the section 702 program when it comes up for reauthorization. so a couple questions flow from that. you know your perception of the frequency with which that happens. your perception of the legality of it. your perception about whether or not there are ways of modifying the program to avoid or minimize the problem and ultimately your opinion on whether or not this is, as the critics say, a category mistake that is allowing collection that does, in the end, attach to american citizens without the full panoply of 4th amendment warrant and independent judicial officer protections. that's a big question but it's kind of an open -- >> the key operative word here is "incidental." and consider what happens to intelligence that's gathered incidental to a, to intelligence that's being sought about foreign persons. you gather intelligence about

a united states person. you then to discard it? what if it tells you that that united states person is about to commit some sort of mayhem? i think it is, it is ridiculous frankly to direct that a piece of valuable information be discarded simply because it was scooped up incidental to a perfectly proper investigation. that piece of information is something that ought to be used and is used just the same way that any other information is used which obviously we have to protect against is the expansion of investigations for the purpose of conducting, quote/unquote, of gathering, rather, incidental information. and that depends on the good faith of the people who administer the program and the diligence of the people who oversee it and there's plenty of oversight as was pointed out in the last panel. you're talking about a madisonian trifecta. you've got oversight from within -- from within the executive. you've got oversight from

legislative -- multiple legislative committee and got oversight by a court. >> i agree with those points. i mean, as judge mukasey says, imagine what the alternative would be. you know, what 702 allows is a mechanism under judicial oversight by the fisa court to obtain orders, broad orders that allow the u.s. intelligence community to then target specific individuals who are deemed to be not u.s. persons and outside the united states. those are the two critical elements. you now have authority as the intelligence community, with court oversight and congressional oversight to target using selectors, like e-mail addresses, someone who's overseas, not a u.s. citizen. you're doing that to collect foreign intelligence. so in the counterterrorism realm, you're doing that to see if that person is a terrorist, seeking out to carry out

terrorist attacks. you're now collecting that information against that person, and you're seeing the information that that person is creating, for example, via an e-mail address. and now what happens is that that person that the analyst is following communicates with somebody inside the united states and communicates some sort of, you know, attack planning. and at that point in time, you have achieved factually what you want to achieve as an analyst. you've now seen, this person, say, in wryemen, is now communicating with somebody in new york city. and they're talking about an attack. i mean, what is the alternative, what would be the alternative to then focus on that person in new york city? that would be madness, right, to ignore that. what happens, in fact, is once that person in new york city becomes the focus of the attention, the rest of the statute kicks in, fisa, which

passed in 1978, which protects u.s. citizens now requires the intelligence community, with the lawyers, to go and obtain a probable cause, essentially an order, essentially a warrt, from the fisa court to target that person in new york city and the collection focuses again to that person. that's how it works in practice. that's exactly, in fact, how it worked in the case i mentioned before of zazi, a person in denver who was communicating with a target in pakistan. and they shared information about a bomb-making recipe. that allowed the intelligence community to now focus on this person in the united states. in aurora, colorado. and understand that he was planning to travel which he, in fact, did, to new york city, to carry out an attack, to blow up the new york subway. so that's how it works. and then beyond that, the information that's incidentally collected about the u.s. person in that scenario, is subject as

judge mukasey said to minimization procedures that protect u.s. personal privacy. you cannot disseminate any information about a u.s. person unless that information is necessary to understand the foreign intelligence. and it's also subject to the extensive oversight that judgment that judge mukasey talked about. and the last point i'll make, when 702 was passed, a number of folks in this room that were actually part of this effort as i look around the room. a couple of things, there were a couple of compromises that were adopted to protect u.s. persons. one was that for the first time a judicial order was required by the fisa court to target any u.s. person around the world, outside the united states. previously that had been something that judge mukasey could do as attorney general. so someone outside the united states who was a u.s. person, now needs a fisa court order to do that. that's one. and the other is there were a

series of provisions that prohibited this practice of reverse targeting you'll hear about. which basically said you cannot, the government cannot target something overseas under this statute. under 702, who is not a u.s. person in order to collect against a person in the united states. you know, for that purpose. that would be an end-around that was prohibited by the statute. to my mind, statute does a very good job of balancing these competing interests and enacting compromises. >> one of the, you mentioned minimization procedures. one of the other criticisms that i've sometimes heard from people who are worried about the program, is that the procedures themselves and the adherence to them are themselves not subject to judicial review but rather only to administrative and internal executive branch review. on a case-by-case basis. the overall procedures, themselves, are approved but whether or not we succeeded in applying them to rosenzweig is not something that could ever get before an independent court

