s live and work. we recognize we are part of that commitment. we would come back and say we have a corporate responsibility in each of those communities. our ar to wal-mart, activities is through our foundation that we call the dominion foundation but we approach it from a decentralized approach. even though we are headquartered in richmond and have the separations in many states, we give the ability to donate and what activities to get involved in each region and state through employee-led groups which we call community investment boards. they live in the communities, so they decide where the dollars are spent. they have a better purview of the left-hand scape than we do many hours or hundreds of miles away. we give them as much spectrum to say what is important. they go through a process and come back and make presentations to us saying these are the

things we want to get involved with. pwhu the decision is with them. we think it is a model that has worked well for us. their overall mission is this, the community investment boards. it is their job to improve the social, physical and economic well-being of the communities they are involved in. for example, in 2011 diminish resources donated about $21 million across our system and that takes in about 1,300501-c-3 organizations. these were centered in the areas of funding environmental organizations, educational institutions, cultural and community development groups and health and human service provide providers. i'm proud of our matching gift program. we have about 16,000 employees and a number of retirees. we have a matching gift program for both these employees and retirees. it is about all getting dollars

into the community. if folks think it is important enough to invest their own money in the communities, the company will match the dollars. turning specifically to the topic at hand here, when i look at what dominion donated to last year roughly half of it went to charitable grants covering basic human needs. i define them as food, shelter, heating and cooling and access to basic healthcare. as governor macdonald was kind enough in his introduction, our participation in the no kid campaign is a natural fit for our company. a couple of years ago we donated $1 million exclusively to food banks across the system. we are pleased to join with virginia with this effort. i was looking at previous comments out of the committee and couldn't agree with governor beebe's comments more when he said when kids don't eat they

can't learn. making sure they get nutritious food and right kind of food is title to improving their prospects for escaping poverty. the bottom line is when they do not get enough to eat they cannot thrive. this is just as true during the summer months when they are out of school than it is during the and spring sessions when they are in school. that is why we were anxious to support the no kid hungry initiative. when you look at through the summer food service program which is funded by usda those are the kids we talked about that get reduced price or free lunches. but i think that the effort in virginia may be a little different. they created what is known as a collaborative table. that really is where state agencies, business leaders, community active folks get together and lead the direction

of the effort. i think that we think that is so important, that it is not just one entity directing where the dollars are going. it truly is a collaboration. i will give you an example. last summer in norfolk, which is where dominion is the electric utility provider they had a direct mail effort to basically advertise the summer meals program. fliers went out to about 34,000 households as well as there were about 20,000 additional fliers to key areas advertising the summer meals program. they were distributed in can he areas across eastern virginia. at the exact same time the share our strength program which was funded primarily through wal-mart -- thank you -- and so d.a.x. so and dominion went out and they were looking at a grants program and one thing the secretary talked about is what i will call the infrastructure cost about transit, how do you

get the meals to the right place issues.e types of to show you the results of that, the virginia department of health just brought out some releases showing how effective the campaign is. in one year virginia created 113 new locations for the summer meals program and overall had an increase of 23% the number of meals served. there is no question the program has already had a very big impact. i think we know that is probably just the first step. in virginia alone there are 320,000 children who do not have daily access to good nutritious food. some of the stats techniques that i have -- statistics that i have seen is there are about 16 million across the country in danger of if you look at the federal guidelines that don't have daily access to food. that is why it is so important we look at not only the issue

but come up with a longer-term solution. that is why dominion is so active in this effort. i want to thank each of governors and applaud your efforts. this is not a one-day type of meeting. know this is an ongoing challenge for the committee and for the country. but i think that the one thing to be clear is that there is not one state or federal agency or one business or community service group that can address all of the challenges. we are going to have to work together. i think that we all know that food is fundamental to life and growth and working together i think we can win the war on hunger. we certainly owe it to our children to try. thank you again to governor macdonald and other governors and we look forward to seeing you in williamsburg. >> thank you, dan. questions or comments from members of the committee? sounds like you have both and encouraged them to continue this fight and

put this at the top of the information dissemination activity in the respective states. a lot of people don't think of the fact that there are lots of folks down the street that go hungry and especially kids. so by making it a top priority in our states and bringing public awareness to it, then with the outside help that you are able to provide through your collective efforts we can make a big dent in this and share our strength has been such a leader and your support for this is greatly appreciated. anything else for -- yes, sir, give. >> thank you. i'm not precisely sure of the lodge psychiatrist confidential relationship towards various or rtments of education school cafeterias, it is not clear from the material that we have. i wonder if you could just run

that down a bit. is that district specific, or is it connected through some of the snap programs and other programs? does that work? >> the logistics expertise is really with food banks primarily. we are working in hawaii with some of our storers to get the food bank there connected and ake sure we are donating food locally. the breakfast has been a flannephilanthropic grants and e tried a model from an incentive model that provides a school $1,000 to move to that model to collaborative moving across multiple organizations to remove barriers. in little rock aware seeing work between the school food association and school district all the teachers.,

getting behind this along with principals. because there are lodge gist confidential things like changing bus routes to do this, changing timing of the school day, making sure it is a really efficient process in the classroom. it takes a real collaborative to do it. >> do they reach out to you? are you expected to make deliveries, for example? do you have a separate trucking syst system? if it is an institutional situation like we have a single school system in hawaii for the whole state having to do in part because of where islands are and et cetera and the history of a kingdom to a territory to a state. i wondered, how that -- what are the actual logistics of making it work? >> ours is an investment in

their capacity because fundamentally we aren't the provider they order from. secretary vilsack talked about barriers like equipment. it has been things like working with the district, identifying the equipment shortage, identifying the model, whether grab and go carts that go in the hallway or rolling coolers delivered to the classroom to serve a hot breakfast, then identifying the infrastructure so they can do it for themselves as part of their model each day. so, it is a philanthropic investment but it is building the capacity of the district to do it long term. >> thank you very much. i'm tkpwg going to pay some tec attention to this when i get home. i simply wasn't familiar. i had one last point. we are participating in the wick and snap and so on. one thing that we have some difficult and it has partially

to do with our fault at this stage because our software and hardware communications, our capacity literally to talk to one another is at a very primitive stage. it is one of the big initiatives i'm trying to get under which it modernize our capacity to talk department to department and especially with nonprofits and service agencies, foundations, et cetera, to integrate their communication. one area is the child and adult food care program of the department of agriculture. we are behind in that. i wondered if you are connected to that as well. >> we have done mainly work with day cares around nutrition of that program. but not as much as we've done with kind of the core federal programs. >> i will follow up on that. thank you.

>> thank you. >> other questions or comments? if not, julie and dan, thank you for being here and thank you for your presentations. thank you for your work. one final item before we adjourn and dismiss. we have the three policies that were decided on in december, k through 12 education reform, child nutrition and building a world class workforce. the staff, joan and her folks, do all of this work. we show up and do what they tell us to do as often as not. let's thank john and the staff for all the work that they have done. [applause] >> we will present policies, i guess, tomorrow and so right now we are adjourned. thank you.

[captions copyright national cable satellite corp. 2012] [captioning performed by national captioning institute]

>> a look live at the national governor's association 2012 winter meeting here in washington, d.c. our sun morning news makers program will be coming up in a few minutes. the national governors association meeting continues this afternoon with our live coverage of a special committee on homeland security and public safety. the topic will be the changing role of the national guard. then later on this afternoon tell you events to about on c-span. we will be covering ron paul's speech to small business owners on jobs and the economy. that is scheduled for 4:00 p.m. eastern.

that is from michigan. at 6:00 p.m. eastern, presidential candidate newt gingrich speaking on god and count country. and that speech is coming to us from georgia. those are the live events coming up today on c-span. >> joining us on "news makers" is the chair of the federal trade commission john leibowitz. here for the questioning is a reporter with the national journal and a reporter from blog best week. let's step back on an issue many may not have been following the administration putting forth a privacy bill of rights for online issues, those who use google and yahoo. what did you present this week and why is it an issue >> the commerce department and white house came up with something called a privacy bill of rights and it is about protecting consumers' privacy in internet commerce and it is

critically important. most consumers feel very strongly that they want to have privacy protection on the internet. they are concerned about where their data is going. and what people are doing with it. the commerce department and white house machine envisions -- it envisions industry codes of conduct enforced by the f.t.c. conduct enforced by the f.t.c. we at the f.t.c. had a related idea. we have been working on in quite some time. it is cullalled a do not track option. they can opt out of tracking online. they could nopt out of tracking.

that was another part of the announcement. we are making progress. hopefully in a few months or the next year consumers who don't want their information tracked could >> how much of this will be done legislatively or through any regulations and how much done by the push a button and opt out of tracking. industry self-regu itself that is a great question. at this point it involves industry self-regulation and i think that is the approach we are pushing for. it is a good one. it is a good one. i think that sort more of invol people from industry and among advertisers and internet companies recognizing that the more trust you have in the internet, the people do internet commerce. you have trust, consumers have when they can control their information. >> talk about how this differs from the approach that the f.t.c. advocated in a draft privacy report you issued in

december of 2010. i would say they are both complementary. the commerce department and white house white paper is all about protecting consumer privacy and they try it do it mostly through industry-wide codes of conduct that will have to be implemented. our privacy efforts are twofold. one is enforcement and other policy related. on the enforcement side we brought more than 100 cases, 30 involving inadequate data security, scores of cases for people who violate the do-not-call registry, they call people who are on the registry. there are more than 200 million consumers who are registered on the do not call. then also a policy function that we have that goes back to 1914 when the agency was created. we have used that to think about privacy issues. our report we called for three things. privacy by design, which means when you are building this new

app put privacy protections in. we call for more transparency because nobody reads screen privacy notices and our staff fond a mobile privacy notice that was, took 102 clicks to read that. no one reads that. and more choice. consumers should have the right not to have their information collected if they don't want to. we all understand that there is this driving internet economy and it is incredibly innovative. no one wants to stop that or the free content and services that are provided by advertising. but your computer is your property as one of my former republican chairmen used to say and people should have the right to have information collected particularly sensitive issues. >> it seems like there are two buzzwords here and i will try to

see if we can explain both. self-regulatory which is what the industry is pushing. they are implying to the white house we will take care of this ourselves. then there is where they kept showing up in the white house report which was stakeholder approach. it doesn't seem like the two of those will work well together. you have the industry taking care of itself and white house suggesting you get industry plus private watchdog groups and congress together to figure out approach. it seems like washington is where a stakeholder goes to die. >> i'm more optimistic than you are, brendan. i think that people recognize -- look, industry can manufacture faster when it wants to do something. and on the issue of consumer privacy, industry, consumer groups, agencies like the federal trade commission and departments like commerce all

care about this. i think that so far we have made progress -- even though i would say there is some suspicion between some different stakeholders, say consumer groups and advertising industry. >> hypothetically. >> but we've moved forward because it is meaningful that industry has committed to protecting privacy online and to doing it -- one part of the announcement i do not track they will not just use the cookie base system but the do not track header. >> so essentially if you send out a note from your computer out a note from your computer that says do not track me, these advertisers will honor that request and they represent 90% of the advertisements that we see online in the united states. so, i like to think that these

are not sort of two notions in tension but they are actually sort of paddling down the same river and at some point in the not too distant future we will accomplish something jointly. >> do you think people are aware of the tradeoffs when they sign up for a free service like social networking service that information that they put on this may be tracked and collected? do you think consumers are aware that? >> i think they are not necessarily aware of precisely what the tradeoffs are. >> whose fault is that? >> whose fault is that? i don't know that it is necessarily a fault. i would say privacy notices could be clearer. one part of our report. part of our law enforcement approach -- we do enforcement -- when a company says we are going to keep your information private and they make it public or semipublic, that is an un tpafa

and deceptive practice and we go after them. we have brought two major cases, one against google for starting privacy cases or jump starting its google buzz network by taking private information on g-mail they said they would keep private and making it public. we brought another case against facebook because -- for privacy violations. both of those companies -- the facebook order covers 845 million consumers worldwide, 200 million in the united states, about 650 million elsewhere. what it basically says is you have to honor your commitment. if you do, we will put you under order and part of the orders if they want to change the privacy settings going forward they have to give consumers an opt in.

