tv Key Capitol Hill Hearings CSPAN September 10, 2015 9:00pm-11:01pm EDT
9:00 pm
homeland security which does have a responsibility for engaging at the state and local and tribal and private sector segment. >> and i appreciate that. but the lack of resources, you know, we hear so often that it's becoming cheaper and easier to hack and more expensive and difficult to defend. is there some other way besides this that we should begin to look at in terms of trying to balance the field between the resources a community bank has versus a major national bank? just as one example. >> one of the things that we need to continue to do better as a federal government is equip our state and local partners to investigate crimes that are digital in nature. and that's something that sheriffs and chiefs are hungry for. the fbi and the secret service are pushing out lots of training, pushing it out online so people from their desk in a police station have become a certified cyber investigator.
9:01 pm
the reason that matters so much is there's never going to be enough federal agents to answer the call, answer the bell of tens of thousands of small businesses who need help. and so we've got to equip our local partners to be able to offer that assistance. >> thank you so much, and i yield back, mr. chairman. >> the gentleman yields back. i now yield to the chairman of the agriculture committee, mr. conaway. >> thanks, chairman. director clapper, you mentioned the dark web in your comments, and maybe mr. rogers may be able to better answer it, but could you give us a better description of what that means and how it's being used, and can you tell if information that's been purloined from somewhere else is actually being sold in that arena? >> jim, the dark web? >> the dark web is that portion of the internet that is not touched by any of your normal search engines. so you won't find it through google or yahoo! or bing or anything like that. you have to go looking for it. and so, it requires specialized knowledge and often to operate
9:02 pm
the required specialized software. because it is not reachable and it is hidden, sort of a below-level, below the waterline, it's attractive to people who want to avoid any kind of scrutiny. so it's very attractive to criminals of all sorts. >> so have you seen it actually being used to sell information that's been stolen elsewhere? >> oh, certainly. we just took down a forum in the dark web that was being used to trade information -- personally identifiable information and skills. what the hackers have done is, hacking has become so sophisticated, it's become specialized now. so no one does all the different pieces that are necessary to steal your identity and then cash it out. and so, it is on those places in the dark web that they meet each other, and someone who specializes in cashing out can talk to someone who specializes in stealing, and someone else who has a specialty in hiding things on a particular server can sell their services there. so it is a world full of criminals, which is why
9:03 pm
investigators for the fbi and our partners spend a whole lot of time there. >> so do you have the right tools, the right -- i mean, is any of that activity that should be criminal that's not criminal yet, are there areas where we need to improve what you can do in that arena? >> i think by and large, we have the tools, congressman. and what we're trying to do is with our international partners, that's the key, because just finding the bad guys from the united states doesn't help us if the bad guys are all around the world. so the operation i just mentioned involved 20 countries simultaneously locking these guys up. so we send a message that you think you're hiding from us, but you're not hiding from us. the dark web is not a safe place to conduct criminal activity. so i think we have the tools and the fbi to get in there and find them. and what we're getting better at is building those international relationships. >> do you have the requisite authoriies that you need? >> i believe so, yes. >> without getting into details, can you assure us that whether it's a breach or attack at opm, that at this stage you've
9:04 pm
reverse engineered well enough to try to put in appropriate protections elsewhere in the dot gov world about. >> i don't think that's something i'm best to speak about. >> and for nsa, we provided opm with 19 specific recommendations on how we would suggest changes to the network structure would help forestall future such activity, dhs in addition is identified, recommended improvements. i know opm is working their way through that and has a plan for how they're going to implement the steps they believe are necessary to ensure that they don't see a repeat. >> it's not your lane, but they can't be the only ones who had the problem. is that information -- those recommendations being shared beyond just opm? >> yes. so part of what we try to do and it really goes to representative sewell's point, every time we find ourselves with a major incident, we try to ensure that the insights we generate from that are share more broadly, both across the government with our private sector partners, because we're the first to
9:05 pm
acknowledge it's likely that others will attempt to replicate the same kind of ttps, as we would say, the same techniques they're using again so we try to make sure we share information broadly. >> general clapper, is there authority anywhere for someone to require all these government agencies, opm, others to actually implement the recommendations or to set standards and then hold agency executives, secretaries of the various, you know, cabinet folks? is there somebody who can say you have to do this by a certain period of time? >> i can't quote you a chapter and verse. maybe others here can. but i think it just -- from the simple standpoint of institutional responsibility for tending to their networks -- >> yeah, they all work for the president, but it's a little -- you know, you wouldn't expect him to call down and make sure it happens.
9:06 pm
is there someone in the hierarchy of folks who work close enough to the president that that can actually be required to happen? >> mike, can you help me with that? >> in the aftermath of opm, more broadly across the federal government, the white house set up a task force that's specifically designated a series of concrete steps that were required to be executed. by memory as we had to finish it all within a 90-day time frame, every department across the government. as the dni indicated, i always try to remind people in the end, this is all about accountability and leadership. and how you prioritize in a tough environment where you're competing for limited resources. you've got 1,000 challenges you're trying to deal with as a leader, trying to ensure that you're sending a strong message to your organization and your subordinates about your expectations are and what's acceptable and what's not acceptable and fundamental lapses in your ability to protect information that our citizens have shared with us from the government --
9:07 pm
>> i think you want to point to an institution in the government that has that responsibility for the -- you know, government-wide is probably the office of management and budget. and, of course, appropriately, they have the power of the purse. >> thank you, gentleman. yield back. >> gentleman yields back. the gentleman from california, mr. swalwell. >> thank you, chair. i want to thank the panelists and the i.c. for your work this summer. we took down some planned isil attacks in america as cooperation in the community and the fbi made some very helpful arrests. you know, and that highlights, i think, you know, we have to be perfect. they pull off one attack, and it hurts people. it caused panic. so thank you for doing that. i want to follow up a little bit on what mr. conaway was saying. my question's for director comey. as a former prosecutor, i appreciate how hard it is to go after, you know, what we were
9:08 pm
kind of call a paper case or a computer case. it takes a lot of work and to figure out whose fingertips are on the keyboard causing these attacks is very difficult, especially when they're drawn across the globe. but do you think we could do a better job of making sure we hold these people responsible, show them to the world and deter more attacks? because right now it seems like we are almost entirely on a defensive posture. and i think you hinted that a lot of this is because of international challenges. we just struck an agreement with iran that involved china and russia and countries we don't normally agree with and work with. do you foresee an opportunity for a compact with nations to go after some of the cyber criminals -- cyber espionage i think is different, but cyber criminals that would better assist you to do your job? >> i do. i think the bad guys through the use of the internet have shrunk the world.
9:09 pm
they've made places that are tens of -- hundreds and thousands of miles apart, next-door neighbors on the internet. so our strategy, the fbi's strategy is shrink the world back in two ways. forward deploy fbi cyber agents around the world and also equip our partners around the world with technology and training and people so they can help us. because you're exactly right. the bad guys think it's a freebie that they're in their pajamas at their keyboard halfway around the world. they can steal anything in america. we're trying to do is make them look over their shoulders at if they're in america at an fbi agent. but if they're halfway around the world and an agent from that country, and it's getting a lot better. countries from around the world see this. it can always be better, though. >> thank you, director. and with respect to what ranking member schiff was talking about earlier on the end-to-end encryption and the challenges there, i certainly would hate if we didn't do everything we could to prevent the next attack and know where it's going to come from.
9:10 pm
and the challenge that you have laid out, i think, you know, quite articulately over the past year about going dark, as you mentioned, it has tension with some of the security and privacy values that we also have. how do you see us reconciling that? and you mentioned making sure that we work with industry. it's not just policy, but, you know, back at home in the bay area, you know, it sometimes seems like we've forgotten about september 11th and privacy is, you know, paramount concern. how can we reconcile the two as lawmakers and also with industry so that we don't look back and see that we could have prevented an attack, but we were dark? >> i think from the government side, our responsibility is to talk to folks and explain to them we're not maniacs. the fbi is not an alien force imposed upon the american people. we work for the american people. we work with the tools that they
9:11 pm
give us through congress. and so, our job is to say hey, look. our tools are being eroded. and we're not making it up. what has helped people, i think, in the isil threat is see that we're not making it up. there really is a conflict between two things we all care about deeply. and if we're going to protect people, we've got to figure out how to resolve that. but also, not be arrogant and think well, the answer is, from the government. you should not look to the government for innovation, right? we can do a lot of great things, but technological innovation is not our thing. i think we've got to start by saying we have a problem. we all love this great country of yours. we have to come together to try to solve it. everybody who says it's too hard, i really believe we have not given this the shot that it deserves, and we're going to continue talking about it to try and demystify it and blow away this nonsense that we're at war with each other. this shouldn't be venom. we should all care about the same things and figure out how to solve it. >> and director, finally, if we were in a posture where if american companies -- or if most
9:12 pm
of the end-to-end encryption that was being used by the bad guys ended up being overseas or companies that were overseas, what is the plan to make sure we can still protect communications that would threaten america? >> how we would reach -- infrastructure completely overseas? >> yeah. >> we'd have to do it with our foreign partners. as i said, i think every civilized country, every country that cares about the rule of law thinks about this in the same way. all of us have to reconcile those two values. we have to do it as international community. i do think there's a reason, as i said earlier, that we should figure out how do we want to govern ourselves. but we also just don't want to chase the problem where we can't get to it. so we've got to figure out our piece and also work with our international partners as a community of nations to figure out how to address this. >> thank you, director. and again, thank you all for the work you did this summer and continue to do. and i yield back. >> gentleman yields back. miss ross lehtinen of florida. >> thank you so much, mr. chairman.
