end of the biggest transfer of wealth in the history of human kind through theft and piracy because of the attacks on our industrial base and our technological base from overseas for the purpose of industrial espionage and stealing property. since then, general alexander has used virtually the same language. mcafee has issued a report that uses virtually the same language. mike mcconnell has used virtually the same language. this is a very big deal for us in my point of view of economic competitiveness and you've been an attorney general. in fact, we were attorney general together. you've been a u.s. attorney. in fact, we were u.s. attorneys together. you've had a lot of experience with law enforcement, also as governor and in your role as secretary of homeland security.

i do not yet believe we are resourced adequately to address that aspect of our cyber liability. and i hear from companies in all sorts of industries that when they can get, for instance, the fbi's attention, they are very impressed with the capabilities that are involved. but it's very rare that you could turn over a case of intellectual property theft to the fbi and say, go. they simply don't have the staff. they simply don't have the resources. as much as this part of law enforcement has grown, both in u.s. attorneys' offices and at the fbi. so, i would like to ask that you participate in discussions that we're going to be having around cyber security legislation about how we should better organize our cyber resources.

it's both criminal and civil. a lot of what gets done is done through civil law. a lot of the clean up on the net of quicken websites can be done through civil proceedings, but it's a law enforcement function, because you're getting rid of very bad actors on the net, who are attacking american businesses and the american economy. so that was a little bit more of a speech than a question. i would like to invite you to, based on your experience, participate in that discussion. i don't know if we need the equivalent of a cyber dea or atf, entire organization or need the equivalent of a cyber osidef or organized crime strength force. those were set up many, many years ago. there's a variety of different structures. but i don't think the private sector is getting the support it needs from law enforcement because of its lack of resource and there's an awful lot of money going out the door. we are standing by one of the

biggest robberies in history and i would love to have your support in pursuing that concern. >> senator, first of all, i agree with your statement of the scope of the problem. it is severe. it is indemic and it is a transfer of wealth, as you put it. we work with the fbi, secret service and ice all have cyber security and do criminal work in that area as well as some others. i would be happy to participate as we -- in the context of comprehensively looking at the protection of the country and cyber, how we organize our law enforcement resources and make sure particularly the fbi has what it needs to handle some of this work is a good question and i would be happy to participate. >> thank you. madame secretary, we've had senators of both sides of the aisle that have come in and left

during this hearing because most of us have about three different committee meetings going on. you don't get that luxury, and i do want to apply applaud you, one, for keeping your answers as brief and to the point and, i might say, as accurate as you have, which is typical of your appearance. and i appreciate that. i'm going to have to leave. i just note that senator lee will go next. i'm going to turn the gavel over to senator kunz. i'm doing this so we're trying to keep some of our hairlines. sorry about that. but senator kunz has worked very, very hard on this subject. i've asked him to take over the chair. it will go to senator lee next. i do appreciate what you said. i would add -- i think i can speak for senator grassley and others here, we will want to

keep in touch with you and the director of the secret service as this whole matter goes on. not just on what's happened now, but what's happening in the future -- what will happen in the future. we'll do it because obvious oversight, the need to do it, the protection to keep people -- in this case, presidential election year, both the president and the republican nominee. but also because we have so many good men and women in the secret service that i hope will be able to demonstrate that there are a few bad apples that were weeded out so that the others who are extraordinarily dedicated, highly trained professionals can continue on the work they do. >> absolutely. >> senator lee, thank you for that. please go ahead, sir. >> thank you, mr. chairman. thank you, secretary nap ol tol for joining us. in march of this year, john cohen, who i believe is your

principle deputy coordinator for counterterrorism testified before a house subcommittee that the department should have biometric exit system designed and ready to go, at least ready to roll out and announce and describe some time within the next few weeks, in the coming weeks. in the written testimony today, i believe you said that a biometric exit system should be ready for deployment and use within four years. how confident are you about that timeframe? >> what we are planning and, senator, the actual plan is in final clearance with omb. it should be out shortly. but given our ability to do enhanced biometric exit, employing that and using that as the platform for adding on the biomet rick. the plan is done from our

