it's not to say you can't have any substance in the treaty. the more you want to put in there in terms of details, the harder it is to enforce it. the commas do matter to people. at the prep com, we had a week of discussion on what the language in the resolution actually meant relating to how the conference was going to take its decisions and what consensus actually means. so there are unresolved issues out there. but i agree in terms of the difficult subjects, scope, criteria, transparency, national implementation, then also i think we need to look at incentives for states joining the treaty. for the exporting states who already have in place strong export control systems, the treaty won't really require them to do that much. it won't impose that much of a burden on them. but it is going to be burdensome on states which don't have the national control systems for building those things and

putting this em in place and they're going to need to be convinced that they actually want to do this, and the treaty will need to provide some mechanism for assistance for them doing it, but the assistance is not going to be assistance ala the cwc or bwc. this is going to be assistance for capacity building in the treaty for building up the capacity to implement the arms trade treaty. the biggest problem in july four weeks is not much time at all. i worked on the conference on disarmament between 1994 and 2005. so i was there when they negotiated the cbt. that was a negotiation that took three years. and the cd meets for 24 weeks a year. you're talking about 72 weeks of meetings that produced the nuclear test ban treaty. we have four weeks in july to produce an arms trade treaty. the subject that is dealing with the arms trade gets at the ability of states to defend themselves. that's one of the most basic security concerns states have. it gets at really sensitivicious. it's going to be challenging to negotiate this. the time is going to be a big problem. but again, i'm hopeful.

>> it's also going to be the major arms treat at this time that will be concluded for a long while. so i'd like to thank all our panelists here for providing us with very a comprehensive view of both trans and arms transfers and the difficult ways to try to control this at the diplomatic level. i'd also like to thank my colleagues or helping organize this event, marshall keller, shannon zimmerman and zack toll. i would say you know, stay tuned. we have other events like these and go to our website, it's www.w.cipri.org/north america. we'll hope to see you soon, and you can inscribe yourself on our mailing list. thank you very much. and thank you very much to paul, matt, rachel, and bill. [ applause ] >> and thank you all for coming. >> president obama has several

richard lugar is running for his seventh term. he's being challenged by richard murdoch. you can see the two debate tonight starting at 7:00 eastern. tonight, american history tv takes a look at the presidency of richard nixon. at 8:00 eastern, history from congresswoman elizabeth holtzman. at 8:30. a friend of elvis presley describes the oval office meeting between elvis and the president. and david gergen wrote the president's resignation letter. republican presidential candidates mitt romney and newt gingrich speak at the national rifle association's annual meeting friday.

also addressing the nra, house majority leader eric cantor and wisconsin governor scott holder. that's live on friday starting at 2:00 p.m. eastern. this is c-span3. every weekend, 48 hours of people and events telling the american story on americ american history tv. you can join in the conversation on social media sites. martin luther king is the man of all the people that i've met, talked with and spent time with over the years, he's the man that is the most american individual that i admire most of all. of all of them. he is my personal hero.

why? because martin luther king put money where his mouth was. >> his career spanned over 60 years. cbs' mike wallace died this weekend at age 93. watch his appearances in the c-span 3 video library. the c-span video library, every c-span program since 1987. >> the obama administration has called on congress to pass internet privacy legislation that would protect consumers personal information and online activity. they spoke about the plan last week in the capital. >> welcome, everybody. thank you so much for coming during recess. i appreciate it.

my name is tim warden. today we have a briefing by the white house on their proposal on privacy in the digital age called "consumer data privacy in a networked world." we're very fortunate to have a deputy chief of technology at the white house here. his name is danny weitzner. this is part of a three-part privacy hearing we're doing on government protocols in this digital era. we had the director general of justice and european commissioner here to brief the congressional staff on their data directive, which has been in effect for the past 15 years. they had an update proposal they briefed the staff on a few weeks ago. the european commission is proposing this update to the privacy regime and frankly many, many, many u.s. companies abide basically by the the framework established by the european commission because of the data

flows across the atlantic. the second one is today's briefing. in a few weeks we hope to have julie brill. they intermissioned kind of for danny to explain what the white house is -- this is held by the congressional internet caucus advisory committee. the white house issued its paper on the 23rd. it followed a green paper. this is not fair to say it's just a proposal for legislation. it's an ambitious process that seeks a stake holder process among industry and consumers who provide a framework for privacy. i would link to the report. it's on our web site. we're being green so we didn't print out a lot of paper. i would direct your attention to part five, which is enacting consumer data privacy legislation. we really think it's very important that the white house proposal be discussed up here and we're happy to provide this format.

