You either can encrypt over cant encrypt. And thats going to be a tough one. The executive branch is making a strong stand on that, that that would be terribly detrimental to National Security and Law Enforcement, if theres a large category of content thats beyond the reach of government content surveillance. And so that ones a little tougher. Because of its binary nature. Also because industry has really, at least some large part of the activity, the Communications Technology industry has dug in pretty hard on it. So thats going to be an interesting debate to see and thats a highstakes debate. Great, thank you for that. And thank you for flagging a series of issues in congress that some of your colleagues have mentioned as well which involve access to data by Law Enforcement and private companies, to questions of encryption and well delve into all of that. But that makes it 31 against the constitutionality of the 24 7 drone surveillance and just to sum up the discussion that ive heard. David said that the Supreme Court in the katz case said, the question is, is there an expectation of privacy in public . Greg said that the court in jones said that we do have some expectation of privacy in public. Just alito and four other justices said that public surveillance that reveals a great deal of information about us for a month violates our expectations of privacy. Jones emphasized theres an important element of trespass in jones where the gps was on the car and Justice Scalia made that the foundation of his opinion. And maybe four or five justices might think 24 7 drone surveillance crosses a line. Although youre worried about the slippery slope and there was an interesting exchange, where a month is too long, but a day is okay. So whats the goldilocks magic line . So that leads us back to ahmed in dissent. Why do you think 24 7 drone surveillance would be okay, in light of the incredibly purr swaseive arguments that your colleagues made on the other side . Well, i think in jones, the concurring opinion that greg referred to, alitos concurrence, had more to do with aggregation, than it did with individual collection. And so, again, to what extent is there a drone will iffing yfoll around and thats getting stored somewhere. Or is it just following you around and surveilling you in case you pull out a knife, it will zap you with an electroshock . I dont know. In terms of, i just dont see i forget, actually, david, what your argument was. I just dont see the current doctrine not allowing something that is its not the 24 7 that that that takes the Government Action past constitutional limitations. In fact, you could probably say the drone is like a cop waiting outside of your house, et cetera. And i limited my answer to the fourth eaamendment. I think the First Amendment issues would probably be a bigger dealbreaker for the court. I think the idea of having any machine or camera, or surveillance following you around 24 hours a day, will make you selfcensor. In fact, there are studies that show that individuals working in fields like National Security, or even Cyber Security, more recently, journalists that cover National Security issues, are saying that they feel that they cannot they feel chilled in their speech and in their ability to get course information, et cetera. I think a lot of this stuff makes sense in terms of a First Amendment argument, but from the Fourth Amendment perspective, i just dont see privacy in public space actually, you were talking about katz, thats correct. And i dont think that it wouldnt pass the laugh test to say, i feel like i should have a reasonable expectation of privacy outside, unless the information was being aggregated and processed, unless it was definitely being stored, et cetera. I think you need more than just inspection. I see. So, greg, im going to ask you to respond. But your view is if the drone is following you and collecting the information, but its not being broadcast or aggregated, that would be okay. But if the drone is following you, 24 7, and its being broadcast live on the internet, that is a different matter, and that would raise concerns under jones, is that what youre arguing . No, im thinking if its aggregated, that would support the alito concurrence and i could take a ride that way. But i look at that more of a potential use of information, of collected information issue rather than just the collection. And once its been collected, its sitting around and you use it, essentially you process it and have an outcome. I think thats a due process issue. Im trying to understand. The drone follows me around 24 7 and like a reality show, is just being broadcast on the internet, is that aggregation . Does that violate the Fourth Amendment . I think that passes the Fourth Amendment test. I dont think it passes the First Amendment test. I think thats government conduct that chills speech at the end of the day. Greg, your response to this distinction between aggregation and collection . I thought, ahmed, when you were talking about aggregation, you were aggregating the drone data with other data not collected by the drone, is that correct . Yes. Well, aggregating it with itself and with other data. In other words, you can have a buffer that only stores three seconds of information at a time in the drone and to the extent it detects any illegal activity, that puts you in the jacobson world. This is monthlong surveillance broadcast on the internet . For the analysis, im going to think of aggregation as taking the drone data, adding to it other data and then drawing conclusions from it, versus persisten persistence, which is just taking the drone data for days and days. And my view is that persistence alone is going to be enough to trigger the Fourth Amendment protection. And i base that view again on the jones case and the five justices who seem to think that the trespass didnt really