that was the one thing that was dropped. >> you are correct. if you have a dealer without a record and he tries to cooperate, but does not come to the level of substantial assistance, and there is no violence, the court can come under minimum mandatory. now it is not necessary that he cooperate. >> things like that, it goes against that philosophy -- >> on that point, typically the charging decision is made before there is any opportunity to assess cooperation. in those cases even, more cooperation can still be considered. >> if you make a decision before you charge, the more effective the cooperation. the kingpin does not know sometimes what is going on. >> the point i would make is the range of sentencing is extremely broad. i think the data would support

most cases are going to plead. >> i find it strange that the cooperation was the one that was totally dropped. let me ask one that is not in here that i think ought to be considered. that is age of the offender. nowhere in these guidelines does it talk about age of the offender. i think that is one of our biggest problems. an 18-year-old or a 19-year-old is quite different from a 23-year-old or -- a 30-year-old is tremendously different, his judgment. particularly, i have five children, and the boys mature a little later, in most cases. i hope i do not hear about that. but i can say my 18-year-old at 30, after four years in the marines, had much better judgment.

anybody want to comment on whether we ought to take that into consideration? >> yes, i will. i absolutely agree. and i think most states are moving in that direction, where they are reintroducing age as an important factor in a particularly in you talk about -- when you talk about drug conspiracies. these kingpins look for young little kids, as young as 13 or 14, where they have enormous influence over them. they acculturate them into these behaviors. judges and prosecutors right now do not have the discretion to consider the fact that this kid was brought in at 13 and 14 and stayed in for five years. the supreme court has issued a couple of decisions that would support this congress and task force in taking steps to recognize the importance of age when it comes to culpability and sentencing. >> most of the offenders we chart our in their 20's. juvenile is under 18.

one example, we had one drug dealer who was involved with an organization in our district, and we had to charge him with two murders. after the debriefing he told us he committed committed four others. he was 19 years old. >> i'm not talking about murder. a 21-year-old is different when he is 30 in most cases. almost two different people, in many cases, particularly if he has not had some of the supervision that other children do. >> thank you very much. at this time, mr. scott indicates he will still yield, and, mr. jeffries from new york, you are recognized for five minutes. >> thank you, mr. chair, and i thank the panel that has to -- has appeared before us. professor stevenson, it is great to see you. i want to start with professor otis. criminal justice is largely the

province of the 50 states. is that correct? >> yes, it is. >> that is consistent with constitutional landscapes and the fact that prevention of crime was not necessarily an enumerated power given to congress. it was left to the state, the 10th amendment. that factors into that. the majority of individuals who are incarcerated in this country right now are in the state penal system. is that correct? >> that is correct. only 217,000 are in federal prisons. >> the state experience is a relevant indicator of what would happen if criminal justice reform occurs? >> that is correct with a qualification. the qualification is one i would build on. the federal prisons population is unlike the state prison population. the state turned over to the fed the really tough, broad-ranging

conspiracies. the kind of people that you find in federal prisons are the ones the state did not have the toughness or the resources or the sentencing system to deal with. >> that is interesting, because about 50% of the federal prison population actually constitute nonviolent drug offenders, many of whom did not have a prior criminal record or engaged in violent criminal activity prior to them being incarcerated in federal prison. is that correct? >> that is correct, yes. >> about 10% of the prison population in the federal system actually are violent offenders. in fact, i think it is less than 10%. is that correct? >> that is correct. so -- >> so the premise that the federal system is different in nature somehow and filled with kingpins and mafia lords and terrorists is just inconsistent with the facts. is that correct?

>> yes, the sentencing commission has made that point repeatedly. in the assessment of who is doing time in the federal system. >> i think it is clear there is no real difference between the individuals in the state penal system and individuals in the federal penal system. so i would argue since the majority of individuals are actually in the state penal system that the state penal system experience in terms of criminal justice reform is instructive. to me it seems like a reasonable premise. but mr. levin, does that seem fair? >> i think it is. there are obviously some differences in the composition, but frankly those have lessened over the years as more and more likely low-level streetcorner drug offenders ended up in the federal system. i would also say one of the provisions of the smarter sentencing act would say you have two criminal history points instead of one and still be able to get the benefit of the safety

valve. in order to get that, you have to cooperate. that would increase the incentive to cooperate. now if you have at least two points, you cannot use the safety valve anyway. >> my time is limited, but i appreciate the observation. 29 states have limited or restricted mandatory minimums. i would think based on some of the testimony that we have heard today that that perhaps would have resulted in a crime wave being unleashed on the good people of america in those 29 states. has that been the experience? >> no, it has not, and some states have seen dramatic increases in their crime rates -- in crime reduction after the passage of these reforms. >> are you familiar with the rockefeller drug laws that were put in place in new york? >> generally, not in specifics. >> it is widely understood these were some of the most lawsictive, punitive drug anywhere in this country, correct? >> i would have to defer to you.

>> mr. stevenson, is that correct? >> that is correct. >> these were some of the toughest, most are conan -- draconian mandatory minimums related to nonviolent drug offenders. in 2009 i was in the state legislature, and i was pleased to be part of the effort to reform those drug laws. are you familiar with that? >> no, i am not. >> it occurred. are you familiar with that, mr. levin? what i am. >> based on the premise, i would assume that in new york state that a dramatic crime wave as some argued would have occurred as a result of reforms, would follow. is that what took place in new york, mr. otis, or did crime continue to decline and subsequent to the repeal of the rockefeller drug laws in new york, as has been the experience

in every other state that has changed or reformed its mandatory minimums? >> my answer is going to be long, but you have to forgive me. i am a law professor. the answer is, yes, in the states that have experimented this way, crime has continued to decline, but that is because the imprisonment and use of imprisonment, while very significant, probably the most significant factor in the overall decrease in crime in this country in the last 20 years is only one factor. , other factors are at work as well, and those factors have continued to be in play. other factors like hiring more police, federal police training, better private security measures, better emt care, to reduce the murder rate, for example. while it is true that crime has continued to decrease, the decrease has been at a lower rate in the states in which they have tried this. the best example is california -- >> my time is expired, but let

me make the observation. one of the reasons that states have been able to invest resources in those other areas that you enumerated is because when you reduce the prison population you reduce the state budgetary burden and you can actually invest in things that have been empirically proven to lower crime. i yield back. time we would move to the gentleman from north carolina. recognized for five minutes. >> thank you, mr. chairman. mr. evenson, i would like you to give us some real-life frontline context, first, to establish in your 20-plus years as a prosecutor, most of that as a drug prosecutor, and how many drug defendants do you think you have prosecuted and have been prosecuted under your supervision?

a general number. >> i had my own case load while i was supervising a drug unit. i would say i have done hundreds myself over that period of time, but over those years we have done thousands. and we specifically went after the biggest organizations by using the techniques i described earlier. >> in the thousands of drug defendants that you have personally dealt with, how many of those were low-level nonviolent drug offenders? >> that me just say this. i heard the term nonviolent thrown around -- >> is trafficking of drugs a violent crime? >> it is by its very nature. you show me a city with a violence problem, and i will show you an underlying drug trafficking problem.

with drugs comes violence. it is the nature of the game. they do not take their problems to court. they enforce it at the end of a gun. any sheriff in my district would tell me, because i knew them all, i had 44 counties, their biggest problem was drugs and drug-related crime. that is what they would focus on, if they could get that problem solved. so i do not accept the term nonviolent when it comes to drugs. these organizations are by their nature -- and the higher they get. >> drug trafficking is a crime of violence? >> it is. i will say this right now. law enforcement does not have a war on drugs. we have a war on drug traffickers. we seize drugs and we arrest traffickers. that is our mission. and we represent many in these poor communities of color who are victimized by that -- >> i want you to focus on

another member of the task force pointed out that law enforcement prosecutors can choose the communities in which they go into and look for crime and prosecute crime. talk about some of those communities that you have been a part of going into and trying to eradicate drug trafficking. >> congressman bachus asked a question i did not get to finish. one example, we have a community where drug dealer had been selling for years. he had a fence around his yard. he had a high-dollar vehicle. he had four of them. he had built an addition on to his house. there was a photo of one of my agents driving one of these high-dollar vehicles out of his driveway, and he said, you see this picture, i said, yes, he said when i drove it down the street the neighborhood had come out on the street and they were clapping. this is a bad, violent drug dealer. that is the kind of people we represent.

