under a kmeshlt reasonable standpoint. and so the chairman himself evolved from a 70 6 to a sender-side to title 2 now to a very different type of title 2 and jet sinning, even at the last minute, the sender side. >> what concerns me the way it sounds like what pushed in that direction was comments and the millions of often auto-generated, very short and not particularly or in anyway,

rigorous comments from many, many commenters who said you know this is terrible, you need to go to title 2. he points to what changed, what he learned in the interim, it's that four million, he says, commenters said we want title 2 and so did the president. >> but i think, at least from my per spektsive as a prak tigs to space, the key issue for chairman wheeler would be whether he explains it well enough in the dock et when he's faced with an apel lat court that's reviewing that. it kind of gets me to my earlier point that this rule-making itself is not in a vacuum. it's actually a remanned essentially, from the verizon case, which itself was a

reaction to the comcast case before that. ed. >> so it's not without a fwraet deal of prior work that he's operating. >> i think that's an interpretation. not everyone is in agreement that the court invited the commission to classify for the sole purpose of getting together to regulate a non-common carrier as a carrier under title 2. and we can debate it endlessly --

>> and we will. but before we get into that, because that is the big next question, let me just read you what senator obama said back in 2007. so, again, we've been through media ownership once before. went to the courts and went back to the fcc. so it was on remand. the fcc had only lost once. and kevin martin had ten studies produced on the issue. so it wasn't just a dock et. there was a huge docket and there were ten studies. such a proposal may pass the muster of a federal court that's why kevin martin put that out for additional comment.

>> so, was senator obama wrong? >> well, again i think you have to go all the way back to the palette deregulatory proceedings, that these are essentially the progeny of what was started ten years ago. so, in some ways, this has happened, right? koechb martin had a number of proceedings on this, three or four at different places. and the chairman had rule makings on this. and we've had interveebing court cases. so i don't think you can look at just the last seven months and

say this is the snapshot of how the fcc operated here. >> you're a lawyer. i mean, you deal with administrative law. you get public comment and you put out a new notice of proposal. so you're documenting what you're going to do. as michael described earlier, his plo poe sal involved, significantly, many times in many ways, from may, back in may, he specifically said intercon nekts e next would be a matter for a different proceeding, title 2, fore baerns, reclassification of wires, all of those issues if they were addressed at all, they were only touched on very briefly. >> that's what the fcc is going to have to defend itself. there's two pieces here. one is certainly the fcc can change itsds mind and that's setted law. as long as they can explain themselves, they're fine.

i expect the rule and order will address that. so, jeff, mark and barbara can't comment on this. you don't have that problem. you can opine and always do. so what do you think? is the fcc going to lose on process glounds here? >> well, what i was going to say, in some ways it's interesting. but they don't matter kpept to the extent that not have building a sufficient record can be a problem in adjudication. i mean you know, the idea that they were responding more than they should have to the

president. whether they made it publicly available is never going to be exposed in court. the question you asked is the relevant one. are there process defects. and, honestly, given the extent to which the verizon court accepted the vicious cycle theory, which had zero evidence to support it that represented both the fcc and sub sell kwentdly the court and giving enormous deference to try to find support in the record for what the fcc wanted to do under 706, i suspected, you know most likely to find the same result here, even though personally,

the record has nothing to support that. >> there are numerous claims of violation notices. that is the fcc had a statutory obligation when it puts out a notice of proposed rule-making to do what's called an initial regulatory flexibility analysis. and that is for the protection of small entities. they're supposed to talk about small entities and any proposals contained in the nprm to explain these problems which would be disproportioning burdens. the fcc, many commenters pointed

out, did not follow the flexibility act. we'll see how they do in the order. >> would it be sufficient if they do it in the order? you sug jooesed that they're technically required to do it if they do it in the nprm. would it be sufficient? >> that's a fine point of administrative law. >> from what we heard from the commissioners earlier, it doesn't sound like that's going to happen. specifically, it was asked what relief is given to small entyties. and the only example that was

offered was that some of the transparency requirements are going to be lighter for entities with fewer than a hundred thousand subscribers. that seems to be the only relief given. it's sound decision-making based on evidence. and your example about regulatory flexibleility act is about the small companies that you represent. so could you speak to the concerns of your members? >> the american cattle association association has about 840 cable companies, best diversity in membership. all of them provide broad band internet access video many do triple play, voice and we put

evidence into the record that we thought was pretty convincing that these smaller isps lack the incentive and certainly ability to harm internet openness. if you accept this theory that it will spark demand for service and employment and investment will follow and it will go on and on and on there is no way we put into the record because they were sent to too few eyeballs to matter.

and for the start-ups we believe they're far more concerned than they are concerned about what a 15000 subscriber, you know, municipal broad band provider is doing. there was no evidence of harm. if the decision is information drifen, then we think that should be taken into account in shaping the final rules. >> >>. >> one more question, barbara. cedar falls iowa, that's where the president chose to visit for his big speech about broad band, they were leading the charge and expressing their concerns about title 2. >> thoerp one of mem aca

municipal members who voiced concern concern to the commission. we went into cedar falls and they're very concerned that they're going to be sublt to a new form of regulation under title 2 which is going to sublt all of their terms of service to adjust a reasonable standard that's never been applied to them before. in the real world some of these providers have four employees, 15 employees, the same employee has to troubleshoot breaks in the line and now they have to learn what it means to be a regulated common carrier.

this is a concern and it seems to be very burdensome. >> she, in a practical sense, got everything that they asked for. i think what gets lost in this discussion a lot is this order is almost entirely proef laktic. it will have virtually no impact on the internet at all. >> if they have no leverage to do that, well then, great. if i'm at the fcc, i'm saying

well, then, you're not effective. this is just in case you develop that leverage or you decide you want to do that, you can. the one thing that would impact them is the transparency rules. the burdens. and, from what we understand, the small isps are getting some help in that respect, both in terms of aparentally delay and the safe harbor reporting system that will make it easy and more certain. so they know, okay, we fill out this thing online and then we know we're done and we don't have to worry about the uncertainty. >> you know i think whether aca decides to challenge the rules and they're successful, the theory is already affirmed by the circuit. they said the fcc has justified the theory and affirmed --

