council on internet security. speakers include the foreign director who says that recently revealed data collection programs are not new and those who leaked information about the programs should be punished. he is cochair. >> good afternoon. i am the director of the task force program. it is my pleasure to welcome you to this special event to release the reports on u.s. policy in the digital age. i hope you have all picked up a copy. let me take care of a few housekeeping items firstel. -- first.

the question and answer period all on the record. refrain from leaving early, if you can. turn off all devices and anything that makes sound and if you would like to use another eletronic device you can do so outside of the room. when you are called upon to ask a question, following the usual procedures, please, stand up and identify yourself. i want to say a few quick words about the task force program. it is chaired by john negroponte and sam palmisano and directed by senior fellow adam segal. cyber issues have dominated the news headlines recently, and this task force has met over the course of the year to consider the broad ranges of challenges and opportunities. task forces, as we all know, are bipartisan and independent. cfr takes note institutional-- no institutional position. task force members are responsible for the content of their reports and each member participates to his or own capacity. they are consensus documents, meaning the members endorsed the general policy thrust of the

judgments reached by the group, but not necessarily every finding a recommendation. task force members are listed on the back of the report, and we thank them for contributions. a number of them have joined us today. we have bob, eugene, thank you for being with us today. many others, of course, were instrumental and i thank all of those who contributed, and especially our hard-working staff. i am pleased to turn things over to tom from npr who will guide our discussion today. >> i am a national security correspondent at npr, and i do a lot of reporting on issues in the cyber domain. so it is a privilege for me to be able to moderate this discussion today and to help introduce this important report. you know, i have been to a lot of these cfr meetings and i usually get stuck way in the

back. one of the special privileges of being moderator is you get really a friend and seat.-- a front-end seat. it has become a cliche to say how revolutionary the development of the internet has been, how it has transformed communications, political organizations, crime, intelligence gathering, and even war fighting. the development has occurred so fast that governments, lawmaking, our institutions have not had time to adapt to it. this lag, this developmental lag has been exaggerated by the very decentralized nature of the internet. it hasn't needed any superstructure to evolve. but a technology this power --tracted the attention to this powerful attracts the attention of legislators,

government, especially those who are authoritarian, and it makes it urgent we think carefully about how to defend the internet. we are at this critical moment, and the council on foreign relations should be commended for focusing on this issue at this time. speaking of this time, i mention for the benefit of my fellow journalists and for people watching on c-span and for those in the room, i am going to make sure we at least touch on some of the current news, ranging from edward snowden's revelations, to the u.s.-china summit that just concluded in california, both of which raise issues relevant to the material we are discussing today. you are familiar with the co- chairs -- john negroponte, one of the most distinguished records of public service in america today, i think in ambassador to the united nations, director of national intelligence and deputy secretary of state, and sam palmisano know something about the technology world, having served as chairman of ibm, and i just found out today sam has

been over the course of his career to china 35 times. so, he can lend a lot of expertise when the issue of china comes up. we have adam siegel, director of this task force. he is one of my own go to sources for all things related to china and cyber issues generally. welcome to all of you. i would like to begin with each of you sharing your favorite point that you have taken away from your deliberations on this task force. one point that you would like to especially drive home to this audience with respect to this task force. >> i think the most important thing i took away from the task force is the origin -- what the origins of the history of the internet are and how it in many ways applies to the future.

the internet itself is open and collaborative as the technology. most technologies, if you look at their origins, got created by an individual company and the government got involved. ibm, the mainframe, microsoft, it happens model, etc. a lot in technology. the importance of the internet is it is open, collaborative. academia, agencies, industry work together. there are informal groups on standards and compliance and the like, and everyone complies with it. i do mention that because, as the task force recommends, to try to defend the model, the key to defend the model is open dialogue and collaboration. if you shut down the dialogue and collaboration, you are running the risk of vulcanizing. -- balkanizing this wonderful

technology. there is tradeoff. but the task force came to the conclusion that we need bodies to steer but not necessarily overcontrol. >> ambassador negroponte? >> i guess one of my takeaways this exercise is i reflected on the different challenges we face in defending the internet. i think this is a great title, by the way. we got that kind of feedback from others we visited around town. is that however technical and scientific the internet may be, that in the end, geopolitics also has quite a bit to do with all of this, and that some of the problems -- in fact, all of these topics -- open, global, secure, and resilient -- have a political and international dimension to them, not the least of which the subject you promise to come back to later on.