it followed a green paper. this is not fair to say it's just a proposal for legislation. it's an ambitious process that seeks a stake holder process among industry and consumers who provide a framework for privacy. i would link to the report. it's on our web site. we're being green so we didn't print out a lot of paper. i would direct your attention to part five, which is enacting consumer data privacy legislation. we really think it's very important that the white house proposal be discussed up here and we're happy to provide this format. let me introduce danny weitzner. prior to this, danny worked at

mit and taught at mit and before that at the worldwide web consortium, the governing body for web standards across the internet. before that he was with the electronic frontier foundation. with that let me introduce danny weitzner. [ applause ] >> thank you, tim. thanks to everyone. let me add my appreciation to the co-chairs of the internet caucus. it's great to see many of you

here. our colleagues from the hill, colleagues from the ftc, from different departments, from the press. it's certainly been a very broad policy discussion we've had over the last couple of years since we came in as an administration. it was clear to us from the beginning we needed to take on these questions of consumer privacy protection. not on because of how important privacy is as an american value but also because many of our key initiatives, many of the priorities that we came in with as an administration, whether it's health care reform or environmental conservation or education reform, all depend in important ways on innovative and sometimes unexpected or unfamiliar uses of personal information.

so we really wanted to make sure we had a strong privacy framework across the wide range of sectors. i want to really start from ground zero, if you will, on privacy. when we announced this consumer privacy of bill of rights at the white house, and tim noted there's a white paper on the web site, you can find it online as well as the internet sites. government has always had a role in its fair competition laws, trade laws, which we've always relied on government to create a baseline of trust so markets could grow. the internet is no different in that sense. we need a strong government role to make sure the consumers are comfortable with their new environment, that they could innovate based on new products and what it is.

we view this as a positive development and something to be addressed in a straight forward way. while it is the case that we believe government has a pretty california as to be thought of this a somewhat different manner. as i think you all know very well, the technologies of the businesses are evolving quite rapidly. we want to make sure businesses have a clear sense of what their obligations are as these new technologies are developed. we proposed what is really a four-part blueprint i want to talk you through very quickly, and then i'm hoping you'll ask me a lot of questions. in the months since we've

released this report, we've had an opportunity to come out and talk with a lot of different organizations and talk about -- in a lot of venues about what our proposals are. at this point i'm hoping you'll have a lot of questions because i've been giving this speech for about a month. but here we go. we've got four key components of our blueprint. the first is the consumer privacy bill of rights. privacy rights that we believe consumers are entitled to and businesses ought to make available. we've proposed a process by which we believe we can implement the privacy bill of rights in a fast paced, flexible manner to make sure as new services are developed, they are respecting those privacy

principals. we are very much looking forward to working with congress, to working with all of you, take the privacy bill of rights and enact it in statute. we think it's important to do that, we're eager to do that and it's time to make that happen. fourth, we've proposed a framework to increase what we referred to as global inoperability of privacy regulatory frameworks from around the world. these are all connected, but let me step through them briefly. number one, we introduced this consumer privacy bill of rights. it has seven principals. i'm going to talk about a couple them that are distinctive. for us the consumer privacy bill