>> justified it to mean sup efficient of a very low bar deferential view. it doesn't mean it's actually economically true. >> and they second-degree eve said that the fcc doesn't have to engage in a markt power now. it seems like if fcc, again, will rely on the term nating access but i'll believe theory rather than a markt power analysis. >> can you explain that? we have a live all yenls, c-span here, who may not be familiar with your terming a monopoly theory. >> one of the things that they did in the 2010 order was said we don't have to engage in a market power analysis to determine rules are necessary. every isp in and of itself is a monopoly with regard to each user. if you are an edge company and you want to get to mid home you're going to have to deal with verizon and only verizon. so then the question is does the

addition of title 2 add something new that creates e a new harm to the smaller members that somebody should have dealt with. we heard yesterday that it's going to try to do that. i think, secondly, the fcc is likely to say that unless they go beyond the rules themselves, then there is no harm. if the fcc were to go beyond that, then i think the aca would have an as-applied challenge to the application of something that wasn't there the no blocking and all the other rules that dlin rate euate and that barbara is saying her members don't do. i think it's challenging for ac

to say if the fcc has done this. what protects their members is the as applied piece if the future fcc were to try to go beyond the rules themselves. >> jeff, a lot was aid e said there. >> access monopoly. is that a real thing? >> well there are some who do. most would point out that it's a fallacy.

net flix has an o ridge nating monopoly. and there's about a billion other examples like this, if either is something that exists but essentially means nothing, or it is simply a canard. it 5:00 schumly has to have some sort of economic consequence. i mean as a logical matter it would have to be that the so-called monopoly would logically be some kind of power, it does have to confer some kind of ability to exploit or do something that the rules are content to express.

it's really lard to see that actually happening. and, of course, by the way we can't forget that we're also dealing with both sides here right? the commission made very clear that they're regulating not just the retail access. there's more terminating from the perspective of google, for example. >> i have two points. we put evidence into the record that a lot of members face competition. one of the members we went in with had 20-30 pnt annualized turn rate. there are options.

the other more important point, aca was not objecteding to the net neutrality behavior rules of no-blocking, no throttling and no paid prioritization. their members do not do these things. what we were rejecting to was the collateral damage of having we now know 21 provisions of title 2 unrelated to protecting the open internet applied to their services and practices. every provision now subject to adjust and reasonable standard. it's not that we think the members are violating this. it's that who knows.

what we learned yesterday is that the fcc will just apply the facts. everybody has to go back and look at everything they're doing all of the all of the communications and test it. >> let me just talk a little bit about -- i can't recall whether you, and maybe mark, you may have e lab rated to make this point. whether you were making a legal argument a jurisdiction authority argsmented.

i'm certain that's not true from an economic perspective. i'm also wondering if you could elaborate on that. i'm sorry i can't remember which of you made that point. >> i think i probably made that point. but, again i think that will be the issue for a faktsd e fact-finder to look at whether there is sufficient for overturning the rule order. i think it's a difficult case to make. i think it's more likely an as-applied challenge than it were if it were applied. >> but you're looking on the gistification that the -- the justification for the rules in part because they only apply proef laktically.

>> we'll have to see the rule and order, obviously, to be part of that. verizon was challenged in their earlier successful appeal of the 2010 rules that their public comment is we don't engage in this behavior. and we sort of have to moderate to say that we're attending in behavior that would almost be prohibitive for this. there was no stay in that situation. >> if i could gist add it quickly, and the court agreed, as well right, that an isp has

both the ability and the motive to engage in those behaviors that they said they would like the opgsz to do although they weren't currently doing it. the court they had both agreed that the fcc had made the case. they had the ability and the moltive and, obviously, you know, there's actual, tangible instances. so i don't think that's going to be a problem. and the court said well no 706 wasn't the right authority. so now they're coming back with title 2 based on what seems to be almost a common sense -- this is one that the general public could almost, you know probably understand when e when you look

at a telecommunication service, it's just like a telephone service kpept it does more. >> well, that's an important point. that it does more. >> the court drnt agree on merits. and, so, the fcc could have call ed blue, green, could have renamed anything for satisfying that initial analysis is almost meaningless. so to say that the courts have blessed that theory doesn't really mean anything, analytically speaking. >> i would take some exception

to that. i mean they do get deference and fact-finding from appellate courts. i think if they said blue was green -- >> okay, well, maybe that's reclassification. let's separate the classification division. you're right, it's more like classification. so let's just say on fact-finding, the idea that the courts have endorsed or put some sort of impar mature i think just does not really do justice to how courts view administrative agencies. but issue number two, and this is what i want to ask you about,.

>> right? the kurt now has to confront this different set of questions about title 2 that raise a different set of policy challenges. is that fair? >> well, yes, there are two issues. i don't think it materially changes whether the court is successful or not in apel lat review. the original classification under chairman martin was overturned by the appellate court, a ninth sir cut, that did not accept that. and then it was reaffirmed by the supreme court where three

supreme court justices said the fcc absluptly got it wrong. so whether the fcc can reasert itself -- >> i was misspeaking chlts i was specifically speaking for an evident ri business. >> but that is based on evidence. the evidentiary basis was a fact-find inging. you had an offering that was an information service. the key disstings for the brand x case was whether they were to get discretion on this offering.

>> barbara can you just rewind? take us back, briefly, to what are these two different buckets and what is kevin martin talking about? >> okay, fine. so there's telephone service and there's telephone service plus something else. so there's basic and basic and enhanced, which involve computer processing, something else. unregulated under title 2. that held up for a long time. congress essentially codified that approach, the telecommunications act of 1996 and it create edd two new categories.

it included telecommunications, telecommunication service, which is providing pure transmission in a certain way to the public for a free and information service, which tracked pretty closely to the fcc old enhanced service definition, and that was offering the capability to manipulate data and transform them in some other things. so those were the definitions that the commission had at its disspoe sal when it had the question before it what is the cable moe dumb service. there's one thing i'd like to correct. the fcc was not the first to decide how to classify the cable moe em. that honor was held by a federal district court in portland

oregon. and the kourt said no, this is a tellcom service. at the conclusion of the entity, they issued a declareatory ruling mplt and they said no, in our expert opinion the cable modem service, which is the first is an information service.