i guess that would be my main observation. there is a significant international and geopolitical dimension to this. >> a very powerful technology. >> after struggling over all the recommendations, i will take the view of the parents, which is that i love all equally. [laughter] but i will say, what i think is most interesting for the report and for the task force and the council more broadly is that there are lots of players that came up in the writing of the report that the council normally doesn't ache about.-- think about. private companies, we talk about. individual users, users and other countries. --k tanks and other countries think tanks and other countries helping shape the internet there

think tanks in other countries. an age -- we were underrepresented in the taskforce, but anyone between the ages of 20-30. the main shapers of the task force, of the internet and moving forward. how do we rethink what traditionally for the council has been a simple problem of food we talk to? -- who we talk to? the ministry of foreign relations? the ministry of defense? how do we think about how we address these new constituencies and how do we think about how most of the users coming on will be in developing countries, how do we reach out to them? >> i would like to unite some of the points you all made. one of the promises it seems of your report is that we can defend the internet. sam, as you said, this was a technology that originated in an open system. it originated in the united states. u.s. agencies had a tremendous amount to do with it. now given its power and its reach, is it presumptuous for you to think that we here in the united states can devise policies that are going to

defend the internet? we are now talking about something a tremendous geopolitical ramifications, as ambassador negroponte says. >> you need a role in the defense of the internet. who can lead? one thing we recommend -- because you will be one of many members participating, just as we do on the engineering side -- so, if you are going to be credible -- drawing analogies with engineering -- if you are not capable of engineering it is hard for you to have a role in this band or two of the-- the participation of standards or the evolution of standards. so, if you are a government, if you are not credible, it will be hard for you to lead or to convene people who think your way to have influence. therefore -- and we recommend this -- if the united states wants to assume a role of

leadership, it has to lead itself first before it worries about leading the rest of the world. there were lots of recommendations in the task force about what we should be doing here domestically to take care of our own role and then hopefully convince, cajole, persuade, countries and leadership that think the way we think, that align with our interests, to come along with us. i think it would be very, very difficult in today's environment, given the nature of just the technology itself, for anyone to control it. it is just pervasive now. it really touches everyone, everywhere. even in the government to tend be more authoritarian and restrictive. they have great challenges. it has gotten to the point where it has been part of the world's ecosystem, how the world functions. but there are lessons of

history. you have lots of immature technologies that, when they become pervasive and touch society, governments have a role. when you go back to the origination of computer science and computing, mainframes. at some point in time, when it became such a large participant in the economy, they decided ibm had as much of a role -- it happens all the time. it happens all the time. i know this is broader in many ways because there are billions of users and the internet, 450 or 500 million uses a pc's, so in many ways it is much more pervasive, but it has followed a similar pattern. so, if you are going to be a nation who wants to have a constructive role in persuading others, you need to leave yourself first.

we recommend that in the task force. >> that keep this in practical terms as much as possible. ambassador negroponte, i don't know if you have been following the debate at the united nations going back almost 20 years, right, over the international role of governance over the internet. it has been quite a tussle. >> right, and there has been pressure from parts of the international community to make the internet -- to try to bring it into some kind of a top-down governance approach. we, i think until now, have successfully resisted that. there is still acceptance of the existing mechanisms of governance of the internet. but i think we are definitely under pressure, and that is one of the points the report refers to. we are under pressure to broaden i do not think

