That regulation of the government but no regulation of at aes collection sits dissonance. If are places that are halfway between. That suggests one a set of answers to me. Im willing to think about wholesale government regulation. There is some there. It definitely emphasizes the confluence between them. That ends my part of the panel. Thank you very much. Thanks to the panel and for the audience questions. We will take a break and resume at 10 30 a. M. With the technology panel. Good afternoon. Thank you to all of our panelists for being here. The way we have structured the day is the first panel had to do it the theoretical underpinnings of privacy. The second panel had to do with technology and the third was the government panel. This last panel is on solutions, folks from the private sector might be able to suggest them. Each panelist will start with remarks and for the panelists yellow and red cards. The yellow card means two minutes left. The red card means your time is up. 20 minutes ofut questions and then in each of my Board Members will have five minutes of questions. We will open up to questions from the audience. Questions,t to ask some of our staff will stand up and hold up cards. You can write down a question and pass the peer. We will just go down the row and start with the professor. Im not going to go into the biographies because they are all available to you. We will start with you. Thank you. I am colorblind. I have no idea what cards are going up. Perhaps youll wave them in a definitive way. , i was first of all sorry not to be here for this morning. The last panel was a superb. It is a privilege to be here and i want to applaud the board for taking up this difficult but fundamental issue about what is privacy and how in practice might we go about protecting the private and Public Sectors. I want to start with an observation. Think the fipps are not useful. Im not suggesting abandoning them. I have gained a little bit of knowledge. I think we use them callous manically. Talismanly. Private and Public Sector, they really dont get us anywhere. Looking for ratherutes for the fipps than asking what the purpose was in the first place. Maybe it is no longer relevant as a tool to achieve that purpose. What are we trying to do . What are we trying to protect . What do we think . The fipps about because im not sure if they ever worked well. They have largely our choice. I dont know if they work well in a world with massive data. Of a fipps approach be societal. Es may they may be the impact on Civil Liberties and the economy. I dont know if it focuses in a useful way. Have led tofipps silly results. Byave always been surprised the department of Homeland Security privacy impact which focused on Privacy Protection. When your device has been seized from you and its contents copied, its difficult to think that this is meaningful protection. The second point, one of the things we are seeing emerge in the debate in the private sector, this is especially true greater focus on Risk Management or Risk Assessment and Risk Management. I know this is the jargon of the day. With management is an incredibly valuable tool that in privacy we are far behind on. We are much clearer about security. Privacy, we lacked that understanding. We dont know what risks we are guarded against. We are very unclear what the harms or impacts or the negative effects that we think we are balancing with a positive outcome. The Risk Management approach offers a lot of value in the public and private sectors. It makes us stop and say what we trying to accomplish . What are the positive benefits and the negative impacts not measured in terms of actual impact on individuals in society or the economy as we think about it. , theusing Risk Management third point is we should focus on use of data. This is been a real weakness of the u. S. Legal system. If you have suffered through lawsuit school, the Fourth Amendment has almost nothing to say about use of data. It is only the collection that it is focused on. We would be better to think more about reasonable and effective limits on use. That is what the public most commonly cares about. One of the reasons is it is always a legitimate reason to collect the data. Theres always some reason. There is a security reason or private sector reason. For rise and had a reason to collect this data. Who could access it and how could it be used . Approachedystem is focused on collection. Wee its in the storehouse, feel it is more out of control. That is a critical area to focus on as well. Fourth, the Fourth Amendment is a critical legal limit. We must observe it. Its not a very useful guide of for telling you what to do in the future. I think we should be careful about that. Too often in our rhetoric we permit things under the fourth if thatt as this tells us anything. It doesnt say anything at the ethics or desirability of doing it. And almost all of these areas, i think redress is something we need to continue to focus on it. We see many uses of data in the government setting which is done without redress of. If it affects the person inaccurately every now and again, what does it really matter . We will provide extra security for the wrong people. This is not an efficient use of resources. Its not a good way to think about privacy. I think we should be very clear in those exceptions are we say there might be no redress available here. We have to provided through other means. At all times, we should be thinking about redress. Thank you very much. Thank you very much. Our next panelist is holly geithner. She is at the center for democracy and technology. Thank you very much for inviting me to speak today. Thank you for your ex network on for privacytection and Civil Liberties and National Security and terrorism programs. Congratulations on having one of the best acronyms in town. When it comes to evaluating Privacy Protection, we believe the fair information to practice principles are a very important framework for government and the private sector. You can add other privacy frameworks on top. We dont disagree with professor cate. As anw the fipps indispensable practice. The individual principles of the fipps are overlapping and mutually dependent on one another. It is a framework and not a smorgasbord the you can choose robustk, unless you want Privacy Protection. Is talk of doing away with Data Collection. In the time you have given me, i want to address this had on in the context of government surveillance. That there should be collection limitations on private sector Data Collection and that the minimization principle should apply to the private sector. The government should not take its cues entirely from the private sector when it comes to National Security surveillance. Data collection from the private sector is different and National Security surveillance. Even if the private sector were to collect data in an unrestrained manner in an alternate universe, agencies should not follow suit. The functions are totally different. That should go