these fine gentlemen here. for the first 30 minutes i'm going to be asking questions and i'm going to ask you to line up and asked questions and comments are welcome as well my name is bruce swartz and i am the head of the academic technology department here and i w >> i welcome you. prior to making introductions for these gentlemen, i want to throw out points i would like you to consider as they are making their comments and you want to ask yours. according to an internet security company in 2014 internet threats increased by organized crime gangs by 23% last year. of that the health care industry was hit 37% of the broaches and that includes anthem. 11% was the retail market -- target. and 10% in the education sector. a friend of mine told me samsung smart tv in their terms of service agreement has a clause that says please be aware if your spoken word include personal or other sensitive information that will be along the data captured and transmitted to a third party through your use of voice recognition. we hear about nsa surveillance on a daily bases. i will ask questions and the final 15 minutes we will invite you to come up to the microphone. to my right is marc rotenberg, he is the president and executive director of the electronic department in washington, d.c. and teaches at georgetown law university and testifies before congress on emerging privacy and civil liberties issues. he testified before the 9/11 commission on security and liberty protecting privacy and preventing terrorism. he is the co-editor of "privacy in the modern age." in the center is amitai etzioni who is a professor of international relations at george washington university and served as an advisor at the carter whitehouse and has taught at many universities. he is ranked one of the top 100 intellectuals. and we have jim dwyer who writes the about new york column in the new york times and worked in the newspaper for 35 years. he published false conviction; innocence, guilt and science that uses games media science and multi media tools to show how the mistakes we make in every day life can be embedded in the criminal justice system. he has written or co-authored five other books. he is the author of more awesome than money, a book about four young men looking to help others protect privacy from facebook. we will start with jim. jim, during a conversation we had you mentioned privacy settings are an illusion. you can talk about that and then you have something interesting to show us on the screen. >> sure. we all know we don't want mom to be looking at the picture of us on facebook with the bud light logo printed around our naval or any other crazy thing that might end up in a public space like facebook. over the last five or six years, facebook prodded by some of its competitors has made fine grain control part of its -- so this is only going to people on my softball team or something. one thing that is never excluded from that whatever you put up there, is that facebook itsself itsself -- itself -- it even knows when you had second thoughts and you started to write something and x out this is considered loss content. most of us would consider it prudent speech. we are in an age of what i consider to be the big bang moment of the digital age. things are still flying around and taking shape in ways we have no ability to discern. and privacy is one of these terrifyingly complyicated parts of it. we should consider where the world wide web came from and where many of its most useful features came from; they were built by individuals not corporations. they were the ideas of a few people who were able to use sweat equity rather than major capital equity to make advances. that is how i started writing about the four guys who were college students and wanted to build an alternative to facebook. they didn't succeed yet. but one of the places that has this do-it-yourself dna that i think is intrensic to understanding the wage age we are in is mozilla that makes a browser called fire fox and i will show you a tool you can use to add to your browser. this thing is called add-ons and one is called lightning that i am particularly fond of. it keeps an eye on who or what attached yourself to a browser without you knowing it. right now this doesn't look like a heck of a lot. okay. what we will do here is try a couple sights. espn -- world wide leader in something or other. let's try c-span and see what happens when we put that on. cspan.org or com? let's say citi bank. that happens to be a bank i know. now we will go back to lightning. there are the things that all of those triangles represent third party trackers that have attached themselves to my browser in the last 90 seconds. so here is "the new york times." and around it somehow facebook got in there. google is in there. i don't know what imr worldwide is. new york times, facebook and there is cspan that is connected to something else which is connected to the times as well so you can see they are cousins by marriage and there is c-span video. there is citi bank and they have google in there. and google is our friend right? except google is collecting every single bit of information, every thought you have and auctioning it off every second of the day. >> jim, the 16-third party sites apply to the four sites you have up there? >> correct. up at the top you see four sites, if we add a few more in there, i will not do it now, put in home depot or whatever you might be interested in shopping for, you will mind within a few minutes proliferation and your entire screen is in motion with this. this is sort of meant to terrify you but only in the sense that when