Populous states are member of the compact and your biggest states are not. Right. And if you look at the folks who the states that have decided to be part of the physician licensure compact, states like i think its West Virginia and one of the dakotas, idaho. California is not going to do it any time soon. Texas is not going to do it any time soon for all kinds of reasons. Compacts solve part of the reason, but again, theyre only as good as how many states are part of the compact. Right. I think if this were an easy problem to solve, simon wouldnt be spending his time on it there is the question of how easy it is to get it done, and then the question of whether it would work if you could get it done. Its not that easy to get rid of state medical boards either. But while youre in the system of state medical boards, the knack there are some efforts moving forward, it could be that that is the most likely, even though theyre all somewhat less likely way to overcome the professional problems that were talking about. And i dont i dont get a sense that there is a there is heavy support for a National Licensure system, a federal licensure system on the hill. In fact, its a nonstarter for a lot of folks. I think i had been missing a question over there on the left of the podium. Lets get to that question. Thank you. All right. My name is nichol ross im a reporter with wmla radio. I cannot stand up. Im kind of swimming in equipment over here. I have two questions. The first ill direct to dr. Sharfstein and whoever else would like to chime in on the panel. If we can talk about the impact on Health Care Jobs that telemedicine will ultimately have, you can talk about how on one hand there is a shortage of physicians. On the other hand, telemedicine is clearly moving towards remote monitoring. Who will be monitoring a all that data . And its not necessarily a fulltime physician. So ill start with that question. Its a great question, but i dont think my professional training gives me a great answer to it because im not an exist. I think there are obviously going to be implications. I guess what i would say is that you can look at the country and see a mismatch between need and resources for medical services. And the goal would be with a good Telemedicine Program would be to address that mismatch so that you can get more services to people who need it and in the end get better health. That probably would allow some more flexibility for where people could live. But in terms of what that would do to Physician Workforce in different places, i dont know the answer to that. I think its fair to say it would be pretty disruptive. Maybe your view of it depends on what you think about disruptions. And many of us including me love to have the economy disrupted and have consumers benefit from that. But i do understand that other people may be more concerned about disruptions to peoples work lives. You had a second question . Yes. Second question. This will be directed towards the first speaker, but again, if anyone else wants to chime in that would be fine. The federation of state medical boards changed their definition of telemedicine in april to include video teleconferencing, but not audio only phone conversation. Im wondering, i mean, how much weight does that hold, if that matters, and the degree to which people cant agree on a definition and how that might impact patient care. The definition of youre absolutely right. And the model policy, they redefined telemedicine and left audio only out. A lot of states have their own definitions of telemedicine. A lot of them dont include audio only. So i think the fsmb definition was not a surprise at all. The definition is only important in that the fsmb model policy addresses telemedicine. Anything that falls outside of that, the rest of the model policy does not apply. I think if you talk to a lot of folks, a lot of folks will tell you that patient a lot of patients prefer phone. Its more convenient. Its much more accessible to them. You dont need broad band. And a lot of employers will tell you that when they give the choice of their employees as to whether or not they want to receive services by phone, or by audio video, a lot of them choose phone because of the convenience factor. Having said all that, some of my clients who are in the business will tell you cant do everything by phone. And there are certain things that physicians will not do by phone, who will refer you back to your primary care physician. And so the phone cant solve everything. But the people i speak to, the people i represent, the employers i talk to would like a more expanded definition of telemedicine to include audio only. Now having said audio only, that doesnt mean the physician doesnt have access to the patients medical record, a questionnaire. So in other words, its not just a cold phone call without any other information. I think maybe we have time for one more question. I see somebody to this side. Thank you. Jeff perlman, just a lawyer off the street. Doctor, you indicated that you supported mr. Rowes position on Consumer Affairs as long as it was limited to one state. I think thats what i understood you to say. So is it true that if i live on western avenue, which is a borderline between maryland and d. C. , anything that happens anywhere in the district if i want to call, if im the veterinarian and i get a call from the amputee, that its okay for me to answer, yet if my friend of 40 years who is also an amputee lives across the street in maryland, and i cross the street to answer his question about his dog, that the suggestion by mr. Rowes that that could result in that could be resolved by a cause of action in tort law. That wouldnt be adequate . I understand the question. I appreciate it. I think first of all, my main point i think that its a different issue within the state versus between states. And i think that to the extent that what jeff is saying is that there is a First Amendment issue and a doctorpatient relationship, and it needs to be balanced in different ways. I think were pretty close on that. As you get across the across jurisdictions, then it has a lot to do with enforcement. And of course the keys youre talking about is probably were also talking about charging, i would imagine. Youre not just