veterans from a different -- from different countries. and i said why people. and he said, only people in america call themselves white. why does that not mean the , thens, the russians french, the greek? why do people run away from that? guest: well, i think he has a good point. i believe what martin luther king said that we are a colorblind society. we don't want to be divided by skin color, we want to be one people, united by a certain set of values that guide us in our personal lives and our government. when very sad thing that has been happening recently is people are beginning to be more polarized than they were a decade ago. and that is not good. guest: i agree with you to a certain degree, terry.

eloquently about how there were no black people in africa, there were no white people in europe. we became black-and-white in america. your race is defined differently here than it is in brazil, south africa because race is a social construct and a political construct. but we have -- be careful, though, quoting dr. king out of context. everybody quotes i don't want to be judged by the content of my character by the color of my skin. but he also talks a promissory note that was made for black folks that was never kept. so dr. king talked about that. he also wrote in favor of affirmative action.

race is astion of more complicated one, but at the same time, though, i'd appreciate the spirit of the caller. i was born in dayton, ohio, one of the most sensible towns in america. ashink one thing we do learn we talk about macro social issues, like race. i think we get along better than ever, terry. i think people think we are more polarized, but lack folks have voice- getting more of a since obama has been president. guest: by the way, if i remember correctly when dr. with -- dr. king was talking about that schoolory note, every child in america should read, he was talking about the principles that were enshrined in our declaration, independence, and constitution that were not filled for so long because we

did tolerate slavery until the 13th amendment and we did tolerate -- i would like to see us continue to progress along that line, redeeming that promissory note and delivering truly as a society according to those principles. guest: yes, i think we are moving toward it. we have to keep on traveling. host: another headline from the "washington times," bill clinton the most traveled president. 54 trips during his two terms in the white house. visits to germany and poland. also set to go to china, possibly a trip to cuba. he will likely eclipse bill clinton. so far he has had 49 foreign trips with one year left in the white house. guest: first of all, i disagree

with president obama's foreign-policy. i disagree with his transpacific partnership. i fear of eventually china, which is still a communist government, is probably going to come into that deal at some point. and i think he is taking the wrong approach to the middle east. focus has to be the security of the and that is states. so for the president to be engaged with what is going on around the world is an important thing. host: catherine in new hampshire, the independent line. caller: good morning. i have a comment and a couple questions. and it is really about top stories, plural. and it has to do with violence with handguns. and my husband had suggested -- i said, oh, this is really good -- when a person buys a gun at a gun show or a gun shop, this

person would be required to buy liability insurance and are new the insurance each year. ,e have car liability insurance and proof must be carried when driving. if a person was carrying a handgun without carrying proof of liability insurance, this would raise a red flag and consequences. wouldn't this help prevent violence? thank you. host: thank you, catherine. guest: the thought reminds me of .he old idea of taxing bullets we have a lot of different proposals along these lines, but one of the big problems is dealing with people who are breaking the law from the very beginning. we are moving around on a lot of different issues, but a tweet, top story, the rise of donald trump and the amazing

gullibility of his misguided supporters thinking he cares about anything but himself. guest: well, as i said earlier, i think we will find out a lot when we have the iowa caucus and the new hampshire primary. the voters are very serious there. i do agree that i think that donald trump is -- part of what is going on with donald trump is a reflection of the deep satisfaction -- deep dissatisfaction with the elite in washington. host: let's go to tom joining us in tennessee, the republican line. good morning. caller: good morning. is soop story for 2015 many people lying. newscasters, news anchors, politicians, sports people, movie stars.

and they get away with it. there are so many people lying to cover up the liar. there is no punishment, there is no nothing. it starts at the very top in politics, works down. even the military allies. i don't know what is wrong with the united states of america, but we have all turned into liars. and there is no consequence, no matter to who it may be. host: tom, thank you. guest: i would say that people have always lied, we just have more ways of uncovering it now. i think it is a tribute to the explosion of news media that we have. a lot of our callers still talk about the media as if it is this monolith. we have more media than ever before thanks to the internet and other alternative media.

it is having a hard time -- however, a lot of independent journalists -- we were talking earlier about the police in chicago, the video of laquan became public because of an investigative independent journalist. the stuff is out there and you have to look at it. don't just take with one new source. host: fox news again this year, number one in cable news. guest: roger, another former n, he was very smart when he started talks. he sought that there was this market segment out there that did not feel like they were being serviced. that were not having a voice. i call it sarah palin land because at the time we were talking about that back in 2008 and 2012.

there are folks who wanted to angle that foxf presents. that is a big segment, and they don't have any competition ford. msnbc has been trying to be the anti-fox, but liberals do not have that same sort of a need. we could talk for days about that. msnbcr, at the same time, has been going back because they are having a hard time figuring out another segment the way roger did. my hat is off to them. and some of my good friends work over there at fox. they have some good journalists. whether i agree with them or not. guest: the national media is overwhelmingly liberal. guest: a thought you're going to say that. [laughter] guest: there are just a very few conservatives who are journalists on a national level. and fox fills a unique role.

people are yearning for a different voice than they see in the establishment media. host: and the o'reilly factor names number one, with nearly 3 million viewers a night. mike. rockford, illinois. the independent line. caller: good morning. or story -- a head scratch for a top story i've got is the san bernardino shooting. no disrespect, but they were telling us on the news during what was going on, they were saying three big guys with go pro cameras. the second interview with the police, they said, well, there is an argument. you know, supposedly the guy -- the next thing you know, supposedly the guy went back to his wife, got the baby sitter, went back and shot the place up. are you both sold on that story? guest: thank you.

i am not sure if it is a cover story, but it is -- well, this san bernardino shooting did not follow the usual pattern of what we expect in terrorist attacks. the big question is are we going to have more like this? people who are inspired by al qaeda or isis or whatever rather than receiving direct orders. host: in hearing what the caller is saying, isn't that often the case, the early information is often erroneous? guest: almost always. guest: i think people have to withhold judgment. when we don't have enough investigative recording -- reporting. i agree, and i would also like to add one other thing. it used to be that small towns all across america had small newspapers. they were owned by local families, they cared.

now we have newspapers collapsing, many of them have been bought up by large chains, and i don't think we have the sort of local craft that we need in cities across this country. guest: i agree, and that is one area where we are really seeing growth in newspapers. the smaller market papers, as opposed to the big metro dailies like the one where i worked. circulation.losing papers around the country, middle size and smaller, are the ones that have been having more growth of their paper media. guest: on a federal level, we are having a federal government that is moving towards $4 trillion that is spending -- in spending every year. to do investigative reporting, you need to be able to pay someone to sit and spend time

and be studious and really dig into things and really get things right. there are simply not the resources to do the kind of investigative reporting to keep the size of federal government honest. i think it is a very big problem for this country. host: since you have been pointing with pride to ohio so much, i'm going to read this tweet. we do not solicit it. he says, i do not pay attention to ratings. i pay attention to c-span. the best thing news current events channel out there. guest: what a coincidence you run across that. [laughter] host: let's go to utah. caller: good morning. i think the top story of the year should be not only does structure and of the republican party with i see happening, but the divide of the country, aspect.n a civil war

you have barack obama who is a great president but the republicans brought out all the racist people they could find to go against him. now, you have one side, donald divide almost by race and religion. on the other side, you have bernie sanders bringing everybody together, going back .o a people's government i think that is the biggest story we should look at. what would that be if it was donald trump versus bernie sanders? bigotedtionist, racist, man up there who doesn't know policy and someone saying the truth about our government, being ran by billionaires and the people have no say and taking it back. gone forlican party is