without saying. The private sector does not use the data it collects to take action against the individuals as part of its mission. Several companies have repeatedly responded to public outcry before privacy control. The National Security arms of government are not as transparent and not likely to be. Allow consumers to limit the collection of information about them. More and more services are differentiating themselves basically. Toividuals can it choose not participate in a commercial service. Data collection for National Security purposes does not eliminate any meaningful choice. As does view them insufficiently protective of privacy. Because of the differences i just listed and other reasons, even if the private sector fails to robustly apply the phipps fipps, government should follow through. Government should be more strict than it the private sector Data Collection. I have a small set of broad recommendations. One, the government should put emphasis on the principle of the fipps. Also in minimization is critical. Once the government collects , we saw this happen with the search loophole. Surveillance should be restricted at the front and by limiting the collection of data to what is needed to a compost a specific purpose. The data should be retained only as is necessary to fulfill that purpose. Itshould be destroyed unless is needed to accomplish the purpose. The purpose of Data Collection should be subject to meaningful restriction. Limiting the scope of what is relevant. The definition of foreign intelligence. The goal should be overall to move from mass Data Collection to targeted in a collection of both u. S. And nonus persons. Providernment should much greater transparency. The patriot act exemplifies this. Known as surprise at the nsa is collecting phone records. Been getting all phone records in the entire country. This is bad. A fair reading of the statute does not grant them this authority. The classification of pfizer boostorders would transparency. We should not be a nation of secret laws. The government should provide transparency around the scope of requests for data. This includes reporting about National Security surveillance activity such as hominy requests were made. The government should authorize the private sector to make similar reports. Information is power and privacy is control of information. To possess information about an individual has power over that individual. Largescale Information Collection threatens the relationship between citizens and the state. It throws off the balance of power. Them to with much more targeted Data Collection and trade transparency. Thank you. John grant is our next panelist. He is a Civil Liberties engineer. He oversaw the department of Homeland Security. Thanks for being here. Thank you for the opportunity to be here. I worked on the legislation. Im sure it is every parents dream to testify. Ofo the board and a lot spare everybody the commercial. We started in the Law Enforcement space and have expanded. Our technology is in the course of achieving its mission. We are not able to the point in a way that protects drivers he. That is something that the founders of the company instilled from day one. That is why my job one of the things that i learned was when you walk in a room and you say to engineers im worried about this thing you are building. Responses i do i fix it . You dont get these things other places. We need to come up with suggestions for how to fix it. I am a lawyer. I dont assess a lot of technical skill. The main role for us is to translate. On some of the technology at a high level and for movinguggestions forward that i think are low hanging fruit. Briefly, for moving forward that i think are low hanging fruit. We are not dealing with the collection of data. This gets to the point of use of data. We have two highlevel categories that deal with managing this. ,ust as technology has expanded it is also significantly expanded the Privacy Protection that is available at the agencies. Ago,u imagine 50 years paper. S people of maybe it was locked in a desk or. Maybe it was in a dusty basement archive. Limited tracking of where the file was. Who knows . Anybody who had access couldnt see what ever was in it. You just needed to rifle through it and you could see anything. Oversight into how it would be used would be irrelevant. Deletion would be a shredder. More precise deletion would be a black magic marker redirecting points of information. Technology allows us to do a lot more management of data. Is the Access Control point. You can build Access Controls to manage data very precisely. You can do it in a more nuanced way. You dont have to make choices between access or nonaccess. There are lots of options. Infiniteve you an variety and how to manage data and what they can do with it. The other point is oversight mechanisms. Using were close to control how data flows around an organization who can see it and what kind of things they can do with it. These can be very detailed. That can be very complex and involved multiple actors and multiple stakeholders. Auditing how data is used itself can be incredibly detailed. Lot, but ing over a want to get to other points. These two capabilities are significant improvements on what was used before. They can get us a long way. , these aree a to say not specific technologies. What is the problem today . Lawyers dont know technology and engineers dont know law. You need people who know both of these things to be able to make decisions. Lack of resources. You need people who can manage the data. We talked about this on the earlier panel. They are managing huge amounts of data. They need resources to be able to do this. Privacy is hard. How do you look at it . The last one is i can anecdote. The nsament tends to be sector saying we caught this bad guy use this information. You have toto be use this on anecdote grounds. Solutions, education. We sponsor fellowships. Thated to make sure lawyers could Learn Technology and engineers can learn law. There should be a requirement to have an engineering Ethics Program and teach privacy. They are going to build the technology that is going to hit the street and its going to be years before the law catches up. Shouldnt they be able to catch how what they are building is going to affect ribas he . Infrastructure. Value, we important need to invest in infrastructure to support it. We to go beyond just systems. We need to tell people how to do it. We need to be writing specific guidance rather than just consent. Everything in the world can be data sized. We can do the analysis and get beyond anecdotes and start analyzing data and figuring out thanks. Our last panelist is chris. He is the former Deputy Director of the nsa. Thanks for being here. Of most of my time teaching at the naval academy. Grateful that you established this venue for what i think is important ballot. I like to make for quick comments and then get to questions i agree with the panels premise. The framers of the constitution did not intend for