walk across the street because youre doing it. Somebody is actually getting paid for something. And, you know, i dont think its in all the balancing its that much of an imposition for someone to get licensed in more than one place. I think the value of that is they get judged according to the system that weve had in this country for a long time for regulating professionals in a certain area. I see value in that. And just sort of i dont think that the fact that there are always going to be cases that are across the street whenever youre talking about any law, is it fair that you can do one thing in one state and another in another state right across the street . Well, thats just how the law works. Thats the same thing here. If you believe there is a value to allowing local regulation of medical practice, which i do believe, then you have to live with the borders that are reflective in that. And i think if it were just a crazy and insurmountable hurdle, i would have chest pain with that. It really isnt. And if youre literally living on the line, you should probably be licensed in both places. I think that i should point out the last i heard i think the fsmb numbers, only 6 of physicians are licensed in three or more states. So while were talking about this new Innovative Movement that seems under way, most practice is still local. And i guess the question then becomes, as we become more as were an increasingly mobile society, the question is are the numbers so low because of all the administrative burdens with having to apply for a license . Its costly. Or is it because, again, it reflects the reality of medicine on the ground, that its mostly local . With that, i apologize. I think we have to wrap things up. Were going to go adjourn for lunch on the second floor. Maybe the panelists can join us so if you have other questions, feel free to join us up there. See if you can accost them. Let me thank the panelists. That was excellent. I enjoyed it very much. I hope you did too. [ applause ] coming up, google Vice President vince cerf, also known as a cofounder of the internet on the future of the web and the importance of adopting new technologies to ensure internet security. After that, a discussion about the development of next generation lithiumion battery technology. And then legal and health care analysts look at the emerging industry of Online Medical care, also known as telemedicine or telehealth, regulatory barriers and reimbursement of service and policy concerns. The cspan cities tour visits literary and Historic Sites across the nation to hear from local historians, authors and Civic Leaders every other week on cspan2s book tv and American History tv on cspan3. In this month with congress on its summer recess, the cities tour on cspan each day at 6 00 p. M. Today we visit omaha to learn about the history and culture of nebraskas largest city. Cspan is in des moines for the iowa state fair and road to the white house coverage of president ial candidates. Our live coverage is on cspan. Cspan radio, and cspan. Org as the candidates walk the fairgrounds and speak at the des moines registers candidate soapbox here is the schedule. Saturday republican Rick Santorum at noon followed by democrats Lincoln Chafee at 12 30 and senator Bernie Sanders at 3 00. And on sunday afternoon, republicans ben carson at 5 00 and George Pataki at 5 30. Cspans campaign 2016 taking you on the road to the white house. Republican president ial candidate donald trump will be in New Hampshire tonight, and well cover live a town hall that he is holding at 7 10 p. M. Time eastern time in hampton. Now google Vice President vicinity cerf on the future of the web. He adopting new technologies to ensure internet security, the fcc Net Neutrality policy and back door encryption policy. He is also the chief internet evangelist that builds the leadership with the Internet Community and the infrastructure, systems and standards for the next generation of internet applications. Good afternoon and welcome. My name is john hughs. Im an editor for bloomberg first word, that is our breaking news desk here in washington and from the press club. We are the leading organization for journalists. We are committed for future through programs like this and we fight for a free press worldwide. For more information about the club, visit our website, press. Org and to donate to programs offered through the Club Journalist institute visit press. Org institute. On behalf of the members worldwide, i want to welcome people in our audience to the newsmaker luncheon and i would like to welcome cspan and public radio audiences. Follow the action on twitter using the n pc lunch. Remember, the public attends our lunches. Applause is not evidence of a lack of journalistic objectivity. After our guests speech, well have a questionandanswer period. Ill ask as many questions as time permits. Our head table includes glefts of our speaker guests of our speaker and working journalists who are club members. Let me introduce them to you now. I would ask each person to stand briefly as names are announced. From the audiences right, pender mccarter, retired Public Relations director for ieee. Jackie case ill, former president ial innovation fellow at the white house, fema, and gsa. Bill yarnoff, Vice President of Business Development at the diplomatic courier. Tam herb better, Technology Freelancer and chair of the National Press clubs freelance committee. Jonathan fisher, Senior Editor at slate. Susan molinari, Vice President of Public Policy and Government Relations at google and a guest of our speaker. Allison fitzgerald, managing editor for the center for Public Integrity and a member of the National Press club, board of governors. Skipping over our speaker for a moment. Lori russo, managing director at Stanton Communications and the speakers member who organized todays lunch. Haley securitiaamma, Technology Reporter for the washington post. Tom risen, Technology Reporter for u. S. News and world report. Wayne rash, Washington Bureau chief, for eweek. Joshua higgins, Technology Reporter for inside washington publishe publishers. [ applause ] so a little more than 40 years ago the First International conference on compete communication gathered in the basement of the washington