them -- wereis for chosen as the top entries. online, andh them of course, you can watch is here back your tomorrow at 7:00 eastern, for clock pacific. until then, have a great saturday. ♪ [captions copyright national cable satellite corp. 2015] [captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. visit ncicap.org] >> next, a form on the legal issues surrounding encryption. leaders are at how addressing the opioid addiction. live inonald trump wisconsin. then, at 7:00, hillary clinton and bernie sanders. the information technology and innovation foundation hosted this discussion on encryption issues and policy, and what federal officials and policymakers should do to continue technological advances while continuing to protect the rule of law. this is one hour and 35 minutes. >> i would like to welcome you to today's event. the goal of today's event is to explore the ongoing debate about cryptography, and how to find the right balance between the needs of government to stop crime and fight terrorism, and on the other side, the desire of private companies and citizens to protect their data. if you logistics before we get started. first, the event is being recorded. it is also being light streamed -- live streamed. we will have time at the end ask questions of the panelists. if you are pretty same remotely, you can ask questions, as well as in the room. to begin, i want to kick off the discussion by providing an overview of a report we recently released titled, "unlucky encryption." this report tries to set today's debate in context, by providing an overview on past debates of encryption. we drill down into the various arguments put forward by law enforcement and intelligence community on why encryption weakened oreekend -- limited, and we provide a response to the different arguments. the want to start with a quick history of how corruption has changed over time, in response to new technologies and business models. the modern air of commercial cryptography started in the 1960's. this is when we had the original mainframe computers, these large databases, and companies wanted to protect their data. they began using what is called metric encryption. many of the companies were to then share the data. you have financial institutions who wanted to share data. we had the creation of the first backed encryption standards to help facilitate this exchange of data. the next change came when we had the rise of personal computers, networks, and the internet. and, the need to securely communicate with of wide -- a wide friday of users. these were often times anonymous parties. the biggest problem that you had with metric encryption was key exchange. how do you securely share the key with someone else? if youkes sense, you co could share a key securely, you would not need encryption in the first place. this led to public key encryption. you have one key to encrypt, and one key to decrypt. after this, the next big .evelopment was cloud computing this was a big change. in the past, all the data was stored locally. it was completely controlled by customers. data ands were sharing storing it in a third party. morecreated inherent abilities. many cloud computing providers have been actively working to address the issue by providing customers with encryption so that they are taking themselves out of the loop. more recently, we have the rise of mobile devices, where you have lots of you storing large amounts of data on a device that literally someone could walk away with. it has been a big move within the encryption space on how do you enable things like full disk encryption so you have strong security on local storage. finally, we have the rise of the internet of things where many of these connective devices are in the home. users want to make sure these devices are secure. might have less bandwidth, less processing power, less energy needs, and you have to figure out how to deal with that. look at theyou history, you see a few things. first, what you see is a steady information security in response to new technologies and this is models. this is not the private sector trying to actively lockout the government, or anyone else, it is trying to make things more secure. all the use of encryption is more prevalent today, the debate over government access to encrypted data is not new. at each of the stages, the government has pushed back against the advances. in the earliest years, we saw that various government stakeholders were working behind encryptionto weaken standards. in the 1970's, law enforcement and intelligence community tried to sue academics who tried to publish on cryptography. in the 1990's, there were debates over key voice encryption. we see of course the most recent encryptions in full disk encryption. as far back as the 1960's, it was possible for users to ways that then government could not get access to it because the users were the only ones with the keys. it's only the recent move to cloud computing that broke this model for users. in effort to repair the weakness, companies are being being the front lawn force it. there are really five arguments as to why policymakers should we aken encryption. first, they say the company should not provide proof encryption. ability of are the law enforcement to conduct searches. but we tried to do with each of these arguments is layout, and the with the people making these arguments, exactly what they are saying. our goal is not to paint strongly arguments, but show where each argument is. what we argue in the report is what the scale of the person is much greater today, the phenomenon itself, the inability of law enforcement to axis encrypted data is fundamentally not new. the second argument that we here is without access to encrypted data, government will be less and to stop or solve crime terrorism. this is true. our report is not at all trying to deny the fact that the rise of pervasive encryption may have a negative impact on love with it. in fact, we readily knowledge that it will like you make it more difficult to prevent and investigate crimes of terrorism. these crimes will be exacerbated if the government does not come up with new tolls and techniques so can function in an era of pervasive encryption. unlocking encrypted data is the wrong solution because it creates systemic one abilities. moreover, it is not the only way you can investigate crime or terrorism. we talk about a lot of the tools that are out there already. moreover, the u.s. does not have a n monopoly on this talent. some of the best cryptographers are not american. they are working abroad. moreover, there is a number of companies like telegraph, a software maker, those creating secure communication tools. all of these are outside the jurisdiction of the united states. is third argument we here theanies try to stop creation of keys for business alone. research has been steadily closing one abilities for decades. the move to give consumers back the control keys is the next step in creating secure cloud commuting. controlling their own key allows them to manage the risk themselves. fix thethat they could problem if they study it harder, or longer, but encryption is based on math, not magic. there is no way to provide third-party axis without introducing vulnerabilities that can be abused by others. finally, the last argument we , obviously in recent weeks, is the company should help the government hack into products that they sell so that they can gain access to encrypted data. if this t technique were used, law-abiding users would distrust the companies. that said, companies should be compiling with lawful requests to the extent that they are able. we are clear that government should not restrict companies from designing products with security features that cannot be defeated by a third party, including the company that made the product themselves. the government, as we know, has a basic right to search, but it's not have a basic right to find. that is the basic distinction we have to keep in mind. in short, we are concluding that the cost to consumers and businesses of a policy that would weaken or limit encryption would be misguided. onwould have little impact keeping technology out of the hands of criminals and terrorists. it would reduce security for law-abiding citizens and businesses. it would make it more difficult for u.s. companies to compete locally, it would dismiss u.s. leadership abroad in providing policies to increase cyber security, which is greatly needed. we are in the middle of this debate, where do we go from here? we outlined a number of recommendations on how policymakers can promote trust through strong security practices, and how they can provide new tools to uphold the law. thet, congress should ban nsa unintentionally weakening encryption standards. they have the best talent in the world, and it should be used to make encryption more secure, not less secure. there's a definite lack of trust after the nsa used its influence to weaken some government promoted standards. we need to draw a clear line in the sand saying, that cannot be passed in the future. the government should not be toowed to provide companies facilitate government access by altering their designs. as we see states thinking about making laws in this area, we should make sure that congress pms any state activity. should passess legislation allowing all disclose in a timely and responsible manner, and work with the public sector. this gets back to what is the role of the government? will it be about improving security or not. congress should examine whether the court should examine the statests of individual by holding suspects in contempt of court by failing to expose their data. this is an issue that we hope we talk more about in the panel, and get more into in the report. if you look back at the history of this, they were treated in two different ways -- keys were ineated and to divert ways -- two different ways. the government can tell me to disclose my fingerprint, but cannot to me to disclose an alphanumeric passcode. ass probably