for observation. does that merit our concern? >> that's not entirely true, i think. the failures, if there are failures within the system, have to be reported on a periodic basis to the fisa court. when there are failures, those can be reviewed by the court, either one at a time or in gross. they are largely reviewed for the purpose of determining whether there was a problem with the procedures. and those are then adjusted one way or another. >> i think that's exactly right. so the court would review and approve the minimization procedures at the outset, in total. and any time there's -- then there's oversight within the executive branch of the implementation of the procedures that's not just done by the intelligence agency, but that's also done by the department of justice. and then if there are compliance issues, those are reported to the court. the court can then amend those procedures to account for those, those compliance issues, if there are any. you know it strikes me that that's, i guess the other thing that happens is if there were

instance where this information were to be used in a criminal case, a defendant would have the opportunity then to challenge the application of the minimization procedures in that particular case. that would be another opportunity for there to be judicial review. which is overall not unlike how it works in the criminal title 3 context. >> so let's wrap up the 702 discussion with a final question. it's going to come up for review next year. or renewal i guess, if it doesn't get he renewed, it lapses. your recommendation to congress? renew as is? let lapse? or renew with modifications? and if with modifications, what, if any? >> the only modification i would suggest is to eliminate the sunset provision. as far as i know, al qaeda does not have the islamic state does not have a sunset provision.

and in any of their campaigns or any of their orders. the various fatwas that were issued authorizing the murder of americans do not, as far as i know, have sunset provisions. i don't think -- it is always open to congress to change a statute, but to require that we go through this every several years doesn't make for continuity in intelligence gathering and for the ability of the intelligence community to plan long term. we can do it this way, and i am -- general hayden is probably the most tolerant of this sort of thing of anybody i've ever seen. if that's the way we're going to do it, then that's the way we're going to do it, but i think we ought to do it with our eyes open and with an awareness that we are in a sense handicapping ourselves purposely and at times to no purpose by imposing requirements like that. >> before you answer, matt, if i may, general mukasey, you

mentioned earlier the policy decision extending privacy rights to non-american citizens that have -- has applied. would you recommend that that be considered and modified in the course of the legislative consideration? >> you mean to eliminate that presidential directive? >> well, you critiqued it. >> i did. >> i assume congress could prohibit it. >> it could. it could. it's, it is something for which there is neither need nor sanction. as i said, at the beginning, the constitution is not a treaty with the entire world. and if you want to go back, take a really long view of this, the folks who drafted the constitution did it in the summer. they did it under conditions of strict secrecy. they kept the windows closed, before air conditioning. they're in a hot summer in philadelphia. all the windows were closed. nobody was permitted to discuss it, either at the time or afterwards. they did it in strict secrecy

and included within the provisions in the constitution itself, was a directive that for example, congress publish a journal on a regular basis of its proceedings. except for those parts that it thought ought to remain secret. these were practical people. they were drafting a document for other practical people and we ought to be practical people in applying it. >> matt? >> it's on the question of 702 and the sunset and the reauthorization that next year when it sunsets, i mean, i basically agree with judge mukasey, i would eliminate the sunset provision. it tends to mean that congress will wait until the last minute and the final hour to renew it and that just wreaks havoc operationally within the intelligence community. as it preparing to either pull the plug or continue the program. it's not a good way to run the intelligence community. but the more fundamental question of you know does it need to be changed, i just feel the answer is no.

you know, i mentioned before, this 702 really reflected years and years of effort to reconcile competing interests. it reflected judicial decisions, executive branch experience, legislative efforts. that came up with this compromise. and then you now have really an authoritative, definitive report from the privacy and civil liberties oversight board. that found it was operationally indispensable. that it was lawful, consistent with the fisa constitution of the fourth amendment and importantly found no instances of misconduct. so there's really no problem to solve. that anyone has identified. as far as i know there have been two district court decisions, one in oregon in 2014 and one in the eastern district of new york this year that looked at the question of incidental collection under 702. in both instances, these judges, not fisa judges, but in criminal cases, found it was constitutional and lawful.