hilton. Attendees witnessed a demonstration of new technology that enabled advanced applications to run between computers here in washington and others around the country. Apra net, a network created by the advanced Research Projects agency was the earliest version of the internet. One of those involved in the demonstration that day is todays speaker. Since then, in 1972, vince serve has developed and advanced the architecture and utility of the internet, ushered the continued spread of the web, and become one of the most widely respected authorities on internet policy and governance. Many call him a father of the internet. Since 2005, dr. Cerf has served as the chief internet evangelist for google. He said he took that moniker because they wont approve the title of arch duke. Dr. Cerf is well versed on the value and capabilities of the internet. Recently he voiced concern that the 21st century could become an information black hole unless we find ways to preserve photos, documents and other Digital Content, which is hard because we dont know how computers of the future will function. His solution for now if you want to make sure that some Important Information survives for post ert, print it out. Dr. Cerfs current project is the interplanetary internet which he is working on with the nasa jet propulsion laboratory. It is exactly what it sounds like. A Computer Network for planet to planet communication. His list awards and commendations is, as you can imagine, quite lengthy. To learn more about them, youll have to look them up on the internet. Google it. [ laughter ] please give a warm National Press club welcome to the google chief International Evangelist vint cerf. [ applause ] well, first of all, thank you very much. This is theer um number 208 which reads if you feed them theyll come and here you are. And it is my favorite theory and im glad we proved it again. Second im not going to use any presentation. My motto is powerpoint corrupts. So youll have to listen to vinten stead. I want to tell an about dote relevant to this population. I worked on something called mci mail. We turned it on on september 27th, 1983, and among the first people to sign up for this electronic mail service were reporters, one of whom was william f. Buckley and i maintain a lovely correspondent over time before he passed away. And i remember that i had come and gone, to mci and left to John Bob Khan and rejoined cmi to help them get into the Internet Business and around 2003 it was clear that charging people for email wasnt a great Business Model so we shut down the service and i got angry letters from reporters who said ive had my mail since 1983 but the honest answer is it was time for that service to go. So i have two themes i would like to address this afternoon. The first one has to do with technology and i will drop into geek a bit. Apologize, but it is the only way to bee precise. And then i want to talk about policies. I have eight points on the tech side and four or five points on the policy side. So let me start on the technology side. Im proud of the fact that the internet continues to evolve. This is not a design which was fixed in time 40 years ago but rather it is one which has adapted to new technology, it has swept in new Communications Capability and become an important element of the smartphone, both of the internet and the smartphone and the world war wide web are all enforcing in many ways. And one of the things that bob and i didnt get quite right is the amount of numerical space needed in the internet. When we designed it 40 years ago we did some calculated and that 4 billion skernations ought to be enough for the internet. And most of you are using ip version 4 which was designed back around that time. We got it wrong. We ran out of the ip version experimental address space around 2011. The ceo of aaron, the americas registry of internet number, john kern, you can wave at him and if you need ip addresses, he can talk about that. Im proud to serve as member of the board. But now we have 120 bits after dress space and it is three times four to the tenth 38 addresses and this is a number only congress can appreciate. But it is absolutely vital that we get all of the isps to turn it on. It is in your desktops and in the reuters but the Internet Service providers need to turn that on in parallel with the ip 4 service which you are using today. Sow can do two favors. One, as individuals talk to your isp and demand when you are getting to get ip addresses and i want dates and times. And second, as reportires will you reporters, will you kindly do the same thing with the megaphone that is afforded to you by the state. And why do i care . And the next wave of stuff is the internet things, you all know that, but this is real. Everybody appliance is shifting from electro manic controls to programmable controls and once you put a computer in anything there is the opportunity to put it on the net. There are good and bad things. The good thing is everything is connected and the bad thing about the internet is everything is connected. So we need the address space to accommodation the explosion of the devices. Cisco said there may be 50 billion devices by 2012. They may not be as crazy as it sounds because every light bulb could have an ip address and some of them do like those made by phillips called hue, h. U. E. , and not hugh, and you can adjust the color with your mobile and you need that with an ip address. And the second one is even more on sure. The labor is buffer bloat. And so you might think what is this. If you are watching streaming videos have you noticed they get jerky and things slow down and the delays are loading up and you sit there waiting for things to reload. It turns out it is not true that having more buffer memory space is always a good thing. Let me explain. You have a router at home typically, maybe supplied by a cable or Telephone Company or you bout one and installed it or hired a geek to do that. And so this thing has memory in it. And imagine that you are running a local network at home and it is running at maybe 100 megabits a second or 10 or even a gigabit per second but the connection out to the rest of the world is not running that fast. Unless you are on the google Fiber Networks in which you are getting