does not make much sense now. come to should explain whether there are opportunities to give more power to law-enforcement in a way that does not weaken security for everyone else uses, congress should provide more resources for cyber forensics so they can investigate and analyze evidence that can be used in court. local law enforcement is not going to have the right kind of skill set to deal with some of the more complex cases. we need to make sure we are providing resources so that law enforcement is not left behind. congress should establish more roles on how and when congress investigations. there is so much gray area here. u.s. trade negotiations -- negotiators should actively oppose foreign government efforts to introduce backdoors akensoftware, or we encryption. finally, the u.s. government should be promoting cyber security around the world by championing strongmpioning -- encryption. this comes back to the position of the u.s. government. it should make this the cornerstone of its domestic and foreign cyber policy. we have a really fantastic set a today.t -- of panelists i have asked for the reaction to the report as well is to dig into the issues and the debate we have seen play out over the last weeks and years. let me briefly introduce everyone, and i have asked them to make brief opening remarks, then we will dig into questions. to my left, the executive director and cochair of the future privacy forum. general -- torney the deputy assistant attorney oferal in the department justice. we have the vice president of the center for democracy and technology. the executive director director of the association for competitive technology. civilechnology and liberties policy analyst from kanencan and center -- nis center. thank you all for being here. >> i will be brief. i'm confident they invited me before they were able to line up these people who are leaders in this debate. i will speak with some humility, and hopefully set a little bit of an opening tone. it is rare, for those of you who know me, to speak with humility. [laughter] tank is are in a think this, your business is to think. the more you think with strident views, the better you are, apparently. i'm very humbled by this issue, frankly. we have written in support of strong crypto, and ensuring , i will toections you, this is an issue and truly humbled by, and i hope we find out the true answers. i'm confident that the right answers are how we can fight terror, and strengthen law enforcement, without creating the concerns are created by some of the challenges we seem to want to create for strong crypto . i was on the other side of law aol.cement in my days at recently had some strange requests over the years, but requests that i understood we were cooperating with to save lives. we were proud that we cooperated. who did not those have the systems in order because of whatever practical issues that they could not assist. bad actors allowing bad things to happen on the internet. the day, i was watching an episode of the americans, and those of you who follow know that there is this russian scientist being forced to invent a technology for the soviets. into thised intellectual exercise. i cannot help think the conclusion of what we are asking for company, or scientists, researchers to invent, and the conclusion -- that is not something that we can support an intellectual involvement. there may be other areas where can be useful to invent also is a valuable things, and the compelling notion of is sointellectual work frightening. just as i much of extension of my brain, as these we will have installed into our brain. why should we have this waterboarding? we will be able to garner this information. is it acceptable that as take not -- technological capabilities become incorporated bodies, this is subject to an incredible level of personal protection -- sorry, we will let you hide what is in your heart because that is a zone of humanity that ought not interrupted even though there are ways to do it. i was looking into statistics after technical measures were taken in the number of cities. 40%-50%, and even though they may be one step removed from the discussion here, the debate does matter to the average person over.pushed leaving the crypto side, action was just taken against facebook saying, you are allowing six character password, you must have longer passwords, and they must be awful -- alphanumeric, and you must have special characters. i was looking at it -- and e-mail was just sent out noting that are advice of complex passwords was leaving people uddled andd -- before unable to manage passwords. we have things like maximum attempts. that piece of this is an incredible part. today, we will still have a password, it is my password has to be so complex, by having a real respect for frankly protecting the notion of the ise limiting piece misunderstood. i will close with that look forward to continuing the conversation. >> thank you. david. having me here. thank you to the other panelists , and look forward to an interesting conversation. i think it is important to have different views here. i appreciate the opportunity to be here to speak on behalf of doj on the panel of people who are experts in the field, but who range from opposed to the government information to really opposed. [laughter] we will see what happens in the next hour. > i did want to talk about the report that dan just spoke about for a few minutes. and, i want to talk with things i thought were helpful in the report, and other things that were a little less helpful, and room for improvement. things that were helpful, and provided good basis to talk about in this panel -- i will start with page one. on page one, it was great to see entailsion that this hard trade-offs. it improves protection for customers, but makes it harder for the government to protect them from other threats. i think that is an essential way to think about this problem and other problems posed by limitations of encrypted. sometimes, in this debate, you see the the assertion that there .re no trade-offs to be made i think we have seen some of that in the discussion of dropping phone theft, and the like, but there is a wishful thinking that we can have it every which way, and there's no trade-offs to be had, when you implement a certain type of encryption, or other measures to protect data security. there are trade-offs to be had, and at the end of the day, they are public policy choices. not necessarily technological questions. the obvious framework that one draws from page one of this report is the way to approach this problem is to look at the incremental benefits that come and the cost on society as a whole. we cannot compare things that are like to think they're not like you have to compare things that are like to think that are like. say, if we are to look at the cost of society from crime, we cannot look at all times, but crimes that can be solved or prevented from access to this evidence. at the same time, if you look at harms to data security, you cannot look at all harms, you have to look at incremental harms. a give the report credit for mechanism the page one. the second area they think is worth commending is the paper makes a strong effort to define its terms, particularly, the term, "backdoor." we hear that term a lot in this debate. on page 16, they defined back door to include two features including a lack of transparency. i think it is clear if you apply that definition, it is not what law-enforcement has called for. it is in fact contrary to what law enforcement has called for in terms of any kind of theoretical mandate or legislative decision. refer tole use it to any system whereby a provider has the ability to comply with award. when jules spoke about his previous work, i don't think he would say that service had a back door, i think he would say they have an access to solutions, but also permit warrants. with wa it is important that we use those terms precisely. there might be very different risks, perhaps much lower risks, that can protect data, but provide access to a business or a company. we see similar lack of position -- precision in the debate around the word "strong encryption." it does not really matter what term you use, as long as you define it up front. if you do not define your terms, and use it in terms that are very broad, it is hard to have a rational conversation around cost and benefits. in particular, when you use backdoor demeaned one thing, when referring to government access, but to have a totally different definition when referring to corporate access. those are helpful things in this paper, i think would be helpful i this give-and-take here, think people make clear of front what trade-offs they would apply and what framework they would use, but by the same token, what using terms like backdoor, to be specific about what they mean, and how that applies across a variety of different contexts. that is where i think this paper -- there are areas where the improved.d be in part, i think those areas come from the augmentation and recommendations. in part, the tendency in this -- i, as well as elsewhere, don't want to spend too much time on it, but one example is, in this report, like nearly , crediting report wiretap report on why there is not a significant barrier to life intercepting results of encryption. as i have pointed out, and has been pointed out by others, frequently, but it has never been grappled with -- a report on how me times wiretaps intercepted encryption is not a encryptione of how can be intercepted. agents will not go through the trouble of getting a wiretap if they know ahead of time that the provider will not comply. in part, grappling with trade-offs comes from an overstatement of the security of certain encryption regimes. i did appreciate that the paper acknowledged encryption can be portable, particularly systems that rely on key management. they are not perfect union we are not wing perfect security on the one hand against another -- we are weighing two imperfect measures of