9:13 pm
this morning, the treasury department targeted four key hamas leaders as financial facilitators for their terrorist acts and sanctioned them. one was saudi, one palestinian, one egyptian, one jordanian, as well as the front company that they used to transfer all of these dollars. and they were providing incredible financial support to individual terrorists as well as the groups they belonged to. and this highlights the international scope of fund-raising by these terrorist enterprise and the directing of military operations, the facilitating of transfer of funds all done within the cyber domain. were it not for that, they would not be able to move this money around and plan these attacks. we're talking tens of millions of dollars that were moved from iran to saudi arabia. a lot of money laundering.
9:14 pm
how confident are you in your individual agencies and working together that you have the necessary resources to continue to track these terrorist activities that will be able to continue to sanction these individuals? they keep popping up as soon as we put these four guys down and put them out of business, four more will pop up. but we are able to track them thanks to the technology that we have. so how confident are you that we can continue this sort of like in the coast guard in my congressional district, we just have to get faster boats than the drug runners who are moving their drug shipment. >> i think we have -- thanks for the question, ma'am. i think we have a pretty good understanding of the financial mechanisms that are used. we could always do better, and we could always use more resources. but we certainly have put focus on the whole issue of threat finances.
9:15 pm
that's a whole new realm of intelligence that has evolved over the last decade or so. i have a national intelligence manager for threat finance who is also the chief intelligence officer in the department of treasury. so we have very good linkage, i think, across the community using -- bringing to bear all the resources of the community, et cetera, to focus on this. but it is a constant challenge because as you've, i think, implied in bringing this up, this is the lifeblood of terrorist -- international terrorist activity. john, do you have a comment? >> i think we certainly have the tools. we are trying to make sure we utilize all of our various intelligence capabilities. but as jim mentioned before, we have ppd-28, and there are issues related to access to metadata, bulk collection, other types of things that i think it gets into this issue about what
9:16 pm
can we do for security purposes, but what also might, in fact, impact on privacy, civil liberties issues. so the treasury department relies heavily on the intelligence community to make sure that they have a sufficient basis to designate these individuals, and as jim said, we're working very closely with them. >> is there something that we can do in terms of changing any laws that would allow you to do your job better in a way to bring down these terrorist organizations and the financial wherewithal? >> rather than respond off the tops of our head, why don't we take that for the record and give that some thought? >> thank you, sir. thank you, mr. chairman. >> gentle lady yields back. mr. turner is recognized for five minutes. >> thank you, mr. chairman. again, thank you all for being here and thank you for your diligence on an issue that is an incredibly important one, not
9:17 pm
only is it an issue as director clapper has said of us losing information, but of the prospects that ultimately we could be looking at a change in the trend as admiral rogers was saying, the manipulation of data or actually damaging of data and effectiveness. i want to ask two questions that relate to coordination. general stewart, good to see you again. last time i saw you you were in my district at the air force base. thank you for being there. my concern on the first question on the issue of coordination is with respect to isil and following on mr. swalwell's question, we have the director of the fbi, of course, who is trying to ensure that where we have isil who is using social media to recruit individuals, that he find those individuals in the united states and thwart their opportunity or their planned attacks. of course, obviously, with
9:18 pm
d.o.d., their goal is to find these individuals and bring justice to them so we neutralize the threat as they continue to operate. the isil's use of personnel -- trying to target military personnel and also facilities through social media is of concern, of course, across the country and in my own community at the air force base, even public events have been canceled. but when it goes to bringing justice to that individual that's not in the united states, the director of the fbi is not involved, the d.o.d. is, and coordination is an issue. and i'd like, general, if you could speak a moment about the issue of the concern of our ability to bring justice to them and what our progress might be there. and the second issue is with respect to the office of personnel management. again, back to the national air and space intelligence center, i have thousands of individuals in my community at the air force base that are very concerned about the data breach, specifically with the sf-86 submission and the information that's contained in there. director clapper, you mentioned
9:19 pm
that there are personal effects both on -- that could be damaging on financial information, actions that could be taken to them individually. it also includes their families. but you go to the next layer of then what happens with our national effectiveness as that information is compromised. and i'd like, if you could speak a moment on the issue of coordination of that. you're all dependent on opm to protect the information of the people that allow your agencies to be effective and to function. general? >> congressman, the dia enterprise extends not just here in washington but down to the combat and commands, to the service intelligence centers and out to the forces that are on the ground in respective aor. we coordinate daily on activities that we see across that entire spectrum of the enterprise. so we're in contact with the services. we're in contact with the combat and commands. we're in contact with our analysts here at our regional intel centers to make sure that
9:20 pm
we get the best characterization of the threat, the best characterization of what they're capable of, and more importantly, if we can target them, how do we get that targeting data down to those forces that can, in a kinetic way, in a combat way, bring justice to these forces? to our adversary. and so i feel very comfortable that we are talking. so not only are we talking to those units below us, but we're also talking laterally. none of what i can do at dia can be done without the efforts of nsa or the things that are being done at cia. so we bring all sources of information together, package that to all our consumers from the national level all the way down to our forces on the ground, and then we hopefully can bring that targetable information that will strike those actors in a very kinetic way. >> then, director clapper, on the issue of also personal risk, it also includes the
9:21 pm
professional risk, of the danger of this information being out. if you could speak to that for a moment, knowing that there are thousands of employees who are very concerned about that breach. >> well, that's quite right, sir. there is potentially -- and i emphasize the word potentially -- great risk certainly in the case of intelligence people, particularly those assigned overseas, and in certain covered categories, that's a great concern of ours. what we have done through the auspices of the national counterintelligence security center is to do as much education as we possibly can on what the potential implications are, both, as i said, institutionally and individually. but at this point, we haven't seen, as we discussed before, actual evidence of the use of any of this data in a nefarious way.
9:22 pm
i wanted to ask director comey to comment, as well. >> i agree with director clapper's characterization. i worry, with our workforce being a little confusing, that we -- i have talked to my workforce about this, that we got everybody credit monitoring. that's actually not my worry about this information. i feel like that's buying people flood insurance when their neighborhood just burned down. the fire is what i'm worried about. it's not people's credit cards and their credit rating given what we think the information was taken for. we see no indication of it being used to hit anybody's credit rating or credit accounts. i don't think that's the concern. at the same time, i don't want to put people completely at ease because as director clapper said, there's a significant counterintelligence threat that's associated with someone having this information, a nation state. >> gentleman's time has expired.
9:23 pm
the gentleman from ohio, dr. wenstrop. >> thank you, mr. chairman. thank you all for being here with us today. you know, we talk a lot about china, russia, north korea, iran, nonstate actors, and we're concerned with attacks in nesting and the dark web, et cetera. how much of what we're seeing is taking place from within the united states? are we having bad actors within the united states that are participating in attacks and nesting and on the dark web? >> well, we have our fair share of criminals, and criminals increasingly operate online because that's where our lives are. i think that's where children play. that's where we bank. that's where our health care is. and so, people want to hurt kids, that's where they're operating. then they're often sharing images with each other on the dark web hoping that we won't be able to find it, that they'll use the onion rueter to hide their communications. as part of child exploitation, we see fraudsters of all kinds. whether it's health care or just trying to steal your banking transactions, trying to operate in a way that we can't see. and so they think if they go to the dark web, the hidden layers so-called of the internet, they
9:24 pm
can hide from us. they're kidding themselves because of the effort that's been put in by all of us in the government over the last five years or so that they are out of our view. but it's a big feature of criminal activity in the united states. >> from a government standpoint and international relations in coming together and trying to combat cyber, do we have full confidence in working with the five eyes? beyond that, where do you think we should go or where are we going in that arena? >> i think i speak for my colleagues on this panel. we have full confidence in the five is. we are very closely latched up when it comes to all matters cyber, whether it's counterterrorism, counterintelligence and criminal. that's a fabulous relationship. it's as healthy as it's been for 70 years. and increasingly, as i said, all states that care about the rule of law are engaged on this. where we have problems is with certain states, russia, in particular, where it's very hard for us to get cooperation and get the actors apprehended, and
9:25 pm
so, we have to hope to grab them when they leave the country and travel. the good news is all of the successful cyber criminals have lots of dough, and they want to go on vacation. and that's where with our partners, we grab them up. >> does anyone think there is a potential for a geneva convention-type of arrangement to be made? because i consider the cyber world to be a world war taking place right now each and every day. is there a potential for a set of international rules, even amongst some of the people that we consider to be our adversaries? >> well, yes. there's a potential for it, and one would hope that -- and of course, it took many, many years for the geneva conventions to evolve, and i suspect it probably will in this case, as well. but i think the hope is that there could be established some international norms governing behavior, particularly what civilized nation states will do about criminal behavior and the
9:26 pm
use of the internet for terrorist purposes. and there are many, many countries that have an interest in that. >> how do you suggest we begin that process? >> well, certainly the public discourse, i think, is useful. it is certainly a topic within intelligence circles that we discuss with our friends and allies, particularly the five is. so there is a growing body of interest in this. but again, i hark back to we're from the intelligence realm, and this really is a policy issue that's kind of over our labor grade. >> well, that answers my question. that's what i was asking. one other question, has north korea conducted cyber attacks on u.s. companies since sony? >> your question is did they? >> have they? have they conducted any that
9:27 pm
we're aware of since -- >> since sony? not that i'm aware of. mike? >> we haven't seen any offensive destructive actions directed against the u.s. corporate sector by the north koreans since the sony incident. >> any conjecture -- is there anything that -- and you don't have to go into detail -- but did america act in any way that maybe has been a deterrent for them to act again? >> i certainly hope that's the case. the president came out very publicly and talked -- acknowledged the act, attributed the act and then talked about what we were going to do in response to it and then talked about and were we to see continued activity along these lines, we will take additional action potentially at the time and place of our choosing. i hope that's been effective. i would argue your question was narrowly focused against activity against the united states. i would argue i have watched them do other offensive actions in the post-sony environment. >> thank you.