that is hard to accommodate. as we speak, there are steps taken daily to do that, bring in more third world participants, to enhance the capability of other countries to benefit. the idea of a multi-stakeholder basically bottom-up kind of approach to the internet is still intact, although under some threat from this very phenomenon you talk about. >> how do you empower the stakeholders to a certain their -- to assert their stake? >> one of them is to increase their capabilities so they can use and understand the internet better. i think that is probably as important as any. the other is, i think you will see around the world, as our societies move forward, a growing middle-class everywhere around the world, including a

place like china, which is, at the moment, pressuring for greater control of the internet. but i think -- and centralized control -- but i think they have elements in their own society that get it with respect to the internet and its freedom and its importance to the realization of the potential of human beings and business enterprises, who will be a force more aligned with us, shall we say, than they are with their own government in the future. and one can hope reasonably, i think, that eventually that point of view will prevail. >> in august of 2009, the six member states of the shanghai cooperation organization -- russia, can't expand, kyrgyzstan, tajikistan, uzbekistan, and china, kazakhstan -- information war, they defined as a confrontation between two or more states and the information space aimed at

undermining political, economic, and social systems, brainwashing to be stable society.-- destabilize society and states. i think that is a good indication some authoritarian governments see some of the exchange of information. they really see this -- the soviets used to talk about ideological aggression, but isn't this, adam, the background of what advocates of free and open internet are up against? these governments that see free and open communication as potentially subversive to the interests. >> one of the reasons we have had such difficulty finding common ground with the chinese and the russians because, as you point out, a talk about information security, which is the protection of information spaces. we focus on cyber security, networks and routers, all of those things. there does seem to be some slow progress on that front, though. at the current

summit, there is agreement that we need some rules of the road. the chinese have agreed to consider that the law of armed conflict will apply to cyberspace. subject of 14 of 15 last meetings. the fact that we are getting some agreement there suggests we can temporarily put cybersecurity things to the side. it is clearly a main motivator for china and other totalitarian states. ways that china has been willing to talk about internet security? >> i was there with the state department this morning. we kind of exchange notes. we have seen something similar with the new government being formed. it is very logical. when you look at the challenges

of the new government that is being formed, and their necessity to expand beyond their regional economy, seven point five percent gdp growth -- it is not enough to maintain appointment -- employment at a level that is good by our standards, but by theirs, not acceptable. they have to engage the world economy, not just as a manufacturing hub. as they think about engaging the world economy -- i had these conversations three weeks ago -- that means they need to be more innovative. they need to be more creative. it means intellectual property. it means self through internet technologies. not like beingo hacked either. who do we hack? the guys with the money, or the guys with the ip? why would you hack somebody other than for national interests?

.ou could have other purposes >> which you are speaking about very freely. >> i am the economic side of the equation. ,e met with a lot of the folks and you saw this change, very, very quickly. i would think of it as, having been there many, many times in the past 35 years -- i would think this is an opportunity to engage. it is not now the opportunity to hold back or be cautious. now is the time to engage in these dialogues and these discussions, and put things on the table that are mutual self- interest to both countries, not just one party. negotiation that is one- sided will not go anywhere. if it is mutually beneficial, i really think there is a chance

for progress. when i came back, i was stunned. i was there in june, when the old government was still in power, last june. the difference is rather dramatic, and you can see it not only in meetings with the government. you see it in meetings with the leading academic organizations. you see it with state-owned enterprises. spirited,been a very enthusiastic discussion of why they need to engage the world economically. i think it lends to a forum to have a discussion to address some of the concerns. am curious how much leverage that gives the united states and some other countries. china appears to be very anxious to invest in the united states. i look at the example of smithfield foods. chinese investment in the united states is now something like

five times what it was five years ago. >> from a very small base. each of those chinese investments, or most of them, have to be approved before they can go forward. does that give us some leverage to incorporate some demand that china respect intellectual property, and the condition of particular investments? why don't we make the point that this has to do, in a way, with what kind of world, and what kind of relationship, the united states and china are going to have overall. do we want it to be a zero-sum game, like the shanghai communiqué you referred to? or do we want to look for the what we can contribute to each other's economies on a collaborative basis? it is kind of a fundamental question, whether you are talking internet, environmental

