Fcc chair ajit pai spoke about 5g technology and the need for the United States to lead the world in its development and the importance to think about security now before the system is established. It was hosted by the Wilson Center in dc. Good afternoon everybody, and everybody who is in line on the security line, and everybody watching us very soon on a cable network. I am jane harman, president of the Wilson Center and today we are probing a very complicated issue that is be doubling policymakers in washington and all over the world. At least three parts of that problem are the us, china and the 5g supply chain. The Wilson Center has just produced, let me get my prop, this is a prop, a spectacular policy brief by melissa griffith, who you will see in a little bit which is entitled there is more to worry about than huawei. She will explain in detail but run, dont walk, get this and read it. What captures the attention around 5g is Chinabased Huawei has led the way in developing the superfast networks which will power self driving cars, virtualreality and cuttingedge technology. Since chinese companys are required by law to comply with information requests from Chinese Intelligence Services us officials are properly concerned that companies who want to incorporate this Chinese Technology and the data of their users. Other ways it could be compromised too, but a few more thoughts. The mantra that defined the last decade was move fast and break things, suggestion from here, we should think about slow down and assessing and that is what you will here today, what is the problem and what are some policy solutions that will help solve the problem. Fortunately the Wilson Center offers policymakers and their staffers the tools to assess new technologies like 5g and the implications for National Security. For the luddites in the room there are any, our audiences are always smart, 400 staffers from capitol hill, from nearly 300 offices on capitol hill a foundation in Technical Skills through our bipartisan, bicameral, cyber, and ai boot camps or labs that take place each friday. That is part of our science, technology, and Innovation Program, which is brilliantly led by matt king. She is hiding in the corner. She directs our socalled skip program, science, technology and Innovation Program where these labs are housed. Overall, 800 hill staffers have come here on friday. The others have gone to our Foreign PolicyFellowship Program so they can learn foreignpolicy as well as we can teach it. Today, we are talking about one problem we have talked about, we are delighted to welcome the man with the plan, ajit pai. Last time i saw ajit pai was in the hamptons in a warmer period of this year and possibly less hectic than the one we are in now but we participated in a panel and i learned a lot and we discussed this coming year and guess what happened . He is the first fcc chairman to go viral. Often appearing in videos where he embraces internet means while announcing new policies. He joined the federal Communications Commission in 2012 appointed by president obama for a 5year term in 2017, he was designated as chairman by donald trump. Good, bipartisan, love it. He has worked at the doj, u. S. Senate and the fcc office of general counsel and in the private sector at verizon. He joined me today to discuss a proposal, two, which the commission will vote on on tuesday. I wont summarize what they are because he will tell us what they are. That is my first question and following the conversation and audience questions there will be a panel of really smart people who will introduce themselves joining us and one of those ironies told you is the author of this amazing science Technology Innovation program. What do we call this . Policy brief. Im going to sit down and we are going to have a short conversation so get your brilliant questions ready. Thank you very much. [applause] first question is a surprise question. The fcc is proposing two rules. What are they. Before i answer it i want to express my gratitude for the Wilson Center, to host this, this is been the locus of the most important policy discussions in washington and in my view i dont think theres much more important than this. I thank you for your leadership in congress over the years, i found consistently on the House Intelligence Committee and other legislative assignments, you discharge your responsible is with a sense of the partisanship and focus on the National Interest as opposed to narrow partisan interest of the time, very much appreciate that. I want to say on a personal note i feel like i have been chasing you, we actually share the distinction of being chief counsel of the subcommittee on the constitution in the Senate Judiciary committee. Obviously you have gotten to Higher Grounds and i feel i have a little bit of chasing to do to keep up with you. Who was your chairman kick you sam brownback, former house member. So this is a really important conversation. The question is what is 5g and why does it matter . The United States we made it a priority to lead in the development and deployment of 5g technologies because these are increasingly going to transform american industry to healthcare, agriculture, education, manufacturing to shipping. We have done that by implementing the 5g fast plan, a plan for facilitating american superiority in 5g technology. You can find a planet sec. Gov 5g. Getting more Wireless Infrastructure deployed, and infrastructure of the future and promoting more Fiber Deployment which is critical for carrying wireless traffic into the core network. What the metrics of success have been so far, we went to advance American Leadership in 5g. With the future comes a major challenge as you know, which is the attack surfaced in terms of security is much greater. 5g will be unlike predecessor technologies like 4g and 3g in that these will be software defied as opposed to defined by hardware and the software could be located anywhere in the world. Because we are talking billions more connected devices coming online it wont just be phones but refrigerators to cars, we need to ensure security protocols are followed up front as opposed to afterthefact. The United States position overall is we need to think about 5g security now at the early stages of deployment as opposed to afterword when retrofitting might be prohibitively expensive if not impossible. What is the fcc doing to accommodate this interest . We will be voting this coming week on a proposal that is both forwardlooking and backward looking. The forwardlooking component involves universal service fund. This is a 9 billion annual x venture fund and the money from the fund is into Telecom Companies across the country primarily to deploy broadband infrastructure in rural areas and underserved areas. One of the things we propose Going Forward is to prohibit the use of that funding being used by recipients unequipped and or services that have been determined to present a National Security threat to the United States based in part on legislation passed by congress on a bipartisan basis last year the National Defense authorization act, we included an initial designation huawei and cts companies that would be on the prohibited list in terms of Ways Companies can use this money. The backward looking component is to say we understand there may be problematic equipment already in our networks so we are starting a conversation about understanding where that equipment might be, who is using it, what it is being used for etc. And also to start a kickstart conversation about how we finance the removal and replacement of any quit but especially to the extent we are talking about rural carriers disproportionately that incorporated problematic equipment, they might not have the resources to do that and in consultation with the members of congress and others we want to make sure we have an accurate sense of where we are right now. Forward looking and backward looking set of proposals we are voting on next week. What is the prognosis . Will it pass . I hope it will end on a bipartisan basis i know the time in which the political environment has become tribal lies but when it comes to National Security we do speak with the unified voice and my expectation based on conversations with my colleagues is we will see a strong bipartisan note next week. What we see in terms of letters from congress weve seen members from both sides saying we support your efforts in this regard. Basically this is using a us fund as leverage to get companies to do something on a forwardlooking basis and on a backward looking basis to trade in technology they may have already purchased because there is Huawei Technology in the United States already for nonhuawei, nonChinese Technology but the rest of the world out there, how do you see this in the context of a world where Huawei Technology is available just about everywhere, certainly not just here . That is why i have been very involved not just domestically but across the United States government to other countries and representatives of the United States government on these issues and not just with respect to the company, we recognize the risk profile applies to any company, we want to understand the risk framework for any company putting incredibly Important Services into our network so our message for our allies has been we want to make sure we all have common understanding what the risk is and how we might Work Together to share information about how the risk may be materializing. That is a conversation that is ongoing but we had positive feedback so far. Everybody agrees about the problem. I would doubt based on what i read that there are different strategies and they keep or by Huawei Technology. Some countries are exploring different strategies from the United States and our method is pretty consistent but to the extent you disagree with the security assessment, we respect your right to make whatever decision you want but speaking for the United States we dont believe this is an area we can take a risk and hope for the best given how transformative 5g technologies are likely to be, the United States wants to make sure it is aforethought as opposed to an afterthought and we think carefully about the risk profile of any equipment coming into our networks. That is a worthy objective but i can imagine another government saying to you okay, we are worried about risk profiles but we will make sure our systems, these are softwarebased systems as opposed to prior systems. Melissas paper helped me understand what the difference is, no easy deck of intersection where you can block bad guys from coming in. I am learning but even so what about the answer that says we are worried about this, we will fight intrusion but even if we dont buy chinese made technology there could be intrusion from others. We will fight intrusion whether it is using Huawei Technology or not. I offer several responses to that. We embrace a riskbased framework applicable to any supplier of equal for 5g Network Equipment or services but the question is degree of risk and you pointed out in your opening remarks quite accurately that the extent china has a national law that compels any comedy subject to its jurisdiction to comply with Chinese Intelligence Services and prohibits that company from disclosing the request with thirdparty which is customers in china or abroad that is a serious risk. Additionally the question is one of the ability to host government to detect these risks in real time. As the paper points out we are not just talking about a wireless tower the needs to be upgraded the software the needs millions of lines of code to update it and any of those lines that is malicious could be a vector for malware and viruses. Does any government have the ability to police in realtime all those lines of code. I assume the answer to that is now. We certainly believe the risk is too great. Beyond the scope of most government ability to police. The third and final point which we often hear, that agreement is significantly cheaper and the argument i make on that point sometimes the only problem with cheapest ends up costing too much not just in terms of security risks which is something very difficult to put a value on believe in its own terms something that is 50 cheaper or 80 cheaper over time as you are locked into a particular vendor and that vendor has software that is buggy or there are back doors to the police or other kinds of problems you will pay the price for making a decision at the beginning. We do not want any country to the penny wise and pound foolish when it comes to this question. I get that and other countries have to think about that but as i understand it from reading this policy paper, the Huawei Software is buggy, what a great word. Is that an official word . A technical term. Wouldnt anybodys software possibly be buggy if it is more expensive . It is difference in kind. Look at the uk Cyber Security report, who have examined softer equipment. There is a difference in kind. If there were parity, what is the risk and given the National Legal framework that is in place in china in particular we have concerns National Intelligence law and lack of the judiciary and the willingness of the Chinese Government to exert leverage we have seen in this country for the past month over things like basketball, the taiwanese flag, hong kong and macau, we have concerns the Chinese Government would be hit strategically in this area. What if you succeed, and the Wilson Center genius goes to china and forgets to take his burner phone and takes his regular phone your, no chinese based technology in the phone and compromised in china, then what . This is one of the concerns when i travel abroad, given a briefing about cyber hygiene and the like and we encourage any citizen to take those precautions. We work with the state department, deportment of Homeland Security, and others to make sure that when we go abroad we are taking steps to protect ourselves and our fellow citizens. The mistakes are made. They are always made but with the purest of intentions in the purest of technology it still could be compromised by the chinese or pick another country and we could end up with some bugs, defects, whatever, that we didnt intend. These are not just limited to the fcc but cross governmental effort and is important for anybody traveling abroad not just to china but anywhere to be aware what devices you are using, basically dont plug it into your computer and have questions asked. I have heard and seen it all. Technology as it, coming from one of the most innovative states involves this we got used to this being an open positive thing. We need to think about risk factors. I am just making the point in the whole Security Landscape there is no 100 security. So speaking of this i speak on the defense policy board. Ive been to the pentagon and worried about this, Chinese Technology out of the supply chain. What if we keep this and we have a nonChinese Technology 3 situation and everybody observes good cyber hygiene. We are all happy campers and the rest of the world doesnt play so they basically operate the rest of the world on different technologies. How does it make us more secure . It is a problem to the extent we are interconnected. Networks dont know or respect National Security, we need to make sure we do protect ourselves from the sec perspective, earlier this you we denied china mobile to enter the United States marketbased on the opinion of the National Technology and others, the entry would present a risk. And the counterparts around the world, from india to germany about the need for these issues. The United States did not exist in a digital vacuum, not just trusted issues. As unsophisticated about this. In the in the world i had some role such as insisting that our analysts look at open source intelligence, open source that is published and available, not classified. If we only have access through our equipment in some part of this and the rest of the world out there. How do we