9:28 pm
my time's expired. i yield back. >> gentleman yields back. gentleman from utah, mr. stewart is recognized. >> thank you, mr. chairman. and gentlemen, thank you for what you do. if there's anyone who's going to save our nation from future chaos, it's the work of you and your agencies taken together. i have great respect for all of you. i consider some of you friends. mr. brennan, i've spent a lot of time with some of your guys around the world in the last six months, and they are heroes. admiral, you and i spent time together last week in utah. thank you for your support there. i have a question, and i want to get to that, but before i do, director clapper, you've said some things that i don't understand. and i hope you can clarify for me, if you could. and that is coming back to the opm breach, and you said it's not an attack. and i guess i would ask you to clarify that. and if i could elaborate just quickly, i understand there may be a technical definition. but there's a couple things that trouble me. one is that we say that we have no evidence of nefarious activity because of that, but we don't know that.
9:29 pm
if someone is being blackmailed because of this information that's been taken, we wouldn't know that yet. if someone's cover had been revealed because of the -- you know, this information being available, we wouldn't know that yet, so we don't really know what has been the effect of this being taken. and can you define for me what is an attack, and what isn't -- or doesn't meet that definition? because this seems to me like it would be. >> my working definition of whether it's an attack or not, and my characterization of it not being an attack in that there was no destruction of data or manipulation of data. it was simply stolen. so that -- that's a passive intelligence collection activity. just as we do. >> well, and it seems to me, sir -- >> and to your other question is, you know, we don't know what could be going on. that's quite true. all i'm saying is there's been no evidence surfaced to this point of the use of this data in
9:30 pm
a nefarious way either against individuals or institutionally. that's not to say we're not mindful of that and that we're not watching for it. >> and i'm sure that you are. i do think that it seems to minimize the gravity of this event by characterizing it not an attack and saying at this point we are not aware of any nefarious activity when there very well could be and many of us view this as simply more than just data mining. but if i could go on to my question, and i need to set this out very quickly because i really would appreciate your response. national security is a matter of cost benefit analysis. you have nation states that say here are our ambitions. here are our interests, our goals. and on the other hand, they have to, you know, kind of measure the cost of reaching those goals or defending those interests. what are the risks or what are the obstacles that they may overcome in doing that? and it seems to me we haven't weighted the scales on the side of our adversaries in making them know and understand the
9:31 pm
risks and the costs. and i think the effect of that, we have weakened the idea of deterrence or at least maybe i don't understand the idea of deterrence. and it seems to me that when we see these attacks, as we have in the recent past, some of them associated with nation states, but they seem to act with impunity. and can you help me understand, what is our policy regarding deterrence? and i know that there's some regards to that that you wouldn't want to talk about, but it seems to me if we can be more open about how we will respond, that that could act as more of a deterrence, and i'm not sure that we've done a very good job of doing that yet. >> personally, this is not a company policy, this is my own view, that until such time as we do achieve or create both the substance and the mindset of deterrence, that this sort of thing is going to continue.
9:32 pm
the opm breach, and as admiral rogers has stated on more than one occasion, this is not a one-off, and we will continue to see this until we create both the substance and the psychology of deterrence. >> well, i couldn't agree with you more. i've editorialized about this a number of times, and it just seems that we enhance our security, if we can deter rather than just monitor and take action after the attack. i know there's a fine line you have to tread there because you don't want to reveal our capabilities. you don't want to, you know, reveal how we track and in some cases how we may deter or we may, you know, retribution. but i'm hoping you agree with me. and director, it seems like you are -- that if we could be more open and more clear about our deterrence policy, that that would benefit us. >> those are policy issues. and certainly, as an intel guy, i would be an advocate for that. but ultimately, that's a policy call. >> i understand that.
9:33 pm
and in five seconds, anyone else on the panel like to address the deterrence? okay. thank you, mr. chairman. >> gentleman yields back. mr. carson is recognized for five minutes. >> thank you, mr. chairman. i think we all understand that we face serious threats as it relates to hacking in the cyberspace. but we also are dealing with a larger cve strategy and the distribution of propaganda and the radicalization of americans really using online platforms. so i think it's obvious that we have some very challenging concerns about the constitutionality of protected free speech. my first question would be, how effective are these online radicalization efforts domestically? are there particular subsets of
9:34 pm
our society that are most greatly influenced? outside of -- secondly, outside of encouraging voluntary compliance by google, facebook, twitter and others, what authorities do you guys have to forcibly remove propaganda and other recruiting materials? and what authorities could congress empower you with to help in those efforts? >> i think i can respond to that, mr. carson. first of all, they are, as we've seen over the last six to nine months, these recruitment efforts using social media are highly effective. isil started investing in it about 12 to 15 months ago. and the fruit of that was seen with all of the people we had to arrest to stop plots late this spring and this summer because social media works. whether you're selling sneakers or selling the poison of the so-called islamic state. so it works. the -- in my experience, the social media companies have been highly responsible and responsive in trying to take down media that is offensive and that is related to a terrorist group.
9:35 pm
the challenge of social media is it's the most complicated spider web in the world. and so, you end up having a hard time finding it. and then when you find it and shut it down, it chases to some other place. so it is an enormous problem. and i don't have a simple answer to it. but i do want to say they have been responsive and responsible in my experience. the people who respond to it are troubled minds. people seeking meaning in their lives and folks seek meaning in all different kinds of ways. unfortunately, there's an audience for this kind of poison, that they'll find meaning in the ultimate battle at the end of times through the islamic state. that's craziness, but troubled souls -- and we see people who have problems with alcohol or problems with their families or problems with the law and are seeking orientation in their life are responsive to this kind of stuff. the fbi's piece in that is trying to do two things at once. first, send a strong message of deterrence. that this is not a way to find meaning in your life. this is a way to find years, maybe decades, in a federal
9:36 pm
prison. so that ought to factor into people's consideration. and to equip police officers and community service providers and parents with the markers of radicalization. we've gone back through every case we've ever seen and developed a matrix of these are the things that are indicators of that journey, and we're trying to equip people with that so they can see it and help reorient the person. >> has the citizens academy been active in increasing awareness or even more community engagement as it relates to a larger cve strategy? >> yes. citizens academy is a part of every fbi field office where we invite community leaders to come in, learn about the work we do and then go out into the community armed with an understanding of the challenges we face. and they're a key part of that because nobody wants to see these people turn to the dark side in that way. and so our goal, again, we have to be careful because we care deeply, as everybody in this room does, about the first amendment. so we don't want to have the fbi in the business of trying to
9:37 pm
tell people, here's the true meaning of islam. first of all, we're not qualified. we should be nowhere near that. we want to equip the good people of the united states with an understanding of the markers of radicalization so they can have those conversations. >> that's an important work, and we appreciate the work that the bureau does and the rest of the agencies represented here. i do want to say, though, director, respectfully, and i think you know this, i don't have to say it, when we talk about radicalization, islam does not have a monopoly on radicalization or even cult-like activity. there are so-called christian groups that are purporting racial mythologies that are just as destructive in the midwest. when i worked at the fusion center, a lot of the calls that we got dealt with white supremacist groups claiming to represent christianity. judism is represented as well and other groups. i think that in our larger cve effort perhaps we can educate the public that islam does not have a monopoly on radicalization, but we appreciate what you guys do. >> thank you. >> thank you. i yield back, mr. chairman. >> gentleman yields back.