issues, the world economy -- which ever. henry kissinger raises this point very often. what kind of world are we going to have? if we have a divided world order of some kind, you can see it is going to lead to no end of complications, and neither side is going to be able to fully realize its potential. i think the encouragement i take for the meeting between the president's this past weekend is that it seems to me there is a search to find a way we can work together collaboratively, so that we can, each of us, most fully realize our potential. >> let us talk a little bit about some security issues which are really tough ones. all of you who are familiar with the history of internet policy are familiar with the attribution problem, the problem when you are trying to defend against cyber attacks,

the difficulty of identifying the source of attacks. it is called the attribution problem. former director of national intelligence mike mcconnell said he a bird reengineering the internet in order to make it possible to attribute attacks more carefully. other we talk about governments, china, russia, or any other government, do we want them to be able to attribute activity on the internet? or is that going to jeopardize the anonymity of internet users? isn't this kind of a two edged sword? >> it is. i think the report is fully cognizant of that trade-off. identify everyone, and you would reduce anonymity, and the possibility that something like the egyptian spring or those types of event would occur. >> because those guys would not be anonymous anymore. >> they would not be.

>> it does seem that attribution is perhaps less of a problem than it is always pushed out there to be, in the sense that general alexander said that for a major attack, at the level that was widely disruptive, that was going to take out the power grid, there are only a few actors that could do that. nation states, china, russia, a couple others. we would have a pretty good sense of who would do those attacks. the challenge becomes everything below that threshold, which is what we are seeing. clearly, the defense department wanted to send a signal that we are getting better at attribution. secretary panetta made his speech last fall, where he said we were getting better at it. that was clearly probably targeted to the iranians. these denial of service attacks. but you are definitely right, we don't want to live in a world where everyone is completely known in cyberspace, and the task force is certainly not taking that position, that we

are promoting that. we think the u.s. has a lot to gain from an open internet that is secure, but where people have the freedom to communicate their ideas and to organize what they need to. >> we also focus on the fact that without having to share from a traditional perspective, there are ways to better manage threats or issues as they occur. there are much better ways to do it than we do today here. there is a term called information sharing. if you look at the major participants in the internet -- and the technology, communication companies -- they see these patterns well in advance. perhaps becoming a problem. if they were allowed to share the information with the appropriate authorities, by the way, whomever it happens to be, defined by government, and do it in a way where they were not exposing themselves to any kind of legal action -- kind of in a constructive way to solve a problem -- not, by the way, this

problem occurred, and they take your credit card and now we have a class action suit against you because you told that you saw the pattern, so now you are liable -- right? that is why people tend to hold back because they are worried about the trial lawyers. but if there was a way to shared information -- because there are people who are seeing the patterns before the problem occurs. one of the things we recommended called information sharing some if you allow the information sharing to occur, and with the appropriate government authorities who obviously have the authorization to participate in this, we could at least anticipate and get ahead of some of the problems. back to the emerging countries. we also argue that one way to get them to see it from our point of view is to make the argument on economic development.

i believe the study -- internet, 4% of the worldwide gdp, on its way to 5%. if they could see it as economic development, then they would be open to ideas about information data sharing so they can participate in this global economy. it just wouldn't be the cloud services of an internet borne companies selling to them. they could become, the internet born company selling to others. so, there are ways -- some refer to it as economic diplomacy. there are ways to get them to have an interest in defending and making sure they are secure and resilient in dealing with some of the bad apples. >> i think everyone agrees that our online presence right now with respect to critical infrastructure is undefended, and isn't it true that private industry has not stepped up? is it just a matter of fear of liability? but isn't it true right industry has not stepped up to