kids take drivers ed they are shown videos of car crashes and what happens when you don't wear your seatbelt and do this or that. this is part of what our social education ought to involve. the level of tracking that is invisible to us until we turn on something like this lightening site. >> marc is that the terrifying? >> well i don't think it is terrifying, i think it is a reflection of our power in the very early stages of a policy discussion about the future of privacy and that is why we decided to write a book titled "privacy in the modern age: the search for solutions" i should say a few words about the genesis of the book because it will help you understand the significance of the privacy issue in our daily lives and jim just talked about the frustration people are experiencing trying to face who is following them but the big legislateive and courts discuss about the flow of data. we are underin the midst of one of the most concerning policy debates in a long time. returning to the book briefly, it is partly about the beginning of an organization that i founded with colleagues and friends more than 20 years ago called the electronic privacy information center. and the book traces our history and here is the remarckable part of the book and how familiar the issues are. what we were concerned about in 1994 was the nsa's monitoring of internet communication. and what we were concerned about was the use of vulnerable technologies that did not provide adequate privacy for e-mail. what we concerned about was the lack of security and stability in network communications. this has been a very big debate since mr. snowden disclosed documents in june of 2013. these are the same issues we were talking about 20 years ago and trying at that time to establish baseline expectations for privacy in the modern age. part of the book is also about the many people we worked with and our expert advisors who are legal scholars technology experts and people who have provided the building blocks for modern security standards and the development of encryption techniques that all of you rely on by the way when you go online and make a purchase through amazon and type in your credit card number there is a reason you can do that securely and that is because in the early days of the online economy certain decisions were made about insuring that your credit card number could pass from your computer host's computer without anyone getting access to it. if that works it is great. when it doesn't work there are enormous problems so for the last 20 years we looked at the problems for online security and challenge and pointing to the risk the nsa created when it said we don't want people to have secure online communication because if they have secure online communications it is possible that availability might be misused and used in ways that pose risks to public safety. and i would not dispute that of course. but in a decision about technical standard for the internet that diminishes the privacy users might be entitled to there is also a substantial risk and that is the attacks we are experiencing from foreign adva adva -- result from the diminish diminishing. we see this about how safe it is for the internet to use when people go online. it is a fascinating question from a legal perspective. we know the united states and the european union there is a debate on whether internet companies based in the united states provide adequate privacy protection for eu consumers who go to the companies and provide their personal information. a contrast between two legal systems is happening. the european union 20 years ago said they want a comprehensive approach to security and security is important and we will establish such in any business that collects and uses personal data is subject to that approach. that is the baseline in the european union. the u.s. took a different approach. we had a moment 40 years ago and decided to put in a comprehp comprehensive approach for the federal government but not the private sector. you have rights for the cable subscription records about not a magazine subscription. and then we said we don't even need law because people will have options. if they don't like google they can use another search company. or if they don't like facebook they can use another social media company and made the decision not the put in place comprehensive privacy laws and now there is little privacy protection for internet users in the united states today. and the european users are not happy about that and they think the use -- u.s. -- needs to do more. i talked about the litigation strategy and we did the first internet petition 20 years ago to oppose the nsa's encryption scheme and got 50,000 people to sign up. now that is like a chatroom or something. but 20 years ago it felt like half of the internet. we did the first internet petition and brought cases and the last part of the book tries to set out concrete recommendations. it is very much my view that these are problems we need to find solutions for which isn't the same thing that says these problems can be solved. if someone walked in saying i figure out out how to fix water pollution you probably wouldn't take them well because we don't solve those problems but rather find ways to manage them. we said how do we get the advantage of the new technology while minimizing the privacy risk? coming back to jim's example i don't think internet users should use their evening trying to see who is collecting information about them. i think the service should be designed to provide a high level of security to the individual and if the individual choses to