9:38 pm
mr. pompeo is recognized for five minutes. >> thank you, mr. chairman. director clapper, good portions of the patriot act expire next year, is that right? tell me what efforts the intelligence community has put in place. we struggled mightily with respect to a handful of sections, section 215 and others to get put in place in a way that was meaningful and helpful and allowed you to perform your functions. tell me what efforts that you all are engaged in, contemplating what happens if those provisions do expire and they're not renewed, or any efforts you're engaged in to -- you or the administration are engaged in ensuring that those provisions do not come off the books. >> i guess the best response would be to take that one, too, as to what the workarounds might be if it totally expires.
9:39 pm
i guess, you know, the hope is that they all won't, and we'll have to figure out workarounds. but i guess i don't think we're prepared here to respond directly to the question, so we'll get that for you. >> i just raise it. it seems like a long ways away, the middle of next year will be here awfully quickly. we have had enormous struggles legislatively to get these things accomplished. and i want all the members of this committee and all of you to know that there are a bunch of us determined to make sure that these provisions are continued, if they need to be modifies in some way to update and make them consistent with what we're trying to achieve today, but we should not wait until may to begin thinking about what the impacts are. >> you're quite right, sir. and i appreciate your bringing this up. and i'd like to give that a serious response. so we'll get back to you. >> thank you. this is for anyone, but i'll start with director clapper. we've been in negotiations that are now complete with iran. we have an iranian nuclear
9:40 pm
review act that congress -- that the house is considering today. can you tell me what the iranian behavior has been in the cyber world during these discussions? have there been any noticeable changes either as the negotiations continue came to fruition or where we sit today? >> mike, why don't you -- >> we have publicly acknowledged if you step back a little bit in the 2012/2013 timeframe, we were seeing significant iranian activity against the u.s. financial sector, trying to take down financial websites, flowing out of '13 as the negotiations kicked in in many ways, we saw less activity directed directly against us, but i would remind people, i have not seen the iranians step back from their commitment to cyber as a tool, and we see it being used against a variety of actors in the gulf and in the region, that they continue to be fully committed to how can they use this capability to achieve a broader set of national objectives. >> thank you. mr. chairman, i yield back my time. >> gentleman yields back.
9:41 pm
the gentleman from connecticut, mr. himes. >> thank you, mr. chairman, and thank all of you for your commitment and time this morning. i want to return to a theme that i was bringing up in my opening statement. that's just a couple of questions related to clarity around international norms in the cyber realm. the first question, i guess i directed at mr. clapper. there is some debate as to whether currently existing international treaties and international law, laws of war, are perhaps sufficient to provide the clarity that you need operationally. and i understand there's a policy question here, but i'm asking an operational question, which is, do you think that that's true, or do you see the cyber realm as distinct enough from the territorial or other realms such that it would be operationally helpful to have specific clarity around laws and norms in the cyber realm? >> well, i'll offer an opinion and that's all because it is, as you say, a policy issue.
9:42 pm
i do think that there needs to be norms that are specifically tailored for the cyber domain. it's to me at least somewhat analogous to the chemical warfare conventions. that it has some technical aspects that i think need for them to be meaningful and effective, need to be adapted. perhaps drawing on some of the principles of what we now know is international norms in other realms, but i do think there needs to be some tailoring. mike, you have a view on that? >> i would echo that. i think that there are mechanisms out there and frameworks that we can draw on. there's certainly some differences within the cyber arena, and i'm the first to acknowledge that. i think the important point you raise is, clearly, we still do not have enough clarity. and clarity, particularly if i
9:43 pm
put on my operational role as cyber command, clarity is everything to me because that enables -- that helps enable speed of response, help generate better outcomes. so i think it's important for us as a nation, and i would argue more broadly, internationally, to come to a sense of so, what are these terms? what are these definitions? what is a framework that enables us to quickly decide what's acceptable, unacceptable and what's an acceptable response? because currently the environment we're all in right now, i don't think anyone is satisfied with the environment we find ourselves in right now. >> thank you. so last question is, i guess, where are we? is this an effort to which your respective organizations are actually contributing significant resources, prioritizing, and obviously, there's groups that aren't represented here like the state department that would be pretty critical. is there something that you see in the u.s. government as a priority? >> well, it's clearly a matter of discussion in the
9:44 pm
interagency. and i think you're quite right. the state department probably the better institution to speak to than intelligence. >> any other observations? comments? okay. admiral? >> i would just say, clearly, the i.c. participates in those discussions. and we get the opportunity to provide a viewpoint and perspective. we try to back that up based on the insights and the data we generate, which is what the expectation is for us as intelligence professionals. i think, you know, clearly, we are all frustrated that this is taking us longer than we would all like but i would not want anyone to believe it is not beuse of a lack of effort and it's not because of a lack of recognition that this is a set of issues that fundamentally need to be addressed. >> thank you. chairman, i yield back the balance of my time. >> the gentleman yields back. i want to thank the panel today. thank you for being here.
9:45 pm
thank you for being willing to testify in public. we will have questions that we'll submit for the record. and i think, director clapper, there's a couple questions that may have to be answered in a classified setting, but we look forward to receiving those. i'd like to remind members that they have ten legislative days to submit questions for the record. before we adjourn, i'd like to just quickly recognize lynn westmoreland. >> thank you, chairman. and i want to thank director clapper and director brennan and admiral rogers for your participation in a georgia regents university, the cyber symposium that they are putting on in augusta, georgia, as you know, the nsa facility is there and expanding. and i know that director clapper and director brennan have both stated, as well as admiral rogers, about the need for young talent to get involved in this field.
9:46 pm
i want to thank the director for sending miss o'sullivan down to speak this year. we were hoping we could get you, but we're glad to have miss o'sullivan and the same thing -- >> you're getting a better speaker. >> yeah. and sending him. thank you all and thank you for your support and realizing that what we're doing is trying to get young talent to recognize the importance of our cybersecurity, so thank you very much. >> thank you. >> well, once again, thank you, gentlemen, and hearing's now adjourned. earlier this week, director of national intelligence james clapper was the main speaker on the opening day of the intelligence and national security summit in washington, d.c. he assessed the state of u.s. intelligence and discussed the intelligence community's effectiveness and accountability. this is an hour.