when that case was appealed, it happened to land in the ninth circuit, which i think that the portland decision was a better precedent in the circuit. >> and then the ninth circuit, that went up to the supreme court. randy could correct me if i'm wrong here. so what we had was a rather odd posture where the skmigs was correcting a federal court ruling and ultimately, the supreme court looked at this whole mess and said that's the expert agency. they've made a reasoned decision here. the staff e statutory definition will uphold it on a split vote. >> >>. >> so that was the fcc deciding that broad band was not a hitle 2 service. so people today point to that

and say that means the fcc gets deference on changing its mind and on saying well, maybe it is a title 2 service after all. so is that a fair summary? >> they get the same exact deference, they just have to explain why they're changing their mind. and, assuming that the rule and order account for that, i don't think the fact that they've reclassified is going to present a big, legal problem. >> and you affirmed that the burden -- >> right that the burden is just that the agency act -- you know, that this is a reasonable outcome given the agency's expertise. so i think mark had a very important point.

and, even there, you had three justices. five justices said, well, look, it's reasonable enough. they're the expert agency. and three said no, this is crazy, you're wrong. so now it's flipped around the other way. this is reasonable as the communications. >> so that is important that the place where the reclassification decision is weakest, it seems to me, in the sort of chevron step, like to the reasonable nessness are sometimes arbitrary and capricious. and the biggest problem that they run into is that they're fore bearing for many parts of the stay chut in the same time that they're saying essentially, they're requiring to say that it's necessary for us to use title 2 in order to

appropriately regulate here. but that's impossible to say while they're simultaneously saying it's unnecessary for us to use many of the provisions here. >> congress laid that path down for them. some of the most recent actions was when mobile telephone came along and congress said we don't want mobile phones to be regulated like a plain-old telephone system. so what we're going to do in title 3, you know which is where mobile gets regulated, we're going to say that mobile phones are -- it's a telecommunication service. but the commission has the authority to fore bear from everything but 202, 201 and 208. so congress laid out the modern

approach. >> the problem is, here, in section 10 about the necessariness of the provisions. but if you do it if you sbant tan yously reclassify and fore bear, you have a very hard time saying that again, title 2 isn't necessary while you're appealing that you say that these provisions are unnecessary. >> well i assume that the commission is working out how to address that. but, i mean, we can't -- until we see the order, it's impossible to say.

there is the fox versus fcc decision. if your initial decision was based on nakts you have a higher burden to explain how you arrived at a new decision. and there's another part. reliance interest. there's a great deal in the nfrgs service. now you have a totally different regime that's going to be imposed. >> how easy is it going to be to

repeal. i'll just go back to something that i wrote right at pff right before i left. i said it's no slam dunk. there are a lot of steps that have to be met. each one of them have to be met and it's not going to be that easy. >> there's one other case. you talked about chef e chevron. fox is explaining change views. last year, the supreme court decided a case where the epa had tried to modernize and tailor the clean-air act by deciding that carbon emissions were a public school tant. something that congress pretty clearly did not intend back in the 1970s. but that's what 2 epa was going to use to regulate greenhouse gases.

the spleem court said sorry, that's a decision that has to be made by congress. yet, it's the same thing to have a new hitle 2. not the old title 2 that we've expressed concern about, the one that involves price controls and broad band taxes and so on. but something light and easy to deal with. so isn't that a new hurdle to have to jump through in court? >> no. i just explained this before. and i think the chairman used it as an example yesterday and previously is that he said you know when he was the chief lobbyist for the wireless industry, they saugt this light-touch, hitle 2 regulation.

congress had laid out to do that. and he said, you know the industry saugt that. it's worked great. so, you know, he's just characterizing what they're doing now as being akin to the light tump hitle 2 that was adopted for mobile telephone regulation. something that congress had laid out for the commission to do. and so it's easy -- what a relay that he puts on it doesn't change the reality that every component of what the commission aparentally is going to do is right there in the act. it's just a question of how they're piecing it together. i don't see any reason that congress can't pick and choose to use this sort of light-touch approach. >> we're at a disadvantage. we're operating without the order and the rule. and that's going to be -- >> our apologies.

>> we'll have to reconvene once we have that to make a more-informed decision. if the fcc crosses their ts and dots their is, i do think they're reasonably affirmed. i don't think it's that hard for them. >> ill do think uarg does present an essential threat. it's worth looking at, if you haven't. and, particularly what gus heard and is writing more about it, as well. it's not the slam dunk that you suggest. >> congress wasn't thinking that co2 was plugsz back then. but were you saying that they weren't thinking that broad band internet access is a

communication service. it's more about rewriting the nature of the act. effectively, the fcc is creating a wholly new hitle 2. and using fore barnes in a way that is pretty dramatically different than what fore baerns was used for. here, it's being used to regulate an industry and then to carve out a new approach to broad band. it's never been created by congress. what we're embarking on is different. >> what they felt was leading up to the rules the skabl association was arguing fore bear from everything. just create the rules out of the

ether. i always thought that was a risz killer argument. it's troubling. you have no statutory hook at all at that point to to challenge the rule that's gone beyond the statute. you're just operating it out of nothing. but i did find that an incredibly interesting find. >> michael, you mentioned the dutch law earlier. i'm not an expert in dutch law. belgium law, yes. but my understanding is that the dutch law was a neutrality law. it said here's what the rules are, specifically. and it authorized their regulator to enforce them.

so that seems to me very different. it would be like what republicans have proposed in congress. here are narrow rules that the regulator would be aut rised to enforce without any of the baggage of hitle 2. without any of these questions about will the fcc win, is it going to fore bear for them enough, is it going to use the sections that it is not fore bearing from for other purpose. so, again come back to my question, right-hand turn these two very different things of doing title 2 through some narrow granted authority, which congress could provide, versus evoking title 2 and hoping it all works. >> i don't know if that's law, but here's the problem. probably the dutch does e do not have a title 2.

so title 2 is the problem. >> no, no, no. the existence of title 2. since congress created title 2 to regulate common carrier, you can't regulate common carriers outside of the hitle 2. >> unless congress acts. >> yes. and if the dutch have a hitle 2, if they can just decree whatever the regulatory regime will be then that's hey, you know. >> but right across the street there's a whole bunch of people whose job it is to write laws. >> you would support a legislation solution to avoid the need for title 2. >> potentially. >> i think that most of us would probably agree that the repeal to hitle 2, by the commission, they are act viss out there who want title 2 and more and have been pushing in this direction for a long time.