matter, so long as there was persistent surveillance, even though the case went down on trespass grounds. I wanted to flag to folks an interesting discussion we had about this at the privacy law scholars conference on june 24th, 2012, just search on this, from jones to drones, how to define the Fourth Amendment. Cant hold back the clever privacy scholars. Okay, this was a good discussion. Now i want to flip the hypothetical, which is not so hypothetical, and david, ask you, what if google did it . And let me say, it wouldnt be google, it would be facebook, so then its fine and you can answer it. Mark zuckerberg decides im going to start a new app, its going to be called open planet, and ill collect all of the current surveillance camera data in the world and broadcast it live on facebook and also encourage people to broadcast live from their phones, allowing, say, ahmed, to follow me 24 7 with his iphone and broadcast that 24 7 on the internet. He would say, check up on your friends and learn cool stuff and whatever. If that could be done, obviously the Fourth Amendment does not apply to google and facebook, even though google and facebook arguably have more power over privacy and free speech than any king, or president , or justice, under current statutory law. And youre telling us about the complicated debates in congress. Could facebook broadcast on its own, private, 24 7 camera feeds that would allow 24 7 tracking of anyone in the world . So i think part of this would depend i cant envision a scenario where a Large Technology company would put a product or service out like this without describing what it was doing and having specific privacy protocols behind it. So i would surmise that if such a product, service, application existed, there would be pretty robust controls around the collection and use of that information, and that at the point those representations were made, there would be legal restrictions on the ability of a company to collect and use that information or to make material changes. Thats more of a function of the Privacy Policy itself than it is with respect to statutory law. But i think there are situations too, where ek pa would be implicated to the extent that information is being disclosed to thirdparties in ways where the original user hasnt consented to that type of disclosure. So i think there are other statutes that would likely come into play here. But, look, there have been lots theres been a lot of discussion about whether, you know, whether there ought to be a baseline privacy law, for example, that governs what companies that arent currently governed by other types of privacy law, whether it be fikra or hipaa, legitimate discussion to have. I do think that its a separate and distinct discussion from the types of debates that were having in washington right now, around government surveillance. And i think its incumbent upon Technology Companies like google and facebook, when we are venturing into New Territories that have new type of privacy implications, that we do give users the control that i think they expect, when theres uncertainty around these types of applications. A thoughtful answer. Not so hypothetical, in some sense. I was at a wonderful legal futures conference that google sponsored in 2007 and andrew mclaughlin, then chief of public policy, said that he expected in a few years, google and facebook would face pressure from the government and from users to advocate public surveillance cameras and broadcast them live. He thought google would choose not to do it. But i want to know, under current law, if facebook chose to do it under current law, would it violate, could someone make the argument that were all voluntarily turning over our location or camera feeds to third parties when we walk down the street and therefore they can broadcast them to the World Without restrictions . You took the words right out of my mouth. I think thats a perfectly legitimate argument. Especially since theres a lot of signs saying, this area covered by cctv. So if you walk down the street, youve accepted the consequences. Im not advocating it as the right result, but i think as a statutory matter, i havent gone through this, the cataloguing of statutes that might relate to this, as it relates to a private party, but as a constitutional matter, if its a nonstate actor and theres a applicable statutory bar, seems like there would be ive described specifically the movements of congress to address precisely this question, and if theyre not afoot, what laws do you think are necessary to prevent Mark Zuckerberg from this invasion of privacy . So i dont think there are bills or statutes that are moving that would address Something Like that. And i think that theres a significant hole in the extent to which consumers have privacy as against corporate collection of information. But i dont see it being plugged in a meaningful way by a baseline privacy statute in the near future. You know, jeff, let me put a twist on your example. Maybe you were going there anyway. So all this data is being collected by a company, and then the government says, hey, that would be pretty useful for our investigations. Hey, we want the realtime feed, or hey, we want to be able to query the database at will. What controls that right now . And really, were in murky land, because i dont think that much does. And i think that as privacy advocates, we need to start thinking along the lines that ahmed is talking about, which is not just what protections are there at a collection stage, because often times when a private company is collecting, they wont be there, but at the government access stage, when the government says, we want to buy it, or the government says, we just want to act just like every other purchaser of information from this database. Thats great. So ahmed, greg points to this danger, in addition to the invasion of privacy of