a gigabyte a second but most dont have that speed. So what happens. The program that you are running inside of the house is pushing data like crazy into this buffer that is filling up and emptying slowly because the data rate is slower at the other end and which means increasing amounts of delay from the center to here waiting to hear acknowledgments come back from the other end. At some point the Program Inside of your house is saying, oh, my god, they didnt get what i sent, i better sent it again. And you keep transmitting and you create a highly congested condition. It is counter intuitive but you need to design the system so it doesnt put too much buffer space in the path. It should put only enough to deal with the deferential between the high speed and low speed side. Of course this also works in the other direction. So here is the code word for you. The letters that you want to refer to are called codel fq, and that is the kind of thing, the technology you want in your reuters. So while you are pounding on the table for ip 6 and you can say i want codel fq on my router and i want a pony. [ laughter ] next point. All of you are familiar with the fact we are bad at picking passwords and some of us use password for passwords but that is easy to remember and everybody else knows that so that is not a good thing so you are told to make up complicated passwords with pungs and keep changing them all of the time and you can never remember them and you make a list and stick it on your computer or put it in your wallet. Okay. So at google, you will remember and some of you reported we were attacked in 2010, and penetrated. And so we decided we needed to do something about that. So in addition to user name and password, which we still ask people to change on a regular basis, we also have a piece of hardware it is called a number gnubbie. It is a two factor generation device and it generated a random password using an al go rhythm. And when you log into the account, if you are acting for two factor authentication, it will two two things. You will tickle it because the light came on and sends the data back and forth or it sends a random number to your mobile or you have an al go rhythm that generates the random number for you. All imply you have to have the mobile or the nubby device or the latest from google, and in addition to knowing the user name and password. So if somebody got your user name and password, they cant get in because they dont have the second factor. We would like to encourage everyone to adopt that practice because that will make the network safe for you and for me. Fourth Point Security and safety and privacy are really important on the net and one way to achieve that in part is to use what is called https. Hyper text transport proto col which was created and released as part of the worldwide remember. It is called https. And the purpose is to connect you between the mobile or lap to be and the service, or google in my case and the idea is that everybody should make use of the cryptomatic means of data back and forth. And so while youre using web based applications it is only decrypted when it reaches the other end. This is called encryption for transmission. Which leads me to the fifth point which is google and others believe that all transmissions regardless of whether from your edge device to our services or between our data centers or any other place, ought to be encrypted to protect confidentiality and so we see crypto as a very Important Technology which should be incorporated into normal use on the net. I know i dont have very much time so i wont tell you how i worked with nsa back in 1975 to build a seek internet but the details were classified at the time and i couldnt share it with my colleagues. So i felt schizophrenic for a long time but now we have the technology to make this a much more confidential environment. We think also it is important to encrypt data once it lands in place. So your laptops and your disk drives and mobiles should be encrypted. We wonten crypt data that lands in our data centers and we keep it encrypted so that even if the data center were penetrated or you lost your laptop or tablet, the information is hard for someone to extract. So crypto is important. Seventh point is another geek thing called dns s. E. C. That is a serk extension. How do i this in a couple of seconds. When you do a lookup of a domain name and you might not see that but when you tike www google. Com and you say where that and it looks it up in the big name distribute data base and it gets back an ip numerical address. So the domain name and ip address are important. What happens if somebody can go in and change the numeric address associated with the domain name. You may think you are logging into bank of america. Com but if somebody has hacked the system, you are off to some bad site which is exacting your user name and password and everything else. So the solution is to use something called a Digital Signature. Some of you have used public cryptography and it comes out of that technology. We can design the domain name and the ip address. So when you get the pair back from doing the query, you can check did anybody change the binding or altered the numerical part and by checking the Digital Signature you can check it was not modified. This checks against spoofing that would be of harm. So we think dnssec should be implemented but we need more and more implementation down into the hierarchy. And the eighth thing on the geek side. It is bcp38. What the hell is that . This is best communications practices, number 38. Basically what this says is that if you are operating a network and you are going to accept traffic from people that will eventually be sent out to the rest of the internet, the first thing you should do is check to see whether the source internet address, the numerical address coming from whoever is giving the traffic is coming from a legitimate source. Is it coming from a network that owns that address space or responsible for that address space. And so bcp38 said dont let traffic into the net that has fake source addresses. It is possible to fake the source address by just stating this is coming from that place over there, even though it is coming from here. We dont want people to do that