standpoint. we're just working through the final nuts and bolt with his omb. >> why does it take so long to get it deployed? just the development of the technology? in other words, the fact that it takes four years to get it going, is that -- >> well, it's cost. it's the scope of the issue. we have so many ways that people can exit the united states. we're very different from other countries in that regard. and manpower, other resources, yes. >> what kind of impact do you think this will have on visa overstays, once you get it deployed? >> i think it will help us. although, we have already used our enhanced biographic to go backwards to identify overstays and to prioritize those that we want ice to really focus on finding and removing. >> can you give us any sort of previous -- specific, brief

thumbnail sketch on how the system will work? >> i would prefer to do that in a classified setting, senator, and we would be able to do that, yes. >> understood. understood. on a different topic, last year john morton, the director of u.s. customs enforcement, issued a couple of memoranda that between them set out certain priorities that would govern the use of prosecutor -- the exercise of procesecutorial discretion within ice. within that memorandum, there were a number of considerations outlined, which end up mirroring to a very significant degree the same factors that were outlined in the dream act. the same version of the dream act that the senate refused to pass four years ago when it came up for a vote and didn't get the

necessary votes to pass. one of the aspects the agents were asked to consider included the aliens length of presence in the united states which mirrored the factor in section 3b-1a of the dream act. alien's arrival into the united states, particularly when if it happened when the alien was a child. factor in 3b-1d of the dream act. with particular consideration given to those that have graduated from a u.s. high school or who have is successfully pursued or are pursuing college or advanced degrees at a legitimate institu institute. consideration given for minors mirroring section 3b-1 of the

dream act and whether the alien has served in the military of the united states. so, given these prosecutorial discretion standards, which match up somewhat close ly to te same factors put forth in the dream act and given the fact that the dream act was not passed into law, what assurances can you give us? assurances can i give to my constituents when they approach me to suggest that perhaps there's an effort under way to backdoor these factors in through regulatory channels that couldn't be passed through congress? >> senator, first, let me begin by saying having worked in this field for decades now, we strongly need overall reform. and we -- and strongly support the dream act as a legislative enactment. you are right. it failed by four or five votes to get closure here. it was passed by the house.

that being said, what we have the capacity or only jurisdiction to do is to administratively close a case. that doesn't give the person involved any kind of a green card or anything of that sort. it simply means their case is effectively suspended. and they can remain in the united states. that's very different from the dream act, which would allow an actual pathway to citizenship. and that's, you know, one of the things i think we should be doing, really focusing on our enforcement resources on those who are real risks to the public safety of the united states and those who meet the standards of the dream act, if they really meet those standards, are not. >> the overlap between them is coincidentally? and you would say -- your response to that is essentially that these are two different layers of analysis.

one in the dream act would be focusing on a pathway toward citizenship. prosecutorial and law enforcement resources? >> i think that's an accurate statement. >> and you're not concerned or convinced that these could spill over into something larger? >> we are in the process of looking at all of the cases on the immigration docket to see which, if any, should be administratively closed. and those that meet the criteria you just named are those that we would consider for administrative closure. >> okay. finally, is there any chance that, in my lifetime, we'll see passengers before boarding a plane don't have to remove their shoes going through tsa? >> well, senator, we have already -- we're looking at everything from what is the threat and what is the risk? and we have already made changes for passengers over the age of 75 and children under the age of

12 where, except for on a random basis -- we always have to have some unpredictability in the system -- they can be expedited through the lines without their shoes being taken off. from a technology standpoint, the technology still does not exist that allows us to easily identify nonmetallic matter in shoes or in liquids, which is why we're doing some of the things we are doing. and it's all based on the intelligence we have. >> i see my time has expired. senator lee. senator frank? >> thank you, mr. chairman. considering several cyber security proposals. this morning i want to talk with you about the cyber security proposals that are here in the senate. because while there's a bill, i