so it works, it's legal. there aren't problems with it you know, don't change it. >> just adding something to a point that matt made, a vital point. and that is that the criticisms of it have been hypothetical criticisms. not criticisms based on real instances of abuse. in other words, people sit and contemplate the possibility that somebody could abuse 702 if they had a mind to do it. apply that to the local police department. a police officer could abuse the right of the, the power of arrest. could abuse the fact that he's carrying a weapon. that is not a reason to with hold the arrest power. it's not a reason to disarm police. and the hypothetical possibility that somebody who is of a mind to do it and has the time to do it, who considers that their job of preventing attacks is kind of allows for recreational use of

702, to abuse it -- i think is really unrealistic. >> so speaking of the privacy in civil liberties oversight board, which for those who don't know is a five-person board. currently staffed by democratic apartnershpointees and republic appointees. senatorially confirmed. that board has announced it's conducting a review of executive order 12333. which as ben powell said on the last panel, the charter of the intelligence community sets out roles and responsibilities, contains some substantive restrictions, for example the prohibition on assassination. that report, too, is likely to come out later this year. let's talk about that from a legal perspective. in your view, does eo 12333 serve as kind of an independent

grant of surveillance authority? or is it a structure for implementing existing statutory grants? >> i don't think it's, i don't think it has any grant of authority within it. or it is intended to do that. it's really from the standpoint of the intelligence community, i think it defines the lanes in which each of the entities within the intelligence community function. it doesn't itself grant authority. the authority is granted by statute. granted by the constitution. granted elsewhere. but the executive order itself doesn't have a grant of authority. it has a grant, it has assignment of responsibility for exercising authorities under statutes that are already existing. and it, it succeeded as you heard in the, has succeeded as you heard in the last panel, largely because the components

of the intelligence community get along. and that's, there's no such thing as an order that's going to enforce itself. and so it depends to a large extent on the ability of the people within the agencies to communicate with one another. and to be aware of one another's boundaries. >> let me press on that just a bit. some critics have suggested that eo 12333 actually expands beyond statutory grant, some investigative authorities nominally or almost explicitly under article 2 authorities of the executive branch. do you think that's a mischaracterization? or is it fair to say? >> i think it's fair to say. it's well what i'm saying is it's a mischaracterization that it expands, expands authorities. i think what it does is make authorities that are already existing in statutes apparent.

now congress could always pare back authorities if it chose to do so. but paring them back by executive order i think is a, would be a huge mistake. one of the gaps, obviously one of the gaps in 12333 is cyber. and that is something that we're going to have to deal with in the future. is probably going to have to be dealt with statutorily. when i went up to nsa and talked to general alexander, he said that he had the power, and the authority to do something about incoming penetrations of, of the defense department incoming penetrations possibly of the dot-gov. dot-gov.

i can do something about dot-nil and dot-gov, but if i detect something into dot-com, for the most part the only thing i have authority to sit there and go -- it's going to be a bad one. >> i think judge mukasey has it right. the last panel made this point as well. it bears repeating, it is executive order 12333 is not the source of any authority. it is a document, the foundational document that intelligence community that assigns responsibility to various agencies, within the intelligence community. and it does place important limitations on those authorities. so it operates against a backdrop of constitutional article 2 authorities and statutory authority already granted so there's no new authority in executive order 12333. i have to add within the intelligence community we probably have muddied this up a bit. we sometimes will shorthand

refer to 12333 collection. suggests there's an authority in 12333 that that's denoting. really what that means is essentially it means it's collection outside of fisa. or outside of some other statute that regulates that type of activity. 12333 doesn't authorize that collection, but we will sometimes use that as a shorthand to say it's 12333 collection to distinguish it from what we were just talking about, for example 702. >> give us an example of one of those. just, i mean, there's obviously a larger audience out there in c-sp c-span land, so give us a couple of examples of that. >> it's speaking generally carried out, in terms of the surveillance activities, 12333 is broader than just surveillance activities. it's all intelligence collection activities and beyond that. analytic activities as well. but in terms of collection activities, you think about surveillance side. it would be conducting surveillance outside the united states. not against, not targeting a u.s. person.