so we think again the isp should be executing this bcp38 thing. So you can tell that i have a strong message, which i ask you to amplify and tell the isps time to get on the stick to improve the safety, security and confidentiality of the net. Okay. Now we switch over to policy. And they told me they were going to tell me when this thing was going to die. It says i have 19 minutes left . No. It says it is 19 after so you have three and a half seconds. Seven minutes. Seven minutes. Okay. So eight things in seven minutes. First of all, some of you, i hope, are reading about and some of you may be writing about the idea that nta, National Telecommunications and agency has to transfer the responsibilities to the Internet Corporation for assigned names and numbers. This is called the Internet Assigned Numbers Authority transition so the multi stakeholder bodies of the internet, all of us, become part of the operation of policy development for the internet rather than having a specific agency of the u. S. Government taking responsibility for that. When the ican was created in 1998 that was the intent. There was supposed to be a two or three year period when everything settled down and ntia would relinquish responsibility for further direct interaction. It has been some years since 1998 and it is now time and ntia has proposed to to do that. It asked the community to how how it would operate without the benefit of the over sight. And toe there is controversy over this, the government should step away from this responsibility and authority and return it to the community which has created and operated the internet since inception. So that is point number one. Second, i cant imagine you would disagree that freedom of expression and access to information is fundamental to our Democratic Society and we need to make sure the internet continues to support that. And i would like to add one more freedom and that is freedom of harm. We dont speak about that. But unless people feel they are safe to use the internet, they wont use it. And if they dont, then some companys Business Models, including mine, might be undermined. So it is important in the freedom of expression of assembly and access to information that we do everything we can to protect people from harm which is why i was talking about the geek things a while ago. Point number three has to do with nondiscrimination and in particular none of the isp or the broadband providers should have anything to say about where the traffic comes from and it is going. Everybody should have equal access. You should have the ability to go anywhere you want to on the net. If it turns out to be illegal that is a different problem. But none of the providers have access to the system should be telling you what you can and cant do. So that is a nondiscrimination element showing up in the Net Neutrality orders that have come from the fcc. Preserving user choice is fundamental, again, to the internet utility. Similarly, the fourth item on the policy list is equal access to performance features. If you have the need for low latency because you are playing a video game or high bandwidth because you are streaming video, you should have access to that. It shouldnt be possible for the broadband provider who gets access to this. I didnt say free, but i said everyone should have equal access to those capabilities. And finally, i think it is very important that we encourage not only here in the u. S. But everywhere around the world the adoption of policies that would encourage the creation of more internet. Now of course i would say that. But look, here is my problem. At google, my job is to get more internet built around the world and in talking to eric schmitt the other day, he said you cant retire. He said well why not. And you only have 3 billion people up and you have another 4 billion people to go. So i could use some help, in case you are interested. We really need to help countries recognize the importance of investment in internet infrastructure for the benefit of their citizens and that is my fifth and last point on policy and since i am clearly over time, i will stop there. Mr. Chairman, and i will turn the floor over to you to ask grilling questions. Thank you. [ applause ] thank you. Thank you very much. The internet was created by the u. S. Defense advanced Research Project agency or darpa and now it is global yet no one really owned the internet. Is it possible that a multi stakeholder governance environment can actually work . Boy, that was a nice give me. Thank you for that one. First of all. He is right. Darpa did sponsor this initially. And the answer is yes. And how can i prove that . Well, we turn the internet on on january 31st, 1983. Do the math. How long ago was that, 1983. 32 years. What do you suppose was running it at that point . It wasnt the Defense Department. I was off in mci, doing mci mail at the time, but my colleagues were parts of universities, they were in the private sector, running, building and operating pieces of the internet. And it has been this way ever since. It has always been the private sectors role to build and operate these pieces. Of course the Defense Department has pieces of its own. So does the National Science foundation and nsf nsf doesnt run the net any more. They started it in 1986 and shut it down in 95 and didnt need it any more because there were commercial services available. The private sector and the Civil Society and the technical and Academy Community and governments all have a responsibility, including you, to be part of the policymaking apparatus for the internet. The things that you do to protect your own safety and security and privacy effect me too. Because if you dont do a good job, then you become an avenue through which attacks can be made and phishing attacks occur and access to things that shouldnt be accessed by the wrong parties will happen. So we all have this shared responsibility to make policy decisions about the internet. The enforcement of policy could be the responsibility of specific organizations or individuals and the like but the policy making should be multi stakeholder and as far as i can tell that has been work forge the last 32 years and can continue to work, if you just let it. Next question. Got several questions