security, which is a more complex trade-off the people give credit to in this debate. particularly, the failure to grapple with the trade-off comes from an incomplete and pervasive -- persuasive description of the risks. key paper claims that management systems are much less to -- andn into and end encryption. i think the description is overinclusive and incomplete in the sense that possibly the most widespread use of encryption, directed at security -- direct transiturity, is encryption for webmail. that includes typically key management systems where providers using christian to protect the data either in transit from server to server, or at rest on their server. there is no discussion whatsoever of the security risks and benefits of that trade-off in webmail everything a day. it is hard for me to imagine how we can rob -- grappled the risk from one to another, without recognizing one of the most widespread implications today. webmail providers, including the one that jules used to work for, access commission, content, for a variety of reasons. targeted advertising, which is another way of saying lower cost to customers. data recovery functions. they do also to enhance data security through spam and malware scanning of the content of communications. customers, to a degree, have made adjustment that though posed to notks using encrypted mutation, those are justified by other benefits to the user, and perhaps, society and general. that is the framework we ought to be using, as opposed to an absolute view. that is true for data rest as well. many device manufacturers, cloud storage providers maintain provider accessible storage for variety of reasons. it may introduce a hypothetical vulnerability, but may be outweighed by the benefits of data recovery, suitability, portability, although the reasons why people in this room put things in the cloud, even though it is theoretically accessible by their provider. it is difficult to imagine a business scenario where large business that maintains cloud storage, or provide e-mail for charlie to the place that does not maintain access, at some level, to the information used by the employees. businesses do not the big give their employees sold control .ver access to information it is extremely rare, but not the default we use. to the contrary, businesses on the whole have made the judgment that it is worth whatever incremental risk is posed by third-party access solutions to get the benefits that come with the third-party access solutions. if you employ is hit by a bus, you don't want that to be the last copy of the research they were doing. yourou're employee -- employee disappears, you probably want to have access to what was on their computer. even when you get to outsourcing to a cloud provider, people up in the judgment that third-party even third-party key management is in fact justified by variety of different benefits. we have talked about data recovery, physical security of the keys, it may be easier for the provider even third-party ky management is in to maintain acs to the keys. the expertise, the economies of scale, or the ability to do threat scanning. i looked in a brochure last night from a very prominent cloud service provider, which referred to their feature of data loss prevention, healthy analyzetion monitor and data. and, take action or requiring encryption. access is garnered by outer and inner perimeters by increasing security at each level by providing fencing, extensive twee 47 monitoring, and so on. both the point is is very important, when we are having a conversation about risk and benefits, actually looking at the risks and the benefits, and how people manage those things whether -- ontexts, if we have to look at this framework, and if i come are the benefits of maintaining a system where the government can access data worth the trade-off, let's look at the benefits honestly in the trade-off honestly. then, we can have an honest public policy debate about which world we would rather live in. thank you, david. >> acknowledging that is a long stream of people who would poke at you, i will be very short and what i say, and hit a couple of points. i do want to respond a little bit -- i had my three, then i was like -- i think, as an initial matter, i'm not sure the take away that there is information the company's can access, and choose to not encrypt is the take away -- the take away should therefore be the government should decide security measures, and hound when affordability should be created. this is pretty much the keys to the kingdom, when it comes to personally, my thoughts, and the things that i care about, from a privacy point of view, but also a security point of view. god for bid i was i.t. manager of a nuclear power plant. are -- alt art i could access my systems from this device, not a special magical , orce, but denie an iphone 6 something else. if the company is saying the best way for us to do that kind of protection is to have encryption that does not have one ability that we know about, because that protects this vital information, i think to have the government second-guess and say, well -- it goes directly to the concerned that this is not a security versus privacy issue, it is a security versus security issue. we need to really think about it in those terms. i think honestly the case is not been made, and this is my second point, there are not lots of lots of ways to access information now. the list of cloud service providers that company still have access to information is incredibly long. we are now putting more and more information into the cloud. we are connecting more more devices. we mentioned briefly the internet of things. that is exploding around us. unfortunate, the reality is the internet of things is not encrypted. lye information is relativ insecure. the opposite is true. we are seeing a world where information is being pushed out to third parties, or collected in ways that are not as secure as we would like them to be. i think we would exit argue that the problem is the converse, there is more information out there that is not a secure as we would want it to be, companies are struggling, and all caps of people are struggling to find a way to solve the problem. is one of the things that is frustrating to me conversation,this there is this implicit assumption that the underlying legal regimes are totally up to warf, and we're getting a to all of the access for third party committees since. that is by and large -- that is the justice department's position. that is not what the law says. passed in 1980's six, and has not been updated substantially since. that means the content of communities and held by third-party, under the law, as written now, you do not need a search warrant. we can have think option debate, and i'll briefly, we should, and that is what we are here for, but is worth -- it is worth acknowledging there are other issues at play in this conversation. legal acts of continues to be a problem and active discussion in congress. i will stop there. >> as we move down the panel, i try not to be repetitive. i want to say thanks to daniel and alan for the valuable contributions to the report. i support the basic conclusion about not restricting the development, deployment, and you seven christian. -- use of incursion. it is important to keep encryption in perspective. david said, you cannot have your cake and needed to, i think the government has a whole banquet before. i think their fear is not going dark, but going blindingly right. they are awash of information, but they cannot process it. you have a lot of information, but you cannot put together and act on it. if you think of all the information they have -- video footage, travel information, human intelligence, with ofreasingly billions footprint we leave, that is before we get to the internet of things and sensors. daniel said, search warrant is a search warrant, it is not a find more and. talk about terms, don't the give particularly helpful to talk warrantarned proof -- proof and encryption. as chris pointed out, there is in fact a lot of unencrypted information out there. in many respects, you go in find it, and help move things along. is absolutely difficult to do good encryption. whether it is the ultimate them, that limitation, the teacher and writer, the key management, good encryption is hard. there is a huge difference between the government being able to take it vantage of the it, and it finds preventing the use of strong aggression for those who want to do it. at the same time, although it is up to the government to find this information, actually think we should be making easier for the government to do so, and strengthening the government's capabilities. the report talks about this a little bit. i think we need to strengthen crypto analysis capabilities, build up a national cyber forensics center, train more fbi personnel on this, make the capability and expertise available instantly, and find a way to make it available to state and local law enforcement flow. if we want to be more controversial, we can revisit nsa'sand under capabilities are available. we need to expedite the issue of rrants. -- wa it is insane, some of the difficulties that law enforcement actually encounters. i like the report's said justin -- suggestion of clarifying when the government can hack phones. technologically, there is no problem. the government can capture your phone. ahey can turn into a report -- recording device, they can turn on the video feature -- and i, personally, have no problem with that, assuming it is done under a warrant. some clarification on that would be useful. i want to talk a minute about the apple case. what i find most troubling about .t let's remember it is about a counterterrorism case. in this situation, the fbi, in fact, has available the nsa's technical resources. yet, it is really hard for me to believe that the nsa could not crack this phone from the get-go . yet, director comey testified that he consulted with all the government agencies, including intelligence