>> that is when the agent drove down the street. >> he took the corvette out of the driveway and he said right as i turned and went down the street they were lined up clapping. we represent some of the most vulnerable people, the poor, the elderly, the young, the addicted, and they have no voice, they have no way to sell their home and move away when a drug dealer sets up shop in the neighborhood and the property values drop. quite frankly, i am personally offended when i hear charges of racism. the laws are race neutral. we go where the battle is hottest. we represent people who are victimized by this activity. it doesn't make any difference what neighborhood it is. i've never prosecuted anybody on the basis of race. u.s.s.r has any a. -- a.u.s.a.

we have to go where the evidence leads us, and that is where we go. >> thank you, mr. chairman. i yield back. >> at this time the chair recognizes the gentleman from tennessee for five minutes. >> i appreciate the opportunity. i apologize for being late. a couple post-midnight sessions. i walked in to hear you say something that was incredulous. that there is not a war on drugs, that you say there is a war on drug dealers. is that what you said? >> yes, i did. >> you said the laws are race neutral. >> yes, sir, they are. >> nobody denies that. but the fact is that the implementation of the laws is neutral, and is racial profiling. all laws are race neutral, since 1865, except in the south, which went to 1963. but the implementation by people under color of law who arrest

eight times more african-americans for possession of marijuana than whites is not race neutral. is that not a reality? >> congressman, i understand there's a lot of statistics being thrown around. >> like 99% of the people who believe in climate change and some people go with 1%. >> we will go back to the statistics. >> i cannot argue the statistics. all i can tell you on a daily basis i deal with drug dealers were black, white, indian. we have prosecuted wherever the evidence led us. >> i don't deny you prosecute them. i am saying arrests, and a lot of it is street-level arrests. you are a federal prosecutor. >> yes, sir, and uniform patrol is unable to stop this problem. it has to be investigators. they cannot do anything in uniform patrol. persons with up possession and it ends there. >> you believe marijuana is less dangerous to our society than meth and cocaine?

>> the laws indicate that. meth is highly addictive. >> the laws do not indicate that. marijuana is a schedule one drug, the same as heroin and lsd. that law does not indicate that. in our courtroom -- >> in our courtroom it is treated differently. methamphetamine is instantly addictive. >> i agree with you. you might do your best in your courtroom. i hope you are. but you are right, you need to go after meth and heroin and crack and cocaine. >> we do that, sir. >> how about marijuana? >> some of the most violent dealers that i have experience were marijuana growers. >> because it is illegal, and they are violent when the police come in, the dea to bust them. they are not violent in se, they are violent because of the laws. >> i have been threatened by marijuana growers. >> if it was legal, do you think they would threaten you? they threaten you because it is

illegal. >> that is a different question. i'm just telling you my experience. >> and when alcohol was illegal, al capone and all the guys on "the untouchables those quote they were bad guys. but now they are wholesalers, nice guys. it just matters how you flip it. do you think -- you support mandatory minimums. >> we need those. >> do you think mistakes were made when a judge tells of a situation where they did not want to sentence the person to life, but the third offense triggered it. some minor thing or a nice woman involved with a man who let her a stray like miss smith, who got pardoned, commuted by president clinton. a wonderful woman, her son is at washington lee, 6 1/2 years? >> as long as we have human

beings, there will be mistakes. but i can tell you our system , now is so regulated from the time they appear before a magistrate to a federal judge to the appeal process that every case is scrutinized. i would say those kinds of cases are rare here in every defendant is given a chance that in my experience, to provide assistance, so i can go to that. >> she was provided assistance and the guy that led her into it was in washington state and he was murdered, so she could not provide assistance anymore, so they put her in jail and in prison for a long time. if it were not for president clinton she might still be there. because you cannot provide assistance is not make your incarceration more just. >> there's a saying in law school that hard cases make bad law. right now the law works. it has worked to remove a lot of drug organizations in america. >> how do you think the experiment in colorado and washington is going?

>> i do not know, sir. >> mr. stevenson, anything you want to add? >> i want to emphasize that these exceptions, these extreme bad cases i think should not inform the committee task force, because we have a lot of data to tell us how to look at the system, and the truth of it is communities of color are not celebrating mandatory minimums. i think we really need to be sober about the impact of these laws on vulnerable populations. i do not suggest that individual officers go out with racist intent. but there are real differences ingenuity's where you have to do drug dealing on the street, as opposed to communities where you have resources to do it covertly. if we do not ignores that, we will contribute to this problem of racial disparity. you are right to emphasize the way in which our system identifies who is bad, who is violent, is shaped by the way we

characterize these laws. even in aiding mandatory minimum -- eliminating mandatory minimums will not my judgment eliminate or even restrict our ability to go after bad kingpins. we can still do that. nobody talks about shielding drug dealers or drug traffickers from arrest. what we are talking about is protecting people who are sometimes caught in the web and end up with these very unjust sentences. >> thank you. i yield back. >> mr. cohen, most bank robbers are nonviolent. unless you try to stop them. >> the chair will recognize himself for five minutes. thank you. really appreciate the level of commitment here. obviously we have people who are quite familiar with the system. i am also pleased that we have such an experienced group on this task force, people that have dealt with the law in so many respects. having been a state judge in the -- and a chief justice in a state court of appeals, we use

different terminology. when i hear an immediate adverse reaction to mandatory minimums. in the state we call it a range , of punishment, and it seemed probably appropriate for the legislature to say for these crimes -- in felony court -- this was the minimum, 0 to 2 years, but you had that bottom level. if you are in the first degree, five to nine, and if you enhanced it up with prior convictions, then you could -- a guy arrestedas for stealing a snickers at one point, and that runs into strange facts when you got a guy looking at maybe a mandatory 25 years because of the

enhancements. but it seems like we could deal with the areas in which there are great injustices without totally eliminating floors, although most judges i know would be fair and try to act fairly within a proper range. i am old enough to remember before the sentencing guidelines, back when federal judges actually got mad that they were having discretion taken away. i was shocked when i started having more federal judges say, no, we kind of like it. we do not have to make such tough decisions. the guidelines tell us what to do. mr. evenson, i cut you off twice when you seemed to be ready to proceed further. i have got time.

anything you are wishing to illustrate that you did not have time to do earlier? >> thank you, your honor. i just want to emphasize on behalf of the over 5000 assistant states attorneys, are -- i read the comment they had on this legislation, i read it again this morning. if you could hear and see the statements, i think you would be amazed at how profound reducing the minimum mandatories would be on our ability to do our job. we will not be able to go after the biggest drug dealers unless we have witnesses. as i said, this is hard business we are in. we need the inducement to allow

conspirators to specify, and -- testified, and they do that. they have to make a decision. it is a go or no-go situation. and they're with their lawyer, they decide my drug days are over, we build a rapport with them, and they tell us everybody that they have been getting their drugs from and they're willing to testify. oftentimes they do not have to testify, but they are held we do not care what you tell us as long as you tell us the truth. most of them do. those that don't go to prison. i had a lawyer who told me one , you know who is in federal prison, those who cooperated and those who wished they cooperated. we need the ability to negotiate. the sentences are fair. we are not prosecuting users. we are not prosecuting marijuana users. it is a myth. we are prosecuting people with prior convictions for the most part, dealing in significant

quantities over a long time. that is why we have conspiracies that run one, two, three, and five years. that is what amazed me. you could charge somebody with an agreement that lasted that long time. but the jury gets to see the whole story then. it is not just a search on a drug house. that would be our statement, congressman. i appreciate the time. >> anybody else want to comment on mr. evenson's reflection? >> thank you. i have two comments. one is i apologize for interrupting. one of the things we need to do is go by our experience. mr. levine pointed out that there has been a group of 16 or 17 states over the last several years that have reduced or eliminated mandatory sentences and have not seen an upsurge in crime.

i would point out two things. he omitted talking about california, which has had as many premature prison releases as the rest of the states combined. the reason is california is acting under the supreme court's decision that required early releases to reduce prison population and make prison conditions constitutional. what has happened in california, which has had many premature releases, is crime has gone up. that is not accounted for. if we look beyond the experience of 17 states and look to the experience of the 50 states over 50 years, we know what works and we know what fails. fails. what fails is what we had in the 1960's when we had a belief in rehabilitation. not really a belief in incarceration. that failed. what works is what we have --