about hacking and, you know, the white house, the state department have had networks hacked. Will there come a day when such hacks are not possible and someone else wonders who is responsible for cyber security, who is ultimately stopping the hacks from happening . So the answer lies in the previous response as well. Because we are all responsible for improving the safety and security of the internet. Your own choices, your practices, the practices of the Internet Service providers, are all part of this fabric that we have to maintain. There is a visual model i have in my head. Imagine you have a set of homes whose backyards are all shared so there is a big park and the front doors go out this way, going outward. And imagine there is some nincompoop that insists on leaving his house unlocked. This one guy lets people into the interior and that is a risk four. So i see the internet as having a character that we all have a role to keep it safe. There are different places in the internet architecture where attacks can be launched. This is a layered system. And so the mechanisms that might work at one layer may have no effect in another. Ill give you an example. Suppose somebody said the solution to the email problem is that we should encrypt everything and so as long as we encrypt the email as it goes through the net, everything will be okay. Well, okay, lets analyze this a little bit. The source of the emails, using a laptop, which has become infected you some, maybe they plugged in a usb or a dvd or went to a website that had malware on board. And so this commuter computer that you dont know is infected and composes a piece of email that has malware in it and it is encrypted and goes through the net and nobody can see anything and gets to the other end and decrypted and the piece of malware does damage. So crypto at one level does not necessarily solve the problem. We have to put prevention in various layers in the system using various sundry technologies. So in a very kind of an oddball answer, it is sort of everybodys responsibility to do this. But each layer and provider of service at those layers has a responsibility, just as we do at google. Were way up in the application space and were doing everything we can to protect against the kinds of attacks which could be launched against our layers of the arc tektsure but there are other layers below us, the ones doing transport that also need to contribute to the safety of the system. Right now, we use social and Credit History to verify our legal identity. If Social Security numbers didnt exist, what would identify verification look like and is there a better way to do identity verification. The short answer is yes. Would you like me to elaborate . So first of all, Social Security numbers were not intended to be identifiers used in commerce, right. But they are. Or the last four digits which is almost worst. Second the Social Security numbers dont have check digits in them. There is no way to tell whether this is valid or invalid Social Security number. They are just nine digits. So we could do better with todays technology. One possibility would be to issue a certificate which identifies a public key that belongs to you and to you alone and what you would want is to have the private key that goes with it. This is public key crypto stuff. This is the weird thing that my friends marney hellman and whit duffy came up with in 1977. It is a door with two locks. You have two keys. One door locks the door but doesnt unlock it. And so you have two keys that Work Together to create security. So you can imagine having an identifier that has been digitally signed by an authority that would issue those identifiers, that authority could be a state government, because that is where the ssns come from or i guess it is the federal government but the states issue these things by does anybody know the answer to that. The states issue the Social Security numbers but do so the federal government does it. Okay, thank you. So the federal government could issue these certificates and as long as the Digital Signature works, this is a way of validating yourself remotely. Somebody could send you a challenge are you vint cerf with a public key and if theyen crypt it, only i can decrypt it in my private key. Just like the only guy with the private key and i could send a response back to that party using that partys public key to encrypt the response. So we can verify that eachch us have a credential issued by the federal government that has a public and private key associated with it. It is more comprehensive than that but we dont have time to go into the details and that is the essence of what could happen. And it would be better. And by the way, here is another opportunity for policy. If we could agree on an international basis on the bonafide that have to be shown before you get the credentials then we can make a Digital Signature as a wet signature is today. But we have to agree on a global scale what has to be presented to get this authorizing Digital Signature and certificate. I think that would be a really good thing to do because it would encourage ecommerce and give us protection against the abuse of our Social Security numbers. So that is the long answer. In addition to printing out our photos, what else should we, as a society, be doing to preserve information, that is preserve our culture for future generations. That is a great question. I didnt really say print everything, but some people in the business of printing photographs decided that is what i said. And you cant blame them. Printed photography has gotten kind of different from all of the stuff that you see on flicker and everything else. So here is the problem. Every single day when you use software in your laptop or desktop and what you have, you create complex files. If you are using a text doct in microsoft word or Something Else, the file you create is a complex object. And in order to correctly render it or allow the document to be edited you need a piece of software to help you. That is the Application Program. Now i want to you imagine that it is the year 2150 and you are doris kerns goodwins great, great granddaughter and you want to write about the beginning of the 21st century. You remember goodwin wrote the story about