disclose information to third parties that should be their choice. no one is denied the opportunity to exchange their data to others. but we are objecting to the current default setting that says companies can take your information unless you object and that seems entirely unfair. it is a bit like an auto manufacturer saying we have safety features on this car, things like seatbelts and brake pads, they are all sitting in the trunk and if you want to take advantage of them there is a manual and you can install that and isn't it fun to drive a car. i think we need to think about safety and let's establish safe guards and leave people with the freedom and choice to disclose personal data as they chose. >> i would like to turn a little bit toward surveillance. some people talk about the world changed after 9/11. we find that many cities have put up cameras. in boston for instance the conviction for the boston marathon was attributed to images obtained. we have seen if anyone travelled on root 95 there is a balloon type thing hovering over aberdeen. can we talk about are we in a new normal? >> thank you. especially by closing your comments by mentioning the name of my book. my concern is what you hear is concerning and somewhat alarming statement on my left and right. i have gun to think about this. we have in your court system part of extreme advocating and one size said the defendant is the most offendable human being every cystexisted and pulls the hair out of cats and the other side said he is a lovely kid and gives milk to kitties and takes care of his mother and both sides from the clash of two extremes juxtapose the right. one size said we need it to stop terrorist because under ever bed there is one nuclear weapon. i suggest instead a dialogue that we started with the assumption that we face conflicting major challenges. on the other hand, you have good security and we all should be concerned. it is not people exaggerating how much privacy they have left. i am not interested in this exaggeration. it comes to the creation that if i were to stop everything there are two legit claims and not simply let's yield to one side or the other. the next step is to read the constitution. they keep telling us that is where the bill of rights comes from. but the fourth amendment, which is the most relevant here there would be no search and seizeure and this law says there is no unreasonable searches which means on the face of it they have to have reason. in the constitution it says this. and then there is mechanisms for it and that is what i feel. >> surely no body wants to be so right. but i want to survey others. yes, we have that situation with 4,000 people who went to fight for isis and have been trained to commit barbaric acts and these 4,000 are from countries that can enter the united states without screening because they come from britain. i think it is reasonable to want to know something about them. i don't want to jail them. i certainly don't want to survey them and have to spend 68 fbi agents to go out with them day and night and i would like to know after they are home for six months who they call and what messages they are getting. you may say, no this case is old. but i want to go to the crowd, do you agree that there are sometimes situations where people come back from ebola and they have a temperature. this is a place where you in intebate them. is it okay for people serving in a hospital and sure, we should cherish and appreciate them, and keep them alone for 21 days and they will not go out. on all of these questions, i could argue both sides and my book does this. i take one by one these issues and i don't expect the notion if you say my problem is violation of privacy as to guilt. and let me close by what some think is the most challenging. my most challenging chapter concerns the freedom of the press. because you have the following situation that our newspapers decided the editors are going to be the ultimate judges and what national secrets can we keep secret and wish to punish? this keeps coming up and the subject said the white house pleaded today with the new york post not to publish the name of the head of the cia. the white house pleaded with the newspaper. >> the white house pleaded not to reveal there was torture going on as well. >> i am sorry. i am telling the truth here. the newspaper decided the japanese are dropping charges against the people. the tribune published the information and the japanese said okay and the next week sunk ten of our submarines. i wonder if "the new york times" should be the one to judge or to publish or not. i want to have a discussion. but let's assume for a moment you say, well look they learned how to listen to nuclear deliberations and maybe they crossed the line there. we do no longer have national snippets. >> professor, we have limited time here and i want to get additional points here. as i pointed out in the beginning, the health care industry has been victims of attacks and retail as well. i want to talk about the balance between technology and human behavior. we find that today humans are wearing fitness health devices, gps devices in our pocket we swipe our credit card and are asked to give your social security numbers for loans. technology enables a lot of that but why is had human behavior such that we are not pushing back when we hear about identity theft becoming rampant. fraudulent tax returns are being filled and social security numbers are being filled in other people's name. >> let me jump in. it is wonderful to be on a panel. we have debates the issues since before the founding. but to be clear the book is