>> it seems like the language in the two decisions said they should not misrepresent what they are doing around privacy and it seems like her question went more to how they represent themselves. the real problem is what is the contract that you are entering go on to a site and log in and what expectations do you have about what they do regardless of what they tell you? >> that is a fair point. first of all, companies shouldn't misrepresent what they are doing. that is a lot of what we do when we go after companies. second, companies should have clearer disclosures. so, for example, that is one of the things we called for in the draft proofers report that -- privacy report. the other thing i would say is i think companies recognize -- it is not bad to have a little prodding from agencies like ours and consumer groups -- they need to do a better job. to do a better job. two weeks ago we children's mob

apps. what we found were very meager privacy disclosures by the app report on developers and seemingly not well enforced by google, which has the android an appear store, and by apple. we have been talking it the companies. they are committed to doing better job and i agree with you that consumers should have better notice of what they are doing particularly with kids' apps where you want a notice that is just in time and understandable. are you collecting my data and if so what are you doing? >> google has made a lot of money because of this and we have done a search for a product and we see the ads that pop up. how will this change the business model of a google or and the world of the

f.t.c. and government will play? companies commit as they seem inclined to do based on the work we have been doing to not track you if you ask not to be tracked, my guess is that it probably won't change their lives all too much. sure many will opt out. i happen to like getting ads that relate to things i'm interested in. our sense is not many will opt out. the other thing is the companies will have made a commitment and if they violate that commitment that will be potentially a case for the f.t.c. i think they will give consumers more choices. >> you talked about that you want companies to be more clear in privacy policies. google has been clear in the changes it will make to privacy policies march 1. a lot of people have voiced concern about that. people on capitol hill. i know you can't get in details of your settlement but do you have any personal concerns about the changes they are going to implement next week?

>> other than saying that they been clear and that it is a fairly binary and somewhat brutal choice, i think i can't say much more and i will leave it at that. but we are aware. >> binary and brutal was plain. >> it doesn't seem like there is a tension in the market. you are suggesting they be more explicit about whether they do. i wonder if they were completely up front about what they are doing with the information, whether there would be a market. i wonder whether i would sign up for a service that says we are going to sell information about you. they are misrepresenting what they are saying. >> i'm not sure everybody is selling information about consumers. but i also think that if companies give clearer disclosures -- again, some companies do give pretty clear and google is giving

a clear disclosure.if you have y privacy policies >> do think there's a possibility of introducing a ratings system? >> for privacy? i suppose that is a possibility. >> the idea behind the rating system is it provided clarity to people who were going to go to a movie. it is hard to read even a one page privacy policy. a rating that would tell you. >> i think the question would be, who would run the rating system? for example, we in the government would probably not be, for a variety of reasons, including the first amendment, would not be an ideal raider -- rater of privacy policies. i think we're good at helping to

develop model privacy policies and helping to enforce policies and violated. but if we wanted to get together and christen the along the lines of the motion picture association, maybe like a nc-17 rating and what policies work, that may not be a bad thing. maybe a model privacy policy you can look at in one click or two clicks. >> it does seem like we're still talking about a self-regulatory approach. the white house papers specifically said legislation enforceable by the ftc. how you square that? >> to things. i do not think they're in conflict at all. the company says, i will protect privacy. and then if they do not do it, it is already in for so by the ftc. in fact, the better business

bureau has an enforcement mechanism with some teeth for enforcing do not track. we have received complaints when they cannot resolve them and having them receive complaints. i do think a self-regulatory approach can involve ftc improve -- enforcement. i also think that, you know, privacy legislation has a place. if we can come up with a sort of comprehensive balance, is set of guidelines, that would probably be a good thing. >> how do you deal in the issue of codes of conduct that you put together, how you deal with the companies that do not sign up for that? for that? >> i think that is a very serious issue. >> there is a lot of silence from facebook. >> i probably should not

interpret the meaning of that silence. but, look. i think most companies want to do the right thing. i think there recognize the more privacy protections to give consumers, the more trust consumers have in the internet. the more business they will do on the internet and more activities there will have. and so, i think, look. the notion of putting -- is designed to happen overnight. it will take an effort by industry. when you get critical mass, and i think we have the potential of commerce to get a critical mass. i think it will be easier. when you set standards, but there always be out liars. we spend a lot of time as the agency going after the bottom feeders. -- there will always be

loutlier outliers. this is not a year when congress is going to pass a lot of legislation. maybe some of these privacy bills can move forward. it is a one year where we should be working on privacy. the best way is a combination, i think, of government using its a bully pulpit and pushing very hard for the self-regulatory standards. >> these to earlier questions -- how broad or how narrow will these rules of regulation be. >> the one example i think we are very intimately involved in that we will see whether the commerce department picks it up is do not track. i think the way it is going to work is that companies made up of 90% of all advertisers --

companies representing 90% of all advertisers will give you two options. one is there is a little icon on advertisements. you can click on the icon. a few clicks away you can opt out of being tracked. another way is they will honor what is known as the browser header, do not track meet. that is the major news of the white house announcement on how do not track. they have been reluctant to honor the web browser request not to be tracked. you can say, do not track me. your web -- your web browser will not track you. will not track you. >> will political parties and campaigns be exempt from this? or they have to apply the same standards? >> well, if you asked not to be tracked.

i think, again, it is voluntary. anyone can can say i'm not going to agree to honor the tracking. but you know what, that is a great question. i think if you do it to the browser headers, it is automatic for advertisers. but i would say it would be wise for everyone to honor that commitment because otherwise i think consumers will not be happy and consumers are voters. >> campaigns? >> it does. because of a first amendment issues and because of congressional concerns. >> how important, how significant was this that google said it would sign up for this initiative? they put forth the do not track option. >> significant. >> i collect a press conference

feels like do not track is an answer to a browsing habit that is about three years old. in the sense that more and more people get their information over the internet through apps and their mobile devices. there are a whole new list of things that can be tracked, location, phone numbers, things like that. it is great this progress has been made on do not track. the industry is on board. but it seems like there's a whole bunch of things the contract that they are not really talking about. how do you keep the ftc from always fighting abuses that are three years old. >> there are two ways we do it. we're not a regulatory agency. we are in enforcement and a policy agency. it is harder for us to set up rules in advance. we go after bad actors. but like our report on policy,

we set up what we think are our best practices for companies. i think that helps move the process along. when you bring a big case, i think that weeks of the industry. on apps, for example, some of them might be collecting information. they may be in violation of the childrens' on-line privacy protection act. we want to treat a wake-up call to the system. that's a better disclosures and make sure we're doing is legal. the next thing we'll do is go back into the field to see if there are any violators. this is a tricky question responding to how we make things better going forward as opposed to correcting mistakes from a few years ago. we try our best using the tools that we have. >> on your privacy report, can

you give us a preview of what will be much different from what you advocate in the draft support? >> i think it will be consistent with what we advocate in the draft support. it is still around the commission now. commissioners are giving back comments. we got more than 450 comments, which is extraordinary for us, on our draft report. we learned -- we did a lot of workshop with businesses and technologies. we learn a lot by putting out a proposal about what works and maybe what might not work quite as well. i think it will be very consistent. i think it will call for the same principles. you may see some refinements in our final product. >> one of the goals of the administration seem more in line with european standards. it seems like there is a problem

there. there is a blogger who says americans are too proud with their bodies and europeans are too private with their data. >> again, keep in mind we are an enforcement agency. what we sometimes cross- pollinate with the administration, it is want policy matters than anything else. i am not so sure that i would characterize the administration as trying to bring us more into line with the european approach. but i would say this -- with the european approach and with the american approach are both trying to do is to ensure a thriving, innovative internet, but the same time protect consumer privacy. they do it more by regulation. there is regulation coursing

through the european parliament right now that is undergoing some changes, but is designed to protect consumer privacy. " we go by enforcement. again, we brought big cases and the last year against the social networks. they are intended towards the same -- we have risen policy papers that are all intended towards the same goal. >> one of the interesting things the europeans are advocating in their changes is this idea of the right to be forgotten. you go on-line and you want everything gone. companies should be able to give you that. t think that is an idea that should be considered here? is that feasible? >> i would say it is an interesting question. certainly, when you're dealing certainly, when you're dealing with kids who are online, they

are incredibly -- in using the internet but not necessarily have good judgment. we have trade education to show parents how to teach kids about proper internet usage. issues involving barbara boxer -- issues involving sexting and causing tears down the road is disturbing. certainly it is legitimate for children. one provision in facebook says that if you leave facebook, if you decide you want to stop using it, you get to take to the extent practicable your information back. so, in a certain way, that is the right to be forgotten. >> we have about five minutes left. when it comes to the issue of smartphones and states like

california tried to control some of this, are there lessons you can take away from what the states are doing? >> yes. what california did last week with the smart phone companies is a real step forward. it is very consistent with some of the concerns that we had when we released our kids apps report two weeks ago. >> it seems like any kind of watchdog privacy center puts us something that a large company is doing. the ftc balls up with an action and corrects the behavior. which seems to show that those groups plays a really valuable role in the process. how do make sure as the industry moves forward with a self- regulatory approach that the watchdog will be represented as well? >> i would say two things. first, i do think they perform an enormously valuable role.

both the companies or are targets and they know it. since we do not confirm investigations, we cannot talk about it. you'll get a petition. members of congress also send us letters from time to time to look at things. how do we do? how do we do? investigation, you look at the company. when a company is potentially violating privacy or investigating in mortgage fraud. when it comes to policy, we're always consulting. we want the best information we can from the smartest people think about these issues. >> the senate is willing to give you another term. what you want to do in your next term? >> one of the great things that the federal trade commission is we are as much about continuity as we are about change.

during the bush investors and we were bringing in antitrust cases and privacy chases. maybe that has changed little. maybe we have brought it up a tad. but we are a very bipartisan, consensus driven agency. i think we will continue to focus on the things that we focus on. consumer privacy is critically important. important. internet fraud , the notion of debt -- gimme $5,000 and will take care of your mortgage or credit-card debt in a few years. these companies take your money and do nothing. and then health care as well. and then health care as well. health care is 80% of our gdp. in most european countries is something like 9% where it is maybe not quite as good, but comparable period we're trying to stop pay for delay pharmaceutical supplements for brant payoff the generic competitors to stay out of the market, leaving consumers

holding the bag or footing the bill. we're trying to restrict those deals. we have three hospital merger cases. but some can be pro- competitive, but when you're going two to one in a city like al denys, that is problematic. supremeke that to the court. we just sued to block a deal of two pbm." care and a former american. it would've been 60% of the marketplace. we're going to make health care and technology markets a big issue. >> google and facebook are staffing up in washington. the of a couple policies accepted recently. dc power shifting in away from

telecoms' in the film industry into on-line services? >> is an interesting question. i think when you become-an established company, and particularly a major company in america, there is a natural engagement with washington. this is not surprising. they are all hiring really smart people. they will do a good job representing those companies. one hour and the senate judiciary committee, microsoft, before we started doing hearings, and before the case had been brought, was very small. >> thank you for joining us for questioning. jon leibowitz, the chair of the federal trade commission. thank you for joining us on "newsmakers." >> thank you, c-span.

[captioning performed by national captioning institute] [captions copyright national cable satellite corp. 2012] >> newsmakers today with jon leibowitz discussing people using the internet and smartphones proposals unveiled on thursday, as an increasing number of companies collect personal information about internet users. "newsmakers" re-errors on sundays at 6:00 p.m. usually, but today it will be on again at 7:00 p.m. because of our live political coverage here on c- span. in that coverage, coming up today at 4:00 p.m. eastern, a republican presidential candidate ron paul speaking to small business owners on jobs and the economy. that is coming to us from michigan. that is scheduled at 4:00 p.m. than at 6:00 p.m. eastern, newt gingrich speaking on god and

country. that coming from georgia. our live coverage continues here on c-span. now a forum on a cyber security legislation with a panel that includes former home and security secretary and mike mcconnell. this is two hours. >> the morning distinguished members of the washington 80. trustees, faculty, and staff at george washington university. it is a pleasure offering you to the forum, entitled the cyber security legislation with mike mcconnell, and senior

congressional staff. it is a particular honor this might welcome the former secretary of common security and former judge for the u.s. court of appeals for the third circuit. michael chertoff. and former director of national intelligence and national security agency and a george washington alumnus and a george washington moderate degree recipient, mike mcconnell. both of these jonah have been leading figures in efforts to address the growing cyber threat to our national and economic security. admiral, as, secretary chertoff will be joined today by senior editorial staff to discuss legislation. here at the george washington university when an initiative could bring together policy, research, and education, among the results of this epoch that are already far in the advance

are the creation of a new master of science in a cyber security based on our department of computer science and the launching of an executive m.b.a. that will bring together our school of business and our law school. it is now my pleasure to turn over to the associate vice president of home and security and director of george washington's a homeland security policy institute and the moderator of today's discussion, which i hope you all enjoy it and a profit from. thank you very much. [applause] >> thank you. thank you, president. let me also echo you're welcome to everyone here today. not only in the audience, but also of yours on c-span and those watching our live web stream as well. as you can tell, we have a pretty good size panel here, which is reflected i think of the significance and importance of the various issues we're going to discuss today.