>> my time has expired. let me recognize the gentleman from virginia. >> let me respond. with regard to california, the reason they got in that situation is policymakers failed to act proactively. that is why we work with legislators to address chris and -- prison crowding in a prospective way so you do not invite of record supervision. i think california illustrates why we need to tackle this federal prison overcrowding issue upfront rather than leaping into to unelected supreme court or other judges. one of the reasons we have seen the experience with the rockefeller drug laws, with drug reform in south carolina and other states not leading to an increase in crime, research has shown staying longer in prison does not reduce recidivism. prison does one thing well, incapacitates. with murderers and serial rapists, that is needed. but people who have a drug problem or who are dealing small

amounts on street corners, they have a habit themselves. if we can correct the habit and get them into a productive law-abiding role as a citizen, through appropriate supervision after release, then we can continue to drive down the crime rates in this country. >> thank you. i recognize mr. scott. >> thank you, and i thank all of our witnesses. mr. stevenson, you indicated that penalties do not affect drug use. is there any evidence that the five-year mandatory minimum for small amounts of crack when we disparity0-1 encouraged people to instead use have 100hen they could times more powder -- is this an indication that people would not use crack they're going to say , the powder? >> no. very sadly they are driven by an addiction, by a disorder that is actually shaping their choice. they're not worried about tomorrow or the next week. most could not even tell you what the penalties are.

we will recognize that, be misdirecting a lot of resources. >> if your goal is to reduce drug use, you mentioned a public health approach -- >> no question, a lot of countries have invested in interventions and many states have also used drug courts where they authorize treatment and supervision. i want to emphasize the point about supervision, it has proved to be very effective. if you spend $50,000 a year to keep somebody in prison, that money does not accomplish much. if you take $10,000 and make -- take someone just released from prison and make sure they are complying with very strict guidelines, around services, allowing them to move forward to get a job, etc., not only are you spending less money on a person, you're dramatically increasing the chance that they are actually not going to recidivate or continue to be a drug user. we have got lots of data from lots of countries that talk about these public health approaches that have radically reduced drug addiction and improve the health of these communities.

i am very sensitive to communities that have been hijacked by drug addiction and drug abuse. interventions that run health -- around health care models are the interventions that have the biggest impact on the health of those places. >> i understand your organization right on crime takes the position that the more cost effective ways of reducing crimes than waiting for people to get arrested and get into a bidding war as to how much time they are going to serve. have you seen research that incarceration rates over 500 per 100,000 are counterproductive? >> the case is you reach a point of diminishing returns when it comes to incarceration rates. number one, you are sweeping into many nonviolent and low-risk offenders. people are serving longer than necessary. >> let me ask you a question on that point then. if anything over 500 is counterproductive, and 10 states are locking up

african-americans at the rate of 4000 per 100,000, if a community without lock up rate you reduce it to 500 at which you stop getting any kind of return, does that 3500 people fewer in prison, that is $70 million. are you suggesting that that community could actually reduce crime more by spending that $70 million productively in a public health model, education, afterschool programs, keeping young people on the right track, an they could locking up 3500 extra people? >> it is difficult to look at a setting of arbitrary rates. states have different crime rates. but i would say that once -- professor steve levin, who has written for economics, he looked at it. one of the biggest backers of

increasing incarceration a few decades ago, they said they reached a point of diminishing returns and potentially in fact in some places negative returns. you could be using the money to put another police officer on the street doing some of the things they have done in new york city and other places, where they are able to deter crime through a greater presence of officers in the right places, targeting hot spots. as you said, we've talked about problem-solving courts, a range of other approaches to electronic monitoring, so i think we, without getting into the arbitrary attacks, so much of the money of budgets is going to prisons, the resources are not there often for these alternatives. it is a matter of realigning our budgetary priorities and making sure the people do not go to prison simply because we have not provided the alternatives. >> we have heard you need these bizarre sentences to fight the war on drugs. how is imposing sentences that violate common sense helpful to

the war on drugs? >> as you said half of all high school students have tried illegal drugs. we have to have a broader approach that looks at prevention, substance abuse treatment where there are many advances being made. i think that certainly we know that undoubtedly drug dealers replace one another, so the problem is too broad to solve just by taking what are a small number of the total people dealing drugs and putting them in prison for long sentences. as we've said these people are still going to be going to kristen. -- prison. 97 months for crack cases, even after the disparity was narrowed. evenson sounds like he has no leverage over these people. these people are going to jail, just not on bizarre sentences.

on fair sentences. >> that last year getting mileage relative to what we could be doing with those resources. >> thank you. let me just comment, and we had submitted chairman sensenbrenner's statement for the record. he does point out things in which i would hope we would all agree, that this task force has taken up. rather unusual to see aclu, heritage foundation, liberal, and conservative groups joining together, but we have a lot of agreement with regard to issue of mens rea for offenses. it was mentioned earlier, we really should have these codified into one code having -- instead of having 4500 or 5000 federal crimes where a prison sentence was added simply

to show congress was tough on some issues, when maybe it was a clear error and it should not -- clerical error and it should not have gone that route. there are many things that we agree on that we really need to deal with. and we really appreciate all of your input on this issue of mandatory minimums, what i might call a range of punishment, and you may have other thoughts as you leave. i know i always do. gee, i wish i had said this or that or the other. so if you wish to have -- we provide members five legislative days to submit additional written questions for the witnesses or additional materials for the record -- >> yes. >> let me just say, if you have additional testimony that you think of as you walk out, i wish i had said that, we would welcome that submitted in

writing for our review, and it will certainly be reviewed. >> thank you. i ask unanimous consent that letters and testimony from the u.s. sentencing commission, justice strategies, families against mandatory minimums, the leadership conference on civil rights, civil and human rights, the southern center for justice, the judicial conference that reminds us that judges are often required to impose sentences and violate common sense, the aclu, the sentencing project, i'll be entered into the record. >> without objection, that will be done. if you have additional materials, any of you, that you feel would be helpful to this task force, we would welcome those, and that will be open until friday. >> if i could ask one other question. would you mind? >> without objection. >> thank you. i'm just guessing.

mr. otis, it looks like you have the most experience here. you're may be the only person here older than me. 1968 is when you graduated? >> you look like you are younger -- like a youngster to me. more and more people do these days. >> it is all relative. you been doing this for a long time. you were at the dea. if i am wrong in my opinion, but tell me. what i see the drug war over all , those years has not changed at all as far as the american appetite for drugs, american appetite for marijuana, for crack, cocaine, meth, ecstasy, oxycontin, whatever. and our process has been the same. arrest people, mandatory minimums, flip them put them in , jail for a long time. it has not worked. is the system basically the same place it is been? do you feel like a rat going along in a cylinder there? do you think we should come out of it and go this has not -- 40 years, don't we need a new theory or way to do this?

>> what the statistics show with the drug crimes are intimately related with other kinds of crimes, property crimes, crimes of violence, and we know from the statistic that those crimes have gone down substantially. so i don't think it is correct to say it has not worked. in addition to that, in order to know whether specifically drug laws have worked, we would need to know what the state of play would be if they had not been enforced. the great likelihood, because -- it has been misapprehended in something that has gone on, the drug business, unlike other crimes, is consensual. there is not a crime scene and a victim in the same sense there is in other kinds of crime. we've talked a lot today, and you've talked, and correctly so, about violence, and whether we have seen an increase or decrease in violence when some states have released drug defendants early.

but violence is not the only thing we need to care about when we are talking about drugs. we need to care also about harmfulness. because the drug business is consensual, for example, the actor philip seymour hoffman who recently died of an overdose he died as a result of a consensual drug transaction, as most all drug transactions are. he and the other 13,000 heroin addicts who die each year are equally dead, whether it is consensual or whether there has been violence. we need to stop about the harm that comes from the drug trade, a harm that is one of the most destructive, particularly in minority communities today. >> would you mind if i added one thing? >> it is up to the chairman. >> go-ahead. >> with regard to heroine since , 1990, the purity has gone up 60%.

the price has dropped 81%. it indicates what we're doing with regard to heroin is tragically not working. kingpins and others dealing hard drugs should go to prison. but we need to take a broader approach. there are pharmaceutical advances that are treating heroin addiction and, recognizing prescription drugs , prescription drug abuse is far more common than heroin abuse. i hope we can also focus on that as well. >> thank you. what we need to do is huey lewis had an answer. we need to find a drug that is not addictive and harmful, but still pleasurable. get to work on it tomorrow. [laughter] >> i always thought that was what we call glazed doughnuts. [laughter] mr. bachus, you ask unanimous consent?