not a strong privacy is important book. our book is about emerging challenges and issues and we are really looking at it from a variety of different perspective perspectives and i think you would appreciate many of those. coming to your question and also in our book is the contribution of an economist at a university specializing in a field call behavioral economics and what he is interested in is the answer to your question: why don't people do more to protect their privacy? why don't they spend more time checking their settings or the advertisers following them online. and the short answer is it is not rational. if you have taken time to set your facebook privacy settings so you have limited disclosure of personal information and facebook goes in and changes the settings and makes your information more widely available but says if you care about your privacy you will go back in and change it back to your original privacy settings. we brought this complaint to the federal trade commission. the experience of most users is what is the point? why are you going to ask me to do this if you not respect my decision. we have to move from the mike -- micro to the macro. we have to see why when people fight back they reach resistance. that is a helpful question and explains why data flows from individuals to organizations ready ready read read readilly. >> i can there are young actors and builders trying to make better stuff. i had lunch with a young man i admired a great deal and i said i got one of these fit things and wanted to find out how much i was sleeping and walking and i am not sleeping enough or walking enough. how about that? i knew that beforehand. but he said i was one of the founders of the company that built that thing. do we know we collect half a millennial of sleep data every night. i wanted to jump over to things out of my depth -- >> we have five minutes until answer questions. >> i will be thrown under water in 30 seconds! talking about these interesting divergeant issues and pressures, we want to protect ourselves from let's say somebody who might have been in isis territory and might have come back and who are they talking to. i have no problem with the government having a process for doing that stuff. but what snowden and the others showed there is no due process for this. the fourth amendment is there shall not be unreasonable searches. so we have to determine reasonability. where did that happen in this age? when people are screeching about privacy they are screeching because there is no wizard who is controlling the curtain and that was i think, the real alarming piece of what has come out of the last several years? >> it is not up to a visit. it is up to us. that is what is called democracy. i don't want some public professor or facility sitting on the campus and making those decisions. that is why we wrote the book; to feed into the dialogue and given more time i would show when you have this dialogue and screening, shared understandings do arrive and you get an agreement it isn't about the environment. it is about men and women. we need this conversation there to balance. but since i am about to run out of time i want to add one other completely different point going back to the question why we are not spending more time on this technology. one half of by book "the new normal," asks what is important and what make as meaningful and good life. and the answer used to be given, but it isn't polite to say in mixed company, is aaffluence and i asked do you need an inflatable san ppta on your roof and people laughed and then i said do you need a flat screen and i lost the audience and asked how about a smart phone and they asked me to leave. we have become so aenamored with the more objects you have is the definition of good life. it is not going to happen. we are facing lasting economic challenges if you don't allow every generation to have more affluence than the last one. a lot of people didn't get debated and because it turns out that after income additional income doesn't buy contentment. so the question is the new normal is what will make for a more meaningful life? and in a way, maslow gave the answer. once you have your basic needs satisfied, not before i am not telling you people should enjoy poverty, i am saying once you are brought up with the basic needs, then continue to treat objects as a way to express our affection. that is where consumerism conversation starts. to get to this we need to liberate ourselves from the addiction of more goods and make the public which will later touch on how the limits affect us. >> with that anybody who has a question, comment, idea please lineup at the microphone. >> you talk about companies providing the option or knowledge of what they are doing through data what about the i guess, the devils advocate, when you click on the terms of service you are agreeing to that and when given the option we pick the thing that cost nothing. i use google documents instead of word and google map instead of paying for a map function. and all of these free things that make my life easier the price i am paying is a google knows how i live my life in every way. >> it is a great question. you point to the fact that most privacy policies on web sites, the terms and decisions don't provide protection. it is a waiver the company is saying if you visit our website or do business with us this is what we do with your personal data. so by visiting the sight or clicking you have -- site -- accepted the terms and lost the claims you made. i see that problem as something that needs to change. i don't think companies should routinely disclaim