facebook broadcasting this data live, the government could also seize it. In your initial thoughts, you drew this parallel between the fourth and First Amendment. I love that because it was so brand ician. My hero is justice brand ice. Whenever i have a question, i ask, what would wwbd, what would he do . He like you, noted the intersection between Fourth Amendment protections against virtual searches and First Amendment protection for freedom of thought, and he thought it was so important for citizens to be able to develop their faculties and form their opinions in order to be immune from government surveillance. I want you to take up this facebook example, although government can buy the feeds, do you think that the 24 7 facebook broadcasting violates current law and if not, what laws would you propose to con strain it . So, it doesnt violate current law because you consent out of the Fourth Amendment. Youve provided your consent to google sorry facebook. Yeah, google would never do that. To facebook. I think this is what europeans distinguish as Data Protection. I think theres a difference between the idea of invading someones expectation of privacy and in our case, collecting data and i think theres a difference between that and using the data for a variety of purposes and whether the user, the one that gave you the data, actually has control over that. Thats a distinction i make in my head in terms of a doctrinal sdivtion, not a normative distinction. But i find when you separate those two, its easier to have a conversation about this stuff. So youve given your consent. The Company Takes your data. You no longer have a right of privacy, but maybe you ought to have a right to control the data. Or a right for your data to be protected. And maybe the government then could get involved and facilitate that or regulate that. But i think another thing that i think greg mentioned is sort of what these companies can do with their analytics. So google sorry well, google and facebook. Google can parse through and categorize youtube videos and tell you what all youtube videos have somebody with orange pants and raising their hands. Facebook can tell you if somebodys depressed before theyre clinically diagnosable with depression. And so when you think about these things from a Law Enforcement or intelligence perspective, theyre very useful tools. So at what point will, at what point will that be purchased or requested or asked for or compelled . Thats sort of a prophylactic question that i have generally in my line of thinking about social media. David, were positive google would never broadcast these camera feeds, but google, unlike facebook, is subject to a Privacy Protection from europe, and thats the right to be forgotten. I wont hide the ball on this. I just debated the european privacy commissioner and believe that this represents the biggest clash between american notions of free speech and european notions of privacy in the digital age. Why dont you tell us about googles response to the right to be forgotten and other regulatory pressures that its facing from europe to protect privacy . Spoiler alert, we lost that case. Didnt go so well for us in the European Court of justice. I think were pretty laser focused right now in trying to implement that decision in a responsible way. I dont think you know, i dont think it will come as a surprise to anyone to hear that the issues are challenging in terms of trying to figure out when information is, you know, irrelevant, or outdated. In the context of an individuals right to be forgotten, i know thats a term that some europeans take exception to, but its become sort of common in the lex con of this discussion. And i think were this is not this is not theres no analog to what we are doing right now. I think its an uncomfortable undertaking in the sense that theres, i think, from the broader public, theres a Large International company that is making decisions that are effectively going to determine what is available and accessible on the internet and whats not. Its certainly not a position they think we want to be in. I think from a small democratic perspective, its not the right result. That said, i think were trying to figure out how to implement this decision to do it in a responsible way thats reflective not only of the right to Free Expression in europe, but also the right to Free Expression here. There have been controversies that have surfaced over whether the right to be forgotten ought to be extended to dotcom. And its an issue that were continuing to have discussions with the Data Protection authorities, but that we certainly believe theyre a real, sort of philosophical and legal issues around extending the reach of the ruling and an extra territorial way to reach dot dotcom. There are issues where the publishers of websites will receive notice when there are right to be forgotten requests to be processed, or that those who pursue them are successful with, and the extent to which the notices can be specific or whether they can only be general. So can a web master say that what youre seeing here, or can we say, i should say, what you are seeing here in the search results, may not be completely reflective of whats out there, visavis, or i should say, as opposed to saying, when you search on a specific term, and theres been a right to be forgotten request thats been processed. At that point, you say, some search results are not going to appear here. Theres been less controversy with the former example than there is with the latter example. But those are examples of the issue were grappling with. There are serious implications here for the future of Free Expression. I think theres been some suggestion that which hasnt gone very far, but the notion that we ought to think about how we can be effectuate a right to be forgotten in the United States and do so in a way that comports