security and privacy to be in moral mortal kombat. It may be that we cant trade one for the other. We have to work harder to achieve both. Technology in practice from the private sector can be helpful. Government is different. ,ot just in terms of powers alone the government requires to meet the standards of the first 4 10 amendments. The 10th amendment was the most significant of those. It says unless you have the authority to do something, you dont. Searches, that was specifically permitted under courtapproved procedures. Interpretations of the law the went through three branches of government. I think that is right and proper. It may be bad policy at the end of the day. The rule of law has to pertain. I agree with what john had to say. The aspects of law and technology are often it odds with one another. They are perceived as independent biases. You are trying to affect technology and law. They change at different rates. Keep them recognized or synchronized is really hard. Mechanisms are not likely to change the needs. You take both art and science. When we find ourselves in compliance mistakes, we had to sit down and figure out how to achieve a horizontal joint between the technologies, the legal practitioners and the operators. They were trying to achieve something different. I do believe there is a role for big data. This is sometimes called mass collection. The principles should be the same as surgical banks. The government should be able to justify what is necessary. It should only achieve that in proportion with that need. Aside, thee comments private sector has a lot of experience in this regard. Far lessnment collects information that is perceived by the public. Again i do not excuse the government for that but they can bring technologies in. We would have to scale them down as opposed to scaling them up. Just a reminder to the audience that there are staffers in the back with cards and if you would like to direct a written question, hold up a hand and find one of them and write down your question. Audience,nefit of the for the panelist if you would not mine moving the mike backandforth, we do not have as many as we globally should. I would like to start by asking about oversight. Both in your oral statement and rick written statement, you talked about a wide range of mechanisms are in paper trails, electronic workflows and things like that. It seemed like an overwhelming array of ways to engage in oversight. Reasons you need to choose your oversight mechanisms. Any agency will have limited resources to dedicate and as i mentioned in a Previous Panel, there may come a point where there are diminishing returns. He to leave these people time to do their jobs and notches comply with oversight mechanisms all day long. So have you given some thought as to what constitutes an effective oversight mechanism, how do you rank different mechanisms . It is a similar issue, you have a similar amount of data as you say. Informationt of and you can use technology analytic tools to make sense of that information. Issue is that you need to do it. Time, this all the everybody checks the box on audit laws. What to make sure that it is logging the information that it is supposed to. To look atr requests the audit logs once the auditing mechanisms are turned on. That irent many laws can recall that tell people they have to look at them. It is the seinfeld joke about renting a car, ability can take reservation, but you have to use the information reservation. The oversight people and the Information Security people should be as good as your analyst. You need to have good people doing the analysis and oversight. To answer, which is the most effective . It is using that data and the team that you have. Not only are you going to look for people doing something wrong, but you can also ask questions. Does the Data Retention policy makes sense. You can look at the policy and say we keep this data set four five years. Lets change the Data Retention policy. Especially like to get your thoughts from time in government, what did you view as an effective oversight mechanism . Is an authority granted or burden that is imposed, it is not a onetime thing, there cannot be a repurpose thing later. Of events the typical might be constituted as collections and processing data and dissemination of that data and the burden imposed on every step. What we ultimately found is that in order to achieve that because data ultimately is aggregated and synthesized. They dont simply use data from one source but from many sources. At that point it is really hard if there are different expectations to keep it straight in your head. Youfocus has to be, how do combine attributes for particular data at the moment it comes into being. Could you pull the mic a little closer . At the moment you collect a piece of data had you bind the after beats that include other things as well. What is the authority under which the data was collected, what are the burdens and the imposed strength. Boundhould be atomically through the life of collections, processing, analysis and dissemination. At some point there will be a second order use of that data and someone synthesizes that in their head and constructs a document across a gap, that its hard. At least the primary use if you have a systemic view, you make at the auditors job much easier and in your system and technology you essentially impose a constraint or check every time something exercises privilege against that data. That makes the auditors job much easier. It is a nice deterrent effect because they know at every moment they are held to account. But my experience in government, it is not so much the deterrent as it is the assists. Typical counterterrorism analysts would often deal with hundreds of constraints on the data sets that are available to them and because various orders of the court and interpretations of the court and sharing arrangements with various other nations it would all come along with their independent assessment of how the data can or should be used. Technology can help us by doing an atomic bind meaning it is organic to the data itself and what is the providence, and that should never be lost. Turn andd like to direct this question to the two of you, i noticed that in the written statement that you sent to us, you talked about the steps but didnt generally talk about the individual participation. You said in your oral statement just now that they are not a smorgasbord and a framework. If you have to employ the individual participation theft, how can that work in surveillance context. That is the toughest step to apply in this context. One way that you could do it which is not politically viable and perhaps not even good policy would be to loosen requirements. Recent answer is that if the individual participation is lacking in the context, then the rest of the framework has to work overtime to compensate. I absolutely recognize the challenges of implying individual participation but this is one area again where government is different