9:47 pm
>> thank you, joe. good morning, everybody. delighted to see that we have such terrific attendance here. i was wondering when i first arrived whether we'd be able to fill up the room but we've done more than that so that's just a testimony to the importance you attached to this conference. i'd like to echo joe's comments regarding our partnership with fca. we have and continue to enjoy working with fcia and look forward to continuing this partnership again next year. there's no better place to begin our exploration of the state of u.s. intelligence than with an address from director of national intelligence james clapper. the fourth director of national intelligence and the leader of
9:48 pm
all united states intelligence. director clapper has served in united states intelligence for over 50 years. with more than 30 of those years in uniform. he has served as the director of two national intelligence agencies, the dia and the nga. he's been the undersecretary of defense for intelligence. and as a private sector executive, leading industry support to the intelligence community. there is no intelligence leader past or present with director clapper's depth and breadth of experience across multiple intelligence domains. and both in the private and public sector. and i say that with all due humility as the first director
9:49 pm
of national intelligence and i marvel at the wisdom and experience that jim has brought to his job and which i believe has really enhanced the standing and the prestige of the odnia and i think it's also important that unlike his predecessors, he's managed to spend a good bit of time on this tour of duty. i believe more than five years at this point. his career and many accomplishments serve as an example of the power of both intelligence community integration and public/private partnerships. when director clapper completes his remarks, i will moderate a question and answer session and look forward to including many of your questions, as well. so, as was mentioned earlier, write them down and they will be
9:50 pm
collected from you by the conference staff. it is an honor to have director james clapper with with us toda. please join me in welcoming him to the 2015 intelligence and national security summit. [ applause ] >> well, thanks. it's great to be back on the stage with this integrated group. spent the past five years prescribing -- preaching the gospel of intelligence integration and it's been my major theme during my tenure as dni. it's really the reason i think the office exists. it's what the 9/11 commission
9:51 pm
advocated and it's what intelligence reform and terrorism prevention act legislated. but perhaps my successor won't need to even talk about it. now, this morning, seeing mo begin ski and joe working together, almost makes me feel like intelligence integration is really catching on. by the way, mo and joe has a certain ring to it. either a singing duo or selling car parts together, i'm not sure which, but -- so for the rest of this speech and the spirit of integration, i'll refer to you jointly as mojo. because you have the joint mojo going this morning, as evidenced by this great crowd. so thank you both for the invitation to cake off this great summit and for nurturing the spirit of working together. so when i was here last year, i
9:52 pm
spoke about our new national -- then new national intelligence strategy quite literally on the day our publication was literally rolling off the presses. this year, we don't quite have anything as obvious like that to talk about. so i went to the summit website to read what mojo expected me to talk about. here's what the summit website said i'd be discussing. u.s. intelligence is an essential instrument of national power, and perhaps has never been more powerful than today, given advances in technology. and with great power comes great responsibility. that last line really struck me. with great power comes great responsibility. apparently mojo think that i'm spiderman. [ laughter ] >> in the interest of transparency, i'll tell you i'm
9:53 pm
not. i ask my staff, they say i look like spidey's uncle ben, but with less hair. but that line, with great power comes great responsibility, was used to introduce his first comic book appearance in 1962. in the spring of 1963, just as i was starting off in the intel business, marvel published the first issue of "the amazing spider-man." coincidence? yes. all kidding aside, we have a lot in common with spiderman. constantly have to worry about covert concerns, someone matching our oipts to our everyday normal lives. both spiderman and peter parker are known for genius level intr intellects and we're known for experts in cryptology, to
9:54 pm
denial, detection, and even rocket science. spiderman is known for super human strength. now couple days a week i lift weights in my office. jim and my spotter says i'm pretty strong for a geezer. of course my spotter is normally one of my detail guys. so his evaluation of my weight room prowess may be just a little bit biased. spiderman is known for his precognitive spidey sense. many of our customers expect us to be clairvoyant when it comes to world events. spiderman shoots webs from his wrists. some call him web head. more and more, we are focused on spider intelligence and the worldwide web. okay, i'll grant you, that's a stretch. there are even similarities
9:55 pm
between spiderman and the ic when it comes to governance. stan lee created mar rel, but sony pictures has control of spiedy on film. simil similar -- [ inaudible ] integrating priorities and resources across the ic is not easy, particularly when it comes to following the different laws, rules, and processes that reside in each one of those cabinet departments. what we're listing similarities, sony pictures and i both have a less than friendly interaction with north korea. by the way, every spidey fan here is hoping marvel and sony can integrate efforts and give the web slinger a role in captain america's civil war. so we have a lot in common with
9:56 pm
mar marvel comic's most popular. but i'll set that aside. because those few sentences, the ones posted just under my picture make a really good point. intelligence is a powerful and essential tool for our national security enterprise. and, again, with great power, comes great responsibility. those statements have been true as long as i can remember, and i can remember back a long way. my dad was in business in world war ii. as a consequence of traveling around the globe with him, i grew up on intelligence sites and antenna farms all over the world. of course back then, we didn't talk about intelligence publicly. five decades later, that's, of course, changed. in fact, it's changed a lot just
9:57 pm
over the past three years. i admit, because of my experience, growing up in the business and my five decades or so in intel, that it the kind of transparency we're engaged in now almost is genetically antith cal to me. and as i think back, which i want to do these days, air force second lieutenant jim clapper of 1963 would be shocked by the level of detail that we talk about, specifically in intelligence activities in general in 2015. that's been one of my major take-aways the past few years. yes, we have to protect our secrets, our sources and methods, our trade craft. but we have to be more transparent about the things that we canalk about. because now the american public expects to talk about how we're using the power of u.s. intelligence responsibly.
9:58 pm
and, again, with great power comes great responsibility. that's a lesson i personally believe we didn't learn quickly enough and that "we" certainly includes me. so that's why, more and more, we're discussing our work, to correct misunderstandings and to help -- try to help people grasp what we do, to show that we're worthy of america's trust. and to prove that we make worthwhile contributions to the security of americans and our friends and allies around the world. it's why over the past two years, the community has declassified more than 5,000 pages of documents about our work, and importantly about the oversight of our work. that which is conducted by all three branches of the government. and by publishing these declassified documents on our tumbler site, i see on the
9:59 pm
record and pushing them out on facebook and twitter, they've reached millions of people in the u.s. and around the world. that includes, of course, our adversaries who also have learned a lot from our transparency. but, i think we've come down on the side of transparency is worth that cost. we declassified these documents to show that we follow the law, and when we do make mistakes, we do our best to live up to that line stan lee wrote just a few months before i joined the intelligence business -- with great power comes great responsibility. we understand the truth in that line. it's why the president challenged us in his speech in january of last year, to formalize privacy protections for our intelligence efforts at home and abroad. and to be more transparent about how we implement those protections. this past january, published a comprehensive report answering
10:00 pm
the challenges the president publicly gave us in 2014. we also supported the usa freedom act, which authorized increased reporting of how the ic exercises some of its authorities. and this past february, we published the principles of intelligence transparency. and we stood up an ic transparency group with senior relationships from all over the united states. and their purpose is to -- and i meet with these great people -- to transform these principles into action. and i want to talk about those four transparency principles just for a moment. they're fairly simple. one, provide appropriate transparency to enhance public understanding of the intelligence community. that principle says what we ought to be transparent about and why. two, be proactive and clear in
10:01 pm
making information publicly available of course when we can. and that gets into how we should be transparent. three, protect information about intelligence sources, methods, and activities. and four, align ic roles, resources, processes, and policies to support transparency implementation. so the tenets three and four say protecting our trade craft, our sources, an individual responsibility, for each person who holds a security clearance. while transparency is an institutional responsibility for the ic as an enterprise. as a member of the intelligence community, blue badge or green badge, comes across information she thinks we should make public, we have processes in place already to review it for declassification. and if someone comes across something she thinks we're doing
10:02 pm
wrong, we have lots of avenues to report that activity, including legitimate avenues for whistle-blowing. make sure our workforce knows the rights and responsibilities on these issues, we've been publicizing how to recommend something for declassification, how to properly blow a whistle and what their protections are if they do so. we're also increasingly reaching out to the american public. as our transparency principle says, we need to be proactive and clear with transparency. because we're trying to help the public understand what we do in their name. it's why we in ic have declassified and published so many significant documents. the tumbler selected our ic on the record site for their 2014 end of year review. that's a big reason why this spring we sent our national intelligence council to to the
10:03 pm
south by southwest festival to engage people there and get them to help us identify trends in our next global trends report. also why we published a huge swath of documents on the abbottabad raid. and our publication of bin laden's book shelf, gave us about as much web traffic in two days, 750,000 site visits, and two million page views, as our website received in all of 2013 and 2014 put together. and if you ran a google search for bin laden, dni.gov was the number two search result behind only wikipedia. tomorrow in the name of transparency, i'll be on the hill once again in an open hearing, testifying on cyber threats and cyber intelligence. of course transparency can help us with mission, particularly when we're able to use image publicly. in 2013, we showed how syria
10:04 pm
used chemical weapons on its own people. in 2014, we made public the records regarding russia and flight mh17. as we passed the anniversary of hurricane katrina, i found myself thinking about the work nga did back when i was director. in the aftermath ever the hurricane, we reached out to nga for help. figuring out what precisely the storm had done to new orleans and the state of louisiana and the state of mississippi. how it had decimated so much property and rerouted waterways and blocked the ports. in general, helping him with situational awareness to manage the response, we worked very closely together. and i got to know thad allen
10:05 pm
very well. i very himself a close friend and a personal hero. this spring, me and my wife had dinner with him and his wife pam. we reminisced and told war stories. i found out that among the few mementos that thad and pam display in their home is a top graph cal three-dimensional map of new orleans given to him by nga when he retired. and he recalled fondly the superb work nga did after hurricane katrina as well as in the aftermath of the bp oil spill. that was all work that mattered. that directly made a difference to american citizens. and the people who were on the ground remember it. as we push forward transparency initiatives, we've been able to help with tragedies and natural disasters around the world. last summer and fall, the ic and
10:06 pm
nga had a huge and largely unsung impact on the control and containment of ebola in west africa, for providing open data on human geography to the countries and ngos that were involved. and for the first time ever, setting up a publicly available website for disaster support. this spring nga and the ic put the lessons we learned from the ebola outbreak into action after the earthquake in nepal. producing damage assessments, reporting on the operating status of airfeerlds, providing estimates on internally displaced people and displaying studies of transportation route. we saved lives and set a community on the other side of the world on the road to recovery. and those are things the intelligence community has done that i'm pretty proud of. once we made a commitment to be transparent doing these things, helping people in need were easy
10:07 pm
decisions, easy commitments to make. and i think going forward, we're going to have to be more transparent in talking about hard decisions and difficult choices. because we're in a difficult business in a challenging time. so this morning, i started my speech with a comparison of superficial similarities between the ic and spiderman. i think there's one other thing that the intelligence community has in common with spidey and more directly and more distinctly with peter parker. this gets to the heart of why spiderman has been one of marvel's most popular character since the first issue of "the amazing spider-man." 52 years ago, the same year i started in intel, before spidey, most comic books depicted the struggle between the super hero and the super villain. it was superman versus lex luther with kryptonite.