with the First Amendment. Huge challenge to do that, though. There are indeed. We jumped right into this debate. The right to be forgotten gives any user in europe the right to be deleted, any information about them, unless first google and the european privacy commissioner decides that its not irrelevant, outdated, or is relevant to some public purpose. So if during this panel right now, someone is tweeting that im a really boring moderator, i could object in europe that this violates my dignitary right and demand this post be deleted from google, not be indexed and google has to decide whether im a public figure, whether the tweet is relevant, and if it guesses wrong, its up for legal fines, but the fines could rise up to two or even more percent of your annual income, which is more than 50 billion. You can have heavy penalties if you guess wrong about this unfair tweet that im trying to have removed. I think thats at least envisioned under the Data Protection regulation and the types of fines that might be imposed, thats a possibility. Dont answer if you dont want to engage or if you havent followed it, but most americans support some form of a right to be forgotten. Is it a good idea, and should Congress Pass it . I cant claim to be an expert in this area, but it just seems it strikes me as impossible. Almost impossible to implement it. And youre right, it flies in the face of the idea that our culture, our political democratic culture has been based on the idea of free dissemination of information and that the marketplace of ideas is nourished by more ideas as opposed to less. So it seems a little bit it doesnt really fit with my vision. In terms of your question, is it a good idea. Any takers, anyone want to argue for it, or all we against . Theres this great new book called intellectual privacy, and he traced brand ices evolution, he wrote the article, defending our right to privacy, it allowed people to sue if there was true, but embarrassing information that harmed their dignity. He decided free speech in a democracy was more important because people had to decide for themselves what was relevant for Public Discourse and wrote beautiful free speech opinions about the necessity of favoring free speech over privacy. Greg, given the fact that no one is arguing for a right to be forgotten, what is the most important of the pending laws in congress, that you think are necessary to address one big problem that everyone identified, which is this thirdparty doctrine, the notion that as the courts have said, if i surrender information to a thirdparty for one purpose, ive abandoned all expectations of privacy in it. You talked about the cell phone search case, but the government might argue, im voluntarily surrendering my Location Information to verizon or at t, or whoever my carrier is and verizon can share it with the government or anyone else. What are the laws pending to address that big problem . So, first, david mentioned one key bill that is the bill to require warrants for content stored with thirdparties. I agree with david, i think that legislations time has come. Its got strong support. Im hopeful it will move this year. Theres other legislation, the gps act, that would make it so that government would need a warrant to get information generated by the use of mobile devices like cell phones, whether its gps information or whether its cell site Location Information. Whether its prospective, meaning going forward, or whether its stored. That legislation isnt as far along and i think we need to have more debate and more hearings about it. Complex issues come up. Law enforcement does these things called cell tower dumps. Who was at third and main on the day the bank at that corner was robbed . Which phones were there . They get a dump from the cell tower and that lets them know which phones were there. Why would they want that . Could be thousands of people. Because then they ask, well, who was at second and water street on the day the bank there got robbed . And all of a sudden, they look for which numbers were at both locations, because it was the same m. O. At both locations, and then all of a sudden they have their suspect. So, is that going to require a warrant and what would be the standard for that warrant . Then theres the onetime ping. Its different to say, where is greg now versus, where was greg at each moment for the last 90 days . I think its hard to draw that line and so my inclination is to say, you need a warrant for Location Information, period. But others will want to draw that line. So i think that the location legislation isnt as far along. I think its worthy of consideration, and of more debate. And im hopeful that it will move forward after the warrant for content legislation goes through. The other bills that are pending, ken kind of alluded to the section 217 surveillance legislation. My own view is that congress is facing an important decision about whether to continue to permit every phone call, virtually every phone call made to, from, or within the United States. And the congress has forced itself to make a decision for that program. So i think that will come up as well. I think those are the biggies. But i dont want folks to miss one other debate, and that is the Cyber Security legislation. Theres legislation pending right now that would allow companies to share what are called cyber threat indicators, that are derived from your communications with the government, not just for Cyber Security reasons, though. But also, in particular in the senate legislation, also for criminal reasons. A number of criminal statutes could be used to trigger this volunteering of information from providers to the government. I think thats very dangerous. Im all for Cyber Security. I think theres a flaw in current law that doesnt allow companies to share what they ought to be able to share, they ought to share. But