agencies, and they said they could not do it. that suggests to me that they asked the wrong part of an essay, maybe an essay did not tell them what they wanted to hear, or the fbi equivocated with congress. the question is why they would do that. personally, i think they had an casemely attractive legal in which companies had to do something a government security. to weaken it was not encryption case, per se. they wanted a fair chance to get at the encryption. what happened? we all know the doj has withdrawn the case, and allegedly an israeli company provided a solution. question is, did they just appear, and one up the nsa, and call the fbi's bluff? maybe. further discussions behind doors? may be. i think there are a lot of questions that have not been answered. >> first of all, again, thank you, daniel and alan. we were joking before the panel, the history lesson at the beginning of this paper, something we ought to cut and wikipedia,a book, or because it is a really well articulated lesson on how we have gone to the stage. i want to keep a little bit with the flavor of commenting about the paver as i join in the opposed to of extremely opposed. there is one thing that you brought up at the end of the paper that is important for everyone to remember at the front end, and something you mentioned briefly in the comments. .his is math there is some feeling the encryption is magic powder fairy dust. it is math. one of the problems we hear is that trade-offs must be done, and such and such, but it belies the truth that there are 7 world, andple in the more than just americans are good at math, doing math needed in encryption. for those of us who lived ra ofgh the air of pgp -- e pgp -- remember the famous crossingou could wear the border that would make you guilty of munitions -- it turns out that israelis, and others were interested in encryption models that could be sold overseas. by? because they could do math. we are once again resistinghe question. imposed onill not be companies outside of the united states. these rules, trade-offs, restrictions are strictly for companies under the guise of u.s. law enforcement. thing i am concerned a little about is i feel as though the department of justice pr machine field-tested the rant proof."d p it keeps coming up. i think bruce said yes that it is not a warrant to search, it is to find. i think about what other elements of our daily lives are proof. toilet -- we still have indoor plumbing. fires result in lost information. ant proof,warr it is what is accessible. those of us who follow the space know that the nsa has probably broken a key number of prime numbers used in a super nerdy element of this. they spend a hundred million dollars to break a prime, and another prime, and slowly but surely, they are working towards what is passive breaking of encryption. the question is are we giving the fbi and others enough to do similar types of activities. the paper argues that we are not. bruce it sounds like he would agree, and so would i. i don't have a problem with the fbi upping their game, so to speak. that brings me to the part that most concerns me. that is the decision by the department justice, instead of to requirer own game companies to alter their products. it is interesting that so much press and from the case -- it is just this one phone, just this small thing. briefs in the apple case, and the reason we did is the department of justice lays out the case that it is not an undue burden for any company in the business of writing software modify theired to software. not an undue burden. on the bottom, it says, it is not an undue burden in the case to turn off non-encryption features that you are responsible for writing -- .gain, not unduly burdensome what they're saying is law-enforcement can come to you and say, hey, we need you to modify your software. maybe it is to open a phone is unlocked. there is an element that means, if you come to a software ppveloper, one of our a companies, and they say, we believe there is a guy we need to follow that is a big fan of according to the motion that they requested, that is something that they believe they should be allowed to do. line nine of the motion says, it is not an undue burden. economic, butoth reality that is something that happens. say, iould stand up and want to see axis to the source code, i want to see access how you did that, i want to verify that the way the small company app use that information was accurate. who goes to court and defend the app? the app maker. they have to go to court, take time away from their world -- by the way, most of these companies are 3-5, 10 people, they have no of compliance. to have go to court and defend how they changed their software at the behest of law enforcement in order to meet this requirement. then, they have to expose the code to possibly third parties. is nothing wrong with making the request. not only is offers the foregoing what i believe they should be doing, which is spending their own resources to find solutions, they are putting the burden on the business side of the world, and saying, you do it. yet, we know, because it is just math that countries outside the united states will not have to bear that burden, not have to be in that situation, and not do thehing to actually alter landscape. i think, as we look at this, the trade-offs, it is important to remember, it is not just apple, not just google, it literally hundreds of thousands of apps collecting information, and holding securely, all of which, under the government's motion, would need to modify software to meet a government order. that is a trade-off much greater than what david was describing. >> one of my concerns about going last is the all the previous panelists would get to all the issues that i wanted to address. thank you for that. i think some of my colleagues have already addressed most of the concerns, i will just one at the end of my opening statement. narrowly actocus on the actual paper itself. i think this is a fantastic paper through and through. from the history of the development of encryption and data christian standards that ibm suggested back in the 1970's, through the modern and war, insecond crypto which we find ourselves embroiled. the history is great assessing the arguments currently at play in this debate. the recordation, in particular, i think there by large fantastic . with twofew quibbles of them, by will get to that in the second. i want to make one general traces of the paper, really the only one i have. that is, even though there is a great deal of focus in the paper on innovation and the trust engendered in the online ecosystem, as a result of the use implantation of encryption protocols, it would have liked to have seen a little more focused on the economic benefits and costs associated with encryption. of course, i'm going to shamefully plugged myself because i focus primarily on economic cost-benefit calculations. the center released a paper attempting to quantify benefits to individuals with the cost of encryption. david and alan lovingly cited us, thank you very much. i would have liked to have seen more discussion on that. that is an element of the debate that has not had a lot of focus on it. we focus on the civil liberty limitations, on the global limitations, and human rights of occasions, not only in this country, but around the glow of allowing state actors to have easier access private vacations of individual spirit that having been said, the paper is great, i love it. in terms of recordation, the first recordation that we have is also another element of the broader encryption debate has not been focused on. it is revoking the statutory mandate that the national institute of standards has on setting encryption standards. after the snowden revelations, it was very clear that the nsa had knowingly contributed to a ak encryption standard, this made it clear that they did not have the resources or the attention that they could focus on this particular encryption standard because they were so reliant on the nsa for that information. that is troubling. i think a better approach would be allocate an appropriate money to have an independent team of crypt talker for so the doctor consult with the nsa. that brings along a lot of troubles of its own because the nsa, most people will agree, has some of the payment -- preeminent hackers in the world. if you are a top of the field hacker, and the nsa wants to probablyou, it will want to do that -- you are probably the sort of person who wants to see where the flaws are, and where you can split them. if you get an offer from the national institute of technologies to do far less interesting work, it will be less attractive to you. that is a hurdle that need to be overcome to make this recommendation actual lies about izable.al the second requisitioned, should pass legislation's similar to the secure data act that bans the government from installing backdoors, yes, i agree. part of that, is we need to also be focused the debate at the iseral level, which i think a good reason for people to seriously consider supporting representative tempo -- act.sentative ted lewis's .reat for the most part, they don't have a whole letter beef with anything in the recognition -- recommendations section. the trouble, i think we may run into with the discussion is assessing how big of a problem it actually is for a place like middle of nowhere awesome trot skills of ahave larger county like cook county or manhattan to have. perhaps these details can be worked out. i'm a little less than whose about this particular approach. of course, i have no alternative on hand to offer. i think it is worth considering. i think we need to tread lightly and carefully when we start to discuss appropriating funds for local municipal law enforcement that would mimic the functionalities we would like to see the fbi beef up. ishe other recordation establishing. for hacking.s this is not a hold of attention. while i'm not going to come out in support of any legal hacking regime, i do think