responsibility to protect your privacy. someone said earlier, i think it was you bruce, health care companies and big companies have been subjected to hacks and it is actually their customers and clites subjected to that. it is their data, credit card numbers and social security number that is obtained by the criminals. that goes into part two which is what is the real cost which is difficult to assess. one of the things about the internet based economy is you don't have the price mechanisms we understand. if you walk into a store and see a jacket you like and one is $70 and one is $130 you pause and try to figure out if the extra $60 is worth it. we are all pretty smart consume consumers i would say. we have limited resources and are trying to figure out how to use them. we understand price but don't understand the online economy when we make the decisions. companies are giving free stuff because they are trying to drive out the competitors who may have a better service or product to offer you but if they are forced out by a company that can give you free stuff that competition and innovation never occurs. we need to think about the issues from a bigger social political perspective. many people have the experience you do. and they wonder what is the real consequence. our book you know tries to promote that discussion. >> one more thing, we are used to thinking about the government and the private sector. for some people the government is evil and the private sector is wonderful. if the fbi would -- skwl >> are you agreeing with me? i cannot tell. >> i am shocked. we have agreed before. it is a very serious situation. if the fbi kept 200 million innocent americans i think most people would go berserk. but it is kept by corporations in arkansas no body says a word. the difference now between a private sector bank and an fbi is one click and one check. so we need a whole new way to think about it which doesn't say the first amendment of rights of the private sector but the private sector can do what they want. >> most of the collection of data by companies is for economic gain and it would be great if the default was opt in instead of opt out. the question have really is the patriot act is being reviewed and there maybe changes and maybe not. can you talk about the political climate you see and where that is going to go in the next month or so? >> i will try to give a brief answer. the current provision, the key provisions expire june 1st and congress is trying get something done before that. one of the goals we have per suitedpersued pursued is to avoid outcomes. our view is getting the best result is more accountability and transparency which basically says yes, the government needs those tools to protect the public but they need to be accountable about how they use them. so to the extent we can get support for more accountable use of the tools i think we will end up with a better bill. i think there is support for. but of course who knows what will happen. >> i think this might be the last question here. >> just to start off, i am a technologist and would like to put a few things on the floor and get your thoughts. i think privacy, when you think about it is a fools paradise. if we are sitting at our machine and taping away as jude wire pointed out you can be entering content if you chose not to enter it you just type it out. it is access anyway. the point isn't what does the end user do with it it is who has access in route. if i am creating things at home on my machine the first thing i do is shut off the r-f so my machine is not talking to the web. i am talking to my machine but i am not broadcasting it so i don't have to worry about someone else picking up my thoughts. and to go to another extreme, we know there is voice recognition software and consequencely -- consequently -- if i am sitting in my room having a details conversation i don't have to worry about that but if there is voice recognition content there it can take that conversation and transmit it on to the web. >> let me quickly answer you. even your safeguards won't work unless your home is tested you can still get the information off the key board. but the reason for this book is a response to the victim of a very famous technologist thomas edison who said what man created with his hands he need to control with his head. we need the think about this as citizens participating in a democratic government. i think we have the ability to control the use of these technologies and one of the west will be if we can safeguard privacy. >> i agree with that. i think it is a fools paradise that if we don't agree everything we have access to is compromised. >> in tom swayer everybody saw him painting the fence and want to pay him to do their work and that is what we are doing with the consent on the internet. we are painting mark zuckerberg's fences with our stuff. so what i wrote about in here is trying to build -- and there are a lot of young folks around trying to build better mouse traps that don't catch our tails all of the time. and i am very optimistic that is going to happen. maybe in 10-20 years we will have a productive relationship thanks to people like these kids. >> one sentence to that -- >> i am sorry but we have to end especially on that. i appreciate everybody coming. i want to direct you right out the door so you can purchase these gentlemen's books and get their signatures. please head out to the activity building. we appreciate it. thank you so much. >> booktv is on twitter. follow us to get schedule updates and talk to us. twitter.com/booktv. >> this is booktv on c-span2 and we want to know what