responsibility? >> that is completely incorrect. private industry has stepped up and they act in their own self interest.that is what private industry does. that is what we do. my company is heavily defended. we spent a lot of money doing it. the question is then how do you share all that and participate? people argue that some elements in the technology industry are more advanced than others, telecommunications, banking financial services. people do complain about the utilities. utilities are not as heavily invested. the answer then becomes you need put mechanisms in place that is in everyone's economic interests. that mandate with a heavy hand, you must do certain things. the problem with the mandates is they will not work. truly from an engineering technology perspective, not from a policy perspective the pure

engineering, it will not work. and all you're doing is telling the bad guys out again.-- how to get in. them thee giving combination to the vault. that is what you're doing. the reaction to this has been more about if you're going to do something top-down at least do it in a way that will work. i think people will be open to that. it is very hard to do. why don't we collaborate with a heavy-handed approach? the industry argument has been let us cooperate with a heavy- handed approach and policymakers feel like if you put somebody in charge to mandate through legislation or executive order than the question that we ask is what to the mandate and will it work?

or are you exposing us to greater risk because you're telling people the combination to the vaults? >> i guess we will have some responses from the audience. i have to sneak in a couple of sexy questions or i lose my audience,here.-- my here. the report advocates -- directors of national intelligence do not like iransparency all that much. think that's fair to say. nevertheless your task force advocates the transparency of a possible offensive use of cyber weapons. are you comfortable with that? >> i am because i think what we say here is that just like in other types of warfare, using other types of weaponry, it is important that there be an understanding of what they can do, how they are used. one of the things we ask in our

relationships with other countries is for more transparency and how to prepare the military budget. i think the greater openness you have less chance there is of some kind of miscalculation. particularly, there is no doubt about it that the internet and cyber is an element of warfare. it is a tool of warfare. just like with other tools of warfare, nuclear, you need to have a dialogue between nations about how to use -- why they are used, even if you want some rules of the road and what is off-limits and what is on dialogi think that needs to begin. it doesn't mean you are revealing secrets about latino-- security or anything else.

>> it just seems to me as a reporter u.s. government hasn't been very anxious to talk openly about its possible use. >> there is probably transparency in transparency. one of them is to have this discussion amongst the potential users and maybe start small and then expand further. initially you have to talk at least among the cyber powers, china, russia. we recommend a cyber alliance. i think we need to work closely with our nato allies. talk about what circumstance we use this kind of weaponry, if at all. i think that requires a certain degree of transparency. >> as former director of national intelligence how you assess this cascade of leaks we have had in the past week about intelligence community's use of surveillance tools to track what is happening on the internet? >> the use of warranted surveillance, completely legal, not very new. i try to figure out exactly what is new.

it is certainly not conceptually new compared to what we have been doing a number of years earlier. how to assess it? i find it shocking that somebody with clearances and who signs a confidentiality agreement to then turn right around and reveal publicly that kind of information. i think it is utterly reprehensible and i hope that the individual or individuals concerned get punished for it. >> what are the population of people that have cancers that-- have clearances that put them in a position to disclose information like this? >> there is a trap in your question there. [laughter] however many thousands of people or even hundreds of thousands who have top-secret clearances in our government, there aren't necessarily thousands that have access to that particular kind

of information. my sense of it, without having inside information anymore, is that is a pretty darn restricted program and access to it was probably very restricted. >> i think it as to the point sam was making, information sharing is going to be much harder legislative push. mistrust of the nsa was high and now it will be higher. bills will be harder to push through. the second is what we see in china, already and in build assumption that u.s. technologies were in bed with u.s. government. when you read writing from the chinese website, we are 80% dependent on u.s. a. companies for this. all companies have back doors for the nsa.no matter what

happens with these findings, that perception is going to be widely reinforced in china. their efforts to keep companies out an increase procurement standards from u.s. companies require u.s. companies -- all for u.s.going to happen. companies abroad, the operating environment is going to be much more supportive.-- is going to be much, much worse. >> we ran all over the place in this half hour and now i think it is necessary to at least get a little bit of sense of the sweep of this report, which is very impressive. it is your chance now to focus in on issues that interest you. in particular we are going to invite you to join in the discussion. we have microphones. please raise your hand and once your call on please wait for the microphone to come to you. speak directly into it and give your name, and your affiliation, and please make it a question and not a speech.