but for those of us who are lawyers who maybe actually tried to get it right rather than get it as far to the one side as they can i think we can all agree that the appeal to title 2 is a relic of the verks erizon case. it's cobbling it fogt where ever it can. one of the reasons why we're even discussing whether there's, you know whether the reclassification is a slam dunk is,because, well, it's not a slam dunk. the whether or not he will thing is really cobbling together. it is looking at this massive act and saying here's what we want to do. they said 70 6 wasn't enough to do it. here's something else chlts we're going to try this and this might very well work. i would hate to think that anyone, you know, sort of

sensible out there thinks that we absolutely should do title 2 because we want these rules and we want them under title 2. let's find the authority that lets us do it. if that's the world that we are in, then we are precisely in the situation that barren describes. congress should be passing a law that authorizes precisely this. if congress thinks we should have net neutrality rules, we should have the statutory authority to do it. rather than trying to find it in the mouse holes of the communications act. i understand the deif he thinks of hitle 2. again, by the activists they want hitle 2 and they want all of it. and i understand the defense of title 2 because it does get youe this thing that you want, this net neutrality. >> if you win in court. but does anybody really want title 2, you know in the absence of its necessity.

>> you have to appeal to it to get net neutrality rules. you can't say title 2 -- but i want to fore bear from all of it kpept the parts that allow me to do neutrality rules. >> mine isn't a question, it was a diatribe. >> well, it was a rhetorical question. let me make it an actual question. right now, there are two bills floating around in congress do you have a problem taking title 2 off the table for broad band if you get net neutrality rules? >> i think the point i was making was just that if you believe that broad band internet access is a common carrier . >> is a common carrier service,

the only way you can regulate it appropriately, under the current law, is, you know, is within title 2. lot of people believe, coming from the widespread probably consensus that the communeication communications structured with titles is antiquated and all that needs to be remade at some point. the substance is we may not agree if it's a common carrier but if you want regulator right now you have to be in title 2. if congress provides substantive substantively the same outcome, i have no problem with that. i can't say i could endorse either of those bills at this point. >> there is obviously -- >> is it a diatribe? >> there is another way to look

at this. that's arguably these were in title 2 where they should have been. a sdagsdecision was made to deregulate and take it out of title 2. commissioners testified that we will be able to still regularte violations. when chairman martin tried to do it they said you can't regulate. now the fcc is coming back full circle. i think one lesson from this is the isp should never sue.

it gets worse every time. secondly to your point, i think title 2 is a magic elixir. there would not be enough authority to do some basic protections. if congress were to step in and create something that's mostly done controversial that created legal certainty, i don't think anyone would have a problem with that and maybe that's what congress will do and looks like they are trying to do. >> the cable industry brought down internet access service was never regulated under title 2. people seem forget this. they were the first providers on a mass scale of broad band internet access at a time when people had dial up. it's not like we're returning to the garden of eden of regulation for these entities. it was a new regime.

>> absolutely right. he said it would be a mistake to throw cable modem into the morass of title 2. he was worried that imposing title 2 discouraged investment in broad band just taking off. it's pretty clear to me maybe i'm wrong that i think if al gore had won 200 election and say bill kinard stayed on chairman, i don't see him doing anything differently than what the bush administration did. it was clear that he wouldn't want a facilities based competition. the way to get that is the keep cable modem out of title 2 ran take telephone service out of title 2 as well. >> i think it's great point. you're right that was the decision. it's hard to take that out of

context. it hasn't really developed the way it thought it would. between regulation and competition i don't think anyone would disagree that competition is always better than regulation. this chairman has whether he would reverse based on how things would develop is not easy. >> it's true. it's not easily to project what somebody would have done had they remained in office a bit longer. part of the backdrop to the chairman's position is we're in the late 90s. the commission was struggling to implement the telecommunications

act of 1996 which was procompetitive and deregulatory. there was a lot effort to remove telecomm and there was a lot of new regulation. there was a lot of unbundling and all sorts of things that went the other way. at the time there was a view that there were traditional common carrier requirements that were just not needed anymore. i don't think the picture is quite as bleak as he's paved it. there's a good deal of competition today. the problem is, the fear i have, i don't know what's in the order but that will, that will stop

competitive entry in its tracks. >> that's what members have expressed as their concern. i want to take questions from the audience starting with anybody who hasn't asked a question before. seems to be the same three people which is fine. we'll give you the same question in honor of silicon valley. >> what advice would you give an entrepreneur as something they could do as an information service out of reach of the fcc? i understand the fcc is not going to regulate where they don't need to regulate, what would be definitively -- >> that doesn't take it out of region. >> there is still -- >> we need to wait to see the order and see that thing that's definitively out of reach of the fcc? >> this is maybe a good way for me to ask you about the general conduct standard that was discussed on the last panel.

they made it clear they're not going to engage in that. >> i'm not asking that. >> i understand that. >> not just the opinion of any commission. >> that was going to be my next point. when people talk about both sides of regulating both sides i think what they're doing is affirming with the d.c. sircircuit has said. they're choosing to regulate one side of the market. they're not regulating the second side and there's no

support. that may be a different policy whether you should allow broad band internet services to charge the other side of the market which is the net neutrality bait. recognizing the two sides of the market is different than saiding we're going to regulate both sides. >> they're not regulating them directly. >> i don't think they're regulating both sides. we'll have to see. >> what we understand. the order isn't out yet since the meeting was just yesterday. from what we understand as marcum said it's the retail side

that is broad band internet access. this whole idea is this -- >> bill kanard or the duck? >> the duck i guess. coming back to this is the clearly edge providers are not common carriers. >> they're not common carriers today. we have to see how this order is worded. you could end up being a common carrier tomorrow. bet you are call saul.

it's the wordage that must be gone through. >> i think especially in a world -- again what happens in the order if we don't know. if they're justifying the rules under both 706 and title 2 they are doing so by making it appeal to terminating access monopoly. if they are able, as far as the court is concerned to do this without so narrowly defining telecommunications so it might exclude some edge providers.