and not really relying on -- not relying on the assistance of a u.s.-based service provider. so activities that are focused outside the united states. >> so a cia safe house in abbodobad looking over a house that might be resident to osama bin laden, say. >> right. i'll be general about this, but i would say, you know, nsa activities outside the united states that are conducting surveillance of foreign intelligence targets where you're not doing -- you're not targeting u.s. persons and you're not relying on u.s. service providers, you knows, internet providers based in the united states. so that's a broad swath of activity. what i just described is really, you know, if large part what nsa does, right? when we talk about 12333 surveillance or 12333 collection, it's broad set of activities that just isn't otherwise regulated by something more specific like fisa. >> i think it's 12333 activity largely because 12333 assigns to

nsa the responsibility of gathering generically that kind of information. based on the powers of the executive to defend this country. and obviously they don't need particular authorization to go someplace else in the world. and learn something that could conceivably be of value. to the u.s. government in defending itself. >> it's fair to say that you would characterize 12333 exclusively as an organizing document? not as the ground resource of any of the authority that is exercised by any of the intelligence agencies? >> yeah, it's important to say, it's an organizing document but it's also a limitation document so it includes restrictions and limitations on activities, from the point of view of nsa operations, other than as you said judge mukasey, the

assignment, nsa, limitations that are part of the daily discussion that takes place at agencies like nsa whether a kind of activity is consistent with the executive order. >> okay. let's put you both in the role of senior national security legal adviser to the next president of the united states. whoever he or she may be. and they look at you and they say, i'm thinking about revising and reissuing executive order 12333. what of the restrictions in there should i get rid of? i want to be more aggressive, we're in a heightened sense post-belgium, post-france, post-lahore in pakistan. what restrictions are there that can be removed, you know, without trenching upon

constitutional or statutory limitations and conversely, are there any things in there that are restrictions we should add for food and sufficient reason? what's your recommendation? >> the only restriction i can think of that i might remove is the authority of nsa at least to pass on information about potential damage to the private sector from hostile cyber activity. nsa gathers signal intelligence but gathers it in an outwa outward-looking fashion. and the restrictions on even doing things like warning people what's about to happen to them i think is something that ought to be at least channeled. >> i agree with that, i think cyber is the area that 12333 does not address in a way that helps sufficiently guide the roles and responsibilities of the agencies within the intelligence community.

that would be something to try to tackle. but, you know, i do think that my first advice would be, you know, step cautiously. you know -- >> do no harm. >> yeah. >> first do no harm. >> do no harm. remember, these rules have evolved, you know, over several decades now going back to 1981. and maybe talk to ben powell and general hayden and others involved in the last effort and bear the scars of that. but, you know, i think that largely it works. you know, in terms of those -- the general body of restrictions including, you know, the basic ones on prohibition on assassination. but also more importantly, i think, and more relevantly sort of saying, for example, the cia is generally prohibited from engaging in electron surveillance within the united states. the fbi is the only intelligence unit that can conduct physical searches in the the united states.

these are civil liberties oriented restrictions that assign responsibility to particular agencies, given what they're good at. right? so the cia not in the united states. fbi searches in the united states. there's a lot of sense behind these. i would say step cautiously in trying to remove any of these restrictions, other than trying to tackle, perhaps, the cyber issue. >> okay. so let's pivot once more to another kind of area. this one is more speculative in looking forward a bit. but we're on the cusp of the development of a host of new and novel collection platforms, i would say. if anybody who's seen "eye in the sky" which, by the way, is -- can i say it's a good movie? i liked it. i can't recommend it because i'm not an endorser. bullet but, yeah, one of the things in

there was a drone the size of a beetle that was deployed as part of the activity which i understand is not quite operational but is not very short -- so we're going to look at drones. we're going to be able to deploy large-scale -- facial recognition technology. we're going to have large data collections that are capable of big analysis. broadly speaking, how should law approach that? are current laws sufficient, or do you think that the novel collection technologies are going to require us to update collection rules? let's start with that as a general rule, as a general question. are our laws in need of modernization to accommodate new technology? >> i think generally i would wait until the new technology impinges or is seen to impinge, actually, not potentially, not by somebody fantasizing about what's possible, but actually on

somebody's privacy before deciding to -- to limit. also i think we have to keep in mind that there are other -- there are other entities of government that have an interest in this wholly apart from the federal government. that is state and local governments. for example, things like drones. there is talk of having the federal government be the sole regulator of drones. that, i think, is a mistake. that's not to say that federal agencies should not be permitted to use them when otherwise appropriate under statute. but to have one regulation governing what goes on in the backyards in every state in this country i think is a big mistake. >> i think it's a -- i agree. sort of that we ought to take