i am sure there are a lot of people that want to take part. yes, sir? >> thank you. bill from the university of maryland public school of policy. i am intrigued by the title of your report. if the ucb for additives as-- do you see the adjectives as really being linked to each other in the way that success depends heavily on achieving the others or dc them operating-- or do you see them operating independently? >> i would say they are linked. inextricably linked? i would not go that far. the main objective of the internet is freedom. three years, free expression, free access, unhindered use and access to the internet.to achieve that, you need some of these things.

>> i would agree. it has to be resilient and secure for it to be global. ifere is an interdependency. it was not secure, it wouldn't be global. it would be controlled by some entity. i think they are, in many ways, connected. that is how we thought about it throughout the task force. >>: the program up, that is a-- holding the program up, that is a smart move. but i thought there would be attracted to the report. >> alan, i was intrigued by your comments that to lead the world toward the objective in the report which should lead ourselves here at home. i wonder what you think about the implications of that for an -- embodying our own internet policy, a privacy policy, cyber security policy, and legislation. you did speak about not wanting to mandate from the top-down. do you think that the fact that we have not had a comprehensive

privacy statutes in the united states the inability to access sap security legislation and our -- to enact cybersecurity legislation and our hands-off approach to the internet, which has led the world for many years, do you think that creates a bit of a policy void that does not allow u.s. interests to a dance as they should be?-- to advance as they should be? >> i would hate to say that, it sounds so monday.-- so mundane. what is our strategy from the perspective of u.s. national interest? i have been involved in multiple committees. i may not be knowledgeable of it. what is the strategy? in many ways we go to the dark side of the internet. clearly privacy is the dark side of the internet, that needs to be addressed. no one in this part of the world would disagree with the fact that there are many issues about privacy, not just national

security, protection of children and the like, that we need to have policies around. i would do it in a strategic context of that. it is not so simple to say you cannot use the internet until you are a legal age. that is not going to happen the could be rules of the road, there are all sorts of things asu can do beyond legislation. we have in drug awareness and so on. kids do understand the implications. i think we need a strategy. this is a personal opinion and we discussed this in the task force, it gets overwhelmed by national security and underwhelmed by personal economic interest. we try to accomplish a balance between national security and

personal and economic interests so it tried to maintain that balance in the recommendations. i do believe that if you err on the side of national-security and become restrictive on the open architecture of the internet -- and start with a strategy. having been involved in some of the legislative debates, i am more comfortable with the internet model forces open cooperation and people solving the problems in their own ways. versus the mandatory top-down. the technology moves so fast. by the time it to the legislative process, assuming it was really good -- let us assume it is the best you can have in the world. it would still be too late. you really cannot.it moves too

fast. i understand why you could make the argument for political reasons and why you need to do these things. the technology is not going to wait to stop. it is done over the world. there are really smart people over the world working on these kinds of issues. my point being is i recommend in a way this collaborative structural center -- i find that if there is the set of strategic guidelines that set the rules of the road, which is i think something that could be done through policy so we know when minor theft happens in the bank -- i hate to say that is minor, but compared to an act of war, it is certainly different.

there are some guidelines we conform as collaborative approach. i think there is hope. i do not think it can be solved legislatively. i only make the argument as looking from an engineering technology point of view. it goes too fast. and skills are global. there is almost nothing you can do to stop at elsewhere in the world. it will come here because it is an open internet. >> yes, sir? >> thank you. david robinson, former legal adviser to the department of state. has the internet made the ancient craft of espionage and counter-espionage -- has it made it harder or easier or both? >> i think it has made everything faster. i think that is probably the one thing that has happened, the rate at which information moves

around. the other thing i would say in terms of analysis, which is the end product of an intelligence process, you have to look at a lot more information. how you sort the weed out from the tap?-- from the chaff, and what youhings down to want the decisionmakers to know? on balance, i think the internet and modern technology have made intelligence far better and i think particularly with respect to the integration of information on the one hand and using it in a real-time basis on the other, two key elements of intelligence and operational activity have been improved dramatically by the absence of -- theation technology.