one would argue it has taken quite some time to get to this point. as i think senator lieberman put it, perhaps our system is blinking red in a domain very similar to the system that was drinking red 3-9/11 in terms of counter-terrorism. -- 3-9/11 in terms of counter- terrorism. i think we need to do more in this space. i think we to ensure that our ability to project -- protect networks as much as possible remains a safe with the advances and networking. i'm not sure we can all agree on how we best get there. i am reminded, to some extent, of the goldilocks story where some say is is too hot, some say it is just right. we have legislation that is being tabled as we speak.

some say it is not reaching enough. some say it is just right. but i think in a very simple way we all know that the cyber threat is significant. the scope and scale ranges from formations. i think there're a powerful piece in the "the wallstreet journal." at the high end, you have the people's republic of china, russia, you also have iran and north korea increasingly engaging in this space, all the way down to destructive issues that affect us as individuals, our privacy. our role as consumers and our ability to have confidence in the system we are all increasingly using in this cyber domain.

i think this is something that touches just about everything. we as a society and individuals do. whether the tools may change, the technology may change, the nature does not. it will also affect warfare, diplomacy, economic security, finances, and it down to our individual sensitive issues. without going any further, i have already spoken too much. we have two wonderful mentors of mind and people i have the utmost respect for to help from some of the big issues. first we will hear from admiral mike mcconnell. former director of the national security agency. long-term nato intelligence officer. as well as the second director of national intelligence. he left that role to become vice chairman.

following admiral mcconnell, we will hear a colleague, from, and mentor of mine, michael chertoff. thank you. he is a former judge. ran a criminal division when it became a most significant division at the department of justice before and shortly after 9/11. gave up, perhaps, the greatest job in the world, to take on one of the most difficult jobs in the world as a judge and assume the role as the second secretary of the department of common security. following these wise men, we will hear from a various number of staffers who aren't driving, who come to this issue with real expertise, but are driving various legislation that is before the senate and the house as we speak. first, we will hear from tommy roth, who is the intelligence lead for the senate leader.

he is the driving force behind the cyber security act of 2012. next we will hear from a man who is working for senator collins and is the minority staff director, driving some of those issues. as well as ratner, who works for senator lieberman. last, but certainly not least, we will hear from tom, the house intelligence committee side in terms of chairman rogers on the house side as well as we will hear from mr. long reince proposal -- proposal on loss of security. the floor is yours. >> thank you very much. i appreciate the kind words, kind remarks. i have actually been focused on

a topic that has become topical in the last year or so. i had the privilege to serve as a director of the national security agency just after the cold war in the early 1990's. my worry when i checked on board their was thinking about wonderful agencies, great contributions. not all of the contributions in the cold war, but that before world war ii. we were breaking and reading not see germany codes in wartime and reading them before the german field commanders. that is a tremendous advantage. if you think about the historical context, agency is a great contribution. how are you relevant going forward? what i was struck by was most of what had been in successful in exploiting the nation's history is wireless communications.

i talked to a few young engineers and they presented me with some facts of the future. one of the things i'll never forget is they said, mr. director, before you leave here, 90% of the world communications of the inside of a glass pipe. if you think about that for a second, not working was exploding. the net had not quite, what it is today. but young engineers were thinking about it in ways that the volume of global communications flow would be inside fiber optic pipes. today we are testing 1 terabytes per second. just think about that volume. the way i imagine it as a non- typical person is the path between washington and richmond is a cow path. that is wireless. imagine a 6000 lane highway? that is the way you think about the difference.

i am starting to think about this early. my first idea is how we exploit -- that is an important word. it does not mean you destroy. it means you read the other guys mailed here you want to exploit. our first discovered, this is so easy. it is amazing how easy it is. codebreaking, which everybody knows about, and code making, which is to protect our seekers. once u.s. it is so easy in a networked world, what about us? and i started to worry about us as a country and how dependent we are. we are truly dependent on the digital age. let me just jump to a i think our facts that may be debatable. there's not a corporation in the nation that can successfully

defend itself -- not one. the most sophisticated among those who would protect themselves have been penetrated to the point of capturing the source code or business plans or innovation or research and development -- everyone of them. i remember going back to my experience at an essay in the early 1990's and how easy it was. let me give you a way to think about it. if you're in a wireless motion, it is the date set in motion. everything has to be just right. if you're in a wired world, it could be data in motion, but to be data at rest. in the wireless world, it is hard to get to. in the wired world, it is digitally stored. the whole paradigm shift it proceed dramatically. i want to make some comments about the bills that of intimated -- being debated on the hill.

first, thank you to the senators who had the courage to put this together. when the december time in my view. i want to say thank you to the gentleman to my left and right. they can sort of set the trend. when i looked at the bills, my view is they're absolutely necessary to let both of them work its way to the house. they're insufficient. both necessary, but insufficient. there are two framing arguments. they have privacy concerns, all my goodness, if we cannot allow the government to look it domestic networks for protection because the maker too far and intrude on personal privacy. a very serious concern. it should be captured in the legislation. that is a violation of law. i think we ought to provide adequate protections. on the other side, which now to

touch industry with regulation. let me just use as an example, the cold war. i would cement that there were not adequate market forces in the cold war to produce the capabilities that we need to prevail the cold war. we did prevail. it was larsa the contribution of the private sector because it to build faster and cheaper and better. we had a national consensus. both parties were in agreement. we did that over a period of approaching 50 years. in my view, we are facing something that is as dramatic and significant, but there is no forcing function that causes us to do the things we need to do. here's my example. there are unique things the government can do. only the government can do. and we need to harness that

capability. i mentioned an essay and codebreaking. nsa can seize network speed. if you see it, it has to be seen with machines. if you react to it, you have to do it with machines. you can see an attack or penetration or whatever it might be. you have to block it at network speed. the current draft, while very important and we need them, the concerns about privacy and regulation that might touch industry are not allowing us yet to get to the point where we do the things and legislation to set the legislative framework to harness the best of government that is needed from government. in a way that we share the information and remove the network speed.

there is information in both drafts. having been an observer and a participant on the government side and private-sector side, particularly focused on information-sharing. i submit that unless it is required by law or if it is incentivize in a very significant way, you will not have information sharing. it will not happen. i know that from firsthand experience and my time in the military in the various agencies when i saw agencies was similar missions that perceive themselves to be in competition and the refuse to cooperate and share information. as a warm-up, thank you for the time. >> i want ithank -- to thank

the present for hosting this. it is an opportune time to talk about the issue. i want to agree with everything mike mcconnell said. i want to underscore the importance of the fact that congress is really taking this up. there was a time where people say not much gets done in washington. this is actually the area where there is an urgent need. something is getting done. it may not be that the bills that are being discussed a the end point, but they are good starting points. i would not want to lose a good start. let me cover three. relatively briefly. one is that this is a serious problem. there may be many watching on c- span. obviously, it is a serious problem. you'll still find significant

pockets of people who say it is overblown -- it is not that big of a problem. it is hard for me to understand that. when i open a newspaper every day i see stories like, for noretell.r, a communications company that had been in advance threat of its business information and data for over one decade. it was going to another country. that was then the "the wallstreet journal." many of us read about this. i may think to myself, well, the outcome is a good outcome. but it certainly raises a question, could that be done to us? even a less significant level, the rise of hacking groups, like anonymous, which look to target enterprises by disrupting the more penetrating and releasing private information is becoming an increasing problem.

you really have to either have your head in the sand because is not an ongoing six serious economic issue, or you have to view those is not being serious concerns. i have to see the time or the we worry about if we're losing jobs or competitively in the gold, should insist on a fair fight. i think the problem is very real. here is a challenge. in the world of cyberspace, it is much more complicated. first of all, the battlefield is not just at the border or the perimeter overseas. the battlefield is here at home. it takes place in the private sector's own networks. most of the targeting here, and most of the impact is by the private sector. which means, the traditional

message of security where the government owns the whole thing and that was to have private bodyguards, you are basically by standards. in the area of cyber, whether we're dealing with exploitation or attack, the private sector is very much a combatant. they are in the middle of the problem. it is access to the private sector that is being taken. it is to the private sector's operations. another challenge, and this is the issue of independence. i'll talk about that in a moment. basically, unlike what we have seen in terrorist attacks where people died. it is a horrible thing. things get destroyed. but that is essentially the target. that is where the impact is felt. in the area of cyber, particularly when you're dealing with a tax rather than exploitation, the collateral dependencies cascade.

the idea that i could watch my own domain or watch my own little enterprise and i could take care of myself, really misses the fact that everybody's enterprise, whether government or private, is dependent on the acts and omissions of everybody else on the board. that makes it much more complicated. the last challenge and complication is by dealing with the very nature of what the internet is culturally. the internet grew up with the assumption that those people participating in the network would be trusted people who led a commonality of interests. the fundamental architecture of the internet is a presumption of openness and accessibility. any data, anywhere, as long as it is connected to some network. if you think about it from a security standpoint, that is the

exact opposite of what we have a respected as security in prior centuries. you lock things up butterball ruble -- that are valuable. someone has to get into your space physically to see what you have to steal or destroy it. that openness, which is a good thing, challenges us in terms of how we operate. but the talk about the bills for a couple of minutes. i am not going to get into the weeds. there are fundamental elements of a think are important to any bill that has to present a good start in dealing with this problem. that is not to say there aren't other good things like reform, research and things. i think the core elements of these issues. first, it does have to be information sharing. it does have to be a liability

based protection. third, and this is controversial, there does have to be some standard setting and a requirement of meeting those standards for critical infrastructure. let me tell you briefly. first, the way you learn about problems through cyberspace is by getting experience in what those problems are. everybody fights alone. they're at their weakest. when you're dealing with network threats, the ability to observe them, analyze them, it is critical to avoid replication. basically, the more you see in the more you know, the better you are on the federal side. that is why we are isolated in our response and attack to threats. we are simply giving the adversary the ability to repeat the same technique over and over

and over again. information sharing is foundational. here, i would agree that you've got incentives. many companies understand that there is value in sharing, but they're concerned about the competitive advantage and what they will get in return. they're also concerned that they're creating liability. that brings me to my second point. protection of detente to drive information sharing. i think there are interesting approaches taken in the various bills about information exchanges. i think what is critical is that information has to be confidential. it has to be anatomized to a certain degree. it has to be shared in a way that does not create a competitive advantage. there has to be liability protection and incentives for those who do share and frankly

for those who do not sure, there has to be some liability issue. that brings me to my last piece. you have information, now what do you do to build a structural defense? i'm talking mostly about the private sector. the governor will do what it is required to do by law an executive order. i know this is the area whereas in the greatest push back. we do not want more regulation. the market can take care of itself. we need innovation. i agree that innovation and the market are important tools. but i'll tell you, it is my belief that in this area, the market will fail to do an adequate job. here's the reason why. if i own an enterprise and it is worth $1 million. i am not going to spend $10 million to secure it. but if that $1 million enterprise fails and the collateral consequence is $1 billion in loss, that i have a

cost that far exceeds the value of the enterprise. as long as we have dependencies and rely on critical infrastructure, we do need to make sure, first of all that there are adequate incentives for them to invest appropriately. secondly, that there is a level playing field for the people. for the people were lazy or want to undervests can't hide in the lease and hoping to get by with those to to invest. third, we have to construct a system that incentivizes appropriate standards without being micromanagement or overly intrusive, overbearing, or costly. that is why we were saying, here are some general standards and requirements. if you meet them, and you can show you need them, god bless you, have a nice life. if he did not, then you need to

raise your game. again, flexibility, innovation. always to skin the cat. but the man, you have to show the results. i think that bounces between harnessing the energy of american innovation but making sure we're not under investing. the lasting a would say is the irony is that when i talk to arele in business who opposed to any kind of standard- setting, i often think they do not realize how much it is in their interest to have standards set. without standards being said, i will tell you that you'll get standards, but they're not be thoughtful and debated and considered in regulation. it will be planted to go in front of juries -- plaintiffs who go in front of juries.