this itteratively. technology, like you described with drones, the ability to amass and store large amounts of data about us. obviously we give a ton of that data to private companies. and so the question is how should law respond? an example, i go back to our earlier conversation about 702. it took a while for us to update fisa, to respond to technological changes in the ways we communicate. and the law was basically outdated. i think one lesson is that it's not -- it's really standard for the law to lag behind technology. it's just going to be the case that we're going to be sort of catching up with legal rules to make them well adapted to the pace of technological change. so i would say, though, the 4th amount has been around for a long time and served us quite

well. it has proven to be sufficiently adaptive and agile to continue to more or less be the right way to balance the competing interests between national security and domestic security. and protection of privacy. and civil liberties. so i would sort of caution trying to anticipate which direction technology is going to go and try to make legal changes in response to that. so, and i have another comment, but i'll stop at that point. >> you mentioned, for example, facial recognition technology. that obviously is going to allow for great advances in intelligence gathering. and in solving of crimes. on the other hand, do i want the government to have cameras on every corner and a bank of information about me and where i've gone every moment of my life? and be able to consult it? no, i don't. on the other hand, we are long distant from that. and long distant from the possibility that anybody would

consider doing that. and that's not a reason to forgo the use of that technology. where it can be used effectively, to deal with problems that are in the here and now. without worrying about anticipating science fiction problems. >> let's stay on that because you're a good lawyer, great lawyer indeed. so now you're in the next administration and the c.i.a. director comes to you and says we can deploy this, we can start capturing pictures out of cctvs that are in london without the brits' knowledge. let's leave it aside -- let's make it france. i take it that your expression would be in terms of foreign intelligence, no problem at all

because we owe foreigners no protection from the 4th amendment? >> yeah. the question would be to what end? you can capture it for intelligence-gathering purposes. you can't capture it for recreational purposes. >> well, for the foreign intelligence -- paris -- i could make the argument pretty easy paris has now been the target of three attacks in the last five years and is likely to be target of more. we have a great database of pictures from iraq, and afghanistan, of known terrorists. we can create a good early warning system. we're also going to have to incidentally collect of the facial pictures of every american who visits paris along the way. and minimize and discard. what principles, if any, should guide a program like that which is not necessarily too speculative? >> you named two principles, minimize and discard, for openers. if somebody doesn't match up to

a list -- to a group of known terrorists then you're not going to be banking those images. you're going to use it to compare to people you already know about. not to simply gather to keep in a trove in case it should come up with somebody who you might want to trace. >> the rules under 12333, the executive order which require every agency that conducts foreign intelligence, nsa, cia, to have rules, specific rules designed to protect u.s. persons. this is what the executive order requires. that are approved by the attorney general. so every agency, nsa, has a set of rules. a u.s. person set of rules. so in your scenario, the rules that apply would be, one, you can't search that data for a

u.s. person. a known u.s. person unless you have probable cause finding from the attorney general to search for that u.s. person. so that is quite protective of the u.s. person. you can't use that data and search it without the approval from the attorney general. you can't keep information about a u.s. person for more than five years and you can't disseminate information about a u.s. person unless it's necessary to understand the point of intelligence basically. so these rules that are adopted, approved by the attorney general, apply to all of this activity that, you know, including the type of activity you describe. >> do either of you think that the lawfulness of a collection methodology is dependant upon the efficacy or inefficacy of the analytic methodologies? which is to say increasingly at the back end we're able to get more information out of the same data that's previously been collected? some have called this the principle of obscurity. that the data used to be too

difficult to analyze so we weren't as concerned about over-collection or alleged over-collection because of an under-analytic capability. today analytic capability is going through the roof in terms of its possibilities. facial recognition a good example. metadata analysis, another good example. does improvement in analytic capabilities counsel changes in collection methodology? >> i think what it counsels is governing the analytic capabilities. you mentioned metadata analysis. we had before 215 got yanked a metadata collection program that allowed us to keep a trove of telephonic metadata to be consulted only when we had to run a number that we knew was terrorist relate ared.

