory enforcement authorities as appropriate. i'll come back to the globy story in a moment. the second major element of our privacy blueprint is a call to the industry private advocacys, other consumer advocates, academics, regulators to come together in what we've characterized as a multistakeholder process to take product principles in the privacy bill of rights and implement them in enforcible codes of conduct. what do i mean? let me say, first, what i mean

by an enforcible code of conduct. that would mean a specific articulation of how consumer rights would be respected in the case of a given company or perhaps a given industry. and that's obviously going to be somewhat more specific and more tuned to the particular context, the particular technology or service involved. it would be a privacy policy that would be articulated in many of the same ways that you see companies today place privacy policies on websites, and we know from the enforcement activity that has gone on at the federal trade commission over the last few years that if a company says it's going to do one thing and then handles personal information the way that's significantly different than those initial promises that they're going to hear from the federal trade commission. we've had leading u.s. companies now being subject to consent decrees, 20 years of monitoring

of their privacy practices, possibility of significant fines if they violate their privacy commitments away want ta-to-beg to take advantage of the fact that we have such a strong privacy enforcement authority in the federal trade commission and want to be able to bring together a number of different stakeholders to actually begin to implement these principles right away in enforce able codes of conduct. the ntia, national telecommunications and information administration at the commerce department, the president's adviser on telecommunications and information policy issues, has a notice out, i think it actually closes today, soliciting public input on what issues this multistakeholder process should start to look at and how to run the process. ethink you can expect in the next couple of months you'll be hearing from ntia about how those efforts will be handled.

let me stress, though, that in our privacy blueprint the government, ntia here, is the convener, not the regulator or the decider about what privacy policies ought to be. we're looking to ntia to make sure there's a thoughtful discussion about how to implement the consumer privacy bill of rights in a specific context. looking to make sure that there's a fair and open table that issues get discussed carefully and everyone who wants to have input is able to do that. but at the end of the day it will be that process that will come to decide what these enforce able code of conduct are. ntia is not making that decision, does not have authority to make that decision, and really will view itself as a convener, first and mothforemos. we along with this the process i described we think can make a lot of progress but is it a voluntary process, no one's

compelled to participate in that process. no company is going to -- can be legally compelled to actually take on these additional privacy commitments. in our look at the privacy landscape, the legal landscape for privacy in the united states, what we found over last two years was that while we have very strong privacy protection laws, as many of you know in a number of different sectors, whether it's consumer credit or heal information or financial privacy we have an outstanding privacy protection enforcement authority, but we have a pretty significant gap where there is actually no statutory privacy protection for consumers in the realm of general consumer -- general commercial interactions. this is more or less everything that falls within the scope of the federal trade commission act, section 5 authority. if the ftc finds that a company

has broken its promise in that context, they obviously can begin an enforcement action. however, companies aren't obliged to make any particular privacy promises at all in that area of general, commercial interaction. that's a gap we want to close that we need your help to close, that you actually have to take the initiative to close. we do have a view about what kind of privacy legislation we'd like to see in this arena. we've stated, number one, substantive protections that we think ought to be in statute, those are the seven principles in the consumer privacy bill of rights and we have a view ow protections should be implemented. we think the multistakeholder process, especially with legislation as a backstop with privacy protections, in laws of backstop, can actually develop rules, new privacy practices, much more rapidly than a

traditional a.p.a. style rule-making process. what we would like to see is for legislation to provide a safe harbor framework within which companies would on the one hand be held accountable to the seven principles in the consumer privacy bill of rights but would be able to go to the federal trade commission and seek safe harbor approval of their implementation of the consumer privacy bill of rights and essentially get a yes or no, up or down answer from the ftc whether that company's code of conduct or industry's code of conduct actually meets the conditions of the consumer privacy bill of rights based on a safe harbor finding, there would be some sort of agreement to forbear from enforcement, assuming the company actually keeps its promises in the act. there's a lot to work out in how to actually implement this kind of safe harbor mechanism but it's a process by which we think we can