having spent a lot of time occurrence, they're not like the way those standards are set anymore than they like them now. intelligent, a standard based regulation with ample room for innovation and credit for what you have done. in the long run, it will serve business interests as much as it serves the national security. >> mr. secretary, thank you. admiral, i t y. an awful lot on the table. -- i thank you. i have always been with the school of thought litigate, -- not want this to become a cigarette wrapped in -- but there are areas where the market will not be enough to ensure that we get to that point. i'd be curious how some of these bills address the issues. three to five minutes on some

the substance of the bills and specifically looking to a business case as to what is going in. what are the key components in that. what are the enablers to dis incentivize. you have been driving a lot of this. if you want to give the audience a sense of where things stand right now in the current bill and where you see things going. >> i would be happy to do that. i do want to spend a little bit of time talking about the areas where the market i think is inadequate. how to pick up, said jerry chertoff said. in that is an important part of legislation, is incentives. first, some background. senator reid has been working with some chairs of six or seven, depending on the day, to bring together a range of different proposals span across

a number of different county jurisdictions on cyber regulation. i really liked the goldilocks analogy. first of all, it is the supreme confidence you can give a legislator went half of the book is too much and have to think it's too little -- that is compromise. -- when half of the people think it is too much and half of the people think it's too little -- that is compromise. with regard to business concerns and a poll for civil liberty and privacy concerns, and trying to find the balance that, you know, carefully takes into consideration each of those concerns. it has been really tricky and delicate. we have worked in a number of different elements into the bill that include critical

infrastructure regulation or performance information sharing. research and development. but also that include privacy protection and that include addressing all of these issues for the business community. clearly in mind as we do so and try to cover each thing so that all three of those polls are in balance. as has been noted, one of those issues that has been most controversial is the critical infrastructure regulatory framework. it provides dhs the authority to come on a targeted basis, set standards for critical infrastructure that meets a certain threshold. which is essentially, a threshold in these control networks that are critical to national security because the destruction will cause a huge loss of life for a systemic economic disruption or will

damage to national security capabilities in the united states. the concept of letting market drive security here is really important. that is what the ongoing conversations we have had in the business community. i think for a lot of people involved in the bill where the market is able to track security and motivation, that is what we want to see. you are absolutely right. nobody wants legislation to get in the way of that. but there are areas within the critical infrastructure sectors that we are looking at where the market is unable to drive security and innovation. i wanted to pick up on what secretary chertoff said because i think there are a few reasons for that which are important to understand. one is that when you are looking at private sector innovation towards security, when there is competition in place, there's a real incentive to innovate towards security. for me, when i go home and make

a decision about where to get my internet service, i do not have to use comcast to i can use verizon or any other sort of provider. when i looked at comcast and they provide extra security with my service, and i know that my service therefore will be more reliable, i may go with them or i may go with verizon if they are able to show me, to demonstrate their liability over their competitors. there is a built in incentive to innovate towards insuring that liability for customers and that means better security. in places like the electricity, i do not have a choice. i buy my electricity from pepsico. that is my only option. -- from pepco. i think that is an important area where the market does not have the same sort of incentives for pushing security. and, you know, that is the case

with a lot of the infrastructure we looked at -- the electricity sector, nuclear facilities, the transportation sector, things like that. the second area that i think is also very important to understand is that there are a range of different threats when faced. you can chart them out. there are incidents or attacks that are high probability and a relatively low consequence. and then there is a range for the probability goes down and the consequence and the risk goes up. at the far end of that chart where you have the low probability but high on the attacks -- but the high consequence attacks, those of the once every problem. -- those are the ones that are a problem. we have not seen that happen, but it is certainly possible. it is not a high probability attack.

if it happens, this is a major event for our national security. this is the kind of issue we are concerned with here. because it is low probability, there's not as much incentive to invest. you investor resources towards the high probability attacks which require your resources. the notion of putting in what secretary turnoff was talking about, a huge amount of resources for events are unlikely to happen, doesn't make as much a business sense. the market fails to incentivize. i think, you know, there was an article yesterday. a couple of articles yesterday. talking about how the nsa is now warning that a couple of years the hackers group anonymous will have the capability to take down the fortress of the power grid. i would argue that it would take a couple of years.

it is a bigger moving towards more in -- more quickly. the article was interesting. it was sort of talk about how the electricity sector has made investments in cyber security, but does not have all the safeguards necessary to protect -- because there's not a match between capability and incentive. there are iran, north rick, that have the intent, but do not have the capability. and then there are actors that have the capability -- russia and china, but people do not think they have the intent. this, to me, is reaching back to the cold war metaphor. right now, russia has however many thousands of nuclear warheads pointed at the united states but have no intent to attack us. but it would be negligent for us as a government and defense architecture to not defend ourselves against the possibility of that threat.

it is the same thing in cyber, only arguably worse. do not only have a bunch of cyber weapons pointed at us, but in most security experts would assess that there are already cyber tools that are put into a network by our adversaries that are waiting for a switch. we to work with infrastructure to make sure they achieve a certain level of security. i think that is where is the market does not work. >> what they all want to underscore before jumping into questions, and i would love to hear your views before we go to some of the bills on the house, but one of the things i'm not sure people fully realize is your last statement. the flip the switch from

computer exploit to attack is merely one of intent. in other words, if you demonstrate a capability to exploit, if you're a tent is to attack, it can be debilitating. i think that is worth underscoring, because when we hear we have not seen these attacks, but we have seen the exploit capability that could easily be tuned into an attack, unless anyone disagrees on that. quickly on some of the other components of the senate bill. >> sure. first off, i would echo tommy said. one of the more controversial elements of the bill that we're trying to deal with it is protection of critical infrastructure. there are a lot of things in the bill were think there is broad agreement. information sharing is one of those i think everybody agrees we need to address. senator collins has a working on

this issue for years now. we are very fortunate to have senator collins and the brain. the kind of relationship with have been teamed up to address this problem for a couple of congress is now very interesting bill last congress that was supported by the home bill national security. just last week, they choose a bill, along with chairman rockefeller that we hope will be the basis for the senate debate on this issue. if there are three things that are driving us on this, the forces to prioritize the greatest risk. -- the first is to prioritize the greatest risk. not only at large, but those systems with assets, that if damage, could cause truly catastrophic call -- harm.

the second thing we're trying to do is to take full advantage of existing structures and relationships. we are trying to take advantage of existing regulatory regimes where they currently serve a purpose. we tried to take advantage of best practices that currently exist in the private sector. we tried to take advantage of the existing relationships and in the department of common security and other infrastructure elements. lastly, we're trying to take advantage of the expertise where it resides. we're trying to leverage it to the nsa rather than recreating it. by making sure that when best practices and performance requirements are developed, they are first identified by the private sector. put forward by the private sector, it is only through a process of collaboration that we identified the best practices that really should be the standards for the most critical

infrastructure. those of the things we are trying to do through legislation. sometimes it is hard to get language perfect. the perfection of the enemy of the good here. there's a consensus on the need to act. our hope is that action will occur soon and will address these areas of highest risk. >> he did a great job of describing some of the points of our bill. i would just add to that briefly. i think secretary chertoff really described the bill quite well when he talked about some of the flexibility is in the chemical facility regulation. we basically, as he said, we are focusing on the most critical. it is the way we defined it. those that could lead to mass casualties, mass evacuations, and a severe degradation of national security. within that, we're focusing on

those. you are waived out. you can demonstrate that you are sufficiently secure, there is a provision that would give the president authority to accept a portion of the portion, if there are already regulatory controls in place that require a certain amount of security. as nick said, we want to give the owners and operators the flexibility to meet any performance requirements how they think is best. they know their systems best and we do not want to be in the process of telling them how to go about doing that. i will quickly add that on information sharing, there are obviously some other proposals out there that are very serious in trying to address the problems out there. the information sharing provision in the bill take down

the legal barriers that hinder the sharing of information between the private sector and the public sector. we try to incentivize that by providing the sharing of cyber security threat indicators. it is one of the highlights in the cyber security threat indicator concept in which we permit private entities to share with each other within the exchanges things that are defined by two prongs. the first is that a cyber security threat indicator indicates an attribute of a malicious attack. that is kind of spelled out in the bill a little more. the second prong is that it has to be reasonable efforts that are undertaken regarding personally identifiable information. we are talking about a narrow

slice that would really help companies and the government know the risks that are out there and share information in real time to prevent them. with that, i will turn it over. >> i understand that chairman rogers and mr. berger have a bill that has passed through committee that is very -- very heavily focused on the issues that we have addressed here on information sharing. providing the incentives and disincentives to not share information. can you give us a snapshot on the status and the meat around the bones in terms of the bill itself? >> over on the house side, the speaker has asked the representative to convene a task force regarding a broad framework of policy objectives. each individual chairman is supposed to work with jurisdiction chiefs inside of

that framework. chairman rogers asked us to take a look at what the intelligence community can do to contribute to solving the problem. obviously, it will not be a complete solution, but it can be an important contribution. we came upon examples of pilots as models that at heart added unique value that we do not talk about. of the information being gathered overseas can be provided to the private sector. it is a narrow pilot that we think scales very well. we have provided positive authorities for the intelligence community regarding entities in the private sector. and we have a go at trying to knock down those barriers to information. they found that the information going out bound to the company's was going well.

and that companies have a lot of disincentives, real and imagined. the imagined ones become real when people do not share information. we have talked about 130 folks, more than that, talking about the issues that stop them from information sharing. we try to knocked the barriers down in the process. what is great about this model is that it is harnessing part of the driver for innovation to solve the more serious cyber problems. this is going after the events of actors like china stealing intellectual property every day. chairman rogers talked about this historic transfer of wealth going on between the united states and china right now. chinese actors of our -- are stealing our i.t. to drive innovation in the market.

we need to do a better job of helping companies protect themselves from those attacks. we believe they're doing great stuff, but need some help. they are already paying for the great work that goes on in places like nsa, which collects sensitive data. as you have heard, there is a pretty good consensus and model for going forward. there are disagreements in the details, but it is encouraging that there is some much detail on both sides of the aisle about this narrow slice of the problem. our bill is bipartisan and fairly narrow. the tried to achieve that in plain english and i think we got that down. >> terrific. i would like to pick up on those points later on.

the strengths, weaknesses, and specifically whether or not you have looked at caroline processes that continue to this day to stymie some of the sharing from the top down. i have heard the same. we have got some defense industrial base folks in the audience that will have some questions. >> kevin, one of the things that mr. lungren has dropped in his bill out of subcommittee, can you give folks a sense of what is in the bill? maybe some of the differences? perhaps other entities are addressed there? >> essentially, building on what tom talked about, the house of homeland security committee

took it upon themselves to draft a bill within that jurisdiction. it was not meant to be comprehensive with in any manner, but certainly within our committee. essentially, it was three big pieces. first, the rules and responsibility -- responsibilities. i know that the secretary is well familiar with the lack of authorities that vhs has with its mission, -- dhs has with its mission. we wanted to codify the current mission and make sure that they have the roles and responsibilities clear to protect infrastructure in this country. the second piece does touch upon various aspects that have occurred, and includes the protection of critical infrastructure. we have taken a bit of a

different approach to it. the form very task force found that while regulation is not our first choice, there's a role in the government in protecting the most critical of the critical. in trying to determine what was regulated, how it was regulated, and who did the regulating is a task within the committee. what we tried to do was build upon the department's definition of covered infrastructure used in the senate bill. so, a facility function of critical infrastructure that would, if damaged or misused, would cause death or massive evacuations, systemic problems in economic markets, or severely the great national security, that is just one ticket that we have in order for this regulatory authority to come down. in our conversations, we have

heard quite a bit of yes, we have opened the paper to see these problems, but what are the risks to meet, my sector, and my critical infrastructure -- risks to me, my sector, and my critical infrastructure? their level of knowledge of these risks, they know it is out there, but they cannot put their finger on it. we authorize the government in the form of dhs to engage with the private sector and actually a identify risks on a sector by sector basis. they can come to the same table to agree upon a list of identified risks to their sector. that information is then made available to the sector as a whole so that the people that do not have constant contact are put on the same playing field as those that do.

and they can address those as appropriate within their networks. the second step is to identify existing recognized international performance standards, collecting them and putting them in one spot and evaluating them against their risks. essentially, this performance standard will mitigate this list better than the other, if mitigated appropriately. for the vast majority of the economy, that is where this ends. the private-sector can look at the risks, the standards, and make their choices according to their business sense. this is on the assumption that even if you are not going out to

protect your clients and partners, you will at least act in the best interests of protecting your investments. then there is that one element that we believe there is a government role. that is for those that are currently regulated, the nuclear, elector, water treatment centers, financial- services. those that fall under this cover critical infrastructure, the most critical of the critical. only if you are currently regulated and fall within this infrastructure do you work with your regulator to review existing regulation to match up against identified risks. if there is a gap of monks current identification and risk, the regulator chooses a performance standard from the collection to fill in any

particular gaps. we believe that this builds upon the expertise and relationship of current regulators and cuts down on potentially conflicting regulation by introducing another organization on top of existing regulators. the final piece, which we have talked about quite a bit, is improving formation sharing. i try to always ask folks, are our current mechanisms working as efficiently and effectively as possible? i have yet to come across someone who says that the status quo is acceptable. will we have tried to do is create, one, get rid of the legal barriers that prohibit information sharing. we have tried to essentially band together and create an environment, much like you mentioned, mr. secretary, to

work together and pool information and expertise. we establish an organization that is a voluntary, non government, third party, not for profit organization that stands up an information exchange facilitator. within that, members can view the charter, understand the information the shared, not shared, who will and will not be shared with, and make the evaluation of whether this idea in the charter brings value to their enterprise. we are hoping that not only the exchanging of information and having membership come to the table to say -- i just saw this on my network and i do not know what to do with it, that that facilitation and technical assistance will be available. government participation is a

key to bringing intelligence to the gang government operation. beyond the information exchange, we anticipate also facilitating a common operating picture amongst these sophisticated members, bringing together a pot of information that they would not only have. those sophisticated members can monetize that and build it back into their products services to better innovate on the information that they would not normally have. we have done away with many of the legal barriers for information sharing. doing away with liability limitations as much as possible. shielding from state and local disclosure. making sure that the idea is to share cyber security threat information for cyber security purposes. beyond that, if a member fails

to use the information appropriately, there are provisions within the law that would make sure that that is taken care of. so, what we are trying to do is create a structure around information sharing to provide appropriate oversight. but these are sensitive issues we're dealing with and we want to make sure that the appropriate information is going to the right people in the right span of time. putting a structure around it allows for appropriate oversight and also gives people a one-stop shop. they do not have to worry about going to the fbi, vhs, or nsa. they can go to national information sharing organizations to get that expertise. our bill is not a silver bullet. it will not solve all problems.