this is finally important that we bring to the forefront in terms of the policy debate. this right here could potentially be the solution that satisfies all parties involved. on the one hand, the fbi and federal law-enforcement officers get their ability to access data and phones under lawfully issued warrants, and privacy advocates get their share of the pie, and we get to keep strong egyptian going. i think is worth having a public conversation about this, bringing all sides to the table, all relevant stake holders, and lookabout what it might like, and how we could move with the fbi is immediately doing -- admittedly doing, in a legal to a more transparent process. i will conclude by commenting on ie thing that david said that very strongly disagree with. that is that paper understates risk to public security and safety as a result of the implantation of encryption. if anything, i would argue the contrary, which is the fbi seems to be overstaying the risks to public safety and security. u.s. issues and and a wiretap report each year, and the last time i checked the data, in only 22 of the cases was encryption encounter, and only in four was encryption found to be unbreakable. could helpess regime us with the last four marginal cases. .2, which is really the point want to hammer home, if indeed this going dark -- and i will thishat very broadly -- if problem of going dark is indeed a problem of the magnitude that the director and others claim it leaste available data, at the data available to the public, and i have been able to find not confirm that statement. if indeed the director has information that suggests the problem -- again, and mixing my terms here given that everyone else seems to have different interpretations as to what they warrantbut, more proof vacations -- i think we need to see -- speaking as an tonomist -- i think we need see that data. until we see it, all i'm hearing is a lot of pr nonsense that is not really getting to the heart of the debate at hand, which is whether or not love with it has conductls it needs to investigations and see-through demonstration of justice. if they have a data, great, i would love to see it. if not, i think we need to start rethinking where we all stand on this issue. you fors to all of comments. but i like to do is have questions and dig into these issues. little unbalanced . i would like to give david extra time to make sure we get all perspectives in here. i would like for you to respond to some of what you heard. it would be useful if we could start with this issue of how much impact would a lack of a public safety. but weaver research this report, this is one of the hardest terms to quantify. we have not seen anything come out. we have certainty seen examples and testimony pointing to cases where it helped a case, but it is hard to say that something could not have happened without it, or what the alternative is. especially, but i would like you to address this is better question we have -- getting back to the fund metals, it is easy for us to envision a policy that would prevent the average american from having access to encryption, or providing government access. it is really hard to envision how there could be a policy that would have an impact on .errorists abroad trade-offs,talking it seems like we have to talk about the actual impact, but with the context of bad people still going out and doing it, -- and can only create laws for the good people -- i would like you to start with that. comments byate the ists.he panel i think the scale question is an important one. is why started talking about how we measure -- what is the framework we will use to decide this policy question? principle -- is it a question of principle? should there be private spaces where the government cannot have access, no matter what the risk and benefits t might be? is a phone, your .eart, or your entire house i think it is important to separate the principled questions from the empirical, but trade-off questions. when we mix them up, it is very hard to know what people are talking about, and to decide what right policy framework is when you t to distinguish from a right to search and a right to find, when saying, you already have enough already, a don't need more. those are very different arguments. once the our policy choices for governedcally societies, and some are factual questions. we have to make sure we know what we're talking about and at what times. in terms of scale, a think is absolute correct that law enforcement needs to do a good job in articulate what the heart is. i think it is important that we do a better job than we have done in defining the scale of the heart. one of the reasons we have had trouble is because it is very hard to prove a negative, to prove the case the were not able to prove and say, i would have proved it, had a had something, know what it was -- is. we have talked about examples of cases. i cited some, and the director of the fbi has obviously cited some. they are ways of envisioning have the scale of the problem might look. one is the scale of commute patient services that market themselves as and to end -- end to end, not complying with wars. if you look back years ago, the scale was minimal, or negligible . stay, you see tens of billions of communications everything will day going across those services. when you look at the types of wiretaps we were able to do in the past, now, there are tens of billions of communications where we cannot affect those wiretaps. i would be curious to hear response to the comets earlier on why it is not a very good measure of the harm to law enforcement. when you look at the examples of data at rest, it may be a little easier. when you have a phone, you cannot open it, and we have had examples of it were law enforcement cannot get into it despite a neutral judge saying .here is probable cause , and are valuable points some of the panelists disagreed that there is a real disruption to law enforcement to access data. when you look at the impact, a similar in." question is the claims that whatever you do domestically will not have an effect on the problem because terrorist will migrate to different products. that is either true or not true. if it is not true, it is not a viable argument. if it is true, it is a moral persuasive argument that unilateral action will not be effective. how do you answer the question? is it true that criminal terrorists will always migrate ?o services that is how i would abstract the question. if we look historically, at least available on commonly available arguments, it is not persuasive. we have had wiretapping capabilities for over 50 years, yet, every day, we're doing wiretapping. people know that phones are susceptible to wiretaps, yet they use them to conduct crime. for many years, really over the last couple of years, most american-made information services have been susceptible to law enforcement warrant,f they have a they can comply. flight seen a massive from the services to foreign services, or even american rantices that are war proof? i don't think the evidence is bears that- out. you can look at the same stats, when it comes to data at rest here at we had an experiment major manufacturer of smartphones said they would make smartphones that could not be accessed. whereas, the competing mobile offering system maker has not been able to implement that same estrogen on access by law enforcement. if your hypothesis is correct that people will flee to the service that is more proof, you warned proof, you would have seen a migration. we have not seen that. i don't think it squares with what we have seen. people choose products and services for a wide variety of reasons. criminals and terrorists generally think they will not be caught. y choose services, and some will migrate, but others will not. we have seen that in the wiretaps context, over and over again. that goes back to principles and and. . put forward your argument, let's talk about it, but we should not put forward a bumper sticker that criminals will always go to warrant free systems. the last point, then i will turn over to chris, i think it is a mistake that the united states is the only actor in this. we're not looking at a world where only one country is via this type of encryption. other countries will act as well. the question is how to the competing legal regimes work together. it is not a case where you will have just one country that is affected, and one country that takes action. what we look at the pluses and minuses, and costs and benefits, you cannot hold everything constant in one area, and then look at the changes in the other area. it is a dynamic system. what we are going to do is two disagreements. [laughter] i'm not pointing fingers. one of the goals is to have a dialogue on this. quickly, we don't believe the phone should never be accessible. i want to be clear that there is not a principle that says the government should never be able to look at your phone. we never said that. what i am saying is the phone is incredibly sensitive, and perhaps one of the most private spaces that exists today, and has ever existed in american history. it deserves a commensurate high level of security. we need very good arguments as to why the security should be breached. that leads me to my second argument. it is fine to say there is a burden to create an." record for why we should have strong a christian, but i think it is worth noting that the people who carry the bird burden on encrypn are working hard to keep us secure. they are working hard to make all these systems stronger and better. it seems to me that it is actually law enforcement that is burdened to carry why they should pull back from the security measures, where they should do less for security, in order to do something, which honestly is not in my mind concrete. it is an articulation of concern, rather than discrete. phone operating systems should have the following functions. that is a concrete discussion we should have. right now, we are having a general discussion. >> anyone