probably the next 40 years. you brought up donald trump and his most recent comments. here is what he said earlier this fall when he announced that muslims should not be allowed to enter the u.s. [video clip] >> donald j trump is calling -- this is pretty heavy stuff and it is common sense and we have to do it. remember the poll numbers. 25%. listen. donald j trump is calling for a total and complete shutdown of muslims entering the united states until our country's representatives can figure out what the hell is going on. [applause] we have no choice. we have no choice. host: clarence page, your response. with thesympathize

republican party because they have the same divisions in the democratic party bring the mcgovern days. people talking about the left extremists in the party versus the centrists. itmocrats eventually worked o out. are heading down that road. right now, they are vulnerable because you have a large body of people donald trump is speaking to directly when he says it is common sense. it is a lot more complicated than that. me of rosshe reminds perot, who is more physically conscious than trump but the

same cut of this contact -- but the same kind of discontent. host: keith in ohio. independent line. good morning. caller: good morning. i could listen to these two guys all day long. there are so many different issues, it is overwhelming. i would like to talk to them all day about it. issue.tion is the big the interest on the national debt -- how much are we paying an actual interest right now in relation to all the money we spend on everything? when will it be to the point where -- if a family has to much interest, it will crush them and they file bankruptcy. when will this happen to our country? everything else is moot if this happens. host: $18 trillion.

guest: i looked at the treasuries page. debt is 2%. on the slightly over 2%. you get to that point in 2001, it was 6%. they are paying three times as much. debt --d is public the rest is the inter-government that. we will have $20 trillion in debt that people like the chinese and russians own. this is why the united states is headed toward a financial crisis. host: bob in minnesota. good morning. caller: happy new year. story ofhe biggest 2015 is the fact that donald trump is getting traction.

he kind of blatantly lies a lot. there's a few reasons for it. there's a lot of people who suffer a lot. after the george w. bush years with the economy. of dollars andns give tax breaks at the same time. he is the one responsible for the debt. we are starting to climb out of it. likeear stories on tv and the coming on fox big as he investigations sold purpose was to bring on hillary clinton's poll numbers -- benghazi investigation's sol purpose.

stepped down from the investigation, he is fired for trying to conduct an objective investigation. the story keeps going and going. point finally reached the with the corruption is so blatant that they will listen to somebody like donald trump. another thing donald trump said was that he was going to stop the mexicans from coming across the border. building a wall sounds kind of foolish to me. if i had my way, what they would do is punish the people that hire undocumented workers. then grant citizenship to the people who are already here.

host: let me share this map this morning from the new york times. where donald trump is most popular come along the east coast, new york and new england and pennsylvania. ,own south to the carolinas florida, louisiana and parts of oklahoma. your thoughts? i don't think donald trump has a long-term future of success but we will see. the early states will be crucial indicators. what we see in iowa and new hampshire is people who are serious, who take a personal -- how to candidates dare they. trump has not been that active on the ground in iowa.

if you can still win the iowa , if trump can win this caucuses without that much of a , i don't think he will make it -- ted cruz is much more likely. we are referring to ted cruz as the moderate alternative. hillary clinton was on capitol hill for 11 hours. when she testified on october 22, was asked about just what happened in benghazi on september 11, 2012. hillary portion of clinton testifying before the house. [video clip] >> i thought more about what happened than all of be put together. i've lost more sleep than all of

you put together. i have been racking my brain about what more could have been done. or should have been done. when i took responsibility, i took it as a challenge and an obligation to make sure before i left the state department that like afterld learn beirut and nairobi and the other attacks on our facilities come i'm sure all of them, republican and democrat alike, especially where there was loss of american life said ok, what must we do better? how do we protect the men and women that we send without weapons, without support from mostilitary into the

dangerous places in the world? host: the full nine hours on www.c-span.org. your thoughts? guest: what did we learn from this? back in 1998 when our embassies were attacked in nairobi, congress passed a bill that her husband signed. chris smith was the main sponsor. one of the things that's how do we solve this? co-location. this inagencies doing the same city were supposed to co-locate in the same place. if they did not, they had to get a waiver from the secretary of state that had to be done in consultation with the head of the agency, which was not going to co-locate. the accountability review board that looked into what happened in benghazi said the say inx --

the cia annex in the facility were not relocating because it was a temporary facility. it was open for well more than a year. there's been fruitful investigations in congress. the senate intelligence committee put out a report that shows the threat coming through the military -- the real question people have to ask is why was our government so negligent that they let those two facilities sit there over that long period of time? when he testified in the house committee back in 2013, he said one of the main principle reasons that chris stevens was was becauseon 9/11

they wanted to look at making a permanent facility then. they needed to do some things september 30 and hillary clinton was planning on visiting libya that year. central to it is negligence on the part of our government, not following wisdom we learned back in 1998. guest: how many investigations have we had? somewhere between 4-6. guest: there are key issues here. there's the whole question of what we did in libya. our policy there was foolish and not realistic. we are paying the price for it to this day. host: we conclude where we began. the top story, your topic for 2015. what you think would be among

the most interesting stories and 2016. guest: when you asked me earlier, the political changes in leadership this year. there were changes in the house republicans leadership toward the right. moving from the john boehner house to the paul ryan house. these are very significant trend stories as far as showing where our politics are going these days. on a more personal level, my number one thing would have to up of newing movements in favor of police accountability in the wake of ofeotaped evidence police-civilian encounters that led to death or injury. guest: the bipartisan support

for the trajectory of government that is financially unsustainable and will eventually reach a crisis point. it is the extension of the status quo to the interest of the elites of those parties in washington so they both come out the way they both want to come out. and terryence page jeffrey. to both of you, happy new year. announcer: on the next washington journal, a look at the year ahead. you can join the conversation by phone or on facebook and twitter. live every morning on c-span.

next, a congressional hearing on the future of automobile computer technology, then a campaign event with bernie sanders in las vegas. later, a look back at this year in congress. this weekend, book tv brings you three days of nonfiction authors. on new year's day, presentations of in-depth starting at 7:00 eastern. thom hartmann on his life and career. his many books include the crash of 2016, and threshold. williams andter his most reason book. his other books include race and economics. rove looks at william mckinley's 1896 campaign

trade --. he discusses the political environment in 1896 including political gridlock. he is interviewed by richard bruckheimer. >> the republican party has been in 1892 election. mckinley has been the governor of ohio and seen the country to send into a deep depression and the republicans think the election of 1896 is going to be there is and he wants to be the nominee but he is not the front runner. announcer: directly following, join book tv as we attend a party thrown for karl rove. sunday, david marinus will be live with your calls from noon-3:00. his books include his most recent release, once in a great city. as well as first in his class, a

biography of bill clinton, tell .ew to shut up three days of nonfiction books and authors on c-span2, television for serious readers. more than half of the vehicles sold this year connected to the internet. next, a hearing looking at the future of automobiles being connected to computer networks. topics include the potential to make safety improvements and cyber security and privacy concerns. this is over two hours.

is authorizedhair to declare at any time increase as. the order of business will be as follows because we have a joint subcommittee, we will have myself,statements from that, we, and after and hear from our witnesses then, after we have heard from the witnesses, we will go into questions. with that, i will give the first opening statement. again, welcome everybody. the age that we live in, of new