if, in fact, you limit the use of a database in that way, then you can take advantage of the analytic capability and yet prevent, for example, simply data mining all telephone metadata for the purpose of drawing up a profile of a person or for other purposes as well. it's how you limit your analytic capability, not how you limit data collection. >> yeah, i think that's exactly right. i mean, look at -- analyzing the 4th amendment reasonableness of collection program depends in part on how the information is handled. how it's processed, how it's retained. so the answer to your question is yes, it is relevant to consider how it's handled and analyzed determining whether or not it's lawful at least in the

matter of looking at it under a 4th amendment guise. you don't have to look far for another example of this issue. and this is where the rubber hits the road a bit on this question of the ability of the government and not just the government, but of technology to analyze massive amounts of data and store massive amounts of data. there's a case that the supreme court ruled on in 2012 called jones involving a gps tracker here in washington, d.c., so this is -- metropolitan police department, fbi here in washington. and while the case wasn't decided on these grounds, it -- this was a case where the gps tracker stayed on the car for multiple weeks. i don't remember, 28, 30 days. >> 28 days. >> 28 days. and some members of the supreme court were very concerned about the fact that this was a lot of data to be able to collect on an individual. even though that person was

exposing themselves by driving around. they were exposing where they were publicly. maybe if that had happened for a day or two days, might not have been such a concern under the 4th amendment. the fact that amount of data was being captured on this person for 28 days. ability to store it analyze it, look for patterns and learn so much about a person's life, and implicate the privacy to that extent, that was a real concern for the court. we're at the vanguard of potentially relooking at some doctrines that underlie the 4th amendment, particularly the third party rule which says once you turn information over, expose it to a third party you no longer have a reasonable expectation of privacy. that would be a significant change. if we get to the point of taking another look at the third party rule along those line lines. >> that was going to be my next question.

i'll save a little bit so think of questions you might have. a large fraction of what the intelligence community collects, it does not necessarily collect directly. it collects from third parties whether it's telephone operators or police departments or google or you name it there's a host of new collection platforms out there that are privately operated. that the government can tap into. often without -- without much, if any, judicial intervention. because as you say, the third party rule that's been around since the 1970s, says that if you've exposed this information to your bank or your telephone company, you don't have any 4th amendment privacy right in it and the statutory rules often have pretty broad national security law enforcement exceptions that allow ready access. so the last question i'd ask you to talk about is your prediction

about whether or not that's going to change and your assessment of whether or not needs to change. or are you comfortable with the legal rule at least in a constitutional level that does not involve courts in the collection of information from third-party providers? >> yeah, i'm generally comfortable with the existing set of rules. i can anticipate the challenges that we will see sort of based on the cases, jones and the subsequent case called riley, involving a cell phone. so i think there are -- the trend is one that we're going to have to watch carefully. look, i was a prosecutor in d.c. for ten years. i can't imagine a regime where as a prosecutor i couldn't go and get cell phone records for a suspect or bank records, with a subpoena, but, you know, a subpoena is a relatively low standard relevance to the

criminal investigation. that's the sort of -- that's the risk of a criminal investigation. so changing that basic rule that once you turn that information over, you've lost your expectation of privacy seems to be fundamental of how we think about how we conduct at least criminal investigations. again, though, it's important to note, it is subject to a subpoena, so there is court oversight to the extent that the chief judge oversees the grand jury investigation. there's the opportunity for people to challenge that. you know, subpoena. but i think -- i do think it's a good question to ask, paul, because we're going to see some efforts to change that rule going forward. >> i would put my faith more in legislative oversight and solution to the kinds of problems that you've anticipated than i would in a court solution. i used to be a judge and i hung out with judges. and i can't think of a group of people, most of them, poly-sci

majors, history majors, whatnot, less suited to making this kind of decision, by training, by their ability to gather evidence. they have no ability to gather evidence. they can consider what people put before them, period. and they are not better suited. people may have more confidence in them, but that confidence may very well be misplaced. i think it's better -- it's a responsibility better exercised by a legislature that has the ability to gather facts, in private when necessary, in executive session when necessary, and consider putting restrictions on how information is handled rather than having courts cut with a meat axe to determine what is or isn't reasonable. >> that's an interesting perspective. i'm just reflecting on that back to what general hayden said on the last panel about the growing

lack of confidence that he perceives the american people having in their representative institutions from making these decisions. now granted judges are even less representative. but you've just premised the entire, well, the bulk of your response on somehow reviving that confidence in congress. as a -- i guess i agree with you but that sort of troubles me in some ways. >> troubles me, too, but to say that people don't have confidence in a representative government is not to say that we ought then to turn it over to somebody else because people have lost confidence. i think the answer to that is pull your socks up and get yourself a government worthy of confidence. >> one last thought on that, we have experience with exactly what judge mukasey is talking about going back a number of decades to the pen register