than the private sector and it should particular in in the data minimization principle. There has been a lot written and said lately about how notice ship does not work in the private sector because people do not understand what they are consenting to and even if they do they do not have any other option so they have to consent and it is a meaningless exercise. You have any other options in this context . I do have thoughts on that. Is thatthe challenge they lead us in the wrong direction. I am not in any way trying to make it sound easy or if there is a simple answer here, but if in theirabout the sips national 1980s sense, we are talking about use limitation to the purpose specified and we add things like data minimization and individual participation and almost all of these seem challenged in a modern data environment. In other words, how does that really work. There are 60 people in the room and theyll have cell phones and recording devices, i do have a policy statement from any of them and dont know about might individual participation rights but i suspect it would want to look down on my watching to interview them all about it. Burden to the individual which the phipps has the largest effect is doing is a very difficult way to approach that and i think impossible in the Public Sector. It also may lead to completely wrong results, in other words one of the surprising things to , but section 215 is at the nsa collected all this data and did so little with it. You would like to say when people talk about atomically binding, i would like to think if we found something new that we might do with the data that might really have a major affect on National Security we have a process for seeing some kind of risk analysis. What are the processes in place to protect it and now lets do that. With a thing that has real value. Need to be thinking about approaches here that are not binding everything to some mythical transaction that took phippsver which in the world we see the individuals agree to this although i cannot think of a case in which the individual actually agree to it and then in the National Security world we just overlook that. We say we have agreed for the individual without again doing a clear and well documented type of Risk Assessment using clearly articulated values and benefits it does sometimes lead programs in the wrong direction it is a useful framework but the application says what youre actually doing with the program, you may pass muster but the actual way that the program may come aground may not affect the Privacy Protection. I dont think that the phipps are a Silver Bullet but the principles themselves are very useful. Second, it has been a longstanding controversy about notice of consent being inadequate but that is why i said at the outset that it is a framework. Each principal is dependent on the other. People do not know what they are consenting to when they receive a notice from their doctor am a they do not know what the hip a promising notice says or means or does. Which is why there has to be additional Privacy Protections in place. And lastly phipps are not the only framework. There are certainly other frameworks that can be applied. Nd should be applied although this is the subject of the panel i would like to do give all a chance to your opinion on what is the underlying privacy right. When you are at the nsa ice and we spent some of your time thinking about ramsey and Civil Liberties, what did you think that meant. I would say i do not think that has changed over time the technology might hold that at risk in different ways and it might be some downstream consequences given the scope and scale but it comes back to two things. With respect to the individual is there a reasonable expectation of privacy. That is the stuff of great legal debate. But operators talk about that as well as their constrained by the 10th amendment think that what they are actually authorized to do but the second way to think about the issue of privacy is what might you learn if you take these data sets and combine them in a way that might give you some insight into things that were not selfevident. You have to therefore think about the problem of aggregation and synthesis downstream. Might have some threshold there that you need to think your way through. Theuld tell you that at National Security agency that ethos is his importance as the compliance rules. Absence ethos the science will lead you astray. Youll get to a place where science alone cannot help you navigate the challenge or the question of how do you achieve ath security and privacy in place where there are massive concerns on the internet. Do have a thought on the nature of privacy . You ran out of time before you got to me on this. This is an area where i think the Public Sector versus private sector is an important distinction and it has to be kept clearly in mind. In the private sector i think of terms of harm or in tax on individuals or groups of individuals. The other way that we think t an individual in the Public Sector i think that is also true. I think there is probably something more and the public fromhich is privacy the very beginning of the constitutional debate something about the balance of power between individuals and the government. The more the government knows about individuals, the greater the risk that that information will be used in a way that alters that balance of power, that makes the government more powerful and the individual less powerful. That is a widely twist. D but ironic as weve gone into the 21st century we have become less transparent about the citizens to the government and more transparent about the citizen to the government. In that sense, everyone focuses on collection and uses it as a nonsignificant matter but at the end of the day it is the use that matters. How can the government use this information in a way that might affect me as opposed to, is the information out there . Have necessarily an answer but a framework for thinking about it which is to think about it from the perspective of social media. In that space youre seeing how younger people are viewing privacy. We had some discussions internally about some of our own Security Policies and should the Company Vehicle to look at facebook or linkedin and publicly available information. Toy vigorously objected their own employer looking at that data for a reason of Information Security. But you tweet it, which means , it is an read that tool for communication to the world and they still felt yes it is publicly available but they have an objection to government collecting it or even reading it or their employer reading it. I dont know what it means to define it in terms of privacy but there is a different view of it and even Public Information, there is still privacy inherent in Public Information somehow. Attitudes andh social media and understanding that could help us figure out what is this newer conception of privacy in this age. Sayid you have summing to mr. Geiger . During mymost of it