want to talk about privacy and civil liberties, implications of the house proposals and rightly so. fewer people are talking about the two bills here in the senate. the fact is that as they are currently drafted, both of the cyber security proposals here in the senate propose very serious threats to our privacy and civil liberties. both bills allow companies the unfettered ability to monitor the e-mails and files of their customers. both bills may allow companies to share that information directly with the military. both bills generally allow the federal government to freely share that information with law enforcement and both bills immunize companies against grossly negligent and knowing

violations of the protections that apply in this process. in doing all of this, both of these bills sweep aside decades of privacy laws. many of which this committee wrote, and many of which with chairman leahy at the hem. penn register statute. i've been working together with senator durbin, with the sponsors of the cyber security act of 2012. they've been working with us in good faith. and i sincerely hope we can fix these problem s before the bill even gets to the floor. i think it's very important that everyone know that we have real civil liberties problems. not just in the house, but also here in the senate bills. i'm saying all this of this to you madame secretary, because

the cyber security proposal from last may does not have many of these problems. it is, in several ways, more protective of our privacy than either proposal here in the senate. i want to use the remaining time i have here to tease out those differences. and, frankly, just make the case that we should pay attention to what the administration did in its proposal. first of all, madame secretary, as i mentioned, both the cyber security act and the secure i.t. act would allow the military to be the initial recipient of any information being shared by a private company, but it is my understanding that it is the official position of this administration that a civilian entity -- not a military entity -- should always be the initial recipient of cyber security data from the private sector. can you explain why this is the administration's position? >> well, the administration's

position mirrors how we have organized ourselves in the absence of cyber security. d.o.d. has military responsibility but dhs has responsibility for civilian and the section with the private sector. we both use the technology resources of the nsa, but we use them under different authorities and with more restrictions, particularly on the privacy side than you would in an international military sort of context. so, the position that we have is to make sure that the statute mirrors what actually is happening on the ground. >> well, thank you. second, madame secretary, both of the bills in the senate give private companies a new authority to freely monitor the communications and files on

their systems, many of which would be private. these bills create this new sweeping authority despite existing provisions in the wiretap act that allow companies to perform monitoring to protect their systems. the administration's proposal does not contain that broad new authority. can you tell us why it does not? >> what we are looking for, and part of the protection of critical infrastructure, we're looking for the code. we're looking for the fact of the attack, the methodology used, the code or signatures that were employed so that we can then check and see whether that's being done elsewhere and also mitigate and also communicate with other companies about this type of attack. so, we're not looking at content. we're looking at the how. >> right. thank you.

why does the administration -- let me back up. third, the administration's proposal only allows a federal cyber security site to share the information it receives from private company with law enforcement authorities. if the information constitutes actual evidence of a crime. in comparison, one of the senate bills allows the disclosure of information received by the federal government to law enforcement if it, quote, appears to relate to a crime. why does the administration have a heightened standard in the full disclosure to law enforcement? was this done to protect civil liberties? >> right. senator, i don't know the reason for the difference in the language between those two things. i think what both are getting at

is use of information for a nonlaw enforcement purposes would not be immunized or would not be permitted. i have to follow up on you why the difference between the two phrases. >> okay, thank you. let's do that. i want to thank you, madame secretary. before i finish, i do want to say i agree with my colleagues who say that we need to do something about cyber security. there's no question about that. i just think we need to get the legislation right. such that the bill does not unnecessarily sacrifice civil liberties. and i thank you so much for your service and for being here. and for your answers. >> thank you. >> thank you. >> thank you, senator franken. senator sessions? >> thank you, mr. chairman. your medioric rise to the

chairmanship arises over senator franken's. >> mine was -- [ muted ] that's neither here nor there. we have the secretary and i don't think we should squabble over that. >> we're glad to have both of you fine senators here. madame chairman, this is homeland security, a big operation. i guess it's the third largest personnel operation or second in our government. >> i think it's the third largest, yes, sir. >> third. over 200,000 people. it's cobbled together. i've got to say, i was uneasy about that bill. as i recall, the democrats said we should consolidate. president bush said no, then he finally said yes and did it. we passed it without a whole lot of consideration, in my view. so you have a lot of agencies.