10:08 pm
with peter parker for this first time, comic readers saw a hero's inner struggles. they shared his experiences of trying to keep the job and earn enough to survive. trying to talk to girls, and watching helplessly as a loved one, his uncle ben, dies. and more than anything else, peter struggled with deciding what to do when his principles, his personal values came in conflict with each other. that's what made spiderman such an interesting character to follow. people have always related to his inner struggle with decisions. peter found that sometimes he couldn't keep a promise to a friend. and at the same time, as spiderman, help someone in need. the intelligence community is composed of people who similarly face tough choices. i think this often gets lost in the public discussion. we as an institution, and as a workforce, have principles and
10:09 pm
values that sometimes come into conflict. things like our need to keep sources and methods secret. and our desire to be more open and transparent with what we do. things like pursuing terrorists and others that want to do us harm and protecting the privacy and civil liberties of the typical citizens not just of this country but of the world who are rarely sometimes caught up in our collection efforts against the bad guys. solutions for these conflicts are not always obvious. >> i've been in meetings where we pulled out our copies of the constitution and bill of rights to get to the truth of what our principles and obligations are. wrestling with constitutional issues to make difficult decisions is part of our daily business. and just a fragment of what makes an ic career so unique. this is a difficult business. i've been in this job, as john
10:10 pm
mentioned, a little over five years, and every day, i realize that fact a little more. i've been pondering a lot about how to best express my feelings on my career and this job. and just last week, i came across an e-mail that captured them and expressed them better than i could ever have done. it was something an fbi director jim comey, one of our great leaders in all of government, sent out to his staff, and i want to share his thoughts. he wrote, i've been thinking about humility, lately. one of my weaknesses has long been overconfidence. i don't know whether it was the product of nature or nurture. but from an early age, i had a tendency to reach a conclusion quickly, hold to it firmly, and argue about it until the sun went down. fortunately, a whole lot of life experience has helped beat that
10:11 pm
out of me. in fact the older i get, the less i know for absolute certain, and the more i realize my own ability to see clearly and to reason well is limited. that's one of the reasons it's so important to have people around me who see the world differently and who will tell me what they see and conclude so that together we can make better decisions. jim comey's e-mail nails what i have been thinking about and pondering of late. there's a human aspect to intelligence work that gets lost in the public discussion. we're human, and when we forget that, when we're utterly certain about everything, when we stop questioning and stop listening to the people around us who see the world differently, wii more likely to make mistakes and poor decisions, that's what it means to be human. fans of "the amazing spider-man" loved peter parker because we can relate to his humanity.
10:12 pm
he struggles, he tries his best, he makes his takes, he learns from them, and he keens going. and he constantly tries to live up to the line that became his creed. with great power comes great responsibility. that line, so succinctly describes what the people in the intelligence community try to live up to every day. to show that we're worthy of america's trust and that we're worthwhile, because -- spoiler alert -- we are not comic book characters. we're americans working to protect our nation and at the same time, striving to live up to our nation's values. so, thanks again, mojo for inviting me to kick off the summit and thanks to everyone here this morning for listening and for being here in the spirit of integration to map out where our community goes next. so thank you very much. [ applause ]
10:13 pm
>> thanks very much, jim. that e-mail from jim comey goes all the way back to socrates. all i know is that i know nothing. i guess that's the ultimate wisdom. before i go to questions from the participants, i had a couple of my own. that i'd like to ask, just two. and i don't think they're curveballs in any way. the first, because i know it's a subject of great interest to everybody here. -- is the intelligence budget. i know you don't have a crystal ball, but i think we'd be very
10:14 pm
interested in hearing what you might have to say, what observation you might have to say about the status of the intelligence budget and what the prospects are for it in the months or years -- years is perhaps saying much. but as far out as you feel you can comfortably see in that regard. but what's your view on that? >> well, i guess if i had to pick one word to characterize the budget, environment, the budget situation for intelligence which is a microcosm for the rest of the government, i would characterize it as one of uncertainty. we are potentially facing the specter in 2016, depending on what happens on the hill, of another year of sequestration. this afternoon, and coincidentally, i'll be meeting
10:15 pm
with what we call the small x com, which are essentially the big six, on teeing up 2017. we're having to worry now about that budget year. and once again, as we look forward to 2017, we are again going to be confronted with putting together a budget with great uncertainty about his fate in the congress. >> the bca, the budget caps, budget control act, still apply. in fact, that law still runs until the year 2021. so we're going to be in this mode of making -- of not knowing what our funding level is ultimately going to be, and living from year to year in this uncertain context, which makes planning very, very difficult.
10:16 pm
you we have 30 or so major systems acquisitions to manage across the ic, most of those in the inner row. and it plays havoc when you don't know what the budget situation is going to be, and of course it has huge impact on our most valuable asset, which is our workforce. and that uncertainty, the lingering uncertainty, now stretching into four years, is having impact on the workforce, and that is evidenced in our latest ic climate survey. so it is a very daunting thing, a challenging thing to manage in this kind of environment. i will say that i believe the office, my office, od and i has been put to the litmus test
10:17 pm
during this four years of uncertainty of reduction. every year after 9/11, the intelligence community got more money and more people. it wasn't that hard to manage. we're in a much different mode now. i like to think odi has managed its keep by managing a cut environment, where we invest, and where we take cuts. and of course through all of that, the number one presept that i've stuck to for five years now, which is, the first priority is to try to protect the workforce. >> thank you for that. >> my second question, jim, goes to the iran agreement. and basically to ask you if you care to offer some comments on the verifiability of the agreement.
10:18 pm
>> that is pretty much where -- the lane i tried to stick to, and the ic tried to stick to, our ability to monitor compliance with this agreement, assuming it comes off. and we were required within five days after the agreement was struck, to submit to the congress a very detailed assessment of our, both capability, what we could do, and where we had lesser capabilities to monitor the agreement. so i come away with -- pretty confident, i won't say 100%. should never say that. but pretty confident that we can, in fact, verify, from our own sources, what the international community will be able to, through the mechanism the iaea, and its very intrusive, in fact,
10:19 pm
unprecedented access and ability to observe and monitor what the iranians are doing. so i'm pretty confident in that. we are fielding some independent capabilities which i can't obviously go into, despite all my protestations about transparency, about -- that will enable us, i think, to have good insight into the nuclear industrial enterprise of iran, if i can call it that. and i guess, at large, if you ask me, given a choice between a state sponsored terrorism with nuclear capability or one without it, i'd probably pick the latter. >> okay, so if we could perhaps go to some of the questions that have been submitted from the
10:20 pm
audience and the first one reads, and this really goes to the human resource issue of the ic as a whole. what will the ic workforce of the future look like in your view? how are we thinking about policies and processes for recruiting, retention, et cetera. and i would just add, are we getting -- how is recruitment going? are we getting the people we want? >> well, i will tell you that since 9/11, we have brought on a tremendous cadre of people. i just got back from a ten-day march in north africa and east africa. wherever i went, it's literally eye-watering to see what our intelligence people are doing.
10:21 pm
and the vast majority of these men and women have come on since 9/11. for me, a rather profound change in the community is that thousands have deployed to war zones multiple times since 9/11. that's had huge impact on the identification of missions in our workforce. and it continues to attract great young people to the intelligence community. i went to vietnam in 1965 and hardly ever saw a civilian. civilian employee or civilian contractor. they just weren't there. and that is very, very different today and that has had huge impact on the community.
10:22 pm
i remember when i left nga in 2006, i was there almost five years, and one statistic i recall that was quoted to me, 60% of the workforce had been hired during the five years i was there. and that's not unusual. that's across the board. we had, last fall, 31 vacancies and got 6,000 applicants. so we do continue to attract, i will also tell you that our attrition rate is pretty low. it runs around 4% and has, you know, plus or minus a tenth of a percent at least during the five years i've been dni. to answer your question, what's the workforce going to be like, well, i think one thing that i've noticed, what the workforce desires, particularly the younger people, is mobility. and we need to be able to
10:23 pm
facilitate the ability of our young people to come to the community and then go to industry, get refreshed technologically and then come back to the community. we need to figure out a way to facilitate that. so i think what i mind, what they're interested in, what's the technological challenge, where can i go to broaden my professional horizons? and they're not too concerned with sticking with one institution for a 30-year, lifetime career. that's a big difference from my day when i first got into this business. >> thank you for that. >> a somewhat related question. many have suggested that the intelligence reform and terrorism prevention act, and the odni are like goldwater nichols was for the dod.
10:24 pm
so how do you think the ic's journey is going ten years into this reform? >> well, i think -- again, we operate better as an enterprise, as a community, than we did ten years ago. literally had 9/11, so let's re-organize. and we can argue until the cows come home if that was necessary or needed, but it doesn't matter. it's the law. it's what the 9/11 commission decided was needed and that found its way into the intelligence reform and terrorism prevention act. we have a unique arrangement in this country for an intelligence community. it's really not -- although many countries, i find now, are trying to emulate it, it's not quite like ours.