opening remarks, i do view have a see through the lens of control. Individualsn ability to control information about herself but also the control that the entity Holding Information can exercise over the individuals. Important notvery just look at privacy harms or the extent to which privacy can translate to control in the context of the technology, i think it is very important to try to look out over the next couple of decades and see what is coming down the pike and areasare very pervasive of technology that we will see in our homes and our lifetimes. And the law is certainly not kept pace and without a change in the law i think that internal protections on use and access while important are not sufficient because they can change and have changed. When we talk about protecting privacy we should be looking, as i said to what is protecting several generations down the line. Just to get back to this myic on this panel again to for focusing on how the private s,ctor might have Solution Private companies are somehow doing something to control information they collect. The policy says what they will do and they have to comply. Are there mechanisms the private sector has used for enforcing these limitations that are particularly effective that the government might learn from . Lot, wee this a ourselves do not hold data but our customers hold data. , they use the same basic methods are described in my testimony and they have the same basic weaknesses. Do they have the infrastructure to manage axis control, a lot of them do not. Are they conducting the oversight of the data . Probably more so than some people and the government because of limited resources but they are still probably not doing it at the level that you would hope. One thing that i noticed is that even in europe or you have more commercial privacy law and compliance requirement, a lot of , so for is a best guess example one we have been running into recently is looking into Cyber Security and Information Security in the private sector and these giant Multinational Companies are trying to deal with employee privacy laws that are all over the map and theyre asking questions like, if a german employee sends an email to a u. S. Employee, what privacy rules apply to the content of that email and in germany you to tell the employee that i am about to start monitoring that email and any United States you can do whatever you want. They dont know if the answer is so they make their best guess. There are interesting lessons in terms of what the privacy is trying to do but i think youre facing a lot of similar problems related to scale and lack of understanding about what the rules should be. Is my own sense that there is a lot of Great Technology out there that can be used but a technology can fall short of your expectations. We ought to give as much time and attention to the process within which this technology might be used as the technology itself in the following process it might be useful to consider that first and foremost before you acquire any capability you dig your way through the proportionality concerns and is is necessary or am i doing this only to the degree that it is necessary. And what youre trying to achieve is not the balance of security and privacy but absence of transparency. Derives the possibility and the government or the need to acquire explicit authority which always comes with constraints. Some measure of accountability for those constraints in the process elements that are then essentially implemented to pull that off i think should have the aspect of continuous compliance not the discrete compliance at various points but continuous, you think about it all the time. Ist of the stretched analogy Cyber Security and until such times as we build our systems and update them continuously without foremost in mind it will break our hearts. The second process of implementation is an external component or an internal component where you have to hold the people accountable. Unless there is an externally imposed accountability mechanism you could wind up with mitch matched tch mismatched expectations. There is also the restaurant retrospective of how do we aggregate our experience and come to the conclusion of is it meeting our expectations as it should. Are we to the right or left of the course . Absent that you find that you are a frog in the beaker and it is adding a degree hotter moment by moment and you cant realize because you did not step back and take a hard look at it. I think my time is up so we will start with mr. Dempsey and go down the line. Thank you and thank you to the members of the piano for giving us your time today. In a weight building off of something that chris said or thati heard, youre saying we need the technology controls or to build the technology in a way that builds a controls at the same time in the policies that surrounded and the legal rules in my first question to you was that you talk a lot about the attentional of the technology in terms of tagging information and audit controls obvious, thatthe is not a substitute for the legal rules and policies. Absolutely not and we try to say we talk about our privacy enhancement capabilities if you think you are buying a switch that you can flick protects privacy it is not going to happen. Able to respond dynamically to changing situations and you have to be able to make human driven new wants decisions about data and about how it is used and if it is being used appropriately. And that is just something that machines cannot do. For the same reason we argued it on yournnot build on uni decisionmaking at the top of the analysis chain to do it. A technologyrust that says dont worry about it we have vivus he covered, so the goal should be what kind of tools to policymakers need and then the oversight officers and oversight boards what do they need and what makes their job easier or possible especially when you dealing with data at scale. Such use the example is that there is a lot of work and a lot of Research Going to Access Control interface. When you are dealing with terabytes of information in the Cyber Security space how can you create technological shortcuts to allow human to make decisions about how to manage that data and that is how you do it, you think about how do you support the policy, not how the replace the policy. To fred, totally accepting your point about the andtations of fips accepting your point about the importance of focusing on risk saying that are not collection is irrelevant that the Fourth Amendment is in some ways a collection limitation, in , theommercial context companies that had the flashlight app that collected data nobody even got to the harm analysis that Debt Collection was inappropriate in. Nd of itself youre absolutely right and i agree completely. Im not suggesting correction is irrelevant im simply saying that we make at the end of the story. Once youre over the collection limit than anything else goes. The ironic thing is that they never thought of it that way, they thought you had your collection authorization and your dissemination and your attention limit that each one of those that, icould respond to think there is something of a mismatch here and im not in any way doubting what the nsa was doing or what chris is saying but one of the astonishing things, when i read the section 215 report that came out from report, a wellwritten it had all the limits on what they were doing and what geologists describe as bureaucracy around that the technical yurok receipt. Fact whichignore the struck the American People was how is the authorization obtained in the first place. 