else want to take this? >> i will give my two disagreements. >> you can have more than to disagree with, i don't want more than two people. >> i find it fascinating, the argument that we are being bumper sticker, when you keep nting the term warra proof -- the mere fact that you can break into it does not validate the issue of the warra nt. another mixing of things. you say, people use these services like e-mail, the people are willing to share that, in criminals use it as well. that is exactly right. you have access to all of this information. it is worth noting that u.s. law-enforcement has muddied those waters as well. in the island case, ireland is asking for a company storing data on a foreign citizen in a foreign company to provide that data. as chris said, and i want to , i know wentiments will find some solutions out reachingt we are now the framework we all exist under. laws.d cross data flow when u.s. love with it comes to company and says, provide us data on a foreign national, when the data is stored in a foreign country, or stored on a foreign national, spread across multiple countries, we need to know what the legal standard is. we literally have no legal framework. it is awkward to say, you just need to comply with the law, when in fact we don't know what the law is, and, in two cases recently, in appliques, and the ireland case, law enforcement is try to establish what is the on where data is stored. i will let ryan talk about the economic aspects. one tweak is we have a cross dataor doing flows, get, law enforcement says, it is too burdensome. please don't ask us to do something where our own laws are contrary or confusing. those are two active cases there currently ongoing. >> do you want to respond? testified to congress for two hours on cross data blows, i would be happy to do it again, not to congress, but to you. no company, that i'm aware of, segregates its data based on the nationality of the citizens. the stick another look at the declaration, and saying, if you are going to make a proposition, let's get the actual facts right. >> it is a u.s. citizen? >> what i'm saying -- it is not clear what we would do in that case. it is a whole other topic. i don't -- i think it is one that could easily take us off topic. i could talk about it, but don't think we should spend the time we talk about encryption here. i will talk about the war and warrant proof topic. the reason we call it that is because the other descriptors are not satisfactory to describe the type of thing that concerns us. that thate words than it -- how we want not call iti would back door. move it, that would be helpful. that point, we have been debating encryption. another way of securing information is the equivalent of safe,ck something in the we have these images, tiny small writing embedded in the image. on the technical level, this is different. it is well hidden you can rant to doget a war it. this is moving from the empirical to a philosophical question. i would be curious your reaction to that. should there be restricted on how well people can hide the data? that a littleract bit. that is to look at this as a or replay of the crypto wars -- that is one way to describe it. look at the effects of technology on other people, and the trade-off, is there a role for responsible government .egulations urunderstand why you'r answer would be, no, what is good for industry is good for .merica rather than look at the history of the crypto was, you may say, look at the history of other .ndustries most americans would agree there regulations.for that is to a degree, what we are seeing here. that goes to the philosophical point, but one the frames the way we look at these questions as a whole. ?hould the market decide we should take a look at what restricts their possible. s, iainly, in other context they couldbt that overseaser access to markets. we have lots of regulations where we recognize the unrestricted forces may have been great, but by the same a sensible way for the government to respond. >> this is security versus security. both nationalk security, america's technological leadership, the that is everyone else relied on. december say this profit versus security, i think it completing isstates the- m process. sure in whatm not facet you are disagreeing. >> and saying it is security versus security. >> would you disagree with the principle that although, in the interest of a particular corporation, it might have negative impacts on other people -- do disagree with that principle? >> i think you're dismissing the benefits, the security benefits of that same technology. >> to the contrary. and thing there is a trade-off to be had. there are benefits and drawbacks, and role of the government, and the policy discussion with experts in the field is to identify the benefits and the drawbacks. the answer points in favor of letting companies do with they want to do. >> i will go back to the first point i made. i have articulate several ways that we need to restrain the government's ability to go against the bad guys without weakening encryptions of the good guys. we have a full room. we will do a wraparound of quick questions and hopefully some quick responses. yes? if you can identify yourself before you ask your question. thank you. the would like to know what government's role is in communicate with the press about information they have, depending on the agency involved. certain things can be disclosed to the public, versus what should be kept in the confines of the legal process. it accurately. typically, for particular matters like this, which are of great public interest and concern, we try to express our views, make sure we are understood, and the more we can do that, the better. for david, i know we have been talking about larger questions. in appliques, there are some people think that government should tell apple exactly how they got into the phone because of a pledge to reveal one abilities that might undermine securities. >> i think there is an important question at the heart of it. i think it raises a lot of interesting questions. it goes to the heart of the trade-off. i do get the in polls, and why they don't want to be part of the transaction. you also have to understand their different risk profiles of the world. there is the world we lived in for a long time, and the world we still live in for most mailing systems. or, you have a world where you increasingly close off access, and holding law enforcement needs constant, you go more to a of one abilities -- former abilities -- vu .nerabilities and the like the paper does a good job of identifying what the risks are. there are pluses and minuses on both sides. that is the key point. let's look at the cost and benefits of each world. should not have to be compelled in every instance to share a vulnerability they have discovered with a private company. i would much rather have the discussion and debate me about balancing those equities. there is a process to have met, then have it be about the government intentionally compelling private companies to weaken their products. >> we don't want the juniper situation. it appears israeli companies -- it is a standup company. whatever they found, they haven't released it publicly. if they are finding it, there are 100 other companies looking at it right now. i agree with bruce that the real discussion is how do we make sure we remove liability for companies to share information between companies and share with law enforcement? i think that will be an ongoing discussion. that is one where we can come to some conclusion that doesn't involve regulating. i would agree, that is something where we need to look more at how we define that, how we don't -- how we live for -- how we allow for data sharing. >> thank you for the paper. one of the things that seems to come across, and chris, you hit on this, narrow versus general. dan and alan, for your next it is bifurcating the different scenarios and how they should be addressed individually. you have terrorism versus local law enforcement. audit -- data on a device, on a cloud, in encryption. we should look at a matrix of those different scenarios rather than just saying as a general -- is a good or bad? that is just food for thought for your next awesome paper. with respect to the panel, one of the things that was hit upon was the beginning of foreign countries to engage on this debate. we know that england has passed a law mandating access to law enforcement, france is definitely considering such legislation. can you discuss how that is going to impact us here in america? not only on the policy discussion, but also with respect to the device manufacturers and developers side? >> i drew the stroke. i don't know if it is short or long. a good point.ise the united states position on this. it is interesting we haven't used the word back door and we having careful about it. it was combing himself at a panel at brookings who said i wanted want a backdoor, i want a front door. it was that that event -- it was at that event -- forgive me, because i know greg is watching this. i can't remember who it was who director, thatid could have significant economic impact. to one of the two of them was they are american companies, they should take the economic hit. what is interesting about that is that -- the point you're raising, the question we are going to find is what are the economic consequences of having multiple nations with multiple versions of what they require companies to do? is important to remember that in a lot of cases, these cases have life in your of law enforcement effort. we have to look out for companies using it for competitive advantage. we see that in several places where you get a by my country kind of thing, or they mandate law enforcement implementation that would best be met by a local provider and squeezes out others. what we could run into is a u.k. law that violates the united states requirement on some of these things, or probably not the u.k. is a strong ally, but other countries may load up