of rights does double duty. as tim mentioned, we are going to begin right away, we have begun already to start a process working with industry, with privacy advocates, with regulators, with academic experts and other consumer organizations to take the consumer privacy bill of rights, the principles we've expressed in those principles and implement them in what we call enforceable codes of conduct, that is, specific rules that whole industries will take on that will be developed in a multi-state process in consultation with all the groups that i mentioned and that would be enforceable by the federal trade commission. part two is, as i said, we would look to these enacted in statute so they are enforceable correctly. let me just highlight three of the elements of the consumer privacy bill of rights that i

think will give you a flavor for where we're heading. i'll say at the outset that the consumer privacy bill of rights are a set of principles that are based very much on the well established fair information practice principles. those of you who are privacy geeks know about the fipps, as they're called. you'll know they were developed in the united states in the late 60s and culminated in the early 70s and 1973 report on privacy directive put out by the department of health, education and welfare. they really are all around the world in different countries and expressed in the ecb 1980s practiced principals, the gold standard, these number two, that was actually the first thing. number one, we wanted to be sure these fipps are accessible and understandable to consumers,

they articulate a clear set of rights and expectations consumers ought to have. number two, we wanted to make sure that these rights, again, based on the fair information practice principles are tuned to the -- both the challenges and the opportunities of the internet environment, that they take advantage of the fact that we're in a much more interactive environment, that individuals can exercise control in many cases over their personal information if technologies are designed the right way but also that there's obviously quite a bit of collection of information, we want to encourage that without trying undue privacy actions. let me talk about the three principles.

consumers have a right to exercise control over personal data. to draw a contrast in the privacy matters we faced in the past in which personal matters are collected and it would get subjected into some database run by someone, you don't know who it is and really it left beyond the control of the individual. we want to restore control to the individuals to make sure as consumers they're interacting with entities that collect and use their personal information, that consumers are able to make clear choices to exercise clear control. it's meant to combine the traditional principles of purpose specification, that is principles in traditional privacy practice by which anyone who collects information about an individual ought to say what they're going to do with it. it's a pretty simple principle and secondly, the principal of usage information that when information is collected, there ought to be limits as to how it will be used or won't be used.

we combine these. second principle i'll highlight, this is rule number three. it's the principle we call respect for context. for those of you who are privacy geeks in the room. it's meant to combine the traditional principles of purpose specification, that is principles in traditional privacy practice, by which anyone who collects information about an individual. it's obvious what they're going to do with it. and secondly the principle of usage limitation. there ought to be some limits expressed about how it will be used, how it won't be used. so we combine the principle.

consumers have a right to expect companies to disclose personal data in ways that are persistent with the context. this is on the one hand we've had tremendous innovation and tremendous opportunities for users based on a much more free flow of personal information, think about social networks. the hundreds of millions of people around the world who are able to exchange information in all kinds of ways which they clearly find valuable. think, also, about the down side that has been articulated about the social networking environment, maybe an interaction you thought you were having with your friends in whichever social network you use wou awful the sunday be used in a different perspective. hiring you based on how you appeared in a photo you didn't think was exactly professional, or that a company that was

considering extending you credit, offering you health insurance, might actually use information that again you thought was really present, was being used in the social networking context. all of a sudden for a significant, important decision about your life. we want to draw a clear distinction between these two contexts and state clearly that if information is going to be taken from one context and moved to a materially different context, that the other principles that we have, for example, the individual control principle ought to kick in so that individuals would have some control over the fact that that context was changing. and i'll say that this principle in particular, we developed based on looking very carefully at the federal trade commission's report, the report that they issued the staff report that was issued in 2010, which talked a lot about material changes and use of personal information, which on the one hand tried to make it --

reduce the barriers for the constant notice and choice mechanisms that some companies have felt might be required that you keep getting asked a question, is this okay, is that okay, is the other thing okay? i think we all recognize that those kinds of overusa e really aren't all that useful to individuals but when the use is really going to be different, the context is really going to be different, some other steps ought to be taken. this is something we learned from the ftc report, the final report issued a couple of weeks ago, you'll see quite a bit of convergence between our thinking about the respect for context principle and their thinking about how to evolve these ideas of individual control. third principle, i'll point out, is accountability principle. and it says simply that

consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to the consumer privacy bill of rights. this means that even in advance of legislation, eve in advance of a point all companies might be subject to these set of privacy rules what we want to make sure is that any company that handles personal information is careful, internally how it handles that information and there is a point of both legal and customer accountability. that if a consumer wants to know how their information is going to be used if they have some complaint, a place to go in that company, to state that complaint. this is a particularly important principle for us in the global context. i think that you're all very well aware that many of the services that people use on the internet all around the world are provided by companies that

might not be in the same country that that individual user is actually sitting at any given moment. this causes, i think, considerable and legitimate questions for consumer protection and privacy regulators and enforcers all around the world. they want to make sure they are able to protect their citizens, that if their citizens have a complaint about the privacy practices of some service on the internet that they have a way to help vindicate rights of their services. that's for any government. we want to make sure that as we have services provided on a global basis, that there's a streamline mechanism to handle that kind of accountability and responsiveness both to consumers and to regulatory enforcement authorities as appropriate. i'll come back to the global story in just a moment. the second major element of our privacy blueprint is a call to

the industry private advocacies, other consumer advocates, academics, regulators to come together in what we've characterized as a multi-stakeholder process to take these very broad principles in the consumer privacy bill of rights and implement them in enforceable codes of contact. what do i mean? let me say, first, what i mean by an enforceable code of conduct. that would mean a specific articulation of how consumer rights would be respected in the case of a given company or perhaps a given industry. and that's obviously going to be somewhat more specific and more tuned to the particular context, the particular technology or service involved. it would be a privacy policy that would be articulated in many of the same ways that you see companies today place privacy policies on websites, and we know from the enforcement activity that has gone on at the federal trade commission over the last few years that if a

company says it's going to do one thing and then handles personal information the way that's significantly different than those initial promises that they're going to hear from the federal trade commission. we've had leading u.s. companies now being subject to consent decrees, 20 years of monitoring of their privacy practices, possibility of significant fines if they violate their privacy commitments again. we right away want to begin to take advantage of the fact that we have such a strong privacy enforcement authority in the federal trade commission and want to be able to bring together a number of different stakeholders to actually begin to implement these principles right away in enforceable codes of conduct. the ntia, national telecommunications and information administration at the commerce department, the president's adviser on telecommunications and

information policy issues, has a notice out, i think it actually closes today, soliciting public input on what issues this multistakeholder process should start to look at and how to run the process. i think you can expect in the next couple of months you'll be hearing from ntia about how those efforts will be handled. let me stress, though, that in our privacy blueprint the government, ntia here, is the really the convener, not the regulator or decider about what privacy policies ought to be. we're looking to ntia to make sure there's a thoughtful discussion about how to implement the consumer privacy bill of rights in a specific context. looking to make sure that there's a fair and open table that issues get discussed carefully and everyone who wants to have input is able to do that, but at the end of the day, it will be that process that

will come to decide what these enforceable codes of conduct are. ntia is not making that decision, does not have authority to make that decision, and really will use itself as a convener, first and foremost. we along with this the process i described we think can make a lot of progress, but it is a voluntary process, no one's compelled to participate in that process. no company is going to -- can be legally compelled to actually take on these additional privacy commitments. in our look at the privacy landscape, the legal landscape for privacy in the united states, what we found over last two years was that while we have very strong privacy protection laws, as many of you know in a number of different sectors, whether it's consumer credit or health information or financial privacy we have an outstanding privacy protection enforcement authority, but we have a pretty

significant gap where there is actually no statutory privacy protection for consumers in the realm of general consumer -- general commercial interactions. this is more or less everything that falls within the scope of the federal trade commission act, section 5 authority. if the ftc finds that a company has broken its promise in that context, they obviously can begin an enforcement action. however, companies aren't obliged to make any particular privacy promises at all in that area of general, commercial interaction. that's a gap we want to close that we need your help to close, that you actually have to take the initiative to close. we do have a view about what kind of privacy legislation we'd like to see in this arena. we've stated, number one, substantive protections that we think ought to be in statute, those are