statute. smith v. maryland supreme court ruled that you don't have any expectation of privacy in the numbers you dial, the numbers dialed into your phone. under the 4th amendment, so congress acted and adopted and enacted a statute that regulated the government's ability to obtain access to that exact type of information and establish a regime of court approvals based on a standard that even though it wasn't required by the 4th amendment, it does further the privacy of interests of americans. it's actually a good paradigm for addressing the kind of examples you're describing. >> i've got plenty more questions, but we've got about 10, 12 minutes left. and i thought i would invite the audience to participate. i see one and then two. gentle lman in the tan then the gentleman in the front row. anybody over here want to get my attention while we're -- >> thank you. tim wilson. american citizen, british veteran involved in counterterrorism. it seems to me that we're not

the only country that has problems like this. britain, too, has been through a fair amount. back in the late '70s, early '80s, the provisional ira was bombing in the mainland. one of the solutions that came up was the city of london realized it was incredibly vulnerable at the time. it was the most expensive real estate in the world. it was private enterprise that installed the first huge network of cameras with facial recognition software. all bought privately initially by various companies around there for the metropolitan police. actually the city of london police. britain still seems a pretty free country. i'm delighted to see this debate going on. but it does seem to me that there may be some element of reinventing the wheel. perhaps we could look at other nations. we're not alone in this. your thoughts, please? >> london has the most comprehensive network of cameras

anywhere in the world. i had not known until just now that this was provided by private enterprise. originally. we're now, of course, having a bit of a tangle between the government and private enterprise in another setting. but sure, i think we can learn from it. and we can learn from the fact that people go around, go about their business in london perfectly relaxed about the fact that cameras are focused on them because they know that although the camera may pick up their image, there isn't some, some public official sitting in an office someplace monitoring their particular activity. that's the distinction, it's how -- it's not the gathering of the information but rather how it's processed, who processes it and for what purpose. and so long as it's being processed only in a rare number of instances and for a perfectly

proper purpose, people are perfectly relaxed about it. >> in the front here, sir. >> my name is nishikawa, japanese security consultant. my question is to mr. olsen. my question is very simple. how ought national counterterrorism center coopera cooperate, information sharing with japan, for counterterrorism? >> right. the question is sort of -- how does the -- where i was at the national counterterrorism center, how do we conduct information sharing with japan or that can make it more broadly other countries. so we're -- when i was at the national counterterrorism center, we weren't the main way that information gets shared on counterterrorism that really is

largely done by the collection agencies, themselves, cia and nsa and fbi with their kou counterparts. since they were the initial collectors of the information they understood who to share it with, what the rules would apply to the sharing of information. you know, that said, we had -- we had strong relationships with japan and particularly countries in europe and elsewhere in asia on the counterterrorism efforts. so what we were often sharing was analytic products. somethings that we would analyze the information that was collected and we had a rigorous way of sharing that information with other countries including japan. >> but hopefully the counterterrorism center, the information -- office of national defense. information to japanese cabinet

secretary office. that route is very -- then cia or fbi each cooperate with the japanese national police or other kind of agency in japan. >> right. thank you. yeah. i think -- i mean, it's a good perception that sometimes coordination is not as, as well directed as it might be. this woman here. wait for the microphone, please. here. no, no. this woman. thanks. >> thank you. doris eisen. typical housewife.

>> great. >> the question i have, in listening to this, i don't think the american people have no more faith in the law but the question we have is when the law more consistently the same, but policy changes, as it is about to, executive policy, big-time, how does that policy change effect people at your level in terms of where you draw the chalk line? interpretation of the law and what can and cannot be done, are you personally effected but new policy on the executive level? i think that is what frightens people. we don't know if we are protected -- we're protected by the law but the interpretation of the law, i would assume you guys would continue the integrity no matter what the executive pressures are. but i hope that is the case. both of you, either of you.