,echnology and communications with all of the incredible technology that we see and take for granted every day, we are entering a new era in transportation technology. there is some of the older panelists and members and audience who remember when you used to open the hood of a car in you could take out the various parts, identify everything. now, you need almost a phd to figure out what is in their and its capabilities are just astounding. a lot of safety features in cars we did not have before but, today we are going to address the issues related to again what

we call the internet of cars and look at some of the implications of that technology and i think some of this was highlighted just some time ago and i guess it was a jeep vehicle was hacked and fortunately it wasn't the folks who chose to do harm but it did demonstrate their vehicles with certain types of electronic capability can in fact be hacked and it does pose some questions. we have called together today leaders of industry and some others. i particularly want to thank the private sector partners. several weeks ago, we had a a frankle and discussion of where we are in where we are going and what the industry is doing to deal with

some of these issues and i think they have been most cooperative and i appreciate that and we learned a lot from that particular informal meeting. today is a little bit more formal. can --ave a lot that we 2010,of benefits -- in 1.2 million on the world's highways. united states, some years ago, we had 43,000 per we have taken that down to 33000 and there are a lot of positive things that have been done again, through safety, technology, warning systems, a whole host of electronic devices. now, in our vehicles, that makes us safer. economic benefit from connected vehicles is estimated to be $500 billion.

we want to ensure that electronic systems we have in these vehicles cannot be hacked, that, in fact, we have safety provisions put in and protections for the consumer and for the public. helped author the direct -- national highway traffic safety administration to complete the review and ultimately determine the needs for safety vehicles and electronic systems. we will hear from some folks today where they are in the requirement that will be crafted and put in that. a pastnow the year and the deadline be set in law. automobile makers has been setting their own cyber security

standards which is the good news. the bad news is that we have a lot of variety and people going a different direction while the andonal highway safety traffic safety administration continues to move forward, mandating, dictated short-range communication devices in cars -- you must make certain technology this technology hasn't been surpassed by the next -- thing that is coming up. are it is is in technology rapid. -- advances in technology a rapid purely spent over $500 million on testing this technology that was discovered in 1999. , in 1999, this state-of-the-art for some of our communications was the flip phones and we have come ability further from that, so. i fully support connected vehicle technology and help with this advancement in the future.

we will see vehicles that can talk to each other. inwill see safety provisions vehicles that will make cars and have more reliable a whole host of features that will benefit the consumer in the traveling public. ae we must be able to allow bridge to get that environment is the new technologies come to light. while remaining cognizant of the need for consumer privacy. so this afternoon, i look forward to hearing testimony from potential witnesses and i pledge to work collaboratively with everyone here on this side, both sides of the aisle, and with the industry. we are entering a new, exciting era that we want to be ready for. let me now recognize the ranking member of the subcommittee on

transportation for her opening statement. >> thank you. our motor vehicles rely on the same methods of communication to and as we have seen committee times, computer networks are regularly the victims of hackers. theave already mentioned july instance this year when a vehicle was hacked. less than one month later, from that instance, or researcher demonstrated how vulnerabilities in a different vehicle could also let hackers learn the owners home and dress, see our credit card information, and more. so far, there has been no note incidence of malicious attempts to have vehicles but i have to ask the witnesses today, is that because the overall security of

the vehicle computers is that good? or heavily simply been that lucky? congress gave the national highway transportation administration the responsibility to regulate cyber security in vehicles but manufacturers and suppliers in the best position to identify weaknesses in their own products. safety ofhe cyber cars, trucks and motorcycles on the nearly 4 million miles of road that crisscross the united states requires partnership of government, industry, and researchers. each has an important role to play. that is why fight it especially troubling that according to bloomberg, one of the automobile manufacturers involved in the july hack we did 18 months, 18 months to tell federal safety regulators about the security flaw while the other manufacturer reportedly knew about the vulnerability for five years. it undermines a partnership that is a surge protector public

safety from cyber security threats. that is simply unacceptable. connected automated vehicles communicate with other vehicles. they have the potential to revolutionize road safety and save thousands of lives. i agree with him. i look forward to examining these issues in more detail. i think the chairman for bringing this hearing. >> thank you. i to recognize mr. heard, who has the subcommittee on information technology for his opening statement. >> thank you. 's hearing is one of a series of hearings. to join with you in a transportation subcommittee here today. my first car was a toyota four runner and i like to call her shirley marie appeared i got her in the summer of 2000 and added until summer 2013. we had a lot of adventures together the wanted she cannot

do is connect to the internet. 2020, it isd to forecast to one in five vehicles will have some form of wireless network connection. it amounted to more than 250 million connected vehicles. thatent study predicted the internet of things, which includes cars, could have a total potential economic impact of between $4 trillion-$11 trillion. the report further states that the hype around the internet of things may actually understate the full potential. i agree. i likely does understate the full potential but only if policymakers, consumers, advocates, and other stakeholders understand the real value can be created and focus on supporting innovation and cyber security and privacy practices. i worry that overeager regulators in congress will hacked it a stunt

with restrictive regulations and heavy-handed legislation. let forward to hearing from our witnesses from the automotive industry today on what steps they are taking proactively to secure their connected vehicles and protect people's safety as well as their privacy. i look forward to hearing from mr. garfield on what the companies he represents are doing to ensure the same, that people are safe, that information is secure, that they can be confident to increase the benefits offered by connected vehicles. aboutorward to hearing the standards of excellence in highway safety while staying strictly within the statutory authorities and taking care not to hamper innovation. >> thank you. i am pleased to recognize the ranking member of the subcommittee on information technology. love them. you are recognized. >> i think the chairman and our witnesses.

today's cars has been dubbed computers on wheels are they gather in store vast arrays of personal information about the drivers, affording greater convenience and safety but also greater erosion of privacy and security. our automakers are inventing new technologies that have made the drivers experience more enjoyable and efficient. tor the air in vehicle vehicle technology, things that were once only science-fiction can save lives and prevent accidents. comes new innovation questions over security challenges and how data is stored. as a number of internet connected cars grows, so does the threat of vehicle hacking. if cars are going to store personal information about where route and lives, the they taken together, and where they stop, there should be assurances that the information .s stored securely our subcommittee's review of cedar -- previous cyberattacks

on networks revealed that the same vulnerabilities show up again. the interconnectivity of seemingly unrelated parts of the network makes it substantially easier for a hacker to move through a network and locate sensitive personal information. it is not just computer systems that lack segmentation. seemingly unrelated components of internet connected cars do, as well. a modern car can talk to the radio, the radio can tell whether the doors are locked and the doors know whether the wench and wipers are gone. one of the key topics of today's hearing from me is whether the auto industry is designing cars with operating systems that securely store personal information. ofwe enter this great age tremendous technological innovation, i will focus on how automakers, congress, and regulators can work together to secure our vehicles from malicious attack and protect americans. i think our witnesses -- i think

our witnesses for their participation. -- i think our witnesses for their participation. the yield the remainder of my time. >> think you. -- thank you. the internet of things brings technology and connectivity into every corner of our lives including our cars. with the pervasiveness of standards, security and privacy protection to come or part of the never. unlike other sectors, security and privacy by designer not yet fully ingrained in automotive manufacturing culture, as evidence by vendors regarding cars ever security issues with wireless entry fees and hacks of cars. however, regulation can be slow, rigid, and discouraging and red rushing the regulation is not my opinion the answer. but neither is a lack of

accountability or standards. the advances of the industry has made in the past year, such as setting up an information sharing and analysis center and a set of enforceable privacy principles happened in part because of public and government pressure. the security in the car study act also known as the spike our study act, a bipartisan bill sponsored by congress. industry in bringing advocates e-government together to strike a balance between innovation and consumer protection. i served in the military -- i insulin reserves and i am turned to think about worst-case are threeso there overarching scenarios and questions of elected post at the panel hopefully during the time today you might be of immense array. the first is, is it possible now or in the future for a hacker to remotely taking control of a car and use either as a weapon or cause an accident? second, is it possible now or in the future for a hacker to take control of a fleet of cars and use them as weapons or cause

accidents? 30, is it possible for hackers now or in the future to take partial control of a car so that's and say you are going to in a highway safety must for our and suddenly the brace: without your knowledge -- thereby causing an accident. be curious to know if one does a andretical possibilities, second, if so, looking again to mitigate that aspect? americans have a right to drive cars that are safe and keep their information audited and eyes by the comment the testimony from today's panel in the forward to asking additional questions on this issue of public importance. think you. 8 -- thank you. i yield back. >> think you. -- thank you. do any of the members have quick statements? >> the chair will hold a record open for five legislative days for any number who would like to submit a written statement.