it's not clear who can be exempted from this. a weather website or something like that. put something up. there's no communications. i don't know. google will have concerns. the big internet providers, i doubt are going to find clearance, shelter from the storm and a court may not find it there. >> you know, the virtue circle if it's still part of the

rationale order then i have every reason to believe it will be. anyone who harms internet openness and interrupts the cycle of innovation and demand and investments should be subject to some kind of open internet constraint. for that reason a c.a. argued that if it's going apply to one side of the market behavioral rules it should apply them to the other side. this is an interconnected ecosystem. there are actual examples of video edge providers blocking access to small isp customers which we brought to the commission's attention opinion said there are as many examples of this as you have for isp's

blocking edge providers. you should take this into account and adjust your rules to cover it. we didn't getfully take on that. the argument is perfectly valid. these are communication concerns. >> jeff thaug for aought for a long time to say that voiceover internet was not a title 2 service. the federal communication bar association may not see a problem, but i can attest i have no idea how to judge the difference between ip transmission, ip services for the purposes of my next start-up. i will not be able to explain it to investors. 706 reaches anyone forms of

communications. >> i understand about chevron. in the brand x case when the supreme court decided it didn't just accept the case it look at the way the service was offered. the discussion on both sides had to do with the intergrated nature extent to which it was integrated and they decide edd it was a decision that rested on

certain facts. i don't think it's nearly the slam dunk that you portrayed but having in mind what i just said. neither one of you discussed what i've just said. how is the commission going to explain the change and the nature nature? >> well, as you point out the supreme court had to find the statute is ambiguous. they looked at the fcc's racial

rationale. they even say looking at what agencies do it doesn't have to be the most reasonable interpretation. >> i would tend to agree. i don't think it's going to be a new fact finding. the fcc will have to justify the change under fox. agencies have been able to do that. it's not that difficult to do. >> just one quick point. it's a significant discussion about whether the agency, the independent agency how much flox has enter into that.

it could be with president obama's injection of himself that they'll be that part of fox. might become important in some appeal. >> i might. deferenco under some part about the process by which a decision was reached. a lot of allegations tinkering with the process on this one. what did the judge have for breakfast this morning? how is this case going to come up? what's the posture? does it look like a regular run of the mill fcc rule making or does it not? >> we need to wrap up. we'll go down the panel. give me your best and worst case

scenarios hireere. what would make you comfortable looking forward and what gives you concern whether it's losing in court or going off the rails. best and worst case scenario. >> how it plays out in what respect, in all respects? >> i'll start. you can do something like what i'm doing. for me, best case scenario is congress creates narrow legislation here and takes title 2 and 706 off the table and this entire fight in courts is mooted. we don't have to get into any of the downsides of title 2 except for the time it takes to get there. the worst case is we spend the next ten years fighting about this in court and small providers don't enter the market. investment and communities that are marginal are slowed. people don't see broad band

upgrades upgrades. that's mine. >> the worst, somewhat parallel although disagreeing in the outcome. worst case scenario is this is fought over in courts for a long time. congress does nothing and the courts overturn it. if congress addresses this it's part of a much broader rewrite that accomplishes the same substantive outcome in the context of a much more sort of streamlined coherent frame work. >> we want our laws rin by

legislative bodies. the problem under the communications act of 1934 even as updated in the 1980s and '90s is it just doesn't fit today's reality. i've worked on this issue now for, i hate to admit this, almost 19 years. it feels like groundhog day. every day i get up and we're talking about how to classify the cable modem service. this is not a productive use of society's time or mine. 19 years from now we're still having this discussion. >> whether we should put our faith in courts or congress is an interesting question. some of the same in '09 we had an agreement with isps to codify

a net neutrality rule and congress said no. we were not able to get congress to agree to codify that and then the fcc moved ahead with rules and version charged those rules. it's hard to this is a hard space because you can have one company that challenges the system and they are able to a big company slow things down either in courts or in congress but i think things have progressed. i will say in a positive way in those four or five years where there seems to be a lot more agreement about principals that don't apply. >> i'm going to start with the worst case. the worst case is exactly where we are today, i think. it will go in using the rules to do things like regulating what apps, mobile providers can do on

their phones. regulating prices and exactly the way we talked before. don't need to file a tariff. intervening in the internet that it really does curtail the investments and innovation we have seen at the edges. i think we're there today because i think as far as i know, if the rule looks like what i think it's going to look like all of that is possible in the rule as it's written today. the best case scenario is everyone wakes up and realizes that net neutrality absolutely is a solution in search of a problem. there's absolutely there's precisely zero economic justy indication justification that exist and thrive in every other facet of the economy just because it happens on the internet.

potential and sometimes actual problems that will arise. we won't have to talk about this crap anyone and what's more, we're that much further along toward minimizing the massive role that the fcc plays in the internet and communications, eco system more broadly and everyone can agree at some level that the fcc is replete with problems. there's rent seeking on both sides. >> would you be okay with the legislation proposed by congress? >> it wasn't be my best case scenario. i'd prefer that. then we could stop the stupid discussion. that would still enshrine the

net neutrality rules that have zero justification in economics or logic. >> i should clarify that was my best case realistic scenario. not my best case scenario. my best case larry, the father of the digital who inspired a lot of this movement. he said it was time to demolish the fcc. it was a junior varsity congress and makes decisions based on politics rather than sound data. that's what democrats used to say when they complained about the republican fcc. that's what barack obama was getting at when it was a senator back in 2007. he was right. i think they would be much better off with a general purpose regulator like the federal trade commission that dealt with these problems. >> i have a worse case scenario. the reclassification is upheld

and the forebearance is overturned. >> well, on that note, it ends. thank you for coming. we'll see you at the version of this event. it's 317 pages. thank you. [ applause ] the texas federal judge's order to block president obama's no deportation order. newsmakers at 10:00 a.m. and 6:30 p.m. eastern on c-span.

the political landscape has changed with 114th congress. not only are there 43 new returns and 14 new democrats ins the house and 12 new republicans and one new democrat in the senate. there's 108 women in congress including the first african-american republican in the house and the first woman veteran in the senate. keep track of the members of congress using congressional chronicle on c-span.org. michael daniel talks about improveing information sharing. this 1:40 discussion is hosted by the atlantic council.