>> the -- the policy determinations are made by the political branches and the people who are selected to staff them and the people they appoint. the law remains -- it is supposed to remain constant. and you get a policy request from either within the department or from an entity outside of the department, it usually goes to the office of legal counsel and they answer questions every day, can we do this, can we not do this. and the policy is supposed to be what our democracy is about. it is supposed to be the basis on which we choose leaders. they will apply this policy or that policy. but they will apply it in a setting where the law is supposed to remain the same. >> and i would just add, i do think your question is --

reflects this view. i think that many people hold that what we've learned about in the last few years is that the -- the intelligence agencies were abusing the authorities that they had. and i think that is really unfortunate. because i served as a lawyer at the justice department with judge mukasey and at the nsa and that is not the right perception, that there was not an abuse. in fact, the things that -- reports, like i identified from the privacy and civil liberties oversight board, said as much, independent reviews. but my experience has been that these agencies are working very hard to stay within the bounds of the law and if anything lawyers play a greater role than any ever before in channeling controlling and directing and guiding intelligence activities. and that is generally a positive thing. but the perception that nsa, for examp

example, has run amok the last five years, it is just a false perception. >> my favorite is it is the famous shakespeare line, first thing let's do, let's kill all of the lawyers but set by somebody who wants to disrupt and create chaos in society and he thinks killing the lawyers will eliminate the glue that kind of keeps and binds the society together. so that's matt's job, he is the glue in the generals. and this lady here and that gentleman there and that will take us to the end. >> yeah. claudia roset. i'm a journalist. i have a question about -- >> that is an understatement, folks. >> she's a superb journlist. >> thank you. i have a question about the broad scene. you have been discussing here the detailed fine points of how to assure justice, follow the law, what should be done and yet you get -- this is sort of follow on the housewife question, these sweeping policies where we see the rise of isis in syria, we see iran

having access to enormous amounts of money and markets and mobility and so on, all of which affects things like the terrorist threat in this country in major ways and here i would just like to ask you, okay, in one sense that is a good employment program for the intelligence community because the job then is to try and further counter it. but is there a rising frustration that makes it at some point difficult to get work done. in other words, meticulous crafting of things to try and track down these threats and then broad brush policy that engenders massive amounts more inside of the intelligence community, and how does that play out? >> i think your question suggests, i think a reality which is the threats that we face are in some ways expanding. they are certainly becoming more complex, just looking at the terrorism side of the security

picture for a moment. the number, the spread of jihadist groups has grown. and so the threat in some ways is growing up. and at the same time, our capabilities are going down. so the trendlines are going in the wrong direction. if that is -- that is certainly a source of frustration for people who are responsible, who are charged with protecting the country. and let me just say a little bit more on why -- one of the reasons our capabilities are going down is because we've explained so much, we've given away so much -- not explained, but let loose so much information about how we conduct surveillance. that is a critical way in which i saw the intelligence community lose capability to conduct surveillance of terrorism targets. so we lost capability at a time when we needed that capability more than ever. >> we are talking principally about the snowden disclosures which were invaluable for our

enemies. the gentleman over there. >> hi. i'm andre greeny. i briefly worked in air force intelligence and now i am an entrepreneur where i could move things a long a little quicker. i'm curious, where can an intelligence agency, how and where should they cooperate with the private sector and we can think about apple and the fbi if you want to do that or just speak more generally. >> matt. >> sure. so this is -- among the negative repercussion of the snowden leaks, in my case, the most damaging has been the impact on the cooperation between the private sector and the government when it comes to protecting the country and we're seeing this play out in a number of ways. you identified one. but it's really across the board. it's been critical for the intelligence community to take

advantage of the innovation and ingenuity within the technology community within the united states and if it that is not available to nsa and cia and fbi, that will make us significantly less capable. i think we've made back some ground, we've regained some of the ground we lost because of the snowden leaks in terms of trust in the american people and our working relationship with our allies where i think we still have a long way to go is with the technology community and i think it is cause for serious concern. >> i think, i'll use the moderator's privilege and say i think it is really an interesting development when people sound like they're more likely to trust a large private company to defend their freedom than they are their own representative government. that is a description, not a critique. and maybe that is where we are right now because of some of the snowden revelations. but it certainly isn't

consistent with the madison tri-part model we were talking about earlier. so with that, it is 11:55. we're going to take a five-minute break and then come back for our key note lunch address by the honorable michael rogers. please join me in thank you general mukasey and matt olson for their wonderful -- [ applause ] >> you get a heritage tie. >> thank you, sir. [ hearing concluded ]

[ hearing concluded ] [ hearing concluded ]