>> mr. harry lightsey who is the director of consumer experience at general motors. sandy logan steam, vice president -- loganstein that toyota. toyota. -- at toyota. garfield is the president and ceo of the information technology industry ms. barnes finally,

is the associate director and administrative law council of the electronic privacy information center. welcome, witnesses. i might tell you in advance that i will swear you in a just a second and we also try to statement,limit your your verbal statement before the committee to five minutes. chair tosk through the have additional information or data put into the record. with that, we are investigating an oversight committee and subcommittees of congress. could you please stand and i will swear you in. raise your right hand. the you solemnly swear that the testimony you are about to give

before the joint subcommittee meeting of congress is the whole truth and nothing but the truth? allthe record reflect that of the witnesses answered in the affirmative. thank you. be seated. we will go right to our witnesses. let me start first with -- welcome him again and all of you and thank you for your cooperation today and he is the administrator of the vehicle safety research at national highway traffic safety administration. welcome. you are recognized. the microphone up as close as you can so we can hear you. >> good afternoon. i appreciate this opportunity to testify up at the national highway traffic safety administration is addressing emerging challenges associated

with new, connected vehicle technology. in 2013, there were over five .7 vehicle crashes in the united states that resulted in 32,719 deaths. the consequences of these crashes range from personal tragedies that will impact individual families forever to the billions in economic dollars that we can actually measure. to a dress these crashes in the increasing use of connected vehicle technologies we can believe can help us to that. when combined together, new technologies and such as vehicle to vehicle communication and automated technologies have the potential to dramatically change the safety picture in the u.s. however, as the chairman pointed out, these new technologies also bring new and different challenges. for example, consumers hear a lot about cyber security as it is related to things imprisonment remission. it often seems like every day, there is a breach reported in the media. auto space, cyber

security is taking on new visibility, showing up and television shows. we understand these dynamics. we believe that the challenges associated with connected vehicles are addressable in asia not keep us from pursuing innovation that can save lives. and analysis indicates that it can address up to 80% of crashes involving two or more motor vehicles. this technology promises to be transformative in could even enable a new era of safety to not only saves lives but other benefits, as well. and fully realize, this communication technology is a symbol even beyond on vehicles. it can be deployed to other devices that would be carried by pedestrians and cyclists, thereby addressing those types of crashes. however, for it to be effective, it relies on the low cost security system -- a robust security system. exploring the potential of connected vehicles and other

advanced technologies, we understand the cyber security is essential to the public acceptance of new vehicle systems and if it filled the safety promise they hold. to developing the last cyber security environment, we modified its organizational structure, developed partnerships, adopted it and approach considered legislative action, and encourage members of the industry to take independent improve the cyber security posture of vehicles. our goal is to be ahead of potential vehicle cyber security challenges and seek ways to address them. consulted other government agencies, vehicle manufacturers, suppliers, and the public to develop our cyber program. the approach covers various safety applications deployed on vehicles as well as those envisioned for future vehicles that may feature more advanced forms of communications and automation. however, we also believe there are tremendous opportunities in this round for proactive steps. in fact, such steps are essential. regulation and enforcement alone will not be sufficient to

address the risks. cyber security threats simply moved to fastener to varied for regulation to be the only answer. the auto industry can play an essential role by cooperating in establishing rigorous practices that are address the broad range of cyber threats, by reacting quickly and appropriately when such threats emerge, and by working closely with the government in independent security analysts to identify and defeat attacks. we have also given special consideration to the security systems that enable this technology. have spent some time developing the network and the trusted architecture goes along with the system. while we have made significant progress, we believe that more testing is necessary we plan to undertake that. the trust aspect of the system is based upon bki. tweet the design to balance security and privacy. we take consumer privacy very seriously and in the context of

our proposed rulemaking on fears of the vehicle communication, we will address privacy as a relates to that system. the effectiveness of the tv technology also has unallocated portion of the spectrum. in light of growing demand for spectrum, special sharing has been a topic of much discussion. d.o.t. is not opposed to sharing the spectrum. toward that end, d.o.t. is working closely with that cc and tia, members of the industry, and other stakeholders on a next databases to test and evaluate potential sharing solutions for the 5.9 gigahertz spectrum. we are waiting for devices. under the leadership is secretary fox, the department has taken several steps that support the deployment of this technology. in august 2014, we issued in advance proposal of rulemaking in the plentiful of it up this you with a proposal and just recently the secretary announced about a program all into two for the deployed this technology. connected and automated vehicles that can sense the environment

around him and communicate with his other vehicles and with the infrastructure have the potential to revolutionize road safety and save thousands of lives. we are already laying the groundwork needed for the road ahead and look forward to working with congress, manufacturers, suppliers, and others in the administration, and in eric in public, in this exciting transmission future. unfortunately addressing questions. >> thank you. welcome theduce a executive director of global innected customer experience global public policy at general motors. welcome. >> thank you very much. thank you for the opportunity to testify. roughly 100 years of his existence, the automobile has impacted american life in ways

unique to any other machine. it has impacted how we live and work, where we live and work, how our cities have grown, and how our country has grown. yet the machine itself remains basically what it was at the time of its inception. engineine combustion connected by a drivetrain two wheels on the road, driven by a human being. we are now entering an era where all of those basic tenets will change genetically. cars will, more and more, have different modes of mobility other than a gasoline engine. they will be connected to each other in ways that will make the driving experience safer and more enjoyable. more, reallyre and for a human being of the driving task. because we know that humans are fallible and will have crashes in cars, the automobile industry and the national highway traffic -- transportation safety has spent the

last half century designing and building automobiles to be safer when they crash. with innovations like seatbelts, airbags, and crumple zones. andy, we are designing building automobiles to avoid collisions entirely. with technologies like forward and rear collision warning, backup cameras, lane keeping, and blind spot warnings. technologies these allow the machine to assist in the driving task itself when the human driver does not react appropriately when quickly enough to prevent a crash. technologies like a vehicle to vehicle communications will be deployed with the promise to and had over 80% of the crashes on today's roads. the savings in terms of lives, property damage, medical cost, and congestion will be enormous. movingral motors, we are

quickly to take advantage of these innovations. read the first automobile manufacturer to build connectivity into our vehicles. has over 6 million customers in the united states in over one million customers connected on our we have employed technology in our vehicles, including advanced rearview mirrors and we are the only automaker that has announced a commitment to deploy vehicles with the technology and the cadillac model next year. however, we must acknowledge that with change comes challenge. we must deploy these innovations the safest manner possible. we must omit to our customers -- we must admit to our customers that we respect their privacy. the software may have more abilities that bad actors could