we do believe that it will put a framework together to solve some of our issues. >> find you. as you can see, a number of areas are covered within the various bills. i will open it up with a couple of lightning round questions and then turned to the audience. one of the things, the first being information sharing, a think it is fair to say that there are some differences between the house permanent select intelligence and homeland security, and maybe between homeland security and government affairs and house homeland in terms of who is the real bellybutton here. i want all of your quick thoughts. it is fair to say that the national security agency has the capacity and the wherewithal. the department homeland security has the authorities and statutes to be able to engage in this period is the current memorandum of understanding sufficient?

or do we really need to enable that activity? i would argue yes, but i would be curious as to your thoughts. so, what other impediments, if any, from making that a reality? second, a philosophical question. it can no longer be the case of government meeting and the private sector following. the reality is that the private sector owns and operates the vast majority of the infrastructure. they are the engine of innovation and the backbone of creativity. small and medium-sized businesses are really the ones that ultimately propel us forward. what, if anything, is in any of the legislation to induce changes in behavior, anything to have self-initiated standards in best practices? finally, last question is one

that is more philosophical in nature. before i ask you all to look in your crystal balls. looking forward, is the 80% solution enough? i would argue that we cannot firewall our way out of these problems. when i read the op-ed's that these gentlemen and others have written on the significance of chinese and russian capacities, we will not fire wall our way out of that problem, but if we get to that point where by and large we have the solutions, we can tailor our efforts to more sophisticated actors based on tactics and techniques. with these bills get us to this point? i do not know. i would be curious as to your thoughts. ultimately, do we really need to demonstrate an offensive

capacity? do we need to demonstrate a compelling deterrent that may cause actors to think twice? now we acknowledge it. it is in official government reporting. what disincentive this china and russia have today, after they have said that they are doing it? i would be curious as to your thoughts on those points, then we will turn it over to the audience. >> forgive me, read the first question again. >> specifically, nsa. we know who has the capacity and the authority. what is the best way around? >> senator lieberman is very committed to harnessing the expertise and capabilities of the nsa. part of the bill and the authorities included in the information title, we think that

vhs has been playing the intermediary role for some time. we think that it is probably best housed within vhs. but to leverage the capabilities and push that as much as possible. >> insurance? reinsurance? anything to induce the sector? >> i have not considered that, myself. the network of cyber security exchange that the bill sets up, this may reach out to more sectors, but we basically want to build on the existing capabilities and capacities. we want to, who are eligible to be cyber security exchanges. we incentivize sharing

information, whether they are federal or non-federal. we think that establishing those procedures to link the network of exchanges will facilitate the sharing of information. i think that that is an important point that we wanted to make. >> finally, threat actors and the higher end of the threat spectrum. do you feel that this legislation would impede some of their capacity capabilities? provide strategy for push back? >> on the critical infrastructure side, yes. obviously, there are advanced and persistent threats out there that are difficult to defend against. by setting standards, we can really get to that point. i think that on the economic side, information sharing is key. >> on information sharing, one thing that is important to understand is that there are

different types that you need to allow for. the type to have where you have a bunch of companies engaged in similar activities and have similar threats, they need to share information to protect themselves as an industry. that is important. to me, the really big fish in this is that when you look at the company's and entities involved in running those networks, running the internet, the top five or six stelco in the united states see most of the internet traffic in the world passing through their pipes. if you can add that what the nsa seas, developing that common operating picture, that is a game changer in terms of threats around the world. i think that the answer on information sharing is that the

dod, and though you that allows for them to collaborate is important. models like the pilot are really important. particularly for places like national information sharing. 2 hearken back to what was already said, they are all necessary, but not sufficient. you need to push information sharing at all sorts of different levels, with a number of points of entry, so that it is easy for these companies to share information across the board. i will leave the insurance question to others that have wrestled with it. >> what about small and medium- sized businesses? we are talking about a critical infrastructure. >> absolutely right.

the legislation that they have written, since they have written it, they should get into the details more than i should. but you see a lot of things i and kevin and jeff and nick's bill -- in cavan, jeff, and nick's bill. -- kevin, jeff, and nick's bill. what they're pushing for, this national cyber scholarship program, putting out performance standards more broadly, and also working on international standards, they are all present within the legislation. >> the car out for i.t., can you explain that briefly in your bill? >> again, it is a lieberman bill, so i do not want to take ownership, but i challenge the

notion that this is a carved out. working with critical infrastructure to set performance standards should be an outcome based process. when you're talking about outcomes, you talk about not saying that you need to have this particular technology or you need to configure this particular technology this way for security. it is looking at the entire ecology of your network, find the points of vulnerability and address those from a system wide standpoint. the example that i give is that if you are talking about an electricity utility, you can put it all the way to the greatest technology in the system that operates the electrical grid. you can put in fire walls, intrusion protection systems, spending millions of dollars to make sure that no one can

penetrate. or you can do all that with radio shack technology. both of those approaches lead you to an outcome that is more secure. the approach that we have tried to put in place in this legislation allows for a company or entity to make a choice that works for them to get to that outcome. the provisions that to talk about that say that you cannot regulate the specific design and development of other technologies, that has been a philosophical approach to this all along. the problem has been that we have tried to explain that philosophy to people and there was concern that there might be over reach within the agency's in implementing that philosophical approach. so, we decided that it would be a good idea to make it clear, make it apparent to everyone that we were not just speaking

philosophically. we were really true to that approach and wanted to make sure that it was implemented that way. >> admiral, i was fascinated by your eight story building analogy. >> i was going to touch on that, but tommy said something that i would like to build on. carriers is an interesting term. the big internet service providers are the carriers. he just said that they see about 80% of the world's traffic. if you put that together, we have a tremendous capability. i think that we have a 95% solution, but we are building fences around embracing it. what do i mean by that? where in the world do we have the best understanding of what is out there? what is bad, what is happening,

who is talking to who and what might they do, that is that the nsa. it exists today. the way that i think about this, let's task the nsa to establish an all source, total information awareness center. well, you have to have clearances. clearances are an artifact of what we created. the rule has changed. clearly. clear the internet service providers and put them in a facility. the way i think about facilities, a top floor, all sorts of information. everyone sees everything. you have authorities to do things in this nation. put up law enforcement activities, homeland security, whenever your authorities stipulate you to do. once you are informed of everything, you go to your floor. that is how the secretary and i

tried to frame this. in the top floor has all the information. anyone that needs to do something can go down to the other floors and execute their authority. the way that the bill is framed is for critical infrastructure to prevent massive casualties. who gets to decide, but the side and defined massive? was 9/11 massive casualties? was katrina massive evacuation? you will find vague language around what is massive and what is not. i have a fundamental worry that we are now focused on the massive casualties relative to critical infrastructure. the chinese are bleeding us of infrastructure capital. they are sucking the lifeblood out of this country in terms of business plans, source code, going on unabated. at one level it is a national security issue.

the chinese today are bleeding us of our intellectual capital. they are sucking the lifeblood out of this country in terms of innovation, research and development, business plan, a source code -- is going on unabated. at one level, it is a national security issue. what about this competitive disadvantage we have because the chinese have a policy of economic espionage? we do not. if we did, who would pick the winners and losers? we don't choose companies to rework with information wheat gained and the intelligence context. nation states, primarily china and russia have this policy and others to also. -- others do also. we will worry about the massive casualty or protecting a clearance rather than harnessing the information and sharing it in a way we can do the maximum benefit for the nation. as a national security issue, it is a national economic issue and we are not fully embracing it. these bills are necessary but inefficient. >> until we respond, there is no disincentive for that activity

to occur. i'm sure there'll be questions on the national security agency assuming what could be preserved as a greater role not only overseas but domestically. >> if it moves that networks pay its and goes from one side of the globe to the other in less than a second, do we want to empower an essay to empower networks to find bad things? -- do we want to empower nsa to empower networks to find bad things? you can make it illegal to look at content. if you investigate and understand the behavior of these agencies, they do not violate law. make that part illegal and scanning for malware a little . >> i'm sure there will be some questions on that. mr. secretary, but perhaps you can touch on this -- at the end of the day, we are talking technology but is really about the convergence of human intelligence and technical means when you're dealing with

the most sophisticated actors. wouldn't you rather have a source inside one of these organizations than perhaps all the technology to make that happen? our adversaries have probably already done that. >> you are pointing out that it is not a technology issue but it is what i would call counter intelligence. it is about how we look holistic play at how we preserve intellectual property against people who are taking it without our knowledge? sometimes they do because they can connect up over networks. often it is a combination of giving someone a sub-drive and a laptop or carelessness on the human operators on the machine. they might bring their home

device in which is riddled with malware and they want to play music. you have to look at this as a series of problems. one of the biggest mistakes we have made historical is to think there is one solution. you are never going to find one tool. there will be many different tools. every enterprise whether it be government or private is going to be facing some different threats and consequences. what works or is important in one ear will not be very important in another area. remember this -- there's an actual tendency of people who are trying to penetrate a network were still something to use the cheapest, least effective tool they can and still get away with it. if they have to, there will escalate to a more sophisticated tool but they like

to keep the best tools in the box until they really need them. when you drive security up to a higher level, you are forcing the adversary to play with the most valuable tools. once you see a tool, now the advantage shifts because you know what you're looking for. if you recognize it as a managing risk process, you are driving the adversary to have to do more complicated and sophisticated things to get by our admittedly imperfect defenses. it generally raises the level of security across the board and the people in the network can catch more stuff. >> in the cold war, when we were faced off with the soviet union, the soviet union could not think about design field test are put into operational context any military equipment we did not know about or

understand and had countermeasures' built-in before the put it in operation. let's take this to the cyberworld. if the community i came from really does its job,that malware is known before it is ever used. it is just like looking at an advanced fighter or a new submarine or of whatever might be coming our way in terms of a kinetic issue. we can have similar capabilities in the digital world to defend ourselves. is harnessing the capabilities that exist and doing it in a way that is consistent with their values and privacy concerns. >> that is a great point and do we need a check made equivalent as we did in the physical

domain? i think there are some wonderful initiatives that have been mothballed from the cold war. if we can be quick, i want to get some audience questions. >> the way we have tried to do this in our legislation is to think about the cyber issue as a three legged stool with one leg being information sharing and another being the protection of critical infrastructure and the third that we have talked less about is reforming the information -- the federal information security act or fisma. all three of these things should inform one another. if information sharing is working collectively and we identified the threats to our

critical infrastructure or identifying vulnerability, and all three are communicating as they must and should, that kind of information will then be shared more broadly and benefit all those who are not directly implicated in the legislation itself. i would defer on the question of insurance, i would say there are incentives built into this. not all the liability but the liability for companies to demonstrate that they are sufficiently secure. that is an incentive for them to go out and innovate so they can escape the government requirements. >> i thought we were at a different time but we are ok on time. >> in response to your earlier question about the technology information peace. we have heard from everybody that there is no way for us to keep pace with technological

change. what we have tried to do is take that to heart and be consistent with what we have set from the beginning which is that owners and operators should choose their security measures in order to meet the outcomes we are asking them to meet. we are trying to make clear that the government is not directly regulating the dividend -- the design, innovation, product development of our i.t. products while setting these performance requirements that should be the target that people are able to meet. >> let me ask one other question because it affects your committee's jurisdiction. any thing in these bills stymie what we need to do offense of the? >> that is complicated. the best offense is a good defense. >> we will leave it at that. >> there is no silver bullet out there.

even if you get your network up to state of the art, the threat does not stand still. the work is never done in cyber security. we were mindful of the problem as we were drafting the language. if we narrowed the language, it would get left behind. things are moving so fast. we saw this back in the 1970's with foreign intelligence. we have to keep in mind that this bill needs to last 10, 20, 30 years. we cannot be too narrow and our focus. if you knocked down the disincentives, i think people want to cooperate. they want to talk to their peers in industry. there are disincentives that stop them and if you knock down those barriers, that can be leveraged. >> what about the prc threats? will any of these bills help us there? >> that is exactly what we are shooting at. we're not worried about the kid in the basement trying to hack into the school server to change his grade.