>> thank you, unanimous consent, and i want to remind you of this, i had this, but this is a crime scene. and this is in alabama. these are two young people who overdosed on a synthetic drug earlier this year. so it is a different crime scene. but it looks pretty violent, i am sure, to their parents. and their friends. i would also like to introduce -- >> are you offering that? >> yes. >> without objection. >> i also would like to introduce a copy of the attorney general's memorandum to u.s. attorneys and particularly highlight where the cooperation is no longer included.

but, third, mr. stevenson said something that we need to at least have one panel of people, and that is health care approach and things that we can do and drug divergent treatment, addiction, addressing both as a criminal and a health care problem. i would think the u.s. attorneys would welcome that more than any one group, because i have had u.s. attorneys and d.a.'s that expressed to me that they wish more was done on addictions and rehabilitation, because they are the ones that see it every day. >> mr. chairman, i want to make it clear that i think we share the common goal of reducing drug use in america. the question is what the strategy will be. mr. levin and mr. stevenson have

pointed out that there is a better, more cost-effective way of actually reducing drug use in america. others have suggested the war on drugs is working. i think the war on drugs has been shown to be a complete failure, it has wasted money, it has not reduced drugs, and there are more cost-effective ways of doing it. that is what the debate is all about. >> thank you, we all agree on that, that we want to reduce the usage of drugs, and there have been data provided that indicate in some ways it is working. to explain to each of you, we had anticipated having to go to vote at around 10:00 a.m., and we started out under that, that is what we were told by the mortal gods from the house floor. while were proceeding, the vote that we were anticipate around

10:00 was voice-voted, thankfully, some cooperation on the floor. and that allowed us to finish without interrupting you and taking more of your time than necessary. we do thank you, and with that, we are adjourned. [captions copyright national cable satellite corp. 2014] [captioning performed by national captioning institute]

>> next a discussion about cyber security and international diplomacy. some of the 2014 commencement speeches from around the country. then president obama's announcement concerning the resignation of veterans affairs secretary shinseki.

>> so my son paul was in the hospital at children's national, openre waiting to have his heart surgery. and he had been diagnosed with heart defects and had to have the surgery, otherwise he'd die. part of the waiting for the surgeon to come back from overseas was being in that hospital realizing all these are there, and you're kind of in the trenches with them. family, maggie's family, maggie had been through nine surgeries in nine months, problems.fferent so as daunting as our situation for we were really feeling them. and we were in the waiting room maggie's, walked past bed, and the day of paw's

in and maggie's family wasn't there. she had passed away the night before. it was rae really hard to hadine that that family spent so much time waiting for her to get out of the hospital and she didn't make it. we went in to surgery that his eight hours surgery, first open heart surgery of three, and as we're sitting in unitardiac intensive care watching through a clear plastic son's heart beating, you know, which was a moment in itself, the nurse comes over and says you have a phone call. phone,y brought me the and it was maggie's mom. surgery.on paul's the strength and the grace and it took for a mother who had lost her child the night before to call and check on our child, i think was we'll always

remember. >> fox news channel anchor brett baier on his career and his book, which chronicles the struggles of his son paul, sunday night at 8:00. wednesday, to mass ilves. the discussion was hosted by washington university in washington d.c. examining cybersecurity and diplomacy. this is about an hour and a half. ladies and gentlemen, the president of the george washington university, dr. stephen knapp.

>> ladies and gentlemen, good morning. i'm steve knapp, president of george washington university. it's a pleasure to welcome you to this very important symposium this morning. at george washington we frequently have the opportunity to bring global leaders to campus to discuss the important issues of our day. that's one of the ways in which we provide our community with a front row seat in the theater of history. i'd like to take a moment to recognize among the many distinguished guests we have with us today, the four ambassadors who are in attendance this morning. their excellencies marina callurand of estonia. ambassador andres lason of lot via, am mass dor richard schnepp of poeland and finally

ambassador jean-louis voltsfeld of lex umburg. i'll mention one other member of the audience, a former governor of minnesota, tim pawlenty, is here with us today. of course i'd like to welcome especially all of today's distinguished speakers, congressman mike rogers, congressman dutch ruppersberger and paula dobriansky, former undersecretary of state for democracy and global issues. i'm especially honored to welcome toomas hendrik ilves who will be addressing us in just a moment. estonia has been an extraordinarily viable partner of george washington's world executive mba in cyber security. that program i think is having an important impact in training leaders who can help us address

this very important challenge. our students have worked with members of the estonian parliament's cyber security and national defense committees and with the minister of education. the ambassador has visited our campus on a number of occasions to participate in discussions of cyber issues. for the past two years president ilves has met with students as part of their international residency. we're honored today to host this forum as part of our broader cyber security initiative. it was established in 2012 under the chairmanship of former secretary of homeland security michael chertoff and this brings together university's expertise, research, policy and education to address the wide range of issues that are relevant to the cyber challenge, including national and international security and economic competitiveness as well as concerns about privacy and civil liberties. i'm sure you join me in looking forward to the program and to president ilves' address.

please join me in welcoming frank salufo and director of gw's homeland security policy institute. >> thank you, president knapp, and let me echo the president's comments and welcome everyone to george washington university today. let me also welcome our viewers on c-span, those watching at home. it is a real treat and i've got the distinct privilege of very, very briefly introducing our speakers. to give you a sense of the state of play, we're going to start with some prepared remarks by president ilves. then we'll turn right into a moderated question and answer period with congressman rogers, congressman ruppersberger and ambassador dobriansky. let me first introduce our

keynote speaker, president ilves. i think it's a real treat to have someone who is not only articulate on cyber issues but in addition to understanding the strategic initiatives, he is a technologist at heart himself. it's pretty amazing when you see what estonia has done since it regained independence. quite honestly it's one of the most innovative countries you will see. it's synonymous with cyber. it's done so much in such a short period of time, and i think it's fair to say that they punched way above their weight. and it's a bit of a combination of technology, policy and entrepreneurialism. and i think that's synonymous with their head of state. i think it's fair to say that estonia is in large part where it is today because of president ilves.

president ilves was born in sweden. he was the son of refugees during the cold war. he grew up in the united states, went to high school in new jersey. i won't ask him what exit. and was educated in the united states. he went to two small schools, columbia and u-penn. he was ambassador, the estonian ambassador to the united states. he's in his second term as elected president of estonia and i think you can't have a conversation about cyber security without estonia coming up. so i think that's quite amazing. and it's this combination of grit and technology. he came in immediately following the cold war and started hooking up and networking all the schools to computers. rather than looking to legacy systems, he was looking ahead. many countries were looking at the past, concerned about what

they saw for good reason, but i think estonia put the grit and the entrepreneurialism to try to propel forward. in addition to that, as many may know, he's invested very heavily in education. how many people can say they have first graders coding? well, that's precisely what they're doing in estonia. they're coding at a very young age and they're doing so. i had the opportunity to visit a number of the schools and it's pretty amazing in terms of what you see in terms of coding and robotics. and obviously president ilves is also a leader in the e.u. he's leading a lot of the ehealth initiatives. he's leading the cloud environment and is a true champion not only of cyber. and i might note whereas he's a technologist, at the end of the day it's also the marrying up of

culture. they have invested so aggressively in technology, which is neat, they didn't look to legacy systems, but they have also done so with the dna or the ethos that is striving for freedom. so if you think about it, they had to live in an environment where they didn't have any of that. so in addition to technology, you have the opportunity, and i can tell you they will continue to remain the most transparent country. i'm going to quickly introduce our other speakers so we can go right into the conversation. we have following president ilves, congressman mike rogers. mike rogers is no stranger to gw, no stranger to anyone in the united states or at least anyone who has a tv or the internet. he's been a relentless champion on national security issues. he chairs the house permanent select committee on intelligence and i just want to note he has announced that he will be stepping down from the hill. i might say this is a huge loss for our national security community. so all of us owe him a huge debt

of gratitude for thinking country first. his partner in crime, and i say that in a good way, is dutch ruppersberger who's the ranking member of the house select committee on intelligence. if there's any committee that's b bipartisan, that's the one. i think it's all the more important that our intelligence issues and national security issues are treated in a nonpartisan way. and last but certainly not least, we have ambassador paula dobriansky who had a must-read op-ed in the "washington post" this weekend. if you haven't read it, read it. she is no stranger to diplomacy and national security issues. i had the privilege of working with her in the burn white house. she's headed up the council on foreign relations in d.c. she's at harvard. she got her undergraduate at the other george across town. i won't hold that against you. but got her master's and ph.d. in harvard in soviet military and political studies. dare i say those -- that

dissertation is probably as relevant today as it was then. so president ilves, the floor is yours. thank you so much for joining us and thank you from everyone. well, thank you very much. it's great to be here. i'll try to speak quickly because 10, 15 minutes to cover cyber from its various aspects is quite a task. we're very late in actually coming to realize the importance of cyber. it was only in 2011, that's three years ago, that the munich security conference, the premiere security conference in the transatlantic area actually had its first session on cyber. before that, they didn't have it. at the same time, this awareness has increased dramatically. just last year when u.s. experts were rated on what are the