other laws that do the same thing. laws, weto meet those had to violate other laws. think about headbutt and the requirements for running chrisman -- encryption and data protection. if a foreign country were to say we want access and a unique patient identifier and access to law enforcement for that information for all health information, a u.s. company would have to reconfigure their system. i'm not throwing this at david at all. we are very careful about the handling of patient data and health records. that is something we have worked out. what do you do one of the country does it for competitive advantage? it has of multiple laws around the world is problematic. it is harder and harder for us to influence human rights versus law enforcement balance around the world. despite the criticisms over snowden and the nsa, we have a world leading set of structures of oversight and transparency as well as strong limits and oversight for law enforcement. we need to figure out the right balance as much as we can and make that something we stand by and influenced the rest of the world, even though there are societies that have taken a different path. if we are able to support companies who are based here, and although they are global, at least have some argument and broadway to to ensure the products they are rolling out globally are as reflective of those western democratic values. that is what we need to be doing. this is going to be the first of many debates as we see many tools that make our life fun but also make it easier for all sorts of criminals to misuse them. what is the percentage of criminals that need to be doing what sort of bad thing with a particular tool for us to say have limits on this? that was probably the early part of the crypto were debates and whether it would be crypto or , hiddeng snapchat's messages, or whatever the fun, cute new tool that lets bag guys do that in countries around the world. you have to build things that let law enforcement stop your car. is that what we want? local law enforcement should be able to -- the kid being zoomed away, why is it in amber alert? it ought to be an amber turn your car off. we are going to be having this debate. to the extent that we are able to do in a global, transparent way, hopefully, we will be influencing the technical infrastructure over the world. >> that is a good place to end. i want to make one final note. when i was describing the debate, ourrypto paper gets into more depth in -- on this. i want to be clear. in the government, there has been flashpoints. there has also been a valuable partner working with the private sector in the academic community. i don't want to -- i don't want my remarks to be cast as painting the government. what will be very important in this conversation we're having is that we don't end up on these entrenched sides where it is law enforcement versus the tech sector or researchers, and how we can come back to that collaborative environment that we had before that was very successful. that is something we can all think about going forward. please join me in thanking our panelists. [applause] >> today's c-span's road to the white house coverage continues with donald trump speaking at a campaign rally in rothschild wisconsin. live at 4:00 eastern on c-span. tonight, democratic presidential candidates hillary clinton and bernie sanders also in wisconsin to give keynote remarks at the state party 2016 founders day gala in the walkie. our live coverage begins at 7:00 eastern. watch both events here on c-span. >> this weekend, the c-span cities to our posted by charter communications cable partner takes you to long beach, california to explore the history and literary court -- culture of the port city located south of los angeles. on book tv, learn about women's contributions to the world war ii effort, from author of rosie the riveter in long beach. >> when the u.s. army was looking for a place to build a whichto produce aircraft they thought we would need in world war ii, they picked long beach. they picked long beach because steps away, we have a wonderful airport i was founded in 1923. it was one of the first airports that had a takeoff and landing in different directions, which the army loved. they could use military planes in a way that they couldn't use in other places. what happened is that douglas went into full production mode and was turning out planes 20 47. needed a lot of people to work here. the men went off to war, the women, for the first time, were brought out of the house and brought into the workforce. at its peak, douglas was implying 45,000 people a day. about 48% of those people were women. >> on american history tv, we visit the port of long beach and discover the importance of the nation's second busiest container port. as a was established formal harvard to cap -- department in 1911. we are a little over 104 years old. through that time, the sports actually started on a wooden wharf and was a lumbar terminal that used to come up from the northwest to supply lumber for the growing city of long beach in the region. 1940, the u.s. navy, the naval station, and the long beach naval shipyard with our naval complex. they were here until the early 90's. unfortunately, the naval complex shutdown. what we were able to do was take an old federal facility and turn and it, at that time, still is one of our modern container terminals, where he are today, 104 years later, sitting on the most modern sustainable marine container terminal in the world. watch the c-span cities to work today at nine eastern on c-span twos book tv and center -- sunday afternoon at 2:00 on c-span3. -- touran cities to her , working with cable affiliates across the country. >> tonight on c-span's issue spotlight, the growing problem of addiction to prescription painkillers and heroine. known asugs are opioids. according to the national institutes of than 2 million americans are they did to them. nih says the number of overdose deaths have crippled in the u.s. since 1999. over the next three hours, we are going to take a look at the problem and what congress and the executive branch are trying to do about it. we start with a visit president obama made to west virginia last fall. that has the highest rate of overdose deaths in the nation. >> when i came into office, i started studying this issue. of, let's call it opioids. and i was stunned by the specifics. more americans now die every year from drug overdoses and they do from motor vehicle crashes. more than they do from car accidents. the majority of those overdoses involve legal, prescription drugs. in 2013 alone, overdoses from prescription pain medications killed more than 16,000 americans. one year. i don't know what to tell you -- as is a terrible toll. the numbers are big, but behind those numbers are incredible pain for families. west virginia understands this better than anybody, because the state is home to the highest rate of overdose deaths in the nation. addiction is not new. but since 1999, sales of pain medications have skyrocketed by 300%. in 2012, 259 million prescriptions were written for these drugs, which is more than enough to give every american adult their own bottle of pills. and as their use has increased, so has the misuse. some folks are prescribed these medications are good reasons, that they become addicted because they are so powerful. at the same time, we have seen a dramatic rise in the use of heroin, which belongs to the same class of drugs as painkillers. the class of drugs known as opioids. in fact, four in five heroin users, new heroin users, started out by misusing prescription drugs. then they switched to hair when. -- to heroin. this really is a gateway -- prescription drugs become a gateway to heroin. the number of heroin-related deaths in america nearly quadrupled. although the number of heroin related overdoses is still far exceeded by the number of legal prescription drugs. so this crisis is taking lives, it is destroying families, it is share -- it is chattering communities and that is something about substance abuse -- it doesn't discriminate. from celebrities to college students to soccer moms, to inner-city kids. white, black, hispanic, young, old, rich, poor, urban, suburban, men and women. it can happen to a coal miner, a construction worker, a cop who took a painkiller for a work-related injury, it could happen to the doctor who writes the prescription. one of the problems we have is too many families suffer in silence, feeling like they were the only once struggling to help a loved one. and let's face it, there is still fear and shame and stigma that too often surround substance abuse, and often prevents people from seeking the help they deserve. when people throw around words like junkie, nobody wants to be labeled in that way. part of our goal here is to replace those words with words like father, or daughter, or son, friend, sister. then you understand there is a human element behind this. this could happen to any of us, in any of our families. would we replace a word like junkie with recovery coaches, specialists like jordan? we can't fight this epidemic without eliminating stigma. that's one of the reasons i'm so proud of michael, who is the first person in the job of dealing with drugs in america who actually knows what it is like to recover from addiction. he shares his own story as a way to encourage others to get the help they need before it's too late. my problem is that there are elected officials in the state who have told their stories about what is happening in her family, and to themselves, in order for us to start lowering those attitudes that keep people from getting help. i've made this a priority for my administration. we are not new to this. in 2010, we released our first national drug control strategy. we followed that up in 2011, with the prescription drug abuse prevention plan. we are implement and this plans, we are partnering with communities to prevent drug use, reduce overdose deaths, help people get treatment. and under the affordable care