lincoln and his team of rivals. If you read it, i hope you had the same reaction i did. The dialogue seemed very pleasible. The opinions being stated an the words that were being used made it seem like she mud have been a fly on the wall 150 years ago. Of course she went. She went through 100 different libraries and collected the physical correspondence of the principals an used that to reproduce the dialogue of the time. Now imagine it is 2150 and you are doris kerns great, great granddaughter and you are trying to write about the beginning of the 21st century and you cant find a damn thing because all of the email has evaporated or worse you have giant disks full of bits that represent the email but the Application Program and the operating system it ran on an the hardware that the operating system animated dont work any more. They are gone. Nobody supported them. You have a pile of rotten bits on your hands. So i want to prevent that from happening. And there are only a few ways that i know of to do it. The best one that i have seen so far, i lectured about this with my partners at Carnegie Mellon and just last week at stanford university, this guy named [ inaudible ], he has developed a Virtual Machine capability that will allow him to emulate hardware of any kind and then run the operating systems on that emulated machine and then run the application on the emulated operating system and it works. He demonstrated. This is not slide ware. He showed 20 different machines and operating systems an my god, he was showing me 1997 turbo tax running on a mac, including the crappy graphics and everything else. It as a phenomenal performance. So the ability for the systems and emulate the hardware is the best answer so far. Imagine running that in the cloud so the machines are available to anyone. This is not a trivial technical problem but there is intellectual property issues. How do i get ahold of the software and what rights do i get and what if im running it on the cloud and somebody said you cant do that because they didnt pay. But it is 150 years since you did anything with that software. Give me a break. You remember what happened when the xerox machines were created and the librarians should people should be allowed to copy limited amount of material this way and the publishers said no, no, no, i will publish one book and people will make xerox copies and i will not make any money. And that didnt happen. And this employee use is important. We need a preservation use like that associated with copyright so preservation as an act is not only sanctions be encouraged so our Digital Content will survive over a long period of time. That is my long answer to that question. Ill combine a couple of questions here. In 1979 bob khan urged you to create a brain trust in case you got hit by a bus and couldnt continue your work. Who do you view as the brain trust today. And part two of that, is do you feel there is enough Technical Expertise or even consultation with Technology Experts among those who Craft Technology policy. So who is the brain trust and is the brain trust being consulted like it should in Technology Policy . Okay. So the answer to the last part is no. The answer to the first part is that the original group that i created at bobs request was called the internet configuration control board, iccb. We made it as boring as possible to no one would want to be a member of the board and then i appointed the people who were the lead researchers on the development of the internet at multiple universities around the u. S. And so the iccb morphed into the Internet Activity board around 1984 and later became the internet architecture board in 1992 when it became part of the Internet Society and now the internet architecture board and the task force and the Internet Research task force, all chf are housed in the International Society are the brain trust for the technical revolution of the internet. That is where the bulk of the new prot protocols are coming from. And various entities are trying to develop new applications for the net but the core still comes from the brain trust. Ive lived here in washington since 1976 and ive considered it to be both a privilege and a responsibility to try to help policy makers understand enough about the internet so that the policies they make, make some sense. And im not looking for Technical Depth here. Im looking for simple cartoon models of how the Network Works that are Accurate Enough so if you reason with the simple models, youll reach the right kind of conclusions about what policies are implementable and which ones are not. An the last thing you want is a policy that requires you to double the speed of light for example or or abandon the law of gravity. So our job is to try to be helpful to provide clear enough explanations for how this stuff works so when policy gets developed it is implementable and makes sen. The worst thing in the world is to pass laws that cant be enforced or implemented because it encouraged disrespect for the law and that is not a good thing. Looking over the past two decades or so, what are the one or two developments in the internet that you are most pleased with and most disappointed with . Well, starting with the last one, spam is the kind of a disappointment. I have to say im proud of my coop, google, because we have filtered out of spam. And if you look at your gmail, and you look at your spam folder, it is especially good not to know how to enlarge body parts and all of that stuff. And it is an annoying side effects that email is free and that means the spammers dont have to pay for what they do. And there are crazy ideas like charge. 