>> in the atlantic council our brilliant director jay healy who you'll hear more about later. welcome to this event on breaking the cyber sharing log jam. you see the publication out there for your information. this will be a discussion on the challenges that limit cyber information sharing. this event is part of our cyber risk wednesday serious which is our importantly series design to bring cyber experts from government industry together

with ploilolicymakers to examine at the core here. it's core mission of building a sustainable cyber space. today's event is quite timely as i'm sure most you have know. just last friday president obama visited silicon valley to sign a new executive order that will encourage and promote the sharing of cyber security threat information between the private sector and federal government. it ensures that u.s. companies work together to respond to threats rather than operating alone without any collaboration. the executive order lays out a frame work for expanded information sharing designed to help companies collaborate with the federal government to quickly identify and protect against cyber threats. from removing barriers to helping improve the delivery of timely and relevant intelligence

to the private sector to renewed interest in passing much needed legislation, this year 2015 is really shaping up to be an incredible year for improved cyber collaboration across the public and private sectors. we at the atlanta council have paid special attention to the important role that information sharing plays in defending against the expansive list of cyber challenges that face us all in august of december last year jay healy. he convened a panel of experts for a closed door discussion about the challenges and opportunities for increased cyber information sharing. today's vent in the publication that's out there that was just leased this morning imminent directly from those discussions towards the end of 2014. in the interest of information sharing it seemed a bit disen

disengenious for very long. i'm pleased we're able to host this topic. with us this afternoon is a very distinguished group of experts all well versed in the real word nuances of the challenges and potential of cyber information sharing. mr. daniel head the development of cyber security strategy and oversees the implementation. it's everything. we were discussing that before this event.

prior to joining the nsc mr. daniels served for 17 years with the office of management and budget budget. including from 2001 to june 2012 when he served as the chief of the omb's intelligence branch national security division. not surprisingly we're very much looking forward to hearing from mr. daniel today on the president's initiatives as we work toward better understanding of the administration's efforts to enhance cyber information sharing. i've talked way too long. let me pass the floor to mr. daniel. thanks very much. [ applause ]

>> i'm wondering why i left from stanford where it was like 745 degrees. i very much like the title of this particular event breaking information log jam. it implies there's this whole fast amount of information waiting to be shared. i think that's now true. several years that might have not been the case. now i think that we're in a position where duo have a lot more information that would be shared.

i see some people in the audience who are sick of taking about information sharing. they've been talking about it for so long. there's 200 rsvps for this event and there's 250 opinions on what information sharing is. i'm going to tell you a bit about what we're trying to do from the administration side. in terms of concrete solutions. hopefully set up a panel by talking about some of the reasons why we want to do that information sharing. it's been a pretty consistent theme. just over the last few weeks we had several big announcements including the announcement of the cyber threat information center. the cyber summit that happened last week and then the

information sharing and analysis organization executive order that the president signed at that summit. let me go over some of those and set it up for the panel. no cti square other anything else like that. rool it's designed to fill in a particular gap that we have seen on the administration side. it's designed specifically to enable them to achieve their missions for effectively. what does the c tick really supposed to do. it's supposed to provide the intergrated all source analysis

of what we know about cyber threats. what is the context in which they are carrying out their activities. how is it that we can best begin to develop defenses against them based on what we know about who they are and what they are trying to achieve. it's designed to make sure that the existing centers, the national cyber community and communications at dhs that the national cyber investigateive task force that cyber command and others get the information that they need in order to do their jobs. they are getting the access to the intelligence that they need. in many ways you can draw the parallel to what they did in creating the national counter terrorism center after 9/11. i'm always he hassitant to raise the

parallel directly. so really it's about the government getting its back end wiring in better shape for information. sort of directly supporting interacting with the private sector. it's about enabling the government to do a better job. that was on tuesday. then by friday we had the cyber security summit last week. despite the fact it was on friday the 13th all the way out in california it's azmazing given

the amount of time we had to put the event together. the summit brought together private exports together to expand the dialogue on these issues. one of the points that lisa and the president hidt on is that cyber security is a shared responsibility between the government and private sector. there's almost no other issue in the national security and economic security that's shared in that same manner. if you think about a lot of other missions that have a national security focus, counter terrorism, border security other things. those are government responsibles and government has the lead. in cyber security that's not true. the vast planetworks in this country are owned and operated by the

private sector. the private sector is the repository of much information. given the nay chufrture of cyber space mean that we can't simply assign the responsibility of cyber security to the federal government or to any government agency whether you're talking state, local or at the federal level. it's when the private sector will have to be involved in. that means we're having to chart some new ways of doing business in this country and some new ways of interacting between the government and the private sector that don't fall neatly into traditional regulatory or contractula categories that we've had. as a result we're struggling to figure out what those relationships are going to be. i think what you're seeing and the policy process and what

makes this part of the policy process so interesting and fascinating to me is we are building those relationships right now. if that's not enough to scare you then i haven't been doing my job. this is clearly some of the most important policy issues and ski challenges that will be facing in the early part of the 21st century. the best practices for those information sharing groups announcing that they'll use the frame work to assess cyber risk and require vendors to use it.

p finally at the summit the president signed a new executive order to, to encourage the expansion of information sharing in the private sector. let me hit on a few things about the eo. it encourages organizations to form information sharing and analysis organizations. if you look these ice house already, we're washington. it's an acronym. i don't know how to do it otherwise. they already exist. they are created in the homeland security act. we haven't used that term much. support would be essential for cyber security to develop and to continue to improve.

also other types of groups such as a geographic region like the bay area council or one that's temporary. an individual company that facilitates sharing among its customers like symantec. public to private partnership. the eo kalecalls for a creation of a baseline. dhs will fund a private sector to develop the baseline and the baseline would be developed in a multi-stake holder process with the private sector. it will enable ice house to demonstrate that they will handle the information and being called eded upon to share

responsibly. it's really so we can broaden out what is possible in the information sharing space as much as we can. we believe that it's such a foundational capabilities that we need to have that basis be as broad as possible. the eo clarifies the kings abilities to enter the agreement with ice house. that he don't have to share with the federal government. we hope that many of them with focus on private sector sharing. they don't need to share with the inkick although we anticipate that many will. the eo makes clear how they can share cyber threat information with the ice house that want it. tied to the legislative proposal the administration made we highlighted the fact that in our proposal we would tie liability protection which is another reason why we proceeded with the

executive order so it would be clear what the baseline cape capabilityies and responsibilities will be. we felt it was a necessary step. so, that part of the eo is rather obscure because it addresses something cause the

the ends that we're trying)5dy to achieve. information sharing in and of itself is not the end. we don't just want to be sharing information for the sake of sharing information. we want to achieve something with that. we need to focus on the outcomes we want to achieve and debating about whether those are the policy ends that we want to get to. if that is our policy goal and we at the white house support then that necessitates one kind of information sharing.