threats, cyber went beyond terrorism by 20 percentage points as the biggest threat. and that should be understandable because in fact the capability of cyber is immense. when you think about how dependent we are on the digital world, the internet of things where basically we have machines already just talking to one another, more important supervisory control and data acquisition systems that run everything from power plants to the milk deliveries in your supermarket, all of those things are vulnerable. and we've gotten to the point where in fact you don't really need to physically attack a country to debill at a ti tadeb. and that was with a very primitive attack. we had d-dos attacks flooding

our servers and that was seven years ago. it seems prehistoric looking at what the capabilities are. when you think also the number of cyber attacks and between 2000 and 2011, there was a 17-fold increase in cyber attacks on u.s. infrastructure. we can assume that it's more or less the same everywhere else in the free world. so we, of course, got -- we were the first ones who were subjected to something -- to an attack that was explicitly political, and it was the first time it would sort of meet the category of policy by other means. before that clearly there were all kinds of cyber attacks, but it was never clear that it was a policy by other means. and what makes it all much more difficult, of course, this is

all the obvious, it's very hard to tell who did it. forensics are really difficult. this leads to major problems in figuring, for example, from the point of view what is an article 5 attack. if someone shoots a missile at your -- at a power plant, you know where it came from, you have an appropriate response. if you take out the power plant with a cyber attack, you don't know who did it, you don't know what's at fault. these are the kinds of things that we have to start thinking about. we have to start thinking about defending the entirety of our societies from attack. i think it's wrong to only think about cyber in a strictly military-to-military domain because in fact they don't have -- whoever is attacking you, doesn't have to attack your military. they can just attack your infrastructure. we have, i think, moved

considerably at least -- nato has finally figured out cyber is an issue so the nato center of excellence for cyber is in estonia. we do regular exercises, most recently i think with 17 countries participating in an annual exercise called lock shields, which is a cyber defense exercise. and those things are moving along. and we ourselves are very proud that we are the only country so far to have a memorandum of understanding of cyber security with the united states. now, of course all of this is complicated by some of the developments that we find -- we have to deal with politically because of various revelations from people who used to work at nsa. and i think that we have to understand that this makes it all politically much more difficult to do a lot of the things that we want to do. and i think that we have some major intellectual tasks ahead of us.

basically what we're dealing with is overall in cyber is the modern equivalent of hobbs' -- thomas hobbs' war of wall against all. it is a state of nature. all things are allowed, there are no rules. we see that some countries in fact are taking hobbsian solutions and imposing a sovereign -- that is to say a dictator on top saying what is to be done. we who are in the freedom online coalition with the united states, we are number two in the world in internet freedom, we were for a number of years number one but then iceland crept ahead of us. number three now is the u.s. but if you want to maintain a free internet, we have to come up with a new solution or new understanding, i think, between society and government on what -- how we deal with the hobbsian nature of the world and

the internet where all is allowed up to now. so we need our jeffersons, we need our voltaires in this area and i hope people work on that. especially when we think about all of the things that relate to cyber -- rather to privacy, not only are we talking about what governments do, but it's all your google searches, your swipe car cards. if you read the wonderful book by shinberger on big data, you see everyone is using big data to follow everything and oftentimes they know more about you than you know yourself, even to the point that you're pregnant, as one example was in that book. so this is where we're dealing with something very big that we're only now beginning to grasp. a few words about what we do shall because it's very different from other countries.

we have come to the conclusion that you cannot have any genuine security without a secure online identity. most of you may recall the old new yorker cartoon of two dogs and one of them says to the other on the internet, no one knows you're a dog. well, that is the dilemma of all internet relations. you don't know who's who. and until you can do that, you cannot really be sure of anything. and so our solution has been to create a very secure online identity to factor public key infrastructure and rsa 2048, if that means anything to anybody, but in fact we know who's who. you can be sure that whoever has an online identity is that person. and so we've built the legal infrastructure based on that, so we allow digital signatures.

we've given 160 million digital signatures in estonia since we started this. we have built up an architecture on top of that which allows us to offer about 400 services, both public and private, ranging from banking to online prescriptions. that is to say if you get a prescription in estonia, you can take it out anywhere in the country by just sticking your card in. we think that's the way of the future. other countries don't want to have secure online identities. there is this sort of odd paradox that the u.k., canada, u.s., new zealand and australia are also the five countries most opposed to having any secure online identities. why that is, i don't know. but in any case we don't fear it and we in fact find that it's far more secure and our citizens love it. they fill out their taxes.

all taxes get done virtually online. in about three minutes. we have online medical records. all these things are possible if and only if you have a secure online identity, because whoever has the data knows it's you and not anyone else. we also -- we also have a few laws that also are crucial, i think. one is that you own your own data. i just read the big data report that was put out here in the u.s. one thing that you could do is actually give the right to own your own data to people. if you own your own data then whoever owns it is obligated to tell you they have been looking at it. that's difficult, i know, but you can do it. so those are the kinds of things that are alternative ways to give you cyber security.

i don't know where -- how things are going to go, but certainly in europe i think that that will be the way we will go because the level of fear about cyber, often ignorant fear, is so great that we will have to take measures to guarantee the security of data. and i think that the way things are going in the world with cyber attacks and with fear of privacy, we haven't even gotten to the big issues because everyone is concerned about privacy. i think the real issue in cyber will not be privacy, but rather integrity of data. people -- to take an example, you might be worried about someone knowing your blood type. i'm much more worried about someone changing the record on my blood type and that's what data integrity is.

so far all the discussion posts has been about privacy, but the real issue and the real fear and issue that instills fear in me is that data can be changed. and that will require a solution of the sort that we have beca e because -- things can get pretty batted, i say basically. but we're glad that we're working closely with the united states on these issues and the u.s. does do a lot of work with us. when you say we punch above our weight, it's actually the digital world has no weight. and that's why i would say in this world digital is like the old colt .45, the great equalizer. you don't have to be big, you don't have to be rich, you just have to be smart. if you're smart, you can do things in digital which are very good. unfortunately, some people who are smart do things that are very bad. anyway, i won't take any more

time. just wanted to give that brief overview, thank you very much. [ applause ] >> let's jump right into the questions. let's start with our congressman. congressman rogers, congressman ruppersberger, if you had to rack and stack the threat environment we see today, we've heard a little bit about what estonia is doing to defend not only their country from a national security perspective but also their citizens from misuse and breaches and the like. if you were to rack and stack the threat environment today, where would you put the various actors? because i mean we tend to speak of these issues loosely. computer network exploit, for example, is not the same as computer network attack. countries that may have intentions to steal secrets may not necessarily at this point have the same intent to attack. but if you were to look at the

threat environment, i'd love to hear from the two of you where you see that. and then you guys have both passed bipartisan legislation on the house side. i think it's fair to say that you can't move forward without information sharing. why aren't we moving forward on that front. so congressman rogers, let me start with you, and congressman ruppersberger. >> if you think about the last 30 days of general alexander as the national security agency director, they stopped 41 million separate attacks on department of defense or dot-mil if you will or dot-gov. 41 million. and they are by the way getting more sophisticated. that's everything from a very low level attack to a very sophisticated attack. so if you said what is the threat matrix out there today, it looks even different than it did even 24 months ago, even than it did 12 months ago, even than it did six months ago.

it is constantly changing. and the problem is you have new, higher quality actors starting to come in. if you look at the target attack, this was a non-nation state actor, organized crime basically in the eastern block countries who used nation state tactics to get in, develop a tool that was able in a fraction of a fraction of a fraction of a second steal credit card information. they did it not by attacking the security of the company, which by any stretch of the imagination wouldn't have been difficult to get through. they did it by finding that somewhere down the logistics chain of that particular company and swam upstream until they got where they needed to go. so you think just that attack, which probably wouldn't have happened 18, 19, 20 months ago, now you see this organized crime group with really sophisticated capabilities and it's getting better. >> by the way, i might underscore we just hosted the head of europe and over 85% of their investigations are russian speaking.