advent of information technology, and its progress. >> up here in front. >> i cannot help but remember -- i am going to do part of this to john. we know from a past experiences that so much is political, not just technological. i wondered a couple of things. you already reference the fact they did not have young people on your task force. in your report it to make any recommendations relating to getting at the culture and getting young people to realize that this is another form of stealing? the second question is the

degree to which you review the many treaties and laws that are on the books related to intellectual property, trade, copyright, and other things. i would make a third comment, the united states, canada, and europe, and just a few countries in asia, walked away from the agreement in the itu in dubai. we have a lot of homework. that is a really serious demonstration of both our arrogance and naive to take.-- naivete. >> the model did not exactly conform to the multi-state coalition that you all have advocated. >> that is correct. >> the itu agreed we would continue with the current governance of the internet while

we debate these other issues. that is why the system is still enforced. that would be one point. one of the recommendations the commission makes also is that we better prepare for the itu meetings and do it more before -- beforehand. dubai,t big session in we only appointed our delegation at the very last minute. i gather at the next meeting in 2014 will not be one of these large scale meetings. we already have the head of the delegation in place at the department of state. more attention to the itu and preparation for those negotiations. >> to answer the point about the

cultural mission, 55 countries was not just us and a handful. 55 countries refused to sign. and take your point, we have more work to do. the task force suggests a three- prong strategy. as john suggest, be engaging the exist toer.mechanisms bring countries into it, like the internet governance forum, which are not really being used in the way they could be because often countries did not know about them, they do not have the resources to go there. the third is to search for an alternative forum. there are lots of people that we think should have discussions outside of the itu on separate security where we need have more development capacity built in. on the young people think, if it is a problem for the council think we arei do

talking -- no offense to anyone in the audience. [laughter] we do identify a hacker ethos but not in a negative way that everything is free. in a positive way of let us have the system and make it better or build something ourselves. how'd you get those types of people to get to government service? how you involve them on the defensive side and the offensive side? it is about the guys who created tumbler and facebook and things like that. they think of themselves as hackers. how'd you get them to contribute? part of that is having the idea of the cyber service. people think of themselves as

an elite group. how can the council engage smaller startups in california, in the washington area? it would traditionally be outside the scope of the council. >> i'm curious, speaking of agriculture.-- of hacker culture. the taskforce is critical, for example, of the development of people that developed a zero-day exploits and back doors. those happen to be really important tools in offensive war. i know that the nsa is looking for people that have the skills. i am curious about that disconnect. are these people who are serving the american interest? >> we have a hacker on the task force. jeff moss was a hacker.he started defcon, one of the biggest conferences for hackers.

i do not want anyone to think that he is playing a negative role. he serves on the advisory committee for the department of homeland security for these exact issues. i think on the proliferation of malware, this is an interesting place for government discussion. this is one of the areas where the chinese and russians, at least for malware focus on critical infrastructure and security centers, we do not want to see these things in hand of al qaeda or non-state actors. these are difficult conversations, but how can we bring this in? >> the nypd would say, we flipped it. >> in the blue shirt. >> thanks very much. peter evans with general electric. how did the task force grapple -- metricsetrics it?

around that? how do you measure this and what is the goal for achieving our knowing that to have achieved any one of those points, even if they are independent or connected? >> that sounds like a question for you. >> jump in and maybe you could elaborate. i would say that one of the -- it is a great question. one of the thoughts the council has is to find ways of continuing some of the work that has been launched here. right now adam is the cyber the cfr needscfr. to do more work on this. there is obvious need for followup. we found very enthusiastic response everywhere. we had meetings, including out in silicon valley. i think you are raising the kind of issue that could be an important element of our work.