10:25 pm
it's not like goldwater nichols, because that applied to one cabinet department. and the ic is an amalgam of 17 organizations that cut across six cabinet departments and two independent agencies. perhaps the spirit of goldwater nichols applies and we've tried to do that particularly with joint duty. and we're approaching somewhere in the neighborhood of 12,000 employees that have qualified for joint duty. many of them in deployed status. so i think we've made progress. we operate better as an enterprise, as a community. that's not to say there aren't issues and problems that we still wrestle with, and we'll continue to do that. and i suspect my successor will continue to promote integration. certainly in the spirit of
10:26 pm
goldwater nichols, if not the exact letter of it. >> if i could just add a comment of my own on that. i was not involved in the reform process. i was serving as ambassador to iraq at the time, and actually the first time i read the legislation was when the president asked me to be the first director. it seems to me, whatever the merits or demerits, one has to accept things as they are. that legislation was passed, and i think the idea of trying to reform the intelligence community again, at least in any significant way, would be opening up a can of worms. i think that the best thing is to try to make what we've got work. vice president cheney used to talk to me about maybe at some point you might have some perfecting amendments to suggest. but i'm not even sure that we want to do that.
10:27 pm
perhaps what we want to do is make sure we make the improvements we can within existing legal authorities. here's a question about the snowden affair. can you give a capsule summary of how the snowden issue has affected our ic operations, i guess not to mention our diplomacy. >> well, on the one hand it obviously forced some needed transparency, particularly on those programs that affected the privacy in this country. had that been all he had done i probably could have understood it better or maybe even tolerated it. but he exposed so many other things that had nothing to do
10:28 pm
with so-call domestic surveillance or privacy in this country. he's done untold damage to our foreign collection and analysis capabilities. terrorists, particular lea, -- particularly, have gone to school on the revelations caused by snowden. particular program in afghanistan that he exposed, that greenwald wrote about, and the day after he wrote about it, the government was shut down by the government of afghanistan, which was the single most important source of first protection warning for our people in afghanistan. so he's done huge damage to our collection capabilities, make no mistake about it. >> that's very, very interesting. and troubling, of course. here's a question i had wanted to ask you.
10:29 pm
as a leader who has uniquely observed major world events and the effects of the world events over the past years, what are your concerns with the mass syrian refugee situation on the different countries throughout europe, economically, national security wise, cultu culturally, et cetera. i guess to add something to that would be, how do we know what kind of people are going to europe in this refugee flow? >> well, it is, you know, getting to be -- in its totality, a disaster of biblical proportions. just look at syria alone where there are in excess of 4 million people that have left syria and another 11 million that have
10:30 pm
been internally displaced. of course a humanitarian situation internal to syria is a disaster. and so what this has caused, obviously, is this urge to go somewhere, anywhere, where there's some hope of their life improving. and of course as they descend on europe, one of the obvious issues that we worry about in turn, as we bring refugees to this country is exactly what their background. i don't obviously put it past the likes of isil to infiltrate operatives among these refugees. so that is a huge concern of ours. we do have a pretty aggressive program for those coming to this
10:31 pm
country for screening their background. i'm not as uniformly confident about each european country that is going to be faced with welcoming or allowing refugees into their country. this is a huge, a huge issue for all kinds of reasons. you know, the security implications are just one small part of it. but, you know, the economic, the social impacts are huge. >> and it's really captured global attention. it's on the front page every single day and i suspect it will be for quite a while to come. here's a question about russia. the resurgence of russian military power is not just playing out in eastern europe but also in places such as the arctic with one quarter of the world's oil reserves, future
10:32 pm
transpolar shipping and concern on climate change, do we have a greater need to balance our national interests above the arctic circle? >> well, first point i think is just, you know, a general statement about russia. and its very aggressive and for me concerning military modernizations, is of great concern. in some ways it's almost a throwback to the era of the cold war. and a challenge we have in intelligence is, we do not have nearly the resources that we did in the heyday of the cold war to allocate against watching what is becoming a very formidable adversary. manifestation of that is their
10:33 pm
aggressiveness in the arctic. of course underlying that are their own concerns and interests and claims for oil resources in the arctic shelf. and so they have set about a very aggressive campaign to either reactivate and refurnish -- refurbish bases in the arctic region, or build new ones. and it's very clear they are quite serious about a stake in the arctic. and i think, you know, the president's visit to alaska was intended to, i think, attract attention to this, why the arctic is important to the united states. and speaking of climate change, as controversial as that is with some people, the impacts of
10:34 pm
climate change are having and will continue to have huge national security implications around the world. it already is. the changes in climate and changes of weather and how that affects crops and the availability of water, which is getting to be, in many cases, a great point of friction between and among certain countries. >> here's a perennial. the background investigation and security clearance process and system -- these are pretty strong words coming here -- inefficient, wasteful and obsolete with the revelations about the opm data breach we now know that the system is corrupt, therefore untrustworthy.
10:35 pm
what are you doing to reform and reshape the background investigation and clearance process to bring it into the 21st century? >> well, what we're attempting to do -- of course, now because of all of the challenges with opm before the breach. but what we're trying to do is go to a system of continuous evaluation, which would mean monitoring, at least on a mental basis, employees who have -- once they're granted a clearance, to detect anomalous behavior, either in the workplace, or outside the workplace, that could then prompt or stimulate a deeper investigation, as opposed to the system we've had which goes back, you know, to the cold war era, of initial clearance and
10:36 pm
then allegedly every five years, you get a periodic reinvestigation. a system which is broken. and made all the more so by the challenges that opm had with its contractor before the revelation of the breaches. so the combination of what we're doing, what we've been told to do, mandated to do, both by the hill and the white house to enhance insider threat detection, and as we morph to a system of continuous evaluation, i think that will change the system. what that hopefully will do is allow more mobility between ic components and contractors. that has been the case in the past. the other thing that i've been kind of on the war path about is just reducing the number of clearances that are granted.
10:37 pm
because if you have a clearance and no one has -- there's hundreds of thousands of cases of this where people have clearances but don't need or have the access. that imposes a huge burden on the investigatory system. one way we help ourselves, and this is primarily through the efforts of dod, just to reduce the need for clearances. we've reduced somewhere in the neighborhood of 6- or 700,000 clearance requirements. which, in turn, of course, lightens the load somewhat on the whole system. but you're right, the system we have now doesn't work. and i think the only hope here, which is where we're going, a system of continuous evaluation which depend heavily on automation, particularly at the secret level, we're going to do all of that on an automated
10:38 pm
basis unless something kicks up that cues us that we need to look at this person in a little more depth. >> interesting. trusted traveller sort of approach to things. what is your advice to recent graduates, ex-military, students and young professionals seeking to enter the field of intelligence with cutbacks in government and the prerequisite of active security clearances -- here we are again -- in the privacy sector? >> now that i've, in any geezer era, i've spent time engaging individually with young people, you know, in college, and coming out of college. a couple of things i tell them is -- many of them will set their goal or their target on i want to go to work for agency x.
10:39 pm
and my advice to them is apply to all of them. there's interesting challenging work in any one of the intelligence components. if you get on one one of them, worry about where you want to end up later. you may find your second choice is not bad. and if you cannot get on with the government, then seek employment with the contractors who work for the intelligence community. there are many avenues. at the same time, as i indicated earlier, our attrition rate is not all that high and, you know, people do stay. and the prospects frankly, given our budget situation and the life of the budget control act through 2021, there aren't going to be a whole lot of openings. that's not to say there won't be some. there are. but -- so the one thing i try to impart to people, young
10:40 pm
people -- many of them are, they're not good at that, is patience. you know, to be patient and persevering. here comes the ringer. >> okay. here it is. the audience in front of you today is about 75% private sector. and the private sector builds the capabilities for the ic, it provides critical services and is the source of critical innovation. how would you assess the state of the ic's public/private partnership and how could it be improved? >> well, i think it's, you know, it's pretty good. certainly could always be better. i think one of the challenges is something i've really tried to
10:41 pm
work when i was nga director after i spent six years in industry was to come up with a mechanism or mechanisms whereby we -- i'm speaking "we" as nga, would be more open to contractors, particularly those who, you know, didn't have sci facilities or clearances just for the sake of getting their technology. one of the things i pushed at odni is to try to lay out a technology road map, what are the needs and requirements of the intelligence community, and, you know, present that as best we can to industry, to engage industry and, you know, into helping us. industry is absolutely crucial to the continued viability and
10:42 pm
success of the intelligence community. we have to have what you make, what you -- the tools that you give us, and the technology. and so it's never nirvana. it's not what everyone would like just because of the certain extent, you know, the nature of our business. it's classified, secret and all of that. and the nature of the rules that we have to, we have to live with. but within that my, at least philosophically -- philosophical bent is to try to open up the lines of communication and be as open with industry as we can be. >> so perhaps two more questions, if that's okay with you. the first would be, how can we actively encourage innovation
10:43 pm
horizontally across the ic without using infrastructure or organizational reshuffle as a placebo for change? >> well, one way -- i guess there are many, but i'll just in the interest of brevity, i'll say, one thing that helps that is facilitating moving people around within the ic. i think that -- where you bring the ideas of your home organization to another organization. and i have found just in my own experience, just at odni where 40% of our workforce are detailees from the rest of the community, that that constant infusion of new ideas, from other places, is helpful.