that the legislation is going way overboard in terms of describing and permitting the sharing of that information. Great, thats very helpful. And lets get the panels thoughts on the categories of debates youve talked about. First, bulk collection and then the one for content and Location Information, and then Cyber Security issues. Ahmed, youre counsel for chelsea manning. Is a bulk collection ban by congress necessary, or do you believe that bulk collection, as currently practiced by the nsa, violates the Fourth Amendment as at least one court has held . I think a ban is necessary, because because im on the fence as to whether doctrinally, theres an issue. And in fact, there might not be an issue. So thats why i think a ban is necessary for normative reasons. However, the example that we give as to the harm, natural privacy harm that derives from bulk collection, especially 215 collection is a result of the use of the data. Again, i think thats i distinguish collection and use. We saw recently the Obama Administration had considered ending bulk collection before the snowden revelations. Would a ban on bulk collection by congress harm Law Enforcement and be a bad idea . Why arent you answering that one . Yeah, why arent you . Really subtle moderation here. Look, im not sure about the accounts of how it was considered whether or not to end the bulk metadata collection under 215. Not surprised it was being considered. I think those programs should always be subject to a costbenefit analysis. But ill be interested to hear sort of the followon reports as people react to that initial report about how serious that consideration was. That does raise an interesting question. I think in the public debate youve got the constitutionality and legality under constitutionality, whether that collection fits under 215, whether thats stretching of the term relevance allows for that bulk collection. And then you have the question about utility. The utility of the program. And thats on the executive branch to make that argument. And its important that they make that argument to congress, that really, this is important. And define this, what core of that authority do they really need . And at some level, i think that argument can be made. Because the question then, and im going back to my old slippery slope argument, as an advocate for the government, in this situation, im sort of doing that. What is bulk collection . Its a broad term. Once again, like the 24 7 drone, were talking here about the collection of millions and millions of phone calls, so in sort of a relatively speaking, extreme form of bulk collection, and the question the legal question under 215, is it relevant every piece of that information relevant to a terrorism investigation, National Security investigation, to have all that . The argument is, we need all the telephone numbers in order to see the patterns, the type of thing that greg was talking about in relation to banks in cell tower information. You get all the phone numbers together, you can see this is a bad guys number here, and hes in touch with this number and that number, and that helps you to potentially unwind a terrorist cell. The question is, oh, yeah, and all those millions of phone numbers, the vast majority are going to be phone calls made by people who have nothing to do with terrorism and are completely innocent. Well, thats true, and in that sort of extreme example, you say, boy, the governments taking hold of all this information, most of which doesnt have a direct connection to terrorism. But then take the scenario to a different level, a smaller level, government hears through some intelligence channel that a terrorist just got on a plane from paris to jfk. You want the government to get the manifest of all the names of the passengers on the plane. 110 passengers on the plane. 109 of them have nothing to do with terrorism. But one does. In order to find out who that person is, you want to run all the names against the database and see if you can identify who the bad guys is before he tries to blow his underwear up or whatever. So just at a practical level, you got to think about what is bulk data collection, its not just the extreme. There are situations where i think most of us would agree, boy, thats actually the kind of thing we want to be able to do and do quickly and shouldnt require a warrant. We have a technical term for that, the collection of all the names of everybody on the airplane, along with the terrorists. Its bulkish collection. [ laughter ] so what happens in a case of bulkish collection . Right . Bulk collection means theyre not using an identifier to collect on that specific term. Okay . So theyre not saying, give me everything its not like a pen register, all the numbers dialled to or from a phone number. Its all of the numbers dialed, all phones. Thats bulk collection. So in that scenario, the airplane scenario, the key issue for the privacy folks is, not whether you can get the manifest. Its what happens to all the other names on the manifest that are of no interest . That goes back to ahmeds point. Which is its the use im sorry. Its the use of the information and the limitation. So not limitation on the collection on the front end, but how its used. The nsa went to great pains to say theres a limited number of people who can access it, very limited purposes of accessing it, x level of authorities, so that joe nsa operator cant just go in and check to see whether his girlfriend is making phone calls to somebody he doesnt like. Yeah, but heres the problem. The fbi doesnt have a rule that says they have to throw out that data after they make the match. And thats really where the fight is, or a big part evof th section 215 reform right now. Make the match, throw out the data for the people who dont fit the match. Youll save it for a while during the investigation, and making sure that