exploit to threaten customer safety and privacy. and we must do all we can to prevent hacking. we must realize that we are competing with other technologies for the use of scarce resources like spectrum. we must be able to use these resources in an efficient mannar. er. if we have the freedom to innovate within these parameters, the promise of the future cannot be imagined today. thank you, i look forward to your questions. >> thank you, we will now hear from the vice president of connected services and product planning at toyota. welcome, your recognize. an exciting time for the auto industry, more vehicles are being outfitted with more safety features and on bilboard services. we interact with these the a

via smartphone. futurenected car of the will far surpass the ones of today. to address questions about vehicle data, the industry came together and develop rentals for vehicle technologies. these privacy principles include meaningful protections, including heightened protections on vehicle data, like the vehicle location or how someone drives. for example, automakers will not share with third parties or use the data for marketing purposes without the affirmative consent of the owner. with these principles, the industry will protect data in the internet of things. this is precisely the type of effort the government has encouraged from the private sector, and it should serve as a model. cyber security is a key focus. although no cyber attack on a vehicle has occurred, the auto

industry is well aware that the risks that exist for other connected devices also exist for connected cars. we fully grasp the potential consequences of the successful, real-world attack. in that light, the auto industry exchangeg a group to industry information. we are fully committed to the success. we expect initial information sharing by the beginning of the end of this year. some are making the case that cyber security best practices and standards are needed. the question is, whether automotive best practices will look any different than those that guide cyber security and other contexts? that being said, the auto industry recognizes that efforts to adapt best practices to the vehicle may be appropriate. that is why the industry has

recently embarked on an effort to identify best practices that are being and can be applied to vehicles and to address any potential gaps. for the very same reasons that the government has refrained from mandating cyber security standards and other sectors, there is a significant risk of the government mandating vehicles. industry can move quicker than government to adjust to new threats. in addition, setting specific standards may encourage some companies to simply comply -- not to do more to protect consumers. finally, a specific approach will almost certainly have for the limitations internet of things at large. at the internet of cars you call, we are on the cusp of a radical transformation that will be made possible by vehicle to vehicle communications. dsrc is a technology that will us to overcome

challenges posed by sensor technology. we can identify collisions at a greater distance or around the corner. red an extensive dsrc.laboration on due to the spectrum crunch, we support the prospect of sharing spectrum, if they can be proven that no harmful interference lifeimpair dscr safety of mission. a proposal has been offered that has the potential to accomplish this goal. the auto industry has recently proceeded to validation testing, and we remain confident it will remain a workable solution. in closing, i like to provide two final observations. first, the internet of cars ecosystem is evolving.

technology companies, telecommunication providers, insurance companies, and others will continue to introduce pots and technologies designed to directly communicate with vehicles. as the ecosystem evolves possibility for protecting against cyberattacks and preserving consumer privacy should evolve to include all relevant players in this space. second, there is a number of agencies seeking to oversee or influence cyber security and privacy related to the internet of things, either broadly or with a narrow subset. the resulting cacophony of proposals is exceedingly difficult to manage and prioritize. without consolidations of these efforts, clarification of the roles, and better communication, the opportunities provided will almost certainly suffer. thank you for the opportunity to testify before you. >> well, thank you. we will recognize the vice

president of business development for tesla. welcome, sir. you are recognized. >> good afternoon, we appreciate the opportunity to come here today. and for the opportunity to speak. tesla is known for being exceptionally safe. we have been awarded the highest possible safety rating, five stars, not just overall, but in every category. safety is a watchword at tesla. automotive injury and fatalities have fallen as result of safety improvements such as airbags, energy absorption, and to maintain the pace of fatality rates, vehicles need to increasingly use computerized systems to avoid crashes, with particular opportunity in the vehicle space.

two examples leading to significant safety benefits, compared to non-connected vehicles, are the following. the first would be automatic emergency braking. a vehicle feature which attempts to avoid accidents by applying brakes. tesla is one of 10 manufacturers committed to making this a standard feature. we have delivered on this promise. the same technology is applied to autopilot functionality, where improvements are constant, as vehicles effectively learn from varying road conditions and share those through the fleet with connectivity. the recall rate in general is about 70%. for a given vehicle that 7%rants a recall, about will get repaired. connected vehicle technology offers a significant opportunity

for us to do better. modern vehicles are heavily software-controlled, and software changes alone can often resolve a safety issue. in 2013, we became aware of a hazard relating to incomplete third-party installation. after the change was identified, we were capable of identifying and solving the third-party fault. the software solution was automatically delivered to the entire fleet. and in contrast to the industry average, recall updates of 70%, we can achieve update rates nearly 100% in a short amount of time -- measured in days. concerns as we go forward, the first caution is to ensure that any update to a vehicle is updated by the manufacturer. this can be achieved by using cryptography, a technology referred to as signing. the second is to strongly

isolate the mechanical. if it has network conductivity, the processor should not have direct elections to the mechanical systems -- steering, acceleration, breaks. we do not have gear selection, that is a separate matter. some implement this with a gateway technology. a third precaution is to use encrypted protocols for the vehicle. this ensures privacy of the integrity of the data. weh respect to regulation, have rapid innovation for safety. already significantly benefiting from investments in successvity, we expect to only continue, as the full potential of connected vehicles are realized. overzealous or premature regulation does not allow for innovation or creative solution innovation.fety any move in this direction must

be considered carefully, only to the extent necessary, in our view. thank you for the opportunity. i would welcome any question. the would like to recognize gentleman with iti> . >> thank you, members of the committee. the mostlf of 65 of dynamic companies in the world, we thank you for hosting this hearing. it is perfectly timed before 42 million americans get on the road to engage in thanksgiving commutes. i would suspect that 5-10 years from now, the cars in the commute would look quite different. i will focus my testimony on the issue, which is the transformation that is occurring, the innovation that is taking place, in that space first. second, what we are doing to deployment in a secure and safe way. it is often said that it is

difficult to appreciate history when you are experiencing and living it. from my conversation with our companies, we are living in an innovation renaissance. the convergence of almost ubiquitous broadband exponential improvement in computational processing comes with almost unlimited storage, and it is transforming mobile computing. that includes the original mobile technology, which is the car. insee that manifested today advanced driver systems, whether that is adapted cruise control or automatic braking -- which i have and maryin my car. we will see that in the future, whether it is vehicle to vehicle or in autonomous vehicles. we are working hard to deploy technologies to make those types of vehicles available, sooner

rather than later. whether that is dedicated short-range communications, wireless,te or or 5g is a number of panelists have noted, it is in the early days. it is impossible to tell which will work effectively. what we do know is that there will be radical, transformative improvements in safety, access, as well as how we view our cities. the other panelists have spoken about the safety issues. i will not repeat that. but think about all the people today who are not able to drive because of a disability or because they are too old or too young. , orugh connected vehicles autonomous vehicles, those people will have access to transportation in a way that they do not today. similarly, when we do not have to think about cars being parked all the time, the way we think about our landscape in our cities will change dramatically. our companies are investing billions of dollars to bring

that to the market, sooner rather than later. and our partnering with any companies on this panel, we will make this possible. and as well, working with the public sector to enable that. a big part of our work is ensuring that consumers have confidence in the safety and security of those vehicles. and security will become even more prominent in the future. for us, we have long experienced working on cyber security security. whether it is protecting tradeking the cloud or everything in between, increasingly, the norm is redundancy at the software and hardware level, so it is not a latch on later on. that means you can build into a chip set. the encryption protocols to

adapt if the encryption is circumvented. we are advancing that work. we have taken a collaborative approach and coming with a framework of standards and best practices, while allowing sufficient flexibility for innovation. there is still work left to be done. and that speaks to the role that congress can play. a number of members of the panel have pointed to the number of efforts and initiatives that are being undertaken in this space. congress can play an important role in bringing order to that cacophony, as mr. logan identified. is really a need, and ranking member duckworth made this point, for a national information of thing strategy.