>> i think that is a great point. there are places you can go to, freedom house, and other places that measure internet freedom. to secure resilience, probably an interesting point. >> thank you. i am with the georgia institute australiangy.former department of defense. i was wondering if you think there is any hope for china and the nazis to collaborate on global internet security and what sorts of mechanisms could get that going. >> i will talk with the hope that my colleagues can -- i'll give you a few seconds to think about it. the reason there is hope for collaboration is because we're both countries are at this time, -- because of where

both countries are at this time, there should be some constructive dialogue that can be viewed as leaders of the world. it is in their interest to come together. this is something that they can collaborate around. it is a very difficult thing to say you do not want it. they can make progress. as i mentioned earlier, i will give a point, countries have had industrial policies. this is new. industrial policy in the economic sense.-- this is not new. it is industrial policy in the economic sense. if you look at the people that try to steal ibm's trade secrets over time, they moved around the world. i can give you examples of japan, korea, russia, and even

the western european countries. what happens? all of a sudden those countries emerge and develop economically and create their property and therefore there is not the same goal of trying to take others in that process. you look at where we are and this is my sense that if china is going to be more of an innovation economy -- somebody putting tops on bottoms is not unique. if they create international intellectual property owners and process their coined have the same goal as all of the people that innovators have.

therefore there is going to be this natural collaboration. i was there before i even retired. if you look at the history of these things that is normally what happens. we get to this point and then you began with of the mechanisms. >> you ask about mechanisms, obviously the bilateral one -- perhaps on the particular issue that is before us. for example, one of the recommendations we make in the port is the stealing of intellectual property over the internet becoming a rate of-- a regular feature in future trade agreements. it already is. maybe you can ship them in a little bit more detail. i think it somewhat depends on the specific issue.

in the back there. >> this question is for -- the leaked story, mr. snowden is now in hong kong under chinese -- chinese soverignty. are you afraid that china woul, like the nypd, flip him, to get him into helping them? america has the capability of checking where he is and sending the nsa folks to hong kong instead of turning himself to the red china. >> with regard to your first question we are going to have to wait and see what happens. i have been reminded that hong kong does have an extradition treaty.

one of the things that -- when hong kong became the re- integrated to china was to maintain many features of your local rule. one government, two systems. we will have to wait and see how that plays out. obviously in the united states i would just assume that you have a strong interest in him being brought back to the united states so he can be brought to justice. i am sure we will do whatever we can accomplish that. >> we are almost out of time. you have to make it brief. >> my name is pat from the state department. i am looking ahead with the upcoming transatlantic treaty that the investment partnership that we are going to be interesting and negotiating with

the eu, to what extent can do expect separate security to be involved in these issues? >> the question is should they be front and center? the free flow of data should be part of all of our trade agreements? we do see emerging security standards being possibly a trade -- orer or at least eight at least different trade restriction in different constituencies that may cause problems for u.s. companies moving forward. depending on how this nsa thing goes, i did see some stuff about eu parliament saying we need to consider it. i think those are issues we are going to have to look for to as a move toward. >> i think we ought to wrap it up. we did promise you would be out here by 1:30 and that time has now come. i would like to thank the speaker for this project task force. thank you all very much.

[captioning performed by national captioning institute] [captions copyright national cable satellite corp. 2013] >> c-span, brought to you as a public service by your television provider. in a few moments, our special series, "first ladies, influence and image," will focus on ida mckinley.

the new america foundation hosts a discussion on the immigration bill working its way through the senate. an general ray odierno on preventing >> of the story of ida mckinley can be told through an exploration between her story -- her husband william mckinley. i spent 30 years together which brought them happiness early on. their life into illness and devotion to shape the presidency at the turn of the new century. joining us tonight to tell the story of ida mckinley are two guests returning to the table, richard norton smith and carl anthony. we are going to start our program would fail.