this is about stealing intellectual property. >> you often hear that the chinese and russians have the capability to do these things. the chinese told u.s. debt and that is probably true, they would not be incentivize but they are building a capability. what happens when the capability gets sold to a

terrorist? the world will not work with a banking or the flow of money to lubricate the process for the transfer of goods and services. the two bags in new york that clear money clear around 7-$8 trillion per day and our economy is $14 trillion in a year. what backs of those transactions in new york city? nothing. there is no gold or printed money, it is an electronic transaction. what happens when someone contaminates that database? banking will freeze.

it will cascade in a waterfall and global commerce will stop. >> in a footnote, it does not have to be if you erode trust and undermine confidence. that is all the adversary needs to do. >> people need to realize that their money may be at risk. everybody is confident the system works. if you can threaten that confidence like attacking the reconciliation system, you would not have to do it for very long and you would have a major crisis. those of the kind of things that i worry about. we talk about nation states and information. they are building the tools and the tools are not necessarily locked up in a way that they could not lead to a criminal or

terrorist group. -- cannot leaked out to eight criminal or terrorist group. >> i see shimon gorman in the audience who wrote a fantastic piece on intelligence preparation in the battlefield, in this case the electric power and the like. what could the incentive be other than to map out potential targets? i put that on the table for what it's worth. >> getting back to the dhs-nsa relationship, that has to be solid. dhs needs to play in a proper role for domestic activity. with regard to insurance, i am not an insurance bureau and i don't work for financial services committee but we have talked with insurance providers on how we increase the market's ability to increase cyber insurance. the answer we usually get back as we will get there. the market will take care of

itself, they say but we have also heard that actuarial data is extremely hard to get into this area with in this issue because people are loathe to share information. there is a provision in our language regard to the charter that says information on incidents of shared with nysa will be collected and made available -- the organization to make provisions for providing that information for study and that sort of thing. will that create this insurance market? no, but hopefully it will increase -- fill that apparent need. the 80% solution -- our bill is not comprehensive and it will not solve this problem.

it does build a framework in which we can build into the future. the important thing when you hit 80% in this issue is usually 85% of critical infrastructure is under by the infrastructure and 80-90% of all cyber attacks can be taken care of. if we can incentivize improving computer hygiene across the board in the private sector through identifying risks and identifying workable standards, they can then put those in place and improve the federal information security management act and raise the level of high and across the government, we can theoretically free up some resources to go about that advanced persistent threat from those nations states so we don't have to worry about this low -buzz factor.

>> precisely my view on that. >> before we go on to open questions, two other things we have not touched on which we should put on the table. what is the supply chain? how do we deal with the fact that hardware-software is manufactured globally and we have difficulty in ascertaining and certifying the integrity of the hardware and software particularly in the work -- world of multiple mobile devices and wireless transmission? the second issue is a security dimension. next week, there will be meeting somewhere overseas on an effort to address again the question of internet governance

and how we deal with the issue of internet traffic flow and particularly should we move from the current system of icam into one where the u.n. would play a larger role in laying out the roles of the road? the chinese wanted itu to do this. in light of what we have talked about in terms of cyber security, consider what the implications are of the basic rules of the road into a domain like the united nations or a u.n. organization. that has serious economic implications for us and has

freedom implications because some countries view the ability to get anywhere globally on the internet as a bad thing and they would like to stop that and there are security dimensions. part of the challenge of this is -- this is a good start and there are so many more pieces. it is like 10-dimensions chess. >> china and russia have been focused on this approach for quite some time, i will speculate. the arms control works as trust and then verify. they may want this to show that card so they can compromise other capabilities. that would be debilitating to make economically and in national security. >> let me make a comment about information sharing. these satellite nice ideas but bureaucracies will not put information in the system. i grew up in the navy.

i had a great time. the navy's view of the world was we have our own crown forest and airships and she regular ships, why do we need the army and air force? our mental attitude was we were not cooperate with those guys because they are competing with funding we need to build ships. we went to great extremes not to participate in anything joint. the legislature led by senator goldwater said this is not right. we need a joint fighting force, not a navy and air force and an army. after years of debate, i think it took six years, goldwater- nichols was passed. the secretary of defense was against it and it passed and president reagan signed in 1986. we had a little dust-up called desert shield and desert storm.

law was passed that if you fight, you only fight in a joint force. second, if you aspire to the generals and admirals, you cannot be that until you have a joint certification. everything changed. we had the first gulf war because that was -- -- i was the first observer. it is the best thing that ever happened to to the services. it forced collaboration, information sharing, and it changed attitudes and behaviors. i think information sharing is absolutely the key. in the current draft, they don't go far enough to require it in two dimensions -- require it in law and incentivize and rewarded because you engaged in

information sharing. >> nothing like promotion paths being tied to what is here. >> in the department of defense, you cannot be ended admiral are generally less you are certified in joint warfare. >> we've got time for each few questions. please identify yourself before your question. you heard a lot about the backbones and telecommunications in particular. where do you guys sit on some of these issues? >> thank you for putting me on the spot. thanks for your current service, gentlemen. it is important we all collaborate. we own and operate quite a lot

of infrastructure at verizon and sharing with the government is important. this is the focus that we need to move forward. the role of government at setting the example i think is key. the government is a critical infrastructure just as the power sector and as chemicals and electric. we need the government in this game as a player and a pier and an equal not just as a regulator or overseer. we also need to think in terms of the law enforcementangle. much of what we see is criminal in nature. criminal aspects is what we fight with. we need law enforcement, we need crime-prevention and that kind of emphasis as much as we need the national security espionage. i would like to see additional

talk there and thank you for the opportunity. >> does anybody want to respond? >> that makes the point i have tried to make earlier which is it is not just one problem. there is a lot of criminality like fraud. one thing to avoid doing this for every agency to take a particular problems that happen to fit its skill set and make that would cyber security is about. it is not. you cut everything from full- scale land war to making sure you can walk down the street without getting mud and you have to look at this as an entire spectrum. >> i think you are right about the government needed to be a better partner. we talked to a lot of folks in the private sector who have been breached or had some sort of cyber incident and that have called the government and were

looking for help. the response that god has never been one that has been adequate weather in n thissa, dhs, fbi, it is never what the private sector is looking at. i agree with the three pillars of legislation but the fourth is that the government has to get better and we're looking at things likefisma reform that will allow for hiring or more qualified and competitive candidates, not just entities do dd and nsa that have those stories and can do that. there needs to be a domestic center of expertise. they don't have that expertise right now to realize that so i think that is important. on the criminal stuff, we hope to add additional pieces to the legislation as we get to the floor and have an amendment process. the criminal code proposals from the get ministration are

ones we view as very important and we hope to add them to the base bill and there is some sort of minor disagreement between the chairman and ranking member that we should be able to work out. i am hopeful we can add that these and may be some additional pieces on law enforcement side which is important. >> when you ask that you lead by example? >> both of our bills have provisions that allow the sharing of threat information that pertains to a crime that is a happening, about to happen, or is happening to law enforcement and that is a delicate balance. that is something we want to continue to work on. you have some similar provisions? >> we have a similar provision but not exactly the same. the house process is a bit more fragmented.

the task force had members from nine different committees and we only represent two of those committees. there'll be other action by other committees. there'll be oversight and government reform and other committees will probably operate within their jurisdiction as well. >> i would like to offer a quick comment on government activity. i have a high regard for the government work force having observed it over the years. when it is specific what their mission is, they will do it well. anywhere, anytime war or rescue globally, you called we ,haul. that is the whole mind-set. when it is a specific mission of the agency and you are rewarded in the performance of the mission, you will do

exceptional work. we have to grapple with the agencies having information sharing or cooperation of the private sector. nsa is frightened to death of ever crossing an alliance that migrate to the private sector. they are not authorized to do so so what they see something coming in today's contest, they are authorized to write a report. then they will call a meeting and start to discuss. how'd we get to the point of

moving at the speed with which we need to move as a specific mission of these players? >> wait for the microphone. it's coming. >> by mac your fellow here. -- i am a senior fellow here. one thing that's paris in the cold war was having a doctrine. -- one thing that spare us and the cold war was having a doctrine. looking forward, are we in the process of developing some kind of doctrine that approaches enforcement, international or domestic use of cyber? having a doctrine during the cold war helped us and i don't think i am seeing that right now about your observation is exactly right. we don't.

>> there is something impressive about a mushroom cloud. in the early 1950's, we had a we determined our doctrine for nuclear policy. there are many aspects of that in the context of doctrine in -- and the military service. we have not had the debate onit is so insidious, it has crept up on us. it is not broadly understood the magnitude of this issue in terms of how dependent we are of

infrastructure. my own view is that we will do the things we are doing and we have these in formed public discussions and debates but a function will come and we will have something that will cause is to galvanize like 9/11 cause us to focus on terrorism. remember a cole bombing in the 1990's. we've made a policy decision to interpret that bombing in yemen as a crime. we reacted to it as a criminal activity. how shall we react to the chinese capturing the research and development of a company that maybe has invested $1 billion to develop a new technique? is that a violation of law or a national security issue and we have not had that debate yet.

>> in the cold war, the nuclear bomb issue was remote for most people. it would affect the month there were war but there were not involved on a day-to-day basis. this problem as intimate to everybody and when you discuss the doctrine, what you do it touches everyone from the most sophisticated actress to the kid at home on his pc so people become more alarmed about it. it does not mean that we don't have to do it. we have to sit down and the right way to do it is to figure out the doctrine first and build the legal authorities around the doctrine that permits you to do what you decide to do. >> powerful and well said. i don't think we can answer concretely what an act of war in cyberspace is.

half there is a lot of strategy. >> we don't have a declaratory policy about what we would do. >> i think it is important to distinguish what we can accomplish through legislation and what we cannot. in this case, doctrine and strategy are not ones we can answer in legislation. i will say that those questions have been of very intense interest within congress and we're working very hard to try to move forward with in the executive branch to answering those questions. an example is when general alexander was up for his nomination as commander of central command, the armed services committee slowed down his nomination after he and the department would answer a whole range of questions including giving answers about what cyber

warfare is and what deterrent is in this context and whether we should be looking at a declaratory policy. we are working very much to push the executive branch for but those answers have to come from the executive branch. >> we have time for two more quick questions. we want a student to be able to escape question. any students? havechavon first in the back. -- we haveshavon first in the back. >> i am with "the wall street journal." i want to get more reaction on the panel because of the comment that admiral mcconnell when he said why can't you to nsa scanned a domestic network formalware?

given that this panel looked at this questions and have come up with a different solution, what is your take on that suggestion? it is very direct. >> i think the answer is that it needs to be a sophisticated approach that recognizes that there is a lot of different types of activity we need to be involved in in many different ways for agencies to be involved. there will not be a clear authority within the nsa to take ownership. they can lend their expertise and resources and technology todhs and the private sector on

a voluntary basis. that is problematic because it is voluntary. it is a matter of going back and walking the balance between those three poles of security, business concerns, and civil liberties. this is an area where the balance is particularly important. we have looked really closely at defining what is content and what is not for the purpose of information sharing. eventually, we moved away from making that distinction because there are a lot of things that straddle that line are not easily defined as either content or non-content. we may want to track ip addresses for the purpose of on covering a botnet network. we are not rated e-mails but an ip address is considered confidential -- confidential. given the changes within the

networks to the technology, the types of information and how they might be categorized change as well. we try to stay away from making that distinction. i think there is an important role for nsa and we need to be created to harness that as we move forward. >> no questions nsa has a unique role. theon't want to trigger privacy and civil liberties issue. if nsa goes overseas and collect that information and gives that two people domestically and they can use it operational but they can protect folks. verizon has capability when it comes to their network but they need more threat information. >> anyone else?