from countries russian speaking. >> it's getting difficult, by the way, to determine between russian organized crime and russian intelligence services. i think that's where the president was going to go. it's kind of hard to figure out who's behind that keyboard. >> the great kleptocracy of vladimir putin is a confusing place to draw lines between organized crime groups. so the chinese have gone unavetted in their ability to steal intellectual property and repurpose it. that is a long-term economic problem for the united states of america. the russians are also in that game, not to the same extent. now you have other nation states who see this who are investing in this capability, including, by the way, terrorist groups who are now out advertising to find the right people with the right qualifications to help them do cyber attacks. and of course according to public reports, you do have a nation state who is interested and eager for a disruptive

terrorist-style attack, the nation state of iran, who has been probing our financial institutions with pretty low level we think d-dos style attacks but we know they have better capability laying on the shelf. so next week if you ask me what the threat matrix is, it will change. next month it will change, next year it will change. the one thing that hasn't changed is we have admired this problem long enough. next week we'll admire it some more and next year we'll admire it some more. dutch and i have worked pretty hard to find that bipartisan solution that at least gives the private sector the opportunity to defend themselves. >> congressman -- >> you asked the question about the threat. number one, other than weapons of mass destruction, i think the cyber attacks generally is probably the second biggest threat to our world. and we -- if you look ten years from now, we will be the pioneers. we -- not only in the united states but in the whole world have to come together and set some type of standard on how

we're going to protect ourselves. every citizen in the world is really on the front line of what could happen with respect to these cyber attacks. as positive as the internet is. mike talked about the issue with stealing. it's been estimated by our cyber command that we lose the united states over $300 billion because of theft, mostly from china. and just recently in the last two weeks we indicted five people who work for the chinese military in china for stealing. we all have -- all countries have espionage. that's what we've done since world war i to protect us, but we don't steal from other people, other countries. we're not stealing to make ourselves richer, and that's what some of these countries are doing. now, you talked about the legislation that mike and i have worked with. we're getting a divorce, he's leaving and we're negotiating all our child support and custody, but mike is a very unique individual. we made a commitment, each one

of us, because our committee before we took leadership did not work well together. that the stakes are so high, not only cyber but terrorism, space issues, all these issues that we had to work together. as a result of his leadership, we have tried to do the best we could to deal with this issue of cyber threat. the first thing we did was this bill called sispa. we realized that we had to have a way, that we had to have a law that would allow information to be shared with the private sector. 1947 law basically says there's a law that the government cannot share information with business and other groups unless there's a clearance issue there. so an example, if you see hurricane sandy coming up the east coast and you're a meteorologist, you can't warn anybody. that's how we feel right now until our bill is passed. now, unfortunately, the public generally has some mistrust of what our intelligence agencies are doing. unfortunately also it's

misplaced because that's what our job is on the intelligence committees, that's what justice does. we have a lot of checks and balances to protect our freedom and our liberties and our constitutional rights. so what we did, we educated our republican and democratic members. we put this bill that would allow for information sharing so that when the united states, basically nsa but other intelligence agencies see these attacks coming in, we can take that information and share it with the private sector. what most people don't realize, 80% of the network in the united states is controlled by the private sector, so there has to be this partnership. so after working and educating people about security, we passed a bill, a very strong vote, and it went to the senate. and chairman rogers and i worked with senator feinstein and senator chambliss to come together to make sure we can get proper legislation and this is the sispa bill. the senate was getting ready to move and all of a sudden we had

the snowden leak and everything came to a stop. unfortunately, that was very dangerous to our country what occurred. a lot of misinformation. but more importantly is it became viral as if the united states and nsa was listening to people illegally. there was not one violation of the law. so mike and i had to come together again to find another way to get the confidence of the public back and let them know we follow the law. we have more checks and balances in this country as far as listening to people than any country in the world. i think we're number one with estonia, but we'll argue that later. and as a result of that, we came together, we have checks and balances. we brought the aclu and privacy groups to the table. we negotiated and we had an overwhelming vote of over 300 members last week, which is unusual in this congress, it's almost a miracle, but we did it because the left and right came together, understanding the threat but understanding that we do care very much about privacy. now that we passed this bill, hopefully the senate will pick it up and we'll be able to get back to the sispa bill so we

don't have a target for you ladies, target, whatever, but we don't have issues with target. target is taking a big hit. they might lose $1 billion. their ceo was released. these threats are there. it's not only -- there are two different threats. there's the threat of stealing information, which china is doing a lot, but it's a destructive threat that are really concerning. your infrastructure, your electric grids. you know, these destructive threats. it's been said by the media that iran attacked saudi arabia, the largest oil company in saudi arabia, shut down 5,000 of their computers. these are things that can happen every day right now if we don't get it together and set up standards. >> thank you, congressman. i want to pull on one of the points that you raised, and i know you have a pressing hill meeting but i want to get both of your comments and i want to get president ilves in on this before we pivot to some of the geopolitical questions in russia. but you mentioned the indictments. i think you also highlighted an important nuance and difference.

do we engage in espionage? of course. every country does. it's been called the second oldest profession in the world. to protect our national security. the difference is, is when you have nation states using national assets and resources to benefit companies. that's a big nuance. that's a big difference. first i'd like to get your thoughts on whether you think the indictments and looking at economic instruments are the right way to go. actually i want to build into the russia question. we're also sanctioning individuals there. are we looking at microsanctions, microindictments, and is the international community ready to have that conversation, the difference between national security collection and economic and industrial espionage? i'd first like to get the members thoughts on the indictments, right way to go? were we just fed up? enough is enough as the attorney general said and we needed to move since we hadn't seen any

changes in behavior thus far? >> i agreed with the indictments, i agree with certain visa restrictions. i would even go a step further and start targeting the financing of those individuals, but it can't be done in isolation. this has to be part of a broader program. my concern was they launched the indictments. and the very folks that are going to suffer from this are people that don't have a healthy defense from the united states, which is the 85% of the networks are private sector networks who are already under siege by these people. and i will tell you, it has gone absolutely unabated. so, yes, it was the right idea. great for the press release. played great for the glitz and glamour, but there was nothing followed. and that's where i think the biggest mistake was made here. this shu been part of a coordinated effort to slowly start tightening the noose on chinese espionage operations. by the way, they're growing and if you read the indictment, something we've known for years is that it was getting worse in the sense that these people were

working for the government for the first eight hours of the day or nine hours of the day and then they look down the list. so think of this. the government is giving them a list saying we want you to go get -- fill in the blank -- general motors manufacturing techniques for x or something other. down the list is the hydraulic lifts for, you know, the things that lift up your car for oil change places. that's way down the list in their grand scheme of things. these folks would go down, pick that company off way down the list, call up that company in china and say, listen, you're way down the list. for $30,000, i have my nights and weekends free, i'll steal it for you and hand it to you. now you had a problem eight hours a day. now you've got a much larger problem because they have doubled their output of thievery. so right idea, wrong execution if we can get this second piece of this, which includes sispa, which allows the private sector to protect themselves.

i fear for what's going to happen in the next few months. >> and i am going to pull on that act of defense and look at the role of the private sector defending themselves. >> i agree, for china it's as if the stealing of private information, the gift that keeps giving. we have to let china know, who is a very powerful country, one of the most powerful countries in the world, they have got to grow up, be big boys and they have to stop stealing. i think there's a perception in china that we do that and other countries and we don't. so we have to start. it can't just be five indictments. that is a message, china, you have to stop. now we have to get the world coalition together just like what we're doing with russia and get the world coalition to say we've got to set stsandards and there's going to be sanctions if you continue to do this. it's too much. i said it before, $3 billion a year has been stolen from the united states. that equates to about 500,000 jobs. so this is something that has to stop. but it's just not going to happen overnight.

this is the beginning salvo. again, it can't just be the united states, it's got to be the world coming together to set these standards. >> president ilves, are we ready to have that nuanced conversation on an international stage? >> well -- >> i'd be curious what your thoughts are of the indictments because the moral equivalency is made but i think there is a difference. >> there is a first step. starting with skype. microsoft bought it but r & d still happens and they're hit so hard all the time, morning till night. so we have the same problem as well. i mean the name for this used to be mercantilism. i think one of the things where the direction we're going to have to go, and it's going to be very tough, is actually that we've built up in the world

democracies a clear firewall between the private sector and the public sector, and for very good reason. those are the countries that are uncorrupt. but we're going to have to develop much more cooperation with the private sector in terms of security clearances, getting them in on what we're doing in the government side. the government side trusting the private sector. and that also requires a certain degree of growing up that i'm not sure every country is willing to do. and so -- but it's clear that it's not enough -- companies are being swamped basically. and they need the help of their governments, at least in the democratic countries. >> and the argument is why invest in that r & d if it can be stolen from someone else. so what can we do to induce changes in behavior that can have a real effect? and i do think the public-private partnerships. is there anything in estonia?