the paris cohort is or is not on the plane, i get that, but at some point, relatively quickly, after that assessment is made, get rid of the data about the innocent people. And theres not a good rule about that now. David, does google have a position on whether bulk collection should be renewed or banned . Yes, we do. So weve been strong supporters of the usa freedom act. There were several iterations of that bill last year. Its interesting to hear the discussion. I dont know candidly at the end of the day, from a functional perspective, whether there is that much disagreement in the sense that theres been a lot of discussion around the bulk, you know, Metadata Program and the broader communications Metadata Program and the solution that has been offered is to require that the government use a specific selection term. Part of the usa freedom act, and part of the ongoing discussions around surveillance reform legislation. I think theres been a lot of discussion about how to get that to the point where it doesnt permit bulk collection, where it doesnt open the door to the types of surveillance that weve seen in recent years. And at the same time, gives the government the flexibility, particularly in some of these cases and the hypothetical that can raise, so that where they cant, for example, use a very specific identifier, whether that be an email address or a phone number, that theyre able to obtain records, that enable them to identify and or thwart a terrorist attack. At the same time, to gregs point, the more the debate focuses on the use of that data, i think that heightens the importance of making sure that minimization procedures protect the data for subsequent use. With the usa freedom act, what we saw last year, industry, privacy advocates, the administration, manages to coalesce around what was the right definition to get this, so there was not bulk collection. I would say we dont need to start necessarily from scratch. We have a solution thats on the table that works. We have about two months to get it right. And im hopeful that we can move forward with that bill. So it sounds like the perfect reform, supported by the administration and industry and yet it didnt past last year. Why not . And will it past this year . So i think a lot of it had to do at least last november, there were some processbased objections about the way the bill came to the floor. It didnt go through committee first. There was an opportunity to pass it in the lameduck session. And there was the sense from some who felt like it should go through regular order. That opportunity is there now. And i think congress probably should avail itself of that regular order process to the extent that thats important. There were 58 votes in the senate, two short of moving it on the motion to proceed. Some of those in the senate whos supported that reform are gone. But if you take a look at the numbers, its difficult from both sides. In the one sense, in the senate, when you have to get to 60 votes, youve got to be able to bring along the other 40 in some way. Last year, it was the burden of those who wanted to move that bill. This year, its the burden of those who may want to simply reauthorize section 215 in its current form. I would submit thats not truly in the realm of reality. You know, i think its incumbent upon everybody to get around a table and figure this out. Weve done it already to an extent with the usa freedom act. What im hopeful is that folks can sort of recognize that the types of solutions that are being forged here, are relatively modest ones in the grand scheme. There are broader reforms that have yet to be undertaken. There are really important concerns, i want to underscore, very important concerns outside of the confines of the normal Fourth Amendment issues that we discussed about what types of rights, nonu. S. Persons are going to have going forward. The internet is a global medium, it does not have borders. Folks who are broad, rightly look at the way our laws operate and the way we operate our surveillance programs and cant seem to fathom why it is that we focus solely on the rights of u. S. Persons. Thats a really important debate that were going to have, but i think its important, really important to get this right here, because it does in some ways frames the term of the debate going forward. Ken, you talked about how hard it is for congress to scale back powers to the executive once granted. Will the usa freedom act pass and should it . You know, i im not a really optimistic that it will pass in the current form, especially given the geopolitical events since last year. So im not really sure they would trend toward passage, as opposed to the other direction, frankly. Lets talk about the other direction of bills, warrant for content information, and warrant for geoLocation Information, will those pass and should they . I think on the in terms of the content and now this is about the 180day rule and whether you need to get a warrant to get email content, even if its over 180 days and hasnt been opened, i think theres a Strong Movement for that, and i believe actually that the Justice Department has come out in support of it, hasnt it . I think as a matter of practice, the Justice Department is getting warrants now as a matter of practice, even though theyre not necessarily statutorily obligated to. I think that will less the speed on the geolocation aspect of it, or the geolocational legislation, but i could certainly see, especially in the aftermath of the jones decision, that it would stand a fighting chance. Interesting. Greg, do you agree with kens analysis, and if so, why is it that Congress Might be more willing to restrict private sector collection of data than to restrict government surveillance . I dont see Congress Actually passing a meaningful bill restricting at large private sector collection of data. The white house