there is so much work taking place in this space, but not much of it is well coordinated in a strategy that serves economic security and safety interests. finally, once we look at what is being done and develop a strategy, there is an appropriate place for regulation to deal with market gaps. and we would advocate the approach that has been taken by mist in developing a regulatory framework, is the appropriate approach. thank you. >> thank you, we recognize, waiting patiently, the associate director at the electronic privacy information center. welcome. >> thank you, chairman mica. ranking member kelly and duckworth, i am the associate director for the electronic privacy information center. we are an independent nonprofit

research center focused on human rights issues. we thank you for taking time to consider the important privacy implications of the internet of cars. new vehicle technologies offer a variety of new services to american drivers, and are quickly being implemented by american car companies. technologies also raise substantial privacy and security concerns that congress needs to address. as cars become more technologically sophisticated, they collect a lot of personal data. including physical location, destination, text messages, and phone records. most car companies and other companies, including google, failed to inform consumers of their data collection practices. few give consumers true control over the data. auto companies also use personal driving information for various,

but they purposes -- which leaves consumers in the dark over who has access and why/ . this is often retained for years, if not indefinitely. the very real possibility of remote car hacking poses substantial risk to security. cars can be taken control of, including breaks, steering, and car locks. they can provide access to the physical location, using built in gps navigation systems. which can facilitate crimes such as stalking, harassment, and car theft. congress must enact meaningful safeguards to protect privacy. last year, a group of 20 automakers, including general motors and toyota, signed a pledge voluntarily for security. federal substitute for

data security regulation. the pledge fails to provide substantial privacy protection, lacks any meaningful enforcement, and supports the status quo of the wholesale collection of sensitive driver data. to protect the privacy and security of american drivers, congress will need to do more. first, congress should act on pending legislation. 2015 should establish federal standards for connected cars, in consultation with the ftc, to develop privacy regulations for driver data. it provides a good framework for meaningful safeguards. there is also the house draft bill that would require car companies to develop modest privacy policies for the collection of driver information. the house draft falls short of providing robust privacy

protection. it would not require manufacturers to actually develop or even implement privacy-protecting measures. instead, the company could only inform drivers about whether the company chooses to take various privacy-protecting measures. scrutiny forizes developing the policy. the draft would broadly criminalize vehicle hacking, including for research purposes. the senate bill comes much closer to safeguarding the interest than the house draft. oppose, we would i the house draft, which would be a step backwards for americans concerned about privacy and security. second, congress should hackingh fines for connected cars, but only when there is malicious intent. this will prevent research to discover vulnerabilities.

third, congress should grant authority to issue privacy rules. the spy car act of 2015, with civil fines for offenders, provides a type of privacy and security safeguards that drivers need. as congress moves forward, it is hasical that this agency rulemaking authority. this rule should incorporate consumer privacy bill of rights. which is a sensible, comprehensive framework for privacy protections that provide some standards and would help establish fairness and accountability for the collection and use of driver information. every day, without car privacy and protection, it places countless drivers at risk for having their personal information, or worse, their physical safety, at risk.

swiftly.must act thank you for the opportunity to testify this afternoon. i would be pleased to answer your questions. >> we will go right into your questions. national highway traffic safety administration, in 2012, when i helped craft the legislation, i put a section 31 -402. electronic systems performance. it said specifically, not later than two years after an accident, that was july. 2012, the august of secretary shall complete an examination of the need for safety standards, with regard to electronic systems and passenger motor vehicles.

and has a couple of criteria. upon completion, the secretary should submit a report to the committee. i see i screwed up. i should've put the department of transportation in here, too. they don't have one, but we have commerce in the senate. at energy and commerce in the house. have you completed that report? >> no, mr. chairman. that is still under review. what we have done, which is unprecedented, we put the entire research program that we developed in consultation with other government agencies and the private sector -- i guess iis not -- just put these things in the law and we forget them. it should've been until july, we give you august until 2014, november? ok? so we are a bit behind?

>> agreed. >> is there a draft? >> i tried to get a draft from the committee. they said they did not have one drea thi. this is from either committee. can you submit joint subcommittees here a draft? >> i am not sure if i can' but we will take tha. >> not sure if you can? >> the work it has been done -- >> we want to see it. you can, and you will. you will have it here in 10 days. that is the way we operate here. you did not comply. we do not have any penalties now, do we, if someone hacks a vehicle? >> that is correct. >> the law is still favoring the senate side as far as testimony. but we have seen that they can

be hacked. that is also correct. ? so far, no one with intent has been hacked. but you could probably stop an engine. or could disable brakes steering, because they have electronic components. with that be a good assumption? i am not technologically competent. >> that is correct. you would be able to disable that. >> congress has enacted, i have then we gaveon us, a lot of money -- maybe. >> if i may, to suggest the suggestson of that that nothing is being done, when in fact, much is being done. >> it is not that nothing is being done.

we give certain directives. i was going to get to the question of them working with you all. whichu did talk to them, sets standards and have pretty good reports back. participated? has have you participated with him? >> yes, mr. chairman. we embrace the framework. we adopted that into our -- >> both of those federal agencies, or with the private sector, or in a group? >> we had discussions with both. >> and you? >> yes. >> we've all had discussions. perfectlyactually, accurate, i'm certainly -- we are absolutely involved in an ongoing basis. i cannot testify to the involvement. >> i commend you for coming together as an industry, working

-- and i don't want to imply that nothing has been done. but my job is to give certain directives to agencies. i am not here just to look good. i know i do. [laughter] >> yes you do, mr. chairman. >> my job is to hold their feet to the fire. when you put something into law, some of the newer members will find out around here, i put things into law three or four times and they still do not comply. we won't go there today. we give you a lot of money. we spent about $500 million in taxpayer funds testing the dedicated short range radio communication devices. what is it currently doing to address the potential issues with security credential management systems? where are we on that? jpo funds,nds are joint program office. >> is that under you?

>> it is not. it is now part of the office of the secretary. >> it is under dot? half $1they have had million. >> what the department is doing is putting the sort of hardware behind that system. what has been done to date has been a lot of hard work, smart people coming up with design. now we feel we must build this to see the vulnerabilities and do large-scale testing. >> do you have any idea where? i am told some of what you have done is actually sliding behind the advances in technology. and how much more money, how much more time will it take? do you know? thethink that is why> secretary of transportation is

putting it out for public comment in 2016. >> so that is not until next year? months, hein two asked us to accelerate that. which we have. >> we spent a lot of money, and we don't see a lot of progress. and when would you have your final report, the report that i requested here? it is in draft, you are going to give us the draft? when will you have that finalized? >> i can get back to you on the record with that, sir. >> within the next 10 days? >> absolutely. i want a firm date, and i wanted part of the record. >> absolutely. >> sorry, i don't mean to be demanding. >> circum-i understand your frustration -- sir, i understand your frustration. >> we expect the agencies to act responsibility.

right now, just my final question. cars can be hacked with electronic systems. we do not have in place either a bility to stop that. i guess that is the simple way to put the. is that correct? >> mr. chairman, thank you. gm has invested a lot of time and effort into making it as difficult as possible to hack into cars. as i indicated, we embraced the framework. >> that is an individual effort. we applaud you for that. but my question is that we really don't have a standard, we don't have the ability to prevent that development? do we? >> we have the ability to implement things as a business. >> general motors cannot be hacked? >> i cannot say they cannot.