a colleague and i from my office, we wrote a piece looking at the estonia cyber defense league. do you think that's a model? >> just so people know, basically since no government, even the u.s. government, cannot compete with getting the best and the brightest in cyber because they're being paid so much or they're making so much, so we switched it around and said we'll offer you the chance to actually work with i guess the equivalent of a national guard cyber unit. and so people who actually make so much money that you could never pay them that, offered their free time. thursday nights they get together with other geeks and what they get is that they get checked up, so they get a nato security clearance because that's the prestige part they get out of it. they feel like they're doing something for their country. they feel good about having -- being sort of in nato. and they work out very

sophisticated stuff because -- that we could never buy. as a government, you couldn't buy either. the maryland national guard is actually following the same model right now. i think that's one way of doing it, is to get the people who are good at it into the -- into thinking about these issues and working on these issues and then you see knowledge transfer. when you're working on cyber security at a sort of almost military level, they go back to their companies and they say, wow, we ought to do this too. and i think that's a beginning, but we have a long way to go. >> paula. >> i was just going to jump in on this point, the part with public-private partnerships. i worked at thompson reuters and the only reason i mention it is because as a company there was great interest in bonding with other companies and looking at the cyber question. and in fact up in new york they sponsored at least three in

which they brought in government representatives and also like-mindinged businesses and to literally look at what is our role in this, meaning from a business standpoint, and also o government? i think you're going to see much, much more of that. that was, mind you, several years ago, and i'm sure that that interest continues. so there's a very strong desire to think about ways in which what can the private sector do in terms of its preparedness and also what can the government do in reaching out to the private sector? >> awesome. i'm going to pull in congressman rubersberger. please give a quick thanks before -- [ applause ] >> i want to pull in governor pawlenty. governor pawlenty is heading up the financial services roundtable, which includes basically all the financial and

banking institutions. we've heard already about some of the government iran sponsored ddos attacks not only on saudi aramco and qatari ramsgas, and financial institutions in the u.s. do you want to weigh in with a comment and also a question? >> first of all, thank you to all the panelists for your great leadership and public service. particularly on these issues. mr. president, it's an honor to see you again, and thank you for being here. general rogers, we're going to miss you, and i think the country's national security posture is going to miss you and your leadership. thank you for all you've done. i would like to jump back to the question that frank posed regarding the senate version of the sispa bill. i think the congressman indicated it's hung up because of post known concerns about personal information, although the bill, as you know, chairman, is really about thread information sharing. given the magnitude and pace and increasing sophistication of these attacks, time is of the essence. i know you've done a great work trying to re-educate the public

about snowden-like concerns and threat concerns, but another 36 months down the road seems potentially too late for a senate sispa bill. i hope you can give says more hope about what you can do in terms of the elongated time frame. >> thank you for that, governor. >> the conversation with dinan feinstein, saxby chambliss, and the ranking member. i think we've made tremendous progress in the last few months. they have an impact to make people good. they don't actually impact the problem. i think the sispa bill does

impact the problem with a very light touch. no mandates. it's not the government getting in your business. do we think we've made some progress? we've narrowed it down to just a few short issues. one of them is the portal. how does the information get exchanged between the business and the government sector? how does that happen? if it doesn't happen in real-time, if this is a phone call or a disk transfer, too late. it doesn't work. so we're very close on getting an agreement on what that portal looks like. how does that information get shared in real-time? who gets the clearances? you know, you want to catch it as far upstream as you can. i'm cautiously optimistic that we can find some agreement within the next 30 days to try to get something moving, and i will promise you it will be the fastest conference committee known to man because i'll be the chairman of it, to try to get some movement and agreement on what the final piece of package looks like. i agree with you this is a

simple thing that is so incredibly important for the defense of our intellectual property as we move forward. the banks have done it right. all the financial institutions were kind of the canaries in the coal mine on all of this, and you have some systems in place, but you can't have financial institutions fighting nation states. oh, and, by the way, terrorist organizations and, oh, by the way, organized crime groups all at the same time. it is an unfair fight. we wouldn't ask the banks to engage in missile defense. why would we ask them to try to stop what is an absolute tidal wave of daily efforts to bring down a financial institution? so i agree with you. hopefully if we can get the public to understand this threat, target was a great example, i think people finally said, oh, i guess this is serious. 80 million credit cards. the only problem was it was somebody else's paid for it. that was the problem we found. most people thought, oh, it

doesn't matter. it doesn't cost me anything. that's really the wrong answer. it will cost you something eventually, and we were hoping that that would be the catalyst for people to understand just how serious this is. haven't gotten there yet. close toon agreement. 30 days. urge you to pick up the phone, work your senator, tell them we need an agreement of some sort to get this in the conference. >> the d.o.j. finding does help a little bit in terms of indemnification of liability to share some of the information, does it not? i don't even feel like we're going far enough on what perceived or real we can do, so i'm hoping that we can -- >> this liability, if you don't have liability protection, it won't work. unless you're going to have a heavily government mandated system of reporting and sharing, which i just don't think will work. not in the age where technology is going to change in six and eight and 12 months from now. you have to have liability for protection. if they're doing it within the spirit of the law in real-time, sharing malicious code, which is

what we're talking about. when we hear sharing, people think you're talking about my personal data. talking about malicious code in real-time. >> yeah. exactly. >> i'm going to ask one more question, and then we're going to pivot to some of the geopolitical things. >> basically i'll take -- we have a very different approach in my country, which is that it is the government should step in very rarely, but it should step in when you have market failure, and the two cases of market failure that make most sense, i would say -- i mean, for people to understand what it means, we do not believe -- i mean, given the possibility of having genuine secure transactions that a bank cannot write off a stolen credit card or hack an account as a business loss because they're not just doing the right thing. a power company that goes down because of a cyber attack should not get insurance because it's an act of god, because it is not

an act of god. it is an act of a man or men or women, and so this is a place where the government steps in to guarantee the security. that requires a far more sophisticated system of identity, as i said, but there has to be a willingness to adopt that system. we have that -- the government guarantees you secure communications at a level that, well, given the experience love of it. we know at a higher level encryption than they could break -- they couldn't break lava bit at rsa 512. we're at rsa 4028. it requires people to use the system of encryption and guaranteed identity. i think ultimately it's the way countries will go. everything less than that, anything that is not offer a

binary key code approach to encryption will be and can be hacked. >> the reality is the initiative remains with the attacker here. that's a given. to be able to get to the point where we can get true resill yept systems, we need to articulate what it is we want to defend against, and, oh, by the way, we don't deter things. we deter actors. china is not iran and iran is not russia, and you name the other countries. we've got to get to the point where we can at least have -- articulate a strategy to diswade, discern, and compel. i don't think we're at that point yet. i'm going to ask one more question on cyber, and then we're going to turn to russia, but sort of an unfair question. a lot of discussion on mr. snowden, and i think mr. snowden did reveal some

legitimate questions domestically that we need to have a conversation about, but the reality is he also revealed a vast majority of what he has revealed are national security secrets that have nothing to do with what the community is allegedly doing domestically or not. why russia? why is he in russia? if you were to get to your list of countries that are most freedom-loving and transpatient, it's not -- >> it's actually way at the back. >> i would like your thoughts, and congressman rogers, you -- there we go. >> i have no idea what is behind it all. it's more the damage has been so huge that i think it's probably the worst -- most damaging thing has happened since the end of

the cold war. it's not only i think the biggest wedge that's been driven into the trans-atlantic alliance is the affect of europe has been disastrous, and overcoming that is really -- i mean, as a -- this has been the wedge of magnitude that we have not ever seen in the post war era, i would even say. here we are. i mean, you see a lot of the trusts that's been broken. new legislation is being proposed by all kinds of people in europe that would, in fact, weaken the trans-atlantic link. why? i mean, if you ask me why, what was his motivation, i don't know. certainly the effects have been catastrophic. >> well, i mean, i don't believe

that it's a coincidence that he first landed in hong kong and then went -- is now in the loving arms of the fsb in moscow. you know, that just doesn't happen overnight. you don't show up and knock on the door and say here i am. >> it's all just an accident. somebody reached in and stole other people's passwords, used different mechanisms to get into places he was not cleared to access. the vast majority of that material had nothing to do with the program he said he was so upset about. the vast majority, over 90% of it, had to do with military

tactics there were technologies in there. by the way, in the intelligence community they continue to try to understand what mitigation we have to go through and it will cost us probably when it's done ewe don't even have a good number. probably in the billions of dollars. probably the best number i saw was about $3 billion to try to mitigate damage. if you don't know if they go or they don't, sitting where i'm at as the chairman, we can tell what information let me just pull two. china and russia. we can see that happen. it's absolute naivety. now we know for a fact that he

is in the custody. nobody disputes that. of the fsb and the russians. we know that now. now the question is, well, how far back did that go? what did it look like for him to coordinate his travel and activities to get where he ended up? maybe we don't know the answer. maybe we do know the answer. you have to start asking those questions versus this was the best thing that ever happened to us. i dispute that. every investigation, every group that reviewed it found no illegal activity. no abuses and that it was lawful. >> do people like the fact that that information is there? no, people say we don't like it. it doesn't mean it was illegal or -- it means they have a comfort level. what mr. rupertsberger and i did was we said we need to rebuild