has proposed a rather weak consumer bill of rights recently. So i just dont see a strong line going through at least in this congress. Now, on the usa freedom issue, i think its an open question about what i think some legislation is going to pass. It almost has to. Because its going to be hard for congress to just reauthorize section 215 as it is, and really, jeff, were in a debate about, to what extent will section 215 be amended to prohibit bulk collection, or to permit it in some circumstances, but more limited . I think thats the debate. I dont think theres going to be a completely binary question on that. And as for ek pa reform, im pretty confident that theres enough support now to get it through. And from the governments perspective, all the large providers, virtually all the large providers now, not all of them, but virtually all of them are requiring warrants for content. Theyre basing that stance on a sixth circuit case called the ror shack case where the court found a warrant is required and no sishit court has gone the other way. So all the providers are lined up behind that case in saying, if you want content, you need to come back with a warrant. So whats the big deal with statutitizing it . Great. Want to take up the last big issue on the table, and that is Cyber Security and encryption, i love the fact that your biography says youre a journalist accused of being a spokesperson for the hackers group. Thats a client, yes. Yes. Are you in fact the spokesman . No, my client, barrett brown, was accused of being a spokesperson. I see. Theres a big misleading. You were the lawyer. So i can still ask you the question. The argument against recent moves by apple and others to encrept data is that it makes it harder for Law Enforcement to get child molesters and other really serious bad guys, what do you think of those arguments . Well, it certainly makes it more difficult, but i dont think those are good arguments to prevent a maker of technology not to provide secure, efficient, and Robust Technology to customers. For me, its really open and shut. But, its interesting because youve got a lot of different technologies being developed and having dual purposes, for instance, the yeah, the notion is somebody mentioned it earlier, vpns earlier, and the idea of sort of cloaking your online identity or using an nonmiezing technology so the computer on the end point from whatever communications youre making will not know where youre located, wont know your ip address, thats a huge problem for Law Enforcement. Because Law Enforcement generally likes to go through friendly third parties, like the isp. And so as a result of that, for instance, theres been a, or there will be a modification of the federal rules of criminal procedure allowing fbi agents to hack into computers as a mode of search. Now, when you apply that to targets, whose location is unknown, almost 90 of those targets are going to be outside of the United States. So now youve got a situation where an fbi agent or a prosecutor with an fbi agent are making an application to a magistrate judge, getting a warrant to conduct a hat, there is a nine out of ten chance that that hack is going to be abroad and its unilateral, you havent got consent of that country. And so all the sudden, youve got a magistrate judge and Law Enforcement engaging in what i would think as foreign relations. So, i guess, im telling the story just to sort of underscore the complexity of all these technologies, but also, the fact that Law Enforcement is not our, and should not trump everything. I would also note that this rule 41 modification would be used in general crimes. Were not just limiting it to National Security. Of course, Cyber Security is the new National Security. And so, when kenneth, the great examples that kenneth gave on stopping a terror attack, those same exact type of scenarios could be presented in the Cyber Security context because of higher National Security as an threat than terrorism. Im wondering, and that is the perfect slippery slope. So youve got a lot more information sharing between private companies and a very big indicator of whatever cyber threat information is, i dont know what it is. And that also being shared by the government, and at the sam time, youre trying to protect for certain use of that information sharing, such as antitrust violation for instance. So a great deal of that has to happen at a black box. Where nobody can really be exposed to it. Some would argue that would make it private as well on the form of human exposure. All to say that weve got more information being exchanged or shared, and analytics being conducted on that information. And then outcomes that are pretty opaque to the naked eye. And for me, again, i think thats, its not just a privacy issue. Its also a a chilling of speech issue, but really a due process issue on the end. Nice to draw those connections. David, does google have a position, first of all, whats googles reactions to apples decision to encrypt, and whats its position on the Cyber Security bills . Thanks, yeah, you know, so we, we are very much too sort of moving toward the result of encrypting devices in the same way weve encountered issues with the performance devices that run on the android operating system. Its a android operating system as many of you because apple has a soup to nuts organization. We work with different origin and equipment manufacturers, were very much sort of heading in that direction. You know, i think just to take a step back, there was a tendency to view the Movement Toward and to end encryption as necessarily responsive to the snowden revelations. I think that oversimplifies the debate, at least visa google, weve been working on various forms of encryption, whether thats sort of encryption and transit from the browser to google, and now obviously and to end encryption, but we were working on