but we are making it difficult. >> you are individual. i am asking if we have a standard. as i know.as i'far >> we are trying to be proactive. >> but again, the question was -- and i applaud each of you. tell us they are five-star and all of that. but my question was, is there a standard developed? is there protection in place, the answer is? >> we have begun working as an industry to establish - - >> but we don't have that in place, mr. o'connell? >> there is sort of a difference between hard access and wireless hacking. we have seen the former, people with access to a vehicle then

being able to modify certain axis. >ccess. it has happened on isolated cases. i am personally unaware of any wireless hacking. >> there are no protections or standards? >> known that we are aware of -- none that we are aware of. >> congress has not held any agencies to the fire. in theuld just point out written testimony, key examples of computer scientists and other researchers finding ways to wirelessly hacked into vehicles. >> there is a difference between developing standards and their being laws. standards being developed around cyber security. and there are laws in place that would punish someone. be it the digital millennium computer act or anything else.

the question is, are there laws mandating particular standard? i would argue that mandating a particular standard be the absolute wrong approach. >> we don't have that. but we still have industrywide standards or protections. unpacking a host of things we are for today. >> mr. chairman? on the last question, the industry group just recently -- within the last week -- has developed a set of voluntary industry best practices. we are just looking at. thatted you to know was out there. >> usually, things happen before the hearings. >> thank you, mr. chairman. thent to speak to sector-specific sharing analysis

centers, which are nonprofit member driven organizations formed by critical infrastructure owners who share information between government and industry. not necessarily in the automobile industry, but other areas. can you talk about what mechanisms or organizations have been instituted? and also by the industry, to ensure -- >> sure, there is been quite a bit of work. we were at the forefront to encourage -- it is up and running right now. there are additional steps that are probably necessary. one is clarifying the role it will have interaction with the agency. and how that group will be expanded to other sectors, including suppliers. >> i would like to speak to the suppliers portion of it. this is something that has come up in my work on the armed services committee on military equipment.

cyber security is something of great, great potential harm to our military. and one of the things i found out was for military weapons platforms, something as critical as the new fighter jet, there is not complete security of the supplier network. gentlemen the three from the automobile manufacturers here talk a little bit about what you have done to secure or safeguard or inshore that there is -- ensure that there is a plan you can trust? i have in my congressional manufacturerip that has been identified as a problematic company that engages significantly in both corporate espionage and in governmental and intelligence espionage, as well. what are you doing -- i am assuming you don't make your own chips.

but what are you doing to make sure your supply network is secure? >> thank you, ranking member. invested substantial resources and time into the cyber security issue. in fact, we created a global cyberzation to end security products and services. is headed bytion our chief product cyber security officer, who reports to the senior management of the corporate company -- including the ceo and the board at regular intervals -- about cyber products and services. that includes our supply chain. and we have requirements that our suppliers must meet. we audit them on those requirements. and we test their products. and we have those products as part of security by design.

g, allhe very beginnin the way through to production of those products, those products are tested by both internal and external experts. phone cyber r cyber vulnerabilities? >> it is pretty standard. >> for toyota, cyber security is paramount. we also use industry-standard best practices, risk assessments, multilayers. we have cyber security teams embedded in our activities, from the day we put pen to paper through development, and even through the operations. one thing i also want to mention invitedwe have also

automotive suppliers to participate in that. and so wenging them can share information with them, as well. >> mr. o'connell? >> a couple of thoughts. withof them are consistent my colleagues, the general robustness of the system. tesla, being an industry leader in the electric vehicle space, we have a unique concern about the integrity of our operations. because as a new industry and uniquelyt we are vulnerable. especially in software development, but also on the vehicle side, we have a much higher degree of vertical integration. many of our software systems are t designed from the ground up, rather than relying on outside providers. with respect to our chip

technologies, to my knowledge largely, we are sourcing from domestic sources. but we are holy focused -- wholl y focused on the vulnerabilities, as any silicon valley company would be. >> i always appreciate your questioning and insightfulness. i want to recognize my colleague from the great state of texas for five minutes. >> thank you very much, mr. chairman. i appreciate the opportunity. in my browsing the correct? --and i pronouncing that correct? >> yes. >> tech companies like google, making anl are autonomous vehicle overall. and prevention technology for atshes do not rely on dsrc all. what steps are you taking to

support this type of innovation, which is one of the reasons why the u.s. leads globally in intelligent transportation systems? >> with respect to the automated technologies, we could not agree more. we think there is a future for both, both connected and automated. we are pushing hard on both. you see recent examples by the secretary on emergency braking, we just included that technology into our new car assessment program, one of the most visible in terms of consumer information. the other thing we have done is encouraging industry to make that technology standard, slowly meeting trying to get them to a place where it is a standard feature on all vehicle models, without regulation. that is a september announcement that just happened. likewise, on connected vehicle technology, we believe that it is a mandate that is necessary

to get the market to go. >> so, how are we going to tie this in with the proposal to mandate dsrc and all like vehicles? when you require companies to put dsrc on top of their own technologies? re: forcing a standard on folks that may not be ready for -- are we forcing a standard on folks that they may not be ready for? approach look at the of the department, it is trying to get it out of the research phase and ready to deploy. as for these difficult questions, we certainly believe it is ready to deploy. we believe they are, mentoring e complementary. tesla, you take a different approach to determining security issues. you basically have a bug bounty

and employ white hat hackers. why is that a good thing? how was it working? >> sure, our approach is really consistent with sort of software development -- the silicon valley approach -- to hardening software over the course of time. it relies on a system of incentives, whereby we encourage folks to test our system, both professional and informal environments. and we reward them when they added the five vulnerabilities. this is consistent with the incentive system that i think generally works in the human environment. but we find it works very well in most software environments. it is working very well for us, as well. identify us to rapidly and rectify, and intimate the

solutions. u.s. supported a global standard at 77 gigahertz. we are looking locally at a whole different frequency range, around 50 gigahertz. is this an example of one hand not talking to the other? would we not be better off with one international standard? >> i'm not exactly familiar with that issue. i do know on the radio side of things, we have worked very hard to make sure we have the same standards on both sides of the atlantic, so to speak, so we can have one set of hardware. >> mr. lowenstein, would you like to address that? >> we fully support the idea of sharing spectrums. gigahertz band. we think it is important to

protect this bandwidth in the u.s. dsrc provides life-saving services. >> is there a technical reason it would not work at 77 gigahertz, like the rest of the world? >> i'm sorry, i am not a technologist. >> if i might, it speaks to the point you are making earlier about all the disparate efforts in this area. and why an agency that is focused on standards and standard development globally has to be part of this conversation. >> ici amount of time. i look forward to a second round of questions. >> now, i would like to recognize the ranking member of the i.t. subcommittee. my friend from the great state of illinois, robin kelly. >> the promise of internet connected vehicles is that they bring greater levels of convenience and safety. but that same connectivity means

that these computers on wheels faced the same threats and vulnerabilities as other computers. mr. garfield, given the volume compromises of networks, in your estimation, how likely is it that we will see hackers, instead of just researchers, hacking connected cars? especially in light of the testimony? >> it is hard to the future. but i think the likelihood israel. and that it is likely. i think the information that mr. o'connell shared about the approach in the software industry on taking an agile adjustch, where we and integrate robustness, so we are not compromised completely, is the proper approach. >> is there anything that keeps you up at night, any scenario

that concerns you the most? >> generally, i sleep quite well. [laughter] but i think part of my worry is that all of the great things we have been talking about will be a dream deferred. because our policy apparatus will not be as agile as our software development to keep up with these shifts. so i get the instinct to act. and we should act. what we are suggesting is that we act in a strategic and coordinated action to make sure that shared interests are achieved. logan,o'connell, mr. when you think of new features you are going to add to your cars, is there anything -- not that you would do it on purpose -- that you would add that could be negatively compromised? as you are getting more connected, i guess? said, wes we have certainly embrace all of the tenets that mr. garfield has

spoken about. and we incorporate security by design, defense in depth strategies throughout our reviews. and so, from the very beginning of any service or hardware, it begins to go through the design cycle for our automobiles. cyber security posture, that particular element is being evaluated. , andisk of being assessed appropriate measures are being taken to mitigate that -- into the lifecycle of the vehicle, itself. toyota, the safety and trust of our customers is paramount. as i mentioned on the telematics side, we employ the same best practices that have been mentioned here today. we include our cyber security experts in the very beginning.