confidence. we know for a fact that these programs have saved lives. you do want to know when a terrorist from yemen is calling into the united states to trigger an activity. i don't know about you. as an old fbi guy, we would call that a clue, and we missed it on 9/11, 2001. i took this job. i said we're not going to miss that piece of information this go-round. not on our watch. we think we got to a good place to rebuild confidence and to move forward. this was a train wreck that we were trying to clean up. this was not about some great glorious activity who should be idolized by so many who has done so much damage, including, by the way, troops in the field. some of this information will impact our soldiers who are standing in the dirt, defending freedom in places like afghanistan today. not next year. not ten years from now. today. and that's why i can tell i get a little worked up about it. that side of the story never

gets told. they're not listening to your phone calls or reading your emails. if they are, somebody is going to go to jail. the way the press has portrayed this has been so inaccurate and dangerous to actually configure ourselves to stop that 41 million efforts to get into our department of defense, to stop organized crime groups from getting into target. i hope we shake ourselves out of this very, very soon. we have this huge threat. estonia has seen it. they lived through it. pretty damaging to them in 2007. we just keep shrugging it off like it just doesn't matter. even the conversation about the guy who stole all this and making him a hero just sends me into orbit, as you might be able to figure out. >> i think this is a perfect

segue. one of those blind spots may have been what we saw unfold in crimea, and perhaps russia did learn from a trade craft and moat is apprehendeye. he i hope he would be. and what we saw there was probably rudimentary in terms of the cyber perspective. we also need a real article, and he also has been the chair of the canon at harvard and elsewhere. paul, what did we see unfold in crimea? what are those implications? what are the intentions? what do you think the true intentions are of the leadership in moscow today, and what do you think we should be doing bilaterally, multi-laterally?

estonia has been one of the few countries that fulfills its nato obligations and commitments and have been fighting shoulder to shoulder with u.s. and other allied nations in iraq and afghanistan. what does this all mean? >> first, by the way, i didn't -- when i jumped in before, i do want to thank president knapp and also you, frank, and g.w., for hosting this incredible forum today. thank you very much. crimea, we witnessed the unlawful aggression by moscow in crimea, and then also an illegal referend referendum, which was held. illegal. it went against the laws put forth by ukraine which states that when you hold a referendum, you have not only at the local level, but you have to have approval also at the federal level. we virtually saw a total renouncement and undermining of

the kind of international legal norms that have been in place post cold war. starting with that, i mean, to define it outright, it really, i think, defied almost everything that we have known in terms of the perimeters and framework of trans-atlantic relations. it might be worth stepping back and also citing the fact, i think, most crucially, what led up to this. if you look back last year, when there were protests taking place in the midon in ukraine, what were the protests for? they were for supporting ukraine's is hes eggs into the european union. if ukraine became a member of the e.u., trade barriers will be knocked down.

the second factor -- when the prime minister yatsenyuch opened up the treasury, they looked and saw that $37 billion had been stolen, so this is the scale of what we're talking about here. so you start with that and those demonstrations. those demonstrations basically provided a kind of a threat. a threat being that ukraine was very desirous of making a significant change, a hang in terms of becoming officially part of the e.u., rectifying and reforming its economy, and also embracing the western political

values. when we saw the aggression in crimea, the argument that was given by president putin on march 18th was that russia has legitimate interest because of russians in crimea. by the way, estonia has more of a percentage of russians than does ukraine. it has 26%. granted, your country is smaller, so the proportion is a little bit different, but 26% in estonia, 27% in latvia. in this case the argument was that there were, in fact, discriminate ory actions being taken against russians. let me go back to another point worth mentioning, and that is that since ukraine has been independent, there are two key points to remember. one, there was a referendum, and, you know, at the time the referendum was held, crimea voted in favor of the independence of ukraine and

being part of ukraine. since ukraine's independence, i can't cite for you one is hes eggsest movement that i'm aware of or allegations or discriminatory action. if there was people would take recourse. the doctrine which basically refutes the legitimacy of the international system. it also undermines western values that russia has legitimate rights for going in and for dealing with situations or circumstances. if you go by that kind of a

framework, by the way, or take action anywhere on behalf of its citizenry. it would be a western strategy. the strategy being in what i think is lacking is we've been focussing on particulars. the united states and western europe have been looking at sanctioned approach, which has been a reactive approach. i think we've been challenged through this putin doukt rin. we've been challenged in basically a pronouncement of hostilities against western values, hostilities against the framework as is defined the international system, and literally the moral foundation of which the trans-atlantic alliance has been built on. toward that end we need a western strategy, and we also need a western rebuttal to what putin has put forward. let me just mention one last point, and that is there's been a real focus on the situation

that this situation has been predominantly trans-atlantic. naturally not only ukraine is gravely concerned because of destabilization. reintegrate crimea again, but also as you know, the neighborhood. we have put forward sanctions, but what we haven't put forward is a strategy, a strategic vision and a rebuttal to literally the idealogical and moral underpinnings of what putin has put forward. remember the days of the cold war when it was so clearly defined? well, we haven't put forth that kind of statement. we're not in that same period.

we're not looking at a marksist lennonist government in russia. the united states has given the opportunities we have here. what are your thoughts right now when you see? paul, i think what you really are looking at is reversing the dissolution as you referred to in europe ed. that's a frightening thought. >> frankly, i just add not just reversing but uniting and stating exactly what we stand for. >> and i might note since we also talk cyber, what you saw in

crimea was an isolation. they did use rudimentary. they were basically using hacksaws to take down communication, so you can isolate people in crimea from the rest of the ukraine and beyond, and then that was followed up with somewhat rudimentary ddos attacks on some of the political leadership. >> the post war security framework has just disappeared. it's been blown up. first of all, what we saw when the march 18th speech by the russian president was an argument that we have not seen since the -- annexation of territory of co-ethnics living

there. we have seen -- we've already received an answer on may 8th, 1945 that you don't do those kinds of things. we recall that check slovakia was dismembered -- they were germans living there. we see this for the first time since 1938. now, then the idea that you can actually change borders by nonpeaceful means. the entire -- the western and eastern cohabitation that allowed us to overcome the cold war, at least in its most dangerous phase, was based on the 1975 helsinki founding act, which said that you do not change. everyone agreed. all countries agreed, including the soviet union, which was then

now a successor state, you do not change borders, except through negotiation. that is the fundamental principle of the whole founding act. that no longer applies. the justification for annexing or reinfluencing ukraine was based on the 1990 cse charter that says that each country has a right to make its own decisions. on top of that i say that -- just to correct the thing about what you said, paul, all that ukraine was trying to do was get an association agreement. i mean, an association agreement basically allows teachers and students to, like, go and study elsewhere in europe. we signed our association agreement about a decade before we ever joined. when i was in the european parliament, i was there for albania's association agreement, and that was ten years ago, and they're far, far, far away from -- there are no implications for joining. this was a low-level agreement

that had a symbolic value, but not anything really -- i mean, it just shows an orientation of a country, and that was enough to justify on the part of russia getting -- doing what it did. i'm very, very worried because, a, what we have for 40 years or since 1938 -- or 1945, et cetera, completely ouch bounds is now happening. this thing that makes me more worried is that there are a lot of countries going along with it. bosnian people lost two million people as refugees. what will we do with 45 million

if it really goes south? they're bordering four countries in the e.u. poland, slovakia, romania, and hungary. the situation could be really out of hand. there is no real genuine willingness right now to take a trans-atlantic approach. there is an unwillingness to go too far with sanctions or go too far. we don't have a trans-atlantic sort of issue, and there are a number of forces in europe mainly commercial ones that really don't care at all about the fundamental principles of the western security architecture being blown up. they just want to make more money. what they did in crimea and eastern ukraine, in fact, is an analogy to cyber war. the little green men are bognets. bognets are these criminal

groups that do work for money for governments. >> proxies. >> they're proxies. they get a cut what we see again is criminal groups giving deniability like the estonian attack. one government saying we have nothing to do with that. they were in themselves -- the government was not doing it, but who is doing it? the people who send you the agrispan. it's the same mechanism. they were concentrating these messages, pinging, chosen computers. we see complete and utter deniability of criminal gangs, organized crime gangs. when you look at the people involved in eastern ukraine and also in crimea, it was the -- i

mean, the guy in crimea is -- was a crime boss. i mean, he still is a crime boss for all i know, but now he is a governor. we see this kind of public-private partnership of the worst kind. >> may i just address two things that the president mentioned? i'm glad for his refinement specifically on the e.u. association because it's purely an association, and i think you made that very clear, but let me mention another document that really, i think, in terms of what russia's aggression in crimea literally cut into that has global implications. the president mentioned osce or the helsinki accords. m