>> i agree with that and the intent of the bill is to harness the capabilities n capabilitiessa. it is also a testament that senator rockefeller and senator ryan -- feinstein -- we have had many debates on the issue in the outcome is that it should be within the secretary of homeland security's jurisdiction to be the prime facilitator. i think that is a testament to quite a lot of discussion and debate. >> there is a method for getting nsa support and it has been used for years when the fbi needs a level of sophistication. they just submit the request and it gets approved by the attorney general. this could have a with nsa support to dhs. we don't have to wrestle for

that issue. how we capture and codify is a way would you don't have a choice, you have to do the things that are necessary to provide an adequate level of protection in this country. >> last question -- >> one of the things we have seen over the years is that the government has been very resistant to sharing information. on the issues of classification, we have seen issue after issue get classified simply because the government knows it. sources and methods have been debated for years. taking that as and putting them out so people can defend

themselves against and also raises the bar makes people have to use more sophisticated equipment and they've got to pull all their tools out of the tool box. we can back off from all the classification issues, we can get a long way down the road. they fix this problem significantly in canada and other countries where theisp's are required to blockmalware so they have reduced the significant issues. one of the other things we have seen is that from my standpoint of the government, we have never policy in this country. when we had the year of the spy, the response of the government was to create an attorney general and in national security, we created a national security division and then court -- and then we created courts. why don't we have an economic security assistant attorney general and that some mechanism for cyber security where we

start using economic sanctions against china and russia even though they are a lot of our debt. they are going to be attacking us, let's use the sanctions against them. i would like to see if thought process of how we get beyond some of those barriers and change the mentality so that we can focus on these things and get the structure in a place where we need to address these issues them up very quickly -- lightning round of -- >> i don't think we should have about an industrial policy of winners and losers. this goes beyond cyber we have lagged behind the chinese. we are not strategic and a broad sense about our security

including economic security. china identifies where the resources are and invest money sometimes in ways we say are illegal but is in the service of a greater vision about protecting their economic base. we are at best intermittent and that is a broader issue than cyber security and goes to the heart of what the government should be doing from an economic and national-security standpoint. >> it is not just china but iran and there are others who have other asymmetric means that may not have the same calculus. i will ask that last lightning round -- it has been said that political forecasting has made astrology acceptable. it is a political year. the bills are there and what will get passed? real fast. [laughter]

>> good job. >> i'm a big fan of the rogers bill. a number of committees are still doing work. there is a lot of gear is a motion in the senate as well. >> nick -- >> i think we expect and hope our bill or form the basis of the upcoming senate and debate. we look forward to negotiate with others who have different ideas. there are lots of things that folks can agree on but we think what ever passes needs to be bipartisan and have some protections for critical infrastructure. >> i think we are really encouraged that we seek common ground between the house and senate and that is a good sign. the way we are working on this in the senate is we will come

to the floor and have a fair amendment process where everyone has a chance to offer amendments that will allow us to figure out where the majority of the senate really is. with that process, there is no reason we cannot pass the bill. >> last quick word -- >> i think there are potentially other bills coming out and we encourage them. >> thank you, before we thank our many panelists, i think recovered an awful lot of territory and let me say a quick thanks to my staff who always do the heavy lifting. thank you for making this happen and thank you to all of you. [applause] [captioning performed by [captions copyright national cable satellite corp. 2012] >>

>> the national governors' association is meeting in washington d.c. this afternoon. the session will look at the national guard. the chief of the national guard bureau and the department of defense and a member of the joint chiefs -- live coverage resumes at 2:30 p.m. today, eastern, right here on c-span. a little later on this afternoon, more of our presidential primary coverage. ron paul will be speaking to small business owners of jobs in the economy. that is from michigan at 4:00 p.m. newt gingrich speaking on god

and country is coming to us and we will have that live for you at 6:00 p.m. here on c-span . >> we get started because there are a lot of conservative thinkers that work across issues. there had been no progress of organization before us that works on economic policy. >> the president and the ceo of the center for american progress on the mission of the washington, d.c.-based think tank . >> we think there is an ideology behind a particular argument that is made in washington with very little facts behind them. part of our job is, you know, to make the argument and the effect will argument and the evidence based argument behind their views. when the facts do not argue for our position, we examine the position because, you know, we

believe the most important thing is to be right about what your views are. >> a look at the center for american progress tonight at the eastern and pacific on c-span's "q. and a.." >> now rehearing on women's health and contraception. the house democratic committee hears from georgetown university law student --. she was not permitted to testify last week. this is a little more than one hour. >> our meeting will come to order. this is a hearing of the steering and policy committee of the house democrats.

is my honor to be here with our ranking member on the government reform committee of the house of representatives, congressman elijah cummings, a senior member of the committee, congresswoman carolyn maloney and congresswoman eleanor holmes norton. we are gathered here today with a very special guest, ms. sandra fluke. first, i want to say that the purpose of this meeting is one that i wish that did not exist. i wish in the hearing that was held last week, the republican majority on the house oversight and government reform committee would have heard from sandra fluke instead of hearing a panel of five men. our colleague, congresswoman malachy put it best, asking

where are the women? in this debate, nothing could be more critical than hearing the voices of our nation's women and democrats are prepared to hear from a single witness today, are georgetown law student sandra fluke to be before our committee. she was summoned before the panel that was summoned last week but the republicans did not want to hear from her. we do today. we are proud to bring sandra before our steering and policy committee to deliver the testimony she was denied last week to stand firm and the cause of women's health, to a lot longer be held silent for its center is a bold and passionate leader for young women and all women at georgetown and across the country. she understands that this issue we are discussing is a matter of women's health, plain and simple. she has said of the fun lies in

this debate at georgetown university law and dedicated her time and energy to the battle of human trafficking and domestic issues and served as those of president and secretary of georgetown law students for reproductive justice. she will continue to serve women and our committee as a leader in the field of public law. it is important as i yield to the distinguished ranking member to inform you, sandra, that following a rejection by the republicans from the panel which the democrats had suggested you as their witness, that we have heard from over 300,000 people saying that we want women's voices to be heard in the subject of women's health and urging the republican leadership to make sure that that happens. having no reason to believe that they will, we're having our own hearing today.

i know you will persuade them with your testimony. with that, i thank you for joining us today and yield to the distinguished ranking member, mr. cummings and thank him for his leadership and the important role he played in last week's hearing. >> thank you very much, madam leader, for most of today's event and thank-you ms. fluke for coming here and giving the testimony you're banned from giving last week. when german issa rejected your testimony, he argued that the hearing was not about contraceptives and was not about women's reproductive rights. he said you are "a college student who appears to have become energized over this issue" and that you are not "appropriate or qualified" to testify and you did not have "the appropriate credentials." obviously, everyone on this panel disagrees with him. as i listened to the chairman try to explain his position, i looked out on a panel of man.

i could not help but wonder what credentials they had to talk about the importance of a bill to the lives of women. in my opinion, the chairman committed a massive injustice by trying to pretend that the views of millions of women across the country are irrelevant to this debate and that is what really offends people. even if they did not agree with you, that is no reason to silence you. that is no reason to deny you a voice in the debate or literally a seat at the table. i thank you for coming here today to finally give the other side, the side of millions of women across the country who want safe and affordable coverage for basic preventive health care including contraceptives. i look forward to hearing from you today.

let me add that i fully understand the religious component of this debate. my mother is a strong and independent woman who commands respect. she is also a woman of faith and has been an independent pastor in a small pentecostal church in baltimore for all of my life. i understand the importance of this issue to all women including women of faith. that is why i commend the administration for the accommodation it made to allow women working at religiously- affiliated organizations to obtain coverage for contraceptives through their health insurance companies to unfortunately, last week, completely one-sided hearing, was not an isolated incident. right now, a nationwide campaign is being conducted at both the state and federal levels to outlaw many forms of commonly used contraceptives. these efforts include legislation and ballot

initiatives in multiple states as well as legislation proposed right here in the house of intended to outlaw the bill as well as other forms of contraceptives such as iud's. the so-called morality legislation is intended to permit any employer including for-profit sectors of companies to deny insurance coverage for contraceptives that are contrary to their religious beliefs or even broadly to any of their moral convictions. under this legislation, a ceo could decide to ban coverage of employees and could deny coverage for routine prenatal care. he could deny coverage for prescribes iu8d's in the name of undefined moral convictions. madam later, i am obviously not a woman. i cannot fully understand how central this issue is to the lives of millions of women across this country.

i am here today to support their right to exercise control over their lives and their bodies and to make sure that they are never, ever, never, ever denied a voice in this debate. and with that i yield back. >> i thank you, ranking member, for your strong statement that i am pleased to yield to rep carolyn maloney. sandra a fluke is here today. >> thank you, leader pelosi for bringing sandra to this committee and your commitment to these issues that are so important to tens of millions of women and men across our country. when i took my seat at the hearing last week and i looked out of the panel, i could not help, but help " what is wrong with this picture?" there was not one single woman on that first panel, not one,

even though we were there to talk about the needs of tens of millions of american women to have access to insurance for preventive health care including reproductive rights, including contraception. the only freedom that was being debated was the freedom to tell women that they would not have access to family planning. what is wrong with that picture? we should not need to remind our colleagues that 100% of those who can have their health damaged by an unplanned pregnancy are women. 100% of those who die from complications related to pregnancy are women. one other% of those who give birth and plan their families are women. but, 100% of those on the first

panel talking about the access to family planning, the ability to plan and space your children, and preventive health care, there was not one single woman on. that on what is wrong with this picture? we see all too often in congress in state houses and in the super-pacs that are dominating the debate on the airwaves that those who would take a woman's right to choose, those who compel a woman to undergo medical procedures or she does not want or need, those who would introduce a bill on the house floor to allow hospitals to deny pregnant women light-saving care are men. what is wrong with that picture? everything. ." thank you very much. i am pleased to yield to the

representative of the district of columbia who is fighting to have a full vote on the floor of the house but she has a full voice and every subject and takes leadership, congressman eleanor holmes norton. >> thank you very much. i have a vote in this committee and i call for a vote when our witness, sandra, was excluded. it is important to remember how they hearing occurred in the first place. the hearing arose out of a controversy that had two sides, two compelling sides -- religious liberty and reproductive freedom. by the time the hearing had been called, we are fortunate that the administration had worked a compromise that in fact

allows women to receive their contraceptive insurance while at the same time recognizing the religious concerns of religiously-affiliated organizations such as universities and hospitals who, under the accommodation, do not have to pay at all for contraceptives which are now to be received through the insurance company and have no involvement with contraceptives. this is very important to bear in mind because in my more than 20 years in the house of representatives, i have seldom seen a compromise that worked out an issue of such importance to both sides as favorably as this compromise did.

the committee appeared to want to exploit the religious side of the issue by excluding the only witness that the democrats requested. sandra fluke was essentially defined out of last week's hearing. in defining her out of the hearing and having a hearing about only one side of a clearly two-sided issue, the majority managed to define out most american women. the silent majority represented by sandra fluke was not at the table last week. i am pleased, madam leader, that you have convened a series of the concerns of women can be

heard through their representative, sandra fluke this morning that i thank you very much and i know that when we get to the question and answer, we will get to other aspects of this. >> for example, at that time, the minority is entitled to a witness at a hearing. would you tell us, mr. cummings -- >> what happened was that we asked for two witnesses. it was miss fluke and a gentleman and the majority, chairman issa said we could only have one and we said we want ms.fluke. they said no. we have already said we would not accept the gentleman and we only wanted her so we were denied entry. we then wrote a letter saying would you please reconsider.

they said no. >> here we are gathered today and thank you for fighting the fight, in this room which we are happy to have a room but the leadership told us that we could not have a house recording studio and take this public so we thank the members of the press who are here for their resourcefulness with the technology to get the message from this room out which has been barred by the republican majority. it is amazing what legs they will go to so that they don't have to listen to the voices of women for it we are honored that you are here. thank you for your courage. please proceed with your testimony as you wish, miss sandra fluke. >> good morning, and thank you

for calling this hearing on women's health and for allowing me to testify on behalf of the women who will benefit from the accord affordable care act contraception. i'm a third-year student at georgetown law school and i am also a past president of georgetown law students for reproductive justice. i would like to acknowledge my fellow members and allies and all of the student activists with us and thank them so much for being here today. [applause] we, as george town lsrj, are grateful that this represents the nonpartisan medical advice of the institute of medicine. i attended just with law school but does not provide contraceptive coverage in the student's health plan. as restaurants have faced financial, emotional, and medical burdens as a result, employees at religiously

affiliated hospitals and universities across the country has suffered similar burdens. we are all grateful for the new regulation that will meet the critical health care needs of so many women. the recently announced adjustment addresses any potential conflict with their religious identity of catholic and jesuits institutions. when i look around on campus, i see the faces of the women affected by this lack of contraceptive coverage. especially in the last week, i have heard more and more of their stories. on a daily basis, a year from yet another woman from georgetown or other school or who works for another religiously-affiliated employer and they say they have suffered financially, emotionally, and i am here to share their voices and i want to thank you for allowing them, not me, to be heard. without insurance coverage,

contraception, as you know, can cost a woman over $3,000 during law school. for many students on public- interest scholarships, that is practically an entire summer salary. 40% of the female students at george dunlop reported to was that they struggle financially as a result of this policy. one told us of our embarrassed and powerless she felt when she was standing at the pharmacy counter and learned for the first time that contraception was not covered under insurance and she had to turn and walk away because she could not afford that prescription. women like her have no choice but to go without contraception. just last week, a married female student told me that she had to stop using contraception because she and her husband could not fit into their budget anymore. women employed in low-wage jobs about contraceptive coverage face the same choice. some might respond that contraception is acceptable and