99 out of a hundred people thought it might be focused on specific individuals and apparently the one out of a hundred who didnt was a different charge and had members of congress so i think one of the Critical Issues were thinking about Going Forward is, if this were the private sector there wouldve been a mediate customer feedback. The fact how facebook interpreted that as it means we will collect absolutely everything, there would be customer reaction. What do we create that will mimic that in the classified environment. Havinghat is literally the outside of the agency but focusing on liberties that says we understand the challenge but we think you have the wrong end of the stick but i think it has been overly focused on the Fourth Amendment which creates this problem of you which you will note with a dismiss the Fourth Amendment and say that the thirdparty doctrine is no palm at all. And somebody shouldve said, wait a minute you are talking about data on everybody and that wouldve focused the discussion in a way that all of the technological controls and the bureaucratic controls that have been well documented that the. Gency never did i doat is very helpful, not want to further rehash 215. Thank you. Do isbe what we need to supplement the omg standard. And private practice i would have a client and i would say everything your proposed to do is perfectly legal but are you nuts. That the lawyers have technically signed off but this is a crazy thing to be doing. Step is adding some like uppity richards who says the agency is not just the here at the law but people say we understand the legal grounds are taken care of but the oh my gosh response are you allowed to refer to god . I think you said we will have some of those similar roles but outside of the agency, i think this is where i would say although this may reflect my naivete but i would say although we certainly need to have secret operations and secret law, if a law that said one thing was being interpreted to mean the opposite that someone would feel the need to signal that as opposed to going out of their way to continue to say no it doesnt mean what we think it means it means that only you think it means. Build avenuesld for transparency about the law so that at least we all knew what the rules were going into it. I think that is a huge problem when the law itself is effectively classified because of the way in which the interpretive process works. How we embed that in the private sector goes back to my point about education. They just want to make things not efficient, but it is because they dont care about privacy but because they live in the world they create. They dont realize that this raises an issue. If you improve education across the board the technologist throughout the nsa if they are all conscious of privacy they are going to raise these questions and say what are we building . Anecially technology is interesting place because it is a place with a lowly engineer is more powerful than the ceo. As of the engineer says im not going to build this then that is it. Im going to fire you and you say i have four more job offers to go somewhere else. If you instill the values that youre looking for that is where you will get the omg response. Report we notice that most of the information collected was reviewed and was therefore minimized and even the information that was collected was oftentimes not minimized in terms of being deleted because it was not a determination about intelligence value. You,e question for each of is that a practical matter given how much information is coming if it is not practical how do we do minimization better . Answer, and unsolicited in addition to the proposals that have been discussed i find a special Court Advocate would also help with the omg standard. Solution,ltilayered having special advocates hopefully gets us there. What i said was that front end minimization and impact minimization are important. The determination ought to be made whether the information was needed and then flush it as a default unless that determination is made. This is different than the way that i think it is done in some agencies. In less than make a determination that they dont need it which is very different and that some guys sometimes causes information to languish. Feasible butn be it also depends on the specific program and the purpose. If the purpose is that we will collect everything that is off the omg standard for me. But if the purpose is more berow then yes there should Data Collection limitations. I understand that there are technical limitations there and that depending on the actual means of Data Collection sometimes it may be unavoidable that you collect more than you need but then you should be flushing the information that you dont need. Chris, any reactions to that . On 215, i know we dont want to rehash whether that is good or bad policy but from an nsa perspective, sustainment of that over years time with more than three dozen judges, from an nsa perspective and charge to effect the will of government and short of a referendum which we do every two years, i dont know how you make a significant change of how the government comes to those conclusions but i think that we are always going to find ourselves in a place or stakeholders stand in the shoes of those they serve. With respect to your specific question it is problematic on a few accounts. If you try to minimize it at the point of collection you her docs equate begin to focus on things that you shouldnt. A strange truth in the world is that there are two ends to every communication and sometimes more. If your interest is legitimately in party one to begin to focus merit,y two without without some kind of reasonable or probable cause, you begin to encroach upon their expectation of privacy absent some kind of reason to do so and so the policy at this moment uses this upon recognition which says do not focus undue attention on that and when you do encounter someone deserves further protection, you must take it. Built into that our time limitations and proportionality conditions which say how much data is enough for what purpose and how long will you keep that without some meritorious reasons that participates or contributes to a report you keep that for longer and if it doesnt there are time limitations. Those are always prescribed by those who grant that. On a phrase that has been used a number of times today and asking the