they provide feedback to us that we implement. i think as we go forward, we will continue to expand on that. we also look forward to working as an industry to develop best practices we can all employee. >> you did not ask me, but i sleep well at night, too. [laughter] i know reasons, one, that we are employing within tesla some of the industry's best. considering privacy issues, the other piece that gives mean peace at night, we are working in context of open innovation. whereby it is not -- the integrity of our system is not tesla, butant on looks outside to improve the

system and rapidly implement them. >> thank you. your testimony talked about some of the statistics dying on the highway. but mr. garfield, your testimony references a tremendous economic and societal benefit that could be derived from autonomous vehicles. in your opinion, what could congress and the federal government be doing? what more can we do? >> thanks for asking. there is certainly important work for congress. there are so many different agencies working on the internet of things. connected cars are a part of that. congress can play a great role in bringing clarity on a path forward. and filling gaps where they exist. for example, the representative spoke about the spy act that is going through the house.

trying to bring order to all the work going on. we think that would be quite valuable. >> thank you. i yield back. >> now, i like to recognize the gentleman from north carolina, mr. walker, for five minutes. >> about five or six years in the early 1990's, i worked in the auto industry on the retail side. i can look back on those 20 years and see how much paperwork on the dealer side was required then. and how much is required now. the last thing we want is more federal regulations on these men and women who are working hard to provide jobs out in the industry. so i do have a couple of questions, though, to make sure we are headed the right direction. what role, if any, and the internet of cars can be filled by the federal government? i would like to hear your thoughts on that. >> one of the things we are

doing is try to ensure proactive steps from the get-go. it has been mentioned about security by design. we think that is paramount. one of the things we have been doing all along, we saw this coming, that in order to see the vision of the future with automated and connected vehicles, we really have to start focusing on that. we have been pushing and prodding as best we can to get that to happen. >> in your opinion, do you really need a specific regulator? or auto specific best actor's here? or is the national institute voluntarily setting the right approach? can you address that? >> it really might be all of that. right now is kind of a two-pronged approach, working with the auto industry on a set of best practices. but as a regulatory agency, we have to keep in mind that that is our job. if there's a need, we will do

so. >> does the federal trade commission currently have jurisdiction under section five two police the privacy policies -- to police the privacy policies, to the extent they connect personal information from these devices? that is probably more directed at the fcc. but we have been working very closely with the sec on privacy issues. >> ok, does the department of transportation or the nhtsa have particular expertise that would warrant them -- to answer your response -- to oversee the privacy responses related to the devices? >> we do have privacy expert. that is one thing we will be referencing an hour rulemaking. we have expertise. >> is there a certain timeframe, date, a conference, or meeting you will be addressing this. ? >> sure, what we will be doing

medications, wens we wil will have more on that. >> last question, most of the technologies and development are independent of the dsrc. what is the nhtsa doing to enable further adoption, to not hamper the innovation that we are seeing? >> we are using regulations, where appropriate. it really is an era where we see technology. knology to g >> in your testimony, you notice the sensitivity of the information connected by the vehicles. but just to review. describe what kind of information could be collected? and what entities would be collecting it, other than the manufacturers? is locationle

information, which can reveal an individual's patterns or habits. there is also the collection of credit card information, with certain telematics placements in the car. individuals can, in the car, speak into their system for a text message -- that is audio. there is also text messages looking at the privacy policies of certain manufacturers. it is an almost endless list. most of the time, manufacturers do not specify the various third-party entities. we know in certain contexts that it is marketers. we know there is an increased market for insurance companies to gain additional access. without sufficiently requirement, law enforcement could also gain access. >> i have just a few questions

and seconds left. and what questions are we seeing the most innovation on this right now? can you go down the line? i yield back after that. is certainly ae globally competitive part of the industry. the united states leads in terms of the deployment of the advanced technology. but i think this is rapidly changing. and i think the proper policies need to be in place to ensure that this innovation continues in the u.s. >> thank you, i agree. we are moving very quickly in the u.s. to adopt these kind of technologies. although, in countries like japan, technologies of artie been put into place. >> i won't refer to our unique regional hubris, but i think the most advanced efforts are taking place in the u.s.

i like to see us on the leading edge of this. >> thank you. >> you are recognized for five minutes. >> i want to thank the ranking members for the searing. mr. o'connell, you can talk area the hubris of the bay as long as you want to. [laughter] i represent that area of the country. i asked that this be entered into the record. >> without objection. >> and maybe toyota and general motors, the whole issue of independent researchers -- mr. o'connell has talked to tesla's advocacy. could you tell me if toyota and general motors have the same feeling that they will allow for independent researchers to help them to make sure the software is working properly? i say to someone in the context of what has happened, vis-a-vis

volkswagen. can you respond as to whether you agree with mr. o'connell? >> we generally agree with this approach. we have a specific relationship with certain groups of security researchers and academics. as i said, they perform valuable services for us in terms of testing the vehicle software and the systems on the vehicle. to help us design and make them better, so that hacking them is more difficult. we are also public the disclosing that we are looking very hard at security vulnerability programs. whether or not it is exactly like the one tesla described will be determined. but we should be rolling that out very quickly. we want to know if our software has more abilities. we want to know that, both from folks within the company and outside the company. >> mr. lowenstein? >> we try to welcome information

from so-called white hat hackers. we have regular communications, regular relationships. we attend the same conferences they do. we also do employ third-party cyber security testing on some of our systems, to ensure that we have all the most up-to-date information. and we are patching any vulnerabilities we might find. thewitching to privacy, privacy principles are exciting to look every buat. concerns, mrs. barnes we had very spirited debates for opting out of third-party data. the industry lobbied heavily against agree it did not get it. within the language you have in the privacy agreements you have come up with, and the value you place on it, and the concerns that have been expressed here

today as well, can you provide a comprehensive list of all the data currently tracked and store in your vehicles? can you provide that information, and can you provided to the committee -- borrowing on the chairman's within aomments -- couple of weeks? >> our relationship with the customer is the most vital thing we have in the company. we respect the privacy of our customers. and we want to protect their information. i will say that before we disclose any information to any third party, we get specific affirmative consent from our customer to do so. >> mr. lowenstein? >> we also follow a similar process, we want to be very transparent on the data we are collecting, and how we are using it. for instances where location-based services are used, we asked for affirmative consent of the consumer.

>> appreciate that, mr. o'connell? >> a similar protection is the up and out. people have the option to not share any of their data with us. wen they do share it, atomize that dead and aggregated as such and not only can you not data but wethe aggregate it as such that you is to that's the intent increase principally safety of the vehicles. >> hopefully will hit all of us. that related to other tech privacy protections. >>