lots of other ways. unfortunately, that is not true. women's health clinics provide a vital medical service but as has been documented, these clinics are unable to meet the pressing demand for these services. clinics are closing and women are being forced to go without medical care they need. how can congress consider the legislation that would allow even more employers and institutions to refuse contraception coverage and responded that the nonprofit clinics should step up to take care of the resulting medical crisis particularly when so many legislators are attempting to de-fund a dozen clinics? these denials of contraceptive coverage impact real people. in the worst cases, women and made his medication for other medical reasons suffer dire consequences. a friend of mine, for example, has pauli cystic ovarian central manchester take prescription birth control to

stop assessed from growing on her ovaries. her prescription is technically covered by georgetown insurance because it is not intended to prevent pregnancy. unfortunately, under many religious institutions, it wouldn't pay. there would be no exception for other medical needs and under the amendments and the bill, there is no requirement that correct such an exception be made for these medical needs. when this exception does exist, they don't accomplish their goals because when you let university administrators or other employers rather than women and their doctors dictate his medical needs are legitimate and whose are not, a woman's health takes a backseat to a bureaucracy focused on police and her body. in 65% of the cases at our school, the mouse students were interrogated by insurance representatives and university

staff about why they needed prescriptions and whether they were lying about their symptoms. for my friend and 20% of the women in her situation, she never got the insurance company to cover prescription despite verification of her illness from her doctor. her claim was denied repeatedly on the assumption that she really wanted birth control to prevent pregnancy. she is gay so clearly p,olysystic ovarian syndrome was much more of a priority for our breath after paying $100 out of pocket, she just could not afford her dedication and more and she had to stop taking it. i learned about all of this when i walked out of a test and got a message from her that in the middle of the night, in her final exams period she had been in the emergency room in excruciating pain. she wrote to me that it was so painful i woke up thinking i

had been shot. without her taking the birth control, ms of acyst the size of a tennis ball and run on her coat over yet you had to have surgery to remove her ovary as a result. on the morning i was scheduled to give this testimony, she was sitting in a doctor's office trying to cope with the consequences of this medical catastrophe. shee last year's surgery, has been experiencing night sweats and weight gain and other symptoms of early menopause as a result of the removal of her ovary. she is 32 years old. as she put it, if my body indeed does enter early menopause, no fertility specialist in the world will be able to help me at my own children. i will let no choice of giving my mother heard desperately desired grandbabies simply because the insurance policy that i paid for totally on subsidized by moscow would not cover my prescription for board

control when i needed it. in addition to potentially facing the health complications that come with having menopause as such an early age, increased risk of cancer, heart disease, osteoporosis, she may never be able to conceive a child. some may say that her tragic story is rare. it is not. i wish it were. one woman told us that doctors believe she has endometriosis but that cannot be proven without surgery so the insurance has not been willing to cover her medication, the contraception she needs to treat the condition. recently, another woman told me that it also has the same syndrome and is struggling to pay for the medication. due to the barriers erected by the jurors don't policy, she has not been reimbursed for medication since last august. i sincerely pray that we don't have to wait until she loses an

ovary or is diagnosed with cancer before her needs and the needs of all of these women are taken seriously. this is the masses that not requiring coverage of contraception sanskrit a woman's reproductive health care is not a priority. one woman told us she knew birth control is not covered on the insurance and she assumed that is how georgetown's insurance handled all the reproductive and sexual health care for women. when she was raped, she did not go to the doctor even to be examined or tested for sexually transmitted infections because she thought insurance was not going to cover something like that, something that was related to women's reproductive health. as one of arrested and put it," this policy communicates to female students that our school does not understand our need." these are not feeling is that male fellow students experience and they're not burdens that

melted and must show. in the media lately, some conservative catholic organizations have been asking what did we expect when we enrolled at a catholic school. we can only after that we expected women to be treated equally, to not have our school create untenable burdens that impede our academic success. we expected that our schools would live up to the jessup would create cura personlais, to care for the whole person, to meet our medical needs. when we told our universe is of the problems this policy creative process students that they would help us. we expected that when 94% of students opposing the policy, a university with respect our choices regarding insurance students pay for completely not subsidized by the university very we did not expect that women would be told in the national media that we should have gone to school elsewhere and even if that meant going to a less-prestigious university.

we refuse to pick between a quality education and our health and we resent that in the 21st century, and one thinks it is acceptable to ask us to make this choice simply because we are women. many of the women whose stories i have shared today are catholic women so ours is not a war against the church. it is a struggle for access to the health care we need. the president of the association of just what colleges has said that just would colleges and universities appreciate the modifications of the rule announced recently. religious concerns are addressed and women get the health care they need. i sincerely hope that is something we can all agree upon. thank you very much. [applause]

>> thank you very much. that was outstanding. let me say from the outset that there are a lot of us men who were consulted when we saw that. i just want to make it clear. thank you for your testimony. you said something but one of the things you talked about was the cost of contraceptives. you said you think it could cost over loss school career $3,000? >> yes. >> many people assume that there are alternatives if you cannot get it through your insurance. can you talk about that? >> of course, i think it is especially important in today's economy -- many families are

struggling with the cost of health care and so many parts of the affordable care act will help especially this regulation. as i discussed, there was a study recently entitled "recesession taking its toll, toll." compacti think it clearly demonstrates that these clinics have to cut back their hours, lay off staff, close their doors, and so the safety net that women have relied on in the past is not there. >> i take it they end up doing without. >> absolutely, that is what many women have shared with me. >> chairman issa said you were a college student that has appeared to become energized over this issue and you were not appropriate or qualified to testify and you do not have the appropriate credentials to

appear before the committee last thursday. what was your reaction when you heard this statement about not being qualified? along lahore>> i will confirm that i was energized, yes. [laughter] [applause] connacht's behind me, many women in this issue. yes, that part was correct. in terms of whether or not i was an appropriate witness, i felt insulted not for myself but for the women i wanted to represent, the women whose stories i wanted to convey to the committee and the women whose voices were silenced that day. i have heard some people point out that there were two women on the less primary panel that day and that is correct but they're not women who were there

to represent the women affected by this policy. that matters because this is not just about demographics. is about the voices of the women affected by this policy. >> you certainly speak for me and i think chairman issa did not understand why we want you to appear because we were looking for someone to speak for women who want safe and affordable coverage for their basic preventive health care including contraceptives. for the benefit of those who may not understand, can you describe your qualifications for testify about the restrictions on insurance coverage for contraceptives? >> heineman american woman who uses contraception. that makes me qualified to talk to my elected officials about my health care needs. beyond that, i will say that i, along with the other members of students for reproductive justice at georgetown and so

many other activists have been looking at this for years and we have followed the regulations very closely and the legislation and we have done studies on our campus document and the needs of women. this is something we take very and seriously and we have studied for quite some time. >> as i noted in my opening, there is currently a nationwide campaign at the state and federal levels not only to restrict insurance coverage but in some instances, outlaw many forms of commonly used contraceptives. if those efforts are successful and prohibit commonly used contraceptives commonly iud's and some form of the bill, it would roll back the clock for women across the country. can you describe the impact would be on you and your classmates? >> for millions of women, it would be an increase in the number of people who have the medical complications i have been talking about today. one woman came to me recently since this happened and

described that teenage contraception to prevent seizures. she has several seizures per month that she does not have contraception to balance her hormones. that is just an incredible intrusion on her life and her ability to manage her daily affairs issue does that have access to that medical prescription. that is one of the huge impact. another impact that is important that we think about is that contraception when it first became available was a revolution in this country and allowed women to enter employment and educational opportunities that had previously not been accessible because they were unable to control their reproduction in the samurai. i cannot imagine rolling back the clock on that progress. very much. i think you have done a great service for many, many women and men, by the way. >> i hope so and i can tell you

that my male partner is certainly one of those men who is supportive of this policy. there are many others out there like him. >> i thank you for bringing a picture worth a million words. [inaudible] first of all, thank you very much for being here today and thank you for really being quite courageous and standing up and speaking out. this photograph, you are in this photograph. do you see yourself? >> i am right behind that man's head. [laughter] >> and you are waiting to testify. i would like to _ part of the statement the ranking member cummings made in that you were

they selected democratic witness for the panel and, according to the roles of the house of representatives, we are entitled to select our representative on the panel. i was somewhat taken aback by the fact that even when eleanor and allies and i were arguing that our witness should join the panel that chairman issa said you were not qualified. i would venture to say that any woman is more qualified to talk about women's health needs across america than any man. again, i said what is wrong with that picture as it pertains in the hearing and i would say in basic policy. can you think of what was in his head when he said that?

i know you are qualified for it i know you are speaking for tens of millions of women across this country. can you think of any reason why he would be so adamant that your voice should not be heard? >> unfortunately, chairman issa's head is somewhere i don't want to go. [laughter] what i have learned from this experience is they say knowledge is power and evidently the knowledge of how this regulation will benefit millions of lives of women's is very powerful and i believe to some it is evidently very threatening. >> let's look at the rule. i see it as very balanced, thoughtful, and fair both to religion, to women, to society as a whole. under the administration's announced common sense accommodation, churches do not

have to provide insurance coverage for contraceptives for their church or their synagogue or their religious establishment. and women who work at non- profit religious entities that serve a greater american public such as hospitals and universities can obtain coverage directly not from any religious institution bought from insurance companies. to me, the hearing was about women's rights and insurance companies and their right to obtain this coverage from insurance companies. in your testimony, you touched on the fairness aspect of this and equal opportunity aspect of it. why should one woman working for one university have access to reproductive health care but

a woman working for another university not have it? it is a basic fairness and equality aspect. i compliment you for bringing out the examples of young women and a multitude of ways that family planning, birth control, medications help women with other medical challenges. i appreciate your bringing that out. i know that many people may be coming to you. the reaction that leader pelosi gave to her letter, over 300,000 men and women responded across this country, saying that this common-sense approach is appropriate and fair and equal and that women should have a voice at the table. >> yes, i cannot say i have heard from that many when men

and women but i have heard from many, many women thanking me for talking about this and saying how important this regulation will be to them. one woman who spoke on sunday, she and her husband told me about a nietzsche as for contraception. -- . needed that she had before contraception. they recently had their first child and it has been a few months and since she gave birth, her obstetrician recommends that she take contraception following the birth of that child because, for her as a mother and for any potential child and i carry in the future, it would be very medically dangerous for her to become pregnant again too soon. that is an important medical concern and that pilots something because this woman is 30-years old, married, and she is having children.

we should not be judging any of these women's choices about their health care needs. in the case of this woman, she is doing everything she is being asked to by some conservative voices and yet, she still cannot get access to contraceptives because that is a purpose that prevents pregnancy and even that women is being denied the health care she needs. for me, it highlights that some of the issues that have been brought up are blurring what is really at stake here. this is about, for our opponents, this is about limiting women's access to health care and that is why this cannot occur. >> thanks for your testimony. my time has expired and thank you for pointing out the other needs for contraceptives and one that is a basic need is the planning and spacing for your children to ensure your own health to be able to have future children protected very much for

your testimony. >> thank you. >> congresswoman maloney , i thank you for your leadership for the ongoing and coming down during the break from her district in new york to be here, indicating the importance this issue has always been for her. thank you and to our local representative of national significance, congresswoman eleanor holmes norton. >> i am pleased to represent ms. fluke when she is in washington. what year are you at georgetown? >> i may third year student and i will graduate in may. >> you are about to graduate from law school. let me put a question to you. the information that your testimony reveals today made your appearance at that hearing we had last thursday even more

important. it was new information. when most americans think about contraceptives, they think about their own lives and how they are related. they do not have the kind of information you brought forward this morning. i want to thank you very much for putting that information at least on our record and a record of american families. i think we needed to hear it. it is important to remember that we are accustomed to the fact that women live longer today. i wonder if we understand that that is a 20th-century phenomenon. if you were to go into the graveyard of america, you would be quite amazed with the headstones that speak of the lives of women who typically

died earlier than men until the 20th century and fairly far along in the 20th century, at that, from childbirth and its complications. understand what we're talking about and how serious this issue is. the affordable child care act, of course, now covers contraceptives. it is important to also understand that before the affordable child care act, you could have a policy and while every other part of -- if you go to the hospital where most things having to your health are covered and the insurance companies often did not cover contraceptive health care. incase you think that is

something that should be understood, the cost of contraceptives you had something to say about. let me remind everyone that the notion of covering all of what it tends to reproductive health is in itself fairly new. i had two children. there were born in the 1970's. my family paid almost all of the cost of bearing those two children in a hospital. as recently as the 1970's, insurance companies paid a tiny portion of the cost of a normal childbirth in an ordinary hospital. not until regulations and law chanin