you've got coast guard, secret service, tsa. all sorts of agencies with different histories, cultures and so i know the challenge is hard. i just truly believe -- i don't think that it's completely together yet. do you agree that there's still cultural and bureaucratic efficiencies that could be obtained if focused on today? >> senator, we continue to -- we operate under the caption 1 dhs and we continue to excavate differences in systems and cultures and protocols and procedures. there has been a lot accomplished over the past nine years by my two predecessors and over the past three plus years now that i've been secretary. but given the size and scope of the merger that is under way, it does take time. the department of defense took,

by most accounts, 40 years to really become unified as a department. my goal is to substantially beat that record. >> well, i think so. and i just would say that every dollar the taxpayers send us, they need and have a right to expect is wisely spent. when we've got duplication, mismanagement and competition unwisely within departments and agencies, it just needs to be confronted and strong leadership. i'll just throw that out. i would suggest that you focus on that. senator kyl, i believe, raised the question of chicago and their refusal to honord prisone county, at least, is unacceptable. you have written letters about it. i hope you will follow through on it. they are, i believe, on track to obtain their secure communities

monies through 2013. alabama, who has been sued by the administration, for trying to have laws that help mern america enforce its immigration laws, not block the enforcement of immigration laws, has had its secure communities monies stopped. not continued for counties that have asked for it. can you tell us where you stand on that? and when can alabama expect that they would be able to have their secure fundings? >> as i shared with senator kyl, i believe the cook county ordinance is unwise. it's overbroad. we are evaluating all options there. we have been trying to work with the county to see if there is a resolution. with respect to alabama, given

the litigation and what was enjoined and not enjoined, what we did was simply to stop the expansion of secure communities to the final -- i think we covered now 75% of the foreign-born population. it's the final quarter. but our plan, senator, is to complete implementation of secure communities nationwide by the end of 2013. >> that would include alabama? >> that would include alabama. >> well, that's a problem for me. and maybe i'll file some written questions to make sure we're clear about where that's heading. i'm uneasy about it. it seems to me that the state was targeted because their law was not popular with the department, with the president. whe whereas you've not taken, to date, any firm action against cook county, which clearly endangers, i think, the people

of cook county and the country. but with regard to the visa exit program, this is a plan that was designed and required by law in 1996. i observed it and seen it since i have been in the senate. difficulties that have occurred. we have the visa waiver plan up and working. the entry program up and working. i do not believe it's that difficult to implement an exit program. i said that when the bush administration was in offense and i'll say it again. i think reports from the government accountability office, gao, validate that. and i hope that we can make some progress on it. first, you indicated earlier that you have a biographic plan

that has some capabilities. but is it not true that biomet ric fingerprint, dna or some other system -- fingerprint being the most logical, from my perspective, that a fingerprint or other biometric exit system is what you need to have this system up and running? otherwise someone could walk out with a card that has nar name on it and biographical data but there would be no way to verify that the prn holding that card is the person that's actually exiting. >> senator, let me offer to have our staff come and brief you personally. it's enhanced biographic. it's not simply a card. i will make sure you get briefed on that. with the biometric, the issue is going to be -- and whether the congress wants to appropriate

the money for whatever margin is left after the enhanced biographic. our plan and our plan to use the enhanced biographic as a platform for that is in final clearance. we'll share that with you as well. >> well, about a year ago i had an intense discussion along this subject with secretary ridge. they met with international stakeholders and it went on months and months and months and i insisted the only system that really works, based on your experience as a federal and state prosecutor, as i've had that same experience, it's the fingerprints that's in every police officer's file. it's the fingerprint that's taken when a person is arrested somewhere in the united states and becomes a fugitive. and the fingerprint is the basis for identifying fugitives. so when he left, after refusing

to commit, he left one bit of advice. he said we should have a biographic system, biometric system should be the fingerprint, to his successors. i do believe that's the system that works. so, you -- is there any plan not to have that? >> no. what we are planning is to go in phases. the first phase is the enhanced biographic, which we are a long way toward implementing right now. and then use that as a platform for the biometric. >> i would just say that in my view, it should have been the biometric all along. you should have been working on that and we would have had that done a will the sooner than four years. otherwise when you indicate you're not going to look for people who overstayed, yo