002 cents per ad but spam is annoying. But the thing i was most astonished by and proud is a funny word to use here. In fact let me go down an alley for a moment. Some of you have kids. And you might have learned what i learned, which is dont take too much credit for when your kids do well so when they screw up, you dont have to take too much blame. And so i think that proud is the wrong word to use about internet. Im just grateful to have been part of this story. However, with regard to surprises, when timbers world war wide web showed up, nobody noticed except him and his colleagues. But when the mosaic browser showed up around 1993 this was astonishing because it turned the internet into imagery and color and formatted text and it was eye opening. And the browsers had a feature if you wanted to see how the web page was built you could see the http the hyper text, and this was open and everybody could copy and they did and found more ways of making them interesting. The web master was a role which didnt exist before the worldwide web and sort of enhanced by the fact that everybody could share each others web pages and how they were built. And so the thing that astonished me was the amount of content that poured into the net once web browsers and html was available. It was astonishing how much information people wanted to share. Not because they wanted to be paid, but they wanted to know the information was useful to somebody else. And so you hear the story about information is power. Noneless. It is information sharing that is power. And weve seen it over the past 20 decades or 20 years and well see it over the next 20 years and maybe the next 20 decades too. So the thing i like the most is it is evolvable, it is scaleable. Well over a million times bigger it was than when we turned it on. There arent many protocols that allow to you do that kind of standing but it has created invitation. You dont have to get permission from every isp in the world to invent a new product or service and put it up on the net and it should stay that way. The next questioner said you are said to have been a candidate for the office of u. S. Chief technology officer. Wants to know if you would have taken that job. But a larger question is would you consider moving over to the government side to help sort out some of these issues in a senior role, if offered . Wow, so this is a hypothetical, mr. Chairman. So first of all, the answer is there were news reports that i might have been on the list. I dont actually know. But i consulted with some of my friends, including eric. And eric said, why dont you just be the chief Technology Officers best friend. And so i made good friends with anish and megan who is now there as cto and i thought that was good advice. I have served in the government. I served six years at darpa. I really enjoyed that time. It was an empowering moment for me. It was a period of time that i worked with incredibly smart people but my whole career has been that way. Im at google surrounded by incredibly smart people. Most of them smarter than i am and i learn that every single day. Especially when the 25yearolds run over and say why dont we do x for some value of x and ill say we tried that 25 years ago and it didnt work. But i have to remember that 25 years ago there is a reason why it didnt work and that reason may no longer be valid. It could be that computers are cheaper, faster, more memory, Something Else is economically feasible that wasnt before. I have been forced to rethink my own views on these things over and over and over again and let me tell you nothing keeps you younger than having to rethink your own positions instead of falling into a rut. So for me, i dont feel the need to become part of the government. But i want very much to have an opportunity to provide support and help if i can and i will do that if im allowed. Do you want to see Congress Pass the usa freedom act and Congress Just had a hearing on encryption focusing on privacy rights versus the Law Enforcements desire for a back door into cell phones, et cetera. What do you think congress should do . So first of all, this back door idea is indicative of real tension here. This global system is used and abused like a lot of technology. There isnt anything about the technology that determines whether or not it is constructive or destructive use and it is just a neutral tool and some people abuse it. And so we have to do something. We wish to protect the citizens of our country and others from harm in this network. And so you have to ask yourself, well how can i do that . What steps can i take . And the tension pretty obviously is that if you use things like cryptography to protect privacy and confidentiality which im sure every one of you cares about, there is a question what about the Law Enforcement people and what can they do. And the proposal to put back doors into things is reminiscent of Something Else some of you will have reported on, the clipper chip back in the 90s. I was adamantly against the clipper chip idea and the reason was very simple. If you have a back door, somebody will find it. And that somebody pay be a bad guy. And the bad guys will intentionally abuse their access. So creating this kind of technology is super, super risky. And so i dont think that is the right answer. At the same time i accept that governments are there in part to protect their citizens from harm. So the question is how do you do that . And there is a spectrum. Imagine that on one end we live in a society where there is no privacy at all. Everything is known. Everything you are planning to do is known. It might be a very safe society to live in but not one you want to live in. On the other hand, what about a society there is privacy and nobody knows what you are planning to do at all and bad stuff happens. So you feel that your privacy is protected but your safety has now been diminished. There must be someplace in between and it isnt the same place for everyone, it isnt the same play for every culture and it isnt the same place for every nation. Our job in the u. S. Is to figure out where is that balance for us. And i think the congress is forced now to struggle with that. And theyre going to have to listen to various arguments about protection and safety on the one hand, and preservation and privacy and confidentiality on the other. Im not persuaded that Building Back doors is the right way forward. The way the fccs title two Net Neutrality rules are written, do you think they offer equal opportunity download speeds while forebay bearing government over reach like new fees or content regulation . So this is a really interesting problem and some of you have lived through this for a couple of decades. I think tom wheeler didnt have a whole lot of choice. The fcc had asserted a set of neutrality rules which were intended to protect user choice. And they were essentially told t