act, more health plans have to cover substance abuse disorders. the budget i sent congress would invest in things like state overdose prevention programs, preparing more first responders to save more lives and expanding medication assisted treatment programs. we have to make those investments, rather than spending billions of dollars, taxpayer dollars, on long prison sentences for nonviolent drug offenders. we could save money and get better outcomes by getting treatment to those who need it. [applause] >> and we can use some of the savings to make sure that law enforcement has the resources to go after the hardened criminals who are bringing hard drugs like heroin into our country. with no other disease do we expect people to wait until they are a danger to themselves or others to self diagnose and seek treatment. every other disease -- you have a broken leg, diabetes, some sort of sickness, we understand that we have to get you help. we also understand, when it comes to other diseases, that if we don't give you help and let you suffer, other people could get sick. this is an illness, and we have to treat it as such. we have to change our mindset. [applause] >> this is one of the reasons the dea the cleared a national prescription drug takeback day, a day when americans can safely and conveniently dispose of expired and unwanted prescription drugs in their community. most young people will begin misusing prescription drugs when they get them from mom or dad's medicine cabinet. and today, we are also announcing new actions. first, we are ensuring that federal agencies training federal health care providers who prescribe opioids. it's a commonsense idea that you are already implementing in west virginia. congress should follow that lead and make this a national priority, and we work forward to looking with governors in the medical community as well. second, and joe and i were talking on the flight over, there is evidence that shows medicaid-assisted treatment, if done properly in combination with behavioral therapy and other support and counseling and 12 step programs and things like that, can work, and can be an effective strategy to support recovery. but it can't adjust be replacing one drug with another. it has to be part of the package. we are going to identify any barriers that still exist that are keeping us from creating more of these treatment facilities, and incorporating them into our federal programs. private sector partners are helping out to help fight this epidemic as well, and it want to give them some credit. more than 40 medical groups, from the american medical association to the american dental association, are committing to concrete actions, and we need to work with the medical community, because they are the front lines on prescribing this stuff, and there has got to be a sense of responsibility and ownership and accountability there. we have to expand prescriber training. increasing the use of naloxone. i want to make sure i was browsing that right. naloxone. this is something that they first responders have it can often save, quickly, the lives of somebody who is having an overdose. we want to make sure that first responders have a supply of this. we want to make sure we are getting more physicians certified to provide medication assisted treatment. we then have broadcasters providing airtime for education and awareness, and groups like the nba have committed to running psa's about drug abuse. that's just an example of some of the private sector partnerships we are forging. the point is -- and i will end with this -- we all have a role to play. young people like jordan, they remind us, these are our kids, not somebody else's kids, our kids. not somebody else's neighborhood, it's our neighborhood. and they deserve every chance. we have got to make sure we are doing right by them. we are taking this seriously, and the goal today is to shine a spotlight on this and make sure we walk out of here, all of us, committed, whether we are a safe leader, an elected official, in law enforcement, a private citizen, a business, we all have a role to play. you understand that here in west virginia and we want to make sure the whole country understands how urgent this problem is. host: after president obama's remarks, he sat down for a discussion with people personally affected by drug addiction. one of them was kerry dixon, whose son is in prison, where he is undergoing treatment for opioid addiction. >> i spoke this morning to a good friend of mine who was calling me to wish me well today, to encourage me in this endeavor, and this friend of mine lost her daughter to an a half years ago to drugs. i don't take this charge as being here lightly. i realize that i am here to represent families, and i am grateful for the opportunity. i do want to say that as i am speaking to you, i am sharing my story, time-sharing the stories of so many other family members that are in this community and in the nation that has this issue. and this also is important to know -- for the sake of time, i'll try to make this concise -- this is the tip of the iceberg of what families experience and endure when they love someone with an addiction. we raise our children in loving homes; we teach them morals and values; we teach them the difference between right and wrong. we wonder what is happening in the great start slipping, when things that used to be enjoyable for our loved ones no longer interest them. we're confused as to the cause of the personality changes that we see in our loved ones. we're shocked when we hear of that first dui. we are fearful when our loved ones are taken to jail for the first time. we're embarrassed when holidays approach, and family members are coming in from out of town's, and loved ones can't interact because they are under the influence of drugs. we dread the next phone call. we can't sleep because we haven't received a phone call. we don't take vacations for fear of the next crisis. we come back from vacation because there is a crisis. we're sad and angry, but most importantly, sentimental items are missing from our homes, only to find out that they are at upon shop or in the hands of drug dealers. we're relieved when our loved ones acknowledge that they have a serious problem, and understand they need help, and we are devastated when we help them seek treatment only to find out that there is a month-long wait, or that there is no insurance coverage, or that there is a big requirement for money up front for treatment. we're sad and uncomfortable when someone asks us about our loved ones, and we are even more sad when they ask about every other member of our family, and don't mention our loved ones. we neglect our marriages. we neglect other children in our homes, who are thriving. because all of our attention is focused on addiction and substance abuse. we disagree endlessly about the right way to handle this problem. and after experiencing years of turmoil, we rest better at night when our loved ones are incarcerated, because the place you never dreamed your loved one would ever see, a jail or prison, is safer than them being on the street, interacting with drug dealers pushing a needle into their arms. the ones who are fortunate, we layaway get night and we plan our loved ones funeral. the ones who aren't fortunate, actually do plan the funeral in reality. this is where addiction has taken us. this is where substance abuse has taken us. all that being said, there is hope. that's probably the most important thing to remember here. we're so grateful, to people in recovery helping others. we are grateful to the mayor, who has so tirelessly and endlessly spearheaded programs to help our community recover. don purdue, who's made it possible for people to receive treatment in our communities. i think education is important, and i was fortunate enough to find a group developed by a man named ed hughes. it's a seven-week series that provides education and support for family members, for those who care about those with an addiction. the final week of the program, we get to speak to people in recovery. they speak to our group of people, and it inspires us, because we know that recovery is possible, that it can happen. for too long, we have been silenced, and i think this is going to answer your question -- as parents and family members, because of the stigma of this disease, we have been silent, and i think that is holding us back. we need to open our voices so that people don't feel ashamed. this is a disease that is a sickness. but education, educating ourselves as much as we can, and speaking out to raise awareness, is i think critical in this situation. i'm almost finished. people in 12 step recovery groups and different groups rely on a higher power. i'm a person of faith, in my faith has helped me navigate this journey that we have been on. i just want to share with you a verse that i hold dear for my own family member, who is sick, but also offer to others. jeremiah 29-11. "the plans to prosper you, to give you hope in the future." i believe that every person in the throes of an addiction and substance abuse needs hope in the future, and i believe this for their families as well. thank you so much. [applause] host: opioid drug abuse was also a topic on the campaign trail. new hampshire is the first in the nation's primary state, and overdose deaths in that state have doubled in the last two years. days before the new hampshire primary, texas senator ted cruz spoke about his sister's addiction and her overdose death. the senator was introduced at the event by a recovering crack addict. >> well, that all sounded really great -- is chief bartlett here? hey, chief. said, you in putting this deal together, all that sounded great, but chief bartlett said to me -- i lived in florida for 26 years, in new hampshire in the 1980's, and when i called him up to put this together, he said, you know, i used to be an undercover drug agent in manchester. woefully get their way s any recovering alcoholic or addict will tell you, if they have read