same question i asked a Previous Panel does this notion of reasonable expectation of privacy, to the extent that that onelves overtime, how does ascertain what is a reasonable expectation of privacy. Is it based on a Washington Post poll that if 2 of americans are uncomfortable with x, y or z is it the conduct hole that 50 are uncomfortable about surveillance the people still use their phones and still engage in the world, if we were going to look to that reasonable expectation of privacy, how should we chris in what it is will start with you because you had indicated that the nsa did look to reasonable expectation of privacy. There is a basis of law which is that as the Technology Changes over time it does that give us a free chance to say that because it allowed us to use the Old Technology this way and the new technology which is more intrusive and therefore continue unabated but there is a wide practice of law and the nsa considers that as it makes its appeals for authorities which are always conditioned on justice representation in the right of authority under 12 triple three or the courts and second there is an expectation at a place like anna c nsa that you think through the eyes of those would be encroached upon, so you what the expectation of the individual and is there education such that regardless of what the law might say is this something that deserves some aspect of privacy and that necessarily has to inform the conversation that what you can see and what provisions you seek those authorities for. Interesting dialogue earlier about the 215 program and the internal bureaucracy and the nsa we thought that was a feature because the Court Essentially proscribed a massive use of that data but any for anything. Was that that nsa had if we had requested to use that for other purposes such as domestic terrorism or weapons of mass destruction in rogue nations, that that would have been an encroachment into privacy that was excessive and not meritorious right up front. As designed was surgically and narrowly framed on something which was warranted and justified under the context of proportionality and we had to toid creeping beyond that give the presentation of the consumer looking back and what they might think. Well, used the phrase as do you have thoughts on that . The thing that jumps to my mind and gives back again to analyzing data, i think it is reasonable to expect the government will not look at data that is not useful. That is a reasonable expectation the information that is not proven effective for some purpose, that that wont be collected or analyzed. Surveyed everybody at the company theyve said im fine with you looking at some of this data but tell me why you are looking at it because of course they are interested in protecting our own internal security and we are interested in our National Security so this is not the only standard, obviously utility cannot be the only analysis point but i think it is a significant question that we do not answer very well right now. That everybody wants data and they think they can do all this stuff and customers will come and say i have to understand twitter and we say what do you want to know and half the time ifif you want to understand, a lot of people like justin isber, if then twitter great, but if you want to understand complex nuance theory that we should do some thing else. The government can answer those questions and looking at how the data is used and using the data about data, to me that is where you would expand that x beck reasonable expectation of privacy. The question you pose is a very difficult one. Courts wrestle with it all the time. Everyone has a personal opinion and so to live. I believe that the reasonable expectation of privacy is a terrible framework. It is supposed to protect against searches and seizures. It has now allowed for some very unreasonable searches and seizures. Reasonable expectation of , u. S. Versuswork jones notwithstanding, the Supreme Court seems to be inching along in a direction where they are doubting the reasonable expectation of privacy framework as it has been applied to the past several decades, but under current law, would it be ok to have a network of drones or groundbased cameras that watch everything you do the moment you step outside of your house. There is very strong argument that yes that is ok under the reasonable expedition of privacy framework. Is the wrong framework to be doing a lot of that stuff. It does that have to be left out of the conversation, it is one framework and there should be multiple lenses but none of them going to be a Silver Bullet and they will not provide you with a clear answer. I think if ive time with one , using up question, the analysis of data and requiring agents or analysts to make an assessment of what information is relevant or necessary to maintain rather than potentially letting that about that what type of approach . I have been unable to get past this that it would require agents or analysts to put eyes on more communication than they would otherwise review. What is your answer to the privacy and implications of that . Hift i suppose there are two ways to do it, you could require the agent to look over every piece of data that they have collected , which is my main point not an Data Retention but Data Collection at the front end, if the data population is small it is less of a problem. If theyre required to look through large amounts of data that you know contains information about individual are not connected to a crime, that becomes on the flipside you cant the agent merely looking at data that they know is connected to other parts of their work. I dont think there is a hard and fast rule, it will depend on the program and what the agent is looking for. For that reason i think data minimization on the backend is not the answer. It has to be part of the framework. Whether or not you think that it is important to limit whiletions you can wait a interested in am what you think the role of the courts are. There are other systems like even in many of , theivil regulatory question is two part. Collections do you audits andnternal various other techniques that we enough that are not you need some kind of outside look . But secondly as a former judge i do youuestion the limited role that the court has been allowed to play in terms of the secrecy and even with our recommendations and other peoples suggestions about adding, even the judges in that court not only come out in , its practically impossible, given all the complexity that weve talked about and the fact that judges would come in from their regular isk and then go back again that the best kind of outside do you think we outside surveillance not surveillance, the outside look . An independent look echo or is there some better way to get the notion of an independent supreme neutral independent and that the deep question, go at it whenever you want. I think the role of the courts is absolutely essential. I think the important feature of that role is that it