then we need a different kind of sharing to occur. what are the policy ramifications of that? if we want to be able to develop our defenses so they can move at the speed that the bad guys move at and undermine their economic and business model they are using to whack us about the head right now that's another kind of information sharing. i think we really need to be working through these various end states that we're trying to achieve and really get down to a very detailed level discussion of the kinds of information literally down to the field level almost of saying here are the pieces of information we want to share. what are the actual policy and legal ramifications and limitations on doing that

sharing? i suspects when we doe that we'll find it's much, the limitations are much less than we're actually afraid of when we're still talking here at the abstract level. there's a lot going on in this space. i think we really have the opportunity to really make some excellent progress here in 2015. i look forward to the rest of the discussion and i hope that the panel goes well. thank you very much. [ applause ] >> thank you very much.

i'm jason healy. it's going to see so many regular faces here and new faces. the cyber wednesday which is part of the series is usually every third wednesday. we can continue the conversations. it happened all too often that we'll start something interesting here in d.c. and we never get a chance to come finish it. hopefully we'll see you at the next cyberesque wednesday. so to continue this conversation on information

sharing. to my left is senior director of the white house mark sox. here in his hat from the communications i sack which is really been in working at information sharing and been friends since it was major sox and captain healy. he's not only been involved in a lot of information sharing but also recent his company discovered the jaspo. there's a very elaborate information sharing that went on with the vendor. some you might not have heard about it and that's a good thing. it got taken care of to make

sure that it wouldn't be a significant a problem as some of the other big vulnerabilities over the internet. i'll start to my left. we'll talk for a couple of minutes and go to questions and answers from the audience. anything you'd like to add. >> it's hard to follow you boss. >> what do you think is going be more important over time, the c tech and nfgts shareinformation sharing in the government? >> we feel there's different kind of information sharing. we tend to lump them all together. we think about it as getting government information out to private sector. there we have this executive order that shifted the

presumption that information should be shared. we're trying to get that presumption out. we think that made a different of getting out more information. we heard good things about that effort. one area that was sort of tied up and got held back was in terms of getting companies cleared and remaining classified information. if fbi found information about companies that have been hacked is they would tell the company. >> that's what changed two years ago. we change in that regard

trying to expand all that. really focuses on that in gnaw way by information sharing standards.

there's another piece which is private sector to government. obviously it's all a threat. they can tie that information in. how do we get that information together. there we hear from the private sector that the biggest barriers are ones that can only be achieved. this is where they try to get it for intelligence matters. we need to do a better job of doing the analysis. he's not necessarily sharing. sharing the raw intelligence but being able to do the analysis. then you also have the sharing that needs to happen between the

centers. we have done a good job increasing the sharing among the centers and agencies involved. now it's about doing the analysis. we have these four different kinds of sharing that i raised. it's not really a competition which is better. >> when i was getting people to push back and say oh my gosh, another agency is a lot of what the c tick is going to do is it seemed like that was getting done inside the white house. you're taking a lot of who is seeing what. what are we looking at would have to happen. it sounds like this is now pushing it out of room so that you can focus on the bittergger policy. >> we have come to this point we're coming from the people with different viewpoints here. none of them have the full

picture. my question is who can do that analysis of the intelligence that comes in. today that's happening. we need to be able to find a place that where this can happen. the director was created in order to connect the dots of these cases. that seemed like the logical place to move this forward. >> how will you know if you have succeeded? a couple of years left in the administration. we'll have another president in a few years. that president will bring in their team and say how is this stuff working. the question is we have all of these areas talking about information sharing. it's been this jumble for the last few years.

using the same vocabulary. if we can move fast that and get down to some very specific issues, we can figure out the legislation that needs to be passed to separate out the technical issues about sharing. separate the issues that need to be done promote private to private sharing. we'll be in a much better place. >> i like that in the, i saw concept that you're focusing on prieft to private to private. they focus on if the government will be involved. i'm pleased like it sounds like you're taking that out. some people are focused on the idea of hubs. that's not when we're talking about hubs we're not talking about the government. we're talking about private sector run organizationorganizations. they could be large or small. >> as we start turning to mark,

something that michael talked about featured in our paper was focusing on the outcomes. we really found if you're focused on the outcomes then you say who needs what information to take what action. when you look at the outcomes the government is not always critical in a will the of those outcomes. it's not private to private. mark, you've been at aerthe center of these outcomes. when you're looking at the news that comes out with your experience. >> before i ask that answer once you figure out the number of the eo, you need to express it and it will resonate with everybody else.

you know you actually reached the right audience. that is kind of sort of your answer there. how do you know success? how do you know things are working? if you begin to see in that you are discussions and their literature that they are talking about if not even adopting the same sorts of principles. that means you're connecting. it's not just a washington centric of those who feel like we're in a bubble here doing it. we're talking 16 17 years.

where exactly do you put a search engine, for example or any of the other countless types of -- >> or a think tank. >> the benefit of bringing in new thinking, new ways of doing is very powerful. we also recognize there's quite a long, very good history of development through the isacs. information in terms of how you run it and what works and what doesn't work will be valuable as we create these new sharing organizations. >> as you been involved with this over the years what have you found has been the most important lessons in the next steps. i think we all need to search our time there and walk away. i think it's really clear that

let me just back up. your paper hits on a lot of really good observations. information sharing for the sake of sharing doesn't get us anywhere. when you start sharing between organizations they can do something about it. now you begin to hit your stride. there is strength in sharing between those who can take action and so if you have small groups of people, large groups of people with operational roles and they're talking to each other, that's very powerful. if there's an expectation from those groups, they can pull a string. they have to be observers that distrakts distracts from the time they are pushing buttons. the focus really needs to be the amplified focus and needs to be on making sure those who can take action are the one who is are sharing, the ones