10:44 pm
i also think that -- and this of course applies to parts of the ic with heavy military populations, like dia and nsa, for example, that the infusion of military people who are transient by definition, who served other places, particularly in the war zone, and they come to the agencies, and i find that the young soldiers, sailors and marines are huge drivers for change and innovation, particularly if they've served in the war zones. with due respect, there's still a number of questions here that i have, and i'm sorry that we're not able to get to all of them. maybe one final question, jim. we face a plethora of threats most of us never imagined, an evolving ambitious china.
10:45 pm
resurgent russia. daily cyber catastrophes. and some of them do seem like catastrophes to me -- and a disintegrating middle east to name a few. how prepared are we to understand these threats and what initiatives or innovations do we need to undertake to be better prepared? >> well, i think the line i've used in testimony on the hill every year that i've been on this job, and i just repeat it and add a year, is to say that, in my x number of years, i don't recall a time where we've been beset by more challenges and crises and a greater diversity of them than we do today. and so what i've tried to protect in terms of our capability is global coverage,
10:46 pm
which means a couple of things, at least to me. one is sustaining our bases and stations around the world that the cia is host for what are increasingly becoming ic cells. and by the way, we here in the beltway like to agonize over whether we're integrators or not. when we go into the field -- i just had a reminder of this in my last trip. there's no with question about integration and operating as a team because it's just good business. when i first started travel in this job, when i had ic town halls at embassies around the world, i needed to, you know, roll out my sermon about integration. i stopped doing that because it's just not necessary anymore.
10:47 pm
in fact, i would submit parenthetically that what the cia is doing in its reorganization is saluting what already goes on in the field, internally, as they are integrating into a series of mission centers. so i think that global coverage around the world is one very important to mention, so that we cannot possibly predict every sinl -- single crisis and challenge we're going to have. so we have to be positioned where we can observe, collect, and understand what's going on. the other piece of global coverage, in my mind, is to sustain a robust overhead collection architecture. particularly for access to denied areas. so those two capabilities and, of course, particularly in the latter case, trying to push
10:48 pm
innovation and stretching the technological envelope if you will, are the areas that i've put a lot of emphasis. >> thank you very much for this wide-ranging discussion which resulted from these questions. i understand, director clapper, that before we conclude this session that you have an announcement for -- >> well, thanks, john. it's more in the nature of a commercial. first, thanks for having me to kick this off. i wanted to announce at 9:45 that the national counter intelligence executive and also the now director of the national intelligence security center, will be here to roll out a
10:49 pm
counterintelligence seminar, awareness seminar, prompted at least in part by opm breaches. so 9:45 for bill. thanks for that. >> let's give director clapper -- let's express our appreciation to him for -- [ applause ] that concludes the first session of our summit. we'll now have a coffee break in the exit hall. -- in the exhibit hall and please enjoy the refreshments. the breakout sessions will start at 10:15 a.m., 10:15 on the lower level where you all came in, and then remember, director clapper just mentioned the 9:45 event. thank you.
10:50 pm
>> all persons having business before the honorable supreme court of the united states are admonished to draw near and give their attention. >> number 759, 759. ernest miranda, petitioner versus arizona. >> arguments number 19, rowe against wade. >> marl bury and madison the most most popular case. >> putting the decision into effect would take presidential records and the presence of federal troupes and marshalls and the courage of children. >> we wanted to pick cases that changed the direction and import of the court in society and that also changed society.
10:51 pm
>> so she told them that they'd have to have a search warrant, and mrs. mapp demanded to see the paper and to read what it was. which they refused to do, so she grabbed it out of his hands to look at it, and thereafter, the police officer handcuffed her. >> i can't imagine a better way to bring the constitution to life than by telling the human stories behind great supreme court cases. >> fred formatsu boldly rejected the force interment of japanese americans. after being convicted of failing to report, he took his case all the way to the supreme court. >> quite often in many of our most famous decisions are ones that the court took that were quite unpopular. >> if you had to pick one freedom that was the most essential to the functioning of
10:52 pm
a democracy, it has to be freedom of speech. >> let's go to a few cases that illustrate very dramatically and visually what it means to live in a society of 310 million different people, who have helped stick together because they believe in a rule of law. >> landmark cases, an exploration of 12 historic court decision and the humans behind them. a new series on c-span, produced in cooperation with the national constitution center, debuting monday, october 5th, at 9:00. last month, contractors working under the supervision of the epa caused a spill at the goldking mine in colorado, releasing toxic wastewater into a river. the incident was looked into at
10:53 pm
10:54 pm
recognize myself for an opening statement and then the ranking member. over the last year, the environmental protection agency has proposed some of the most expensive and burdensome regulations in its history. these rules will cost american families billions of dollars, all for little impact on climate change. these rules also will dem inch earn the competitiveness of american workers around the world. the same government agency that has proposed these rules recently caused an environmental disaster that has adversely impacted three states in the mountain west. on august 5, near silverton, colorado, the negligence actions of the epa caused over 3 million-gallons of toxic water to cascade out of a mine that had been closed for almost 100 years. this event turned the animus river orange and polluted a
10:55 pm
300-mile stretch of water. today, we will examine how this disaster, which negatively affected thousands of people occurred and why the warning signs that should have prevented it from happening were negligently dismissed. had the epa exercised the same care in making their decisions as an order, prudent person, this whole incident could have been avoided. the epa should be held accountable. the same standards that the epa applies to private companies should also apply to the epa itself. unfortunately, epa administrator has declined to appear before this committee and answer questions about the role her agency played in causing this preventible spill. perhaps she doesn't have any good answers. given the epa's consistent failure to provide information to this committee and the american people, the epa can be assured that our oversight efforts will continue.
10:56 pm
the public deserves to know why the epa continues to spend so much of their hard-earned dollars on costly and infective regulations, especially when the agency has been unable to achieve its core mission of presenti protecting the environment. the story would have been much different if the spill had been caused by a private company. i expect there would be calls for the executive of the company to resign. there would be demands that documents be posted online. massive fines would be imposed and no doubt some individuals would be prosecuted as happened in the 2014 west virginia chemical spill where 7500 gallons of chemicals were dumped into the elk river. this is about 1/400th. the epa's negligence is
10:57 pm
especially inexcusable, since there were known procedures that could have prevented the river's pollution. unfortunately, we have seen a pattern of the epa's lack of transparency. this committee asked for information from the epa almost a month ago, and we have yet to receive all the documents that were requested. according to news reports, it took the epa over 24 hours to inform the public about the seriousness of the spill, and their initial claim of 1 million-gallons of toxic waste was later revised when it was learned there was actually 3 million-gallons. then after the incident, all we heard from the epa was that the toxic river in the river was dissipating and that the river was returning to pre-spill levels. the epa neither took responsibility, nor were they forthright with the person people. so it's not surprising to learn that just this past spring the epa received a grade of d for its lack of openness and transparency, according to the
10:58 pm
non-partisan center for effective government. it is my hope that the epa will finally come clean with the american people about their involvement in this tragic incident. and that concludes my opening statement. and ranking member, the gentle woman from texas is recognized for hers. >> thank you very much mr. chairman. appreciate the fact that we are holding this hearing today. the august 5th release of 3 million-gallons of wastewater from the gold king mine in silverton, colorado was an unfortunate accident. i believe it is important to understand what happened on august 5th and why. and explore what lessons we can learn from this event. however, we should also take this opportunity to highlight the inherently dirty, dangerous and environmentally damaging procepr
10:59 pm
process of metal mining. before this accident occurred, gold king and a handful of other mines in the area were releasing more than 300 million-gallons of acid mine waste into the animus water should annually. over the area's 120 year history, products containing toxic chemicals were released into this waterway. unfortunately, residents of the san juan county are well aware that august 5th was not the first time the animus river changed colors. in the 1970s, mine accidents poured millions of gallons of wastewater into the river. sadly, acid mine drainage in this area is routine. and the occasional large-scale release of wastewater due to
11:00 pm
accidents at mine sites is an all-too-common occurrence. i would like to show a photo that ran in the durango herald newspaper in 2012 that shows toxic waste, following from the american terminal three years before. the recent accident of the gold king mine. the second picture was taken before the red and bonita mine, and the wastewater's draining into the cement creek. a tributary that feeds into the animus river. this photo was taken in 2013. this was one of the key reasons that epa was at the gold king mine site on august 5th. they were there attempting to investigate this long-standing problem of persistent acid mine drainage into the animus watershed, from the gold king and neighboring interconnected
32 Views
IN COLLECTIONS
CSPAN3Uploaded by TV Archive on
![](http://athena.archive.org/0.gif?kind=track_js&track_js_case=control&cache_bust=830145299)