would be an independent role. Set of opinions went back and forth the updates , i briefings and corrections think that we would typically think appropriate or desirable and we would want an independent neutral and detached court. Is challenge of technology huge for all of us. Even engineers have difficulty keeping up with the technology. Appointedm is Court Experts in one of the most recent privacy opinions this summer cited breeze from it he tea where they explained the impact of the technology and the court relied on them and i think we should not overlook that. And that of coarse, courts have remarkable powers to compel the parties to explain technology in clear and understandable language. I could say more but let me share the mike. I agree with everything he just said. The courts played a very crucial oversight of National Security surveillance programs and i think the court is constrained i a lot of statutory limitations and i think we would Welcome Court oversight of minimization procedures and on the Ground Control on privacy. I know the court does some of that but it is also limited sometimes to just a certification. We talked about having a special advocate, but i dont necessarily view that person as an adversary there are also privacy also,ect one of thexperts problems that we are seeing in the debate over bringing in amici and the special advocate is that there are some forces in the court who would like to see greater restrictions placed on those parties so that it is a private court that instead gets to decide what role and what axis to information they will play which will severely undercut their effectiveness and ability to call the court. I would urge resisting those calls. Dont you think that in some cases even a constitutional reasonableness of something is dependent on understanding the technology . . Do you think that they are equipped to do that now or do you think the advocate will fill i do not know enough about the judges to make that determination, but the technology that is being exploited can be extremely, located and no i would not imagine that most lawyers have that sort of training. I know the court has some powers to some extent but that those should be loosened to explain this in as clear a manner as possible. Because i think youre right technology does have a direct airing on the rights being. Anipulated i think it is difficult critical to have a translator role. Just an issue for the court but for congress. One of the challenges was that you have to have a really complex technical debate and members are naturally going to be uncomfortable taking a strong stand when they are not 100 sure what the technical considerations are. Ishink the critical question that it is important that it breaksime because that down the issues and makes it easier. The challenges what are you doing in but between because Technology Becomes ubiquitous in a matter of months and starts to have a real effect right away and it will take 10 to 15 years for the court to settle on what they want to do so what do you do in the meantime and how should people be guided . There should be ethical limitations on what the private sector wants to do. What is the framework for making that decision. And that is the real challenge. I largely agree with what he said but i think with respect to the role of the court and their opinion on the efficacy of the policy or the government representation they have to have a solid if not exquisite understanding of the technology and i would distinguish between the two. The role of the Technology Expert in the court has great merit and would add to their ability to at least understand the technology but we have to thatour expectations because government wouldnt want to perform because the nsa to be exhausted about technology at some moment in time but at best it can only be illustrative as to where the technology will go. Technologycertain even if it does that change changes in and of itself. People make different changes in technology so forecasting that is not a fools errand but it is really hard. With a couple public questions and may only have time for one of them but i think this , if you dont you like the fips what alternative do you suggest. To be clear im not saying i dont like the fips just that i dont think they are the beall and all and i think it is a very useful tool in terms of identifying the negative impact and a beneficial impact and one of the things we have not talked about is the value of data for National Security or whatever. Managementct of risk is it helps focus on both sides of the equation and helps drive toward specificity. You ever want a documented as we identify the harmful or we can negative impacts look for tools that help minimize those impacts. So if the harmful impact is that you collect all this data and that be stolen the fear is the government might repurpose it for some other use and we can talk about use limitations that would help address that but i think a great advantage is that makes clear, where should we be. Ocusing our attention thank you to all the speakers throughout the day and the audience that submitted questions of it we had a remarkably informative discussion weve heard from academics and government officials, and we have covered a decryption of tips identification oversight and technology and bulk data all in one day so they have given us a lot to chew on so this is very helpful as we consider how to move forward carrying out our mission to Balance NationalSecurity Privacy any other comments . The board activities are compete complete swink urge anybody who has comments with the panelists for members of the audience, we are accepting comments on regulations. Gov the end of the year. With that imovie to adjourn the hearing, all in favor say i. I. Next, president of america. After that secretary chuck hagel and joint chiefs of staff chair Martin Dempsey at a house hearing on combating isis. The 2015 student cam video competition is underway on the High School Students to create a five to seven minute documentary ,n the three branches and you showing how the executive, legislative or Judicial Branch has affected you in your community. There are 200 cash prizes totaling 100,000. As you decided to student cannot for more information go to studentcam. Org. Green, cofounder of the Progressive Change Campaign committee outlines the legislative agenda for progressive groups in the lameduck congress and the upcoming 114 congress. Majorater the retired talks about president obamas authorization of additional troops to iraq. As always we will take your calls and you can join the conversation on facebook and twitter. Washington journal is next. In the first day of open enrollment on healthcare. Gov, over one Million People did windowshopping on the shiite site. President obama announced helping developing countries do with the effects of climate change. To president is headed back the United States, expected back tonight. Several reports this morning of another beheading of an american