communicating the best. yes, there's room for improvement there. that's, i think i really appreciate what you got in the paper because it recognizes some of these challenges and things. but that isn't necessarily visible to everybody else and it is a bit of a challenge how we make that known to others but also how do we amplify and even make better those processes among those who can pull the levers and take action. >> we had a quote from one of our senior fellow founders at the black hat conferences why share information with people not in a position to take action? some people have their hands on the levers and others have their hands on the levers that aren't connected to anything. >> even at the individual level you appreciate when someone tells you something that is happening so you can do something about it. as an individual you are surrounded by information that doesn't necessarily call you to do things and you see it and that's nice but you don't absorb it. it's those things you pulling

that caused the reaction. so if you are using one of the many crowd sourcing applications on your mobile phone that tells you what the traffic conditions are, you love that because you can see that there is a problem coming up ahead and i can take a detour and go around it. that's kind of where we are going. we love to share but we love to share things that can cause you to do something else. the rest of the information that's out there as individuals we tend is individuals we tend to not pay so much attention to. so again it's important in the cyber sharing that we be careful that we are focusing on what is actionable and who we are giving it to that can actually do something with it versus just tossing it out there and therein lies that is a lot of work. >> one of the things that i think washington d.c. doesn't

fully understand how many nonstate groups are actually sharing and fixing things today. we mentioned to some of them but a lot of this in the paper we say don't just focus on those that are sharing information. the best information sharing seems to have been with the happen with groups that are actually fixing things, that are focused on the actual outcomes. to me the classic model is the national communications system. can you walk us through that? >> this is an important thing. the national communications system was developed over 50 years ago so this is all the way back to the kennedy administration and early 60s as a result of what happened in the cuban missile crisis and that recognition that enough level of sharing who knows what, who can do what across the administration that had this good means of communicating. were they sure if the president wants to get the cabinet all together at once, could we do it? if you look at some of the documents in the executive orders even president kennedy creates this thing, the whole

concept behind it is being able to reach the decision makers quickly and make sure that they can always do that. the mission was given to the defense department and the global communications and things that can support the president. but the thinking was back in the early 60s. we were talking 50 years ago the same concepts that we are wrestling with today in a different era that is cold war, nuclear threats type of thing. bring that forward to 2015 the threats are certainly changing but we still have national threats against our country and against our very existence that we have to have that continuity have the ability to communicate and share among the decision-makers. so that's still very much built into what the federal government does. the private sector supports it so companies that communicate and combine hardware, software, but allow the decision-makers to work together together with those decision-makers formed the backbone of the national communications system and all of our benefits from that because our own interactions and hands

-- are enhanced from it. >> and this other interaction between the communications providers. >> in that particular case we spun off in the early '80s when it was broken up and we had the recognition that there had to be sharing among the phone companies and the organization and the coordinating center for the telecommunications was created at this point in the partnership between the public and private sectors to make sure that those brand-new phone companies could continue to interact in the same way that the monopoly phone company was able to do. today it is the communications isac for the sector. we created a parallel group for the communications companies but we still have a strong relationship with the ncc for private and public sharing and actually it's strength is mostly when there are physical

problems. we have hurricanes, snowstorms come earthquakes, fires. that's where the group works really well because that is actually the biggest peril that we have to that infrastructure. electricity has the same sort of thinking. airlines, transportation, shipping in the same sort of thinking. other parts of the economy have those needs they can get together and collaborated not just for cyber dot any any peril. >> we were talking about outcomes have come up a lot here. a lot of times we think of that as countering cyber espionage or computer crime or the rest. but vulnerability disclosure really fit into that also. when we find a big bug in the internet or software, how can we make sure that the right people find out about it in enough time so that we can all be defended before the bad guys get their

hands on it? and that's why i'm really happy that jeff coming you could join us. your company was right in the next -- can you walk us through this process? >> thanks for having me. yes, we found a pretty serious issue that affects the microsoft platforms last week. my intent isn't to go through that issue. suffice it to say that it's a serious issue and there's a lot of interesting -- spigots with almost every microsoft product. >> it is a remotely exploitable piece of badness. >> the interesting thing about it is there's a lot of things going on right now that are kind of conflating this. windows xp, which is one of the most broadly used platforms still, particularly in things like industrial control systems and cash registers and atm machines and things like that

will actually never be fixed. windows server 2003, microsoft said it's too hard to fix it. so even though it is a supported product they won't be fixed. so you know, there is a lot going on on this particular issue that make it interesting. focusing on the disclosure cited -- side of it and the information sharing side of it is also a fascinating story. you know, i've been in the information sharing space for a long time. i was one of the original people in the program and of all the time that i've been involved in information sharing, the concept of information sharing around the disclosure and abilities -- vulnerabilities never crossed my mind until a year ago. that whole space never crossed

my mind. you have to understand the vulnerabilities are of the munitions in cyber battlefield that we live in. there's never been more people looking for vulnerabilities. there's never been more organized efforts to find and monetize the vulnerabilities. the tools have never been better to find vulnerabilities. the software that we have, we generate mountains and mountains of new software every day. so not only are we getting better at finding the vulnerability and having people looking for vulnerability but we have more places to look. so this is a growing issue. our bug wasn't an implementation issue. so if you look at those that we saw last year they were mostly implementation issues meaning you fix a couple of the lines of coding and you are done. this was a design problem.

it was a fundamental decision that in this case microsoft made 15 years ago that turned out to be wrong. so fixing it wasn't a matter of going and adding a couple of lines of coding it was adding features. when you are microsoft and you have many supported versions of the operating system and lots of supported configurations into customers and things that have important things that don't like to change, this becomes a long and difficult process. it took microsoft 13 months to fix this. the reported in january of last year. so, that's interesting. so there's a spot right now if you follow the space between microsoft and google about the disclosure timelines where google has a very strict 90 day timeline including two

to microsoft's dismay they publically released an issue just two days before microsoft was going to fix it. so you know, 90 days and fixing one kind of thing is fundamentally incompatible with fixing a design problem that took 13 months to fix it right so there has actually been activity in that space now and google updated their policy just last week because of the recognition that there are a harder class of problems. >> so for 13 months he were able to disclose this is an interesting -- sometimes the best thing to do with information sharing is to keep a secret. and in this case after, to their credit, they handled this fantastic. we are lucky that this turned out to be a microsoft problem because they had a sophisticated