[inaudible conversations] [inaudible conversations] [inaudible conversations] hey, everybody. Welcome to the new piano called security without backdoors come in the future of digital privacy. We have an amazing panel. People who youve probably read, people who have bad on my podcast. I host a podcast called note to self. Thats my biggest men in the front row. And its not my mom, so that you could so what we do is we look at how technology is changing human behavior, asocial logical look and of course the law of encryption and surveillance are becoming very large parts of how its changing our behavior and changing what we buy, what we download, how we are in touch with our loved ones, how we do everything. Before we begin, ive been instructed to tell you that the books by these three authors can be purchased from barn to noble immediately following this program. They will be signing their look at dining table eight in front of the building. How many of you are here because you do have privacy concerns . And then ago at 80 . This is being carried live on cspan2 by the way. How i view how many of you are here because nonfiction mr. Jim. Nobody . Come on. Dont raise your hand if thats not the case. Youre in the right place obviously. What we are going to do is have each of the authors give five to 10 minute. I asked for reading and they all decided to decline to read. I was like at how will they know that they should get their money out afterwards . They just want to tell you about it. So maybe they will choose select passages. Having read the majority of all three, i will say they are informative, and might name, frightening, but also optimistic in their own special way. Let me introduce everybody and then they will do their thing and then we will have a discussion here and then i definitely want to make time for you to ask your questions. Im sure there will be many of them, but want to get to as many people as possible will keep it moving as much as we can. Fred is going to kick us out. Fred kaplan at the National Security columnist for slate. Hes here to discuss his most recent book, Dark TerritoryDark Territory the secret of cyber war. Next ahead ms. Bruce schneier, wired magazine calls him though was from the security experts. His book is data and goliath the hidden battles to collect your data and control your world and someone right next to me is professor of law at Georgetown University law and direct there at Georgetown Center on National Security and the law and she is director of the center on privacy of technology and her most recent book is the future of foreign intelligence. Privacy and surveillance in the digital age. Lets welcome them. [applause] the maxell, past, present, future. All of this might be new to you, but its been going on for a long, long time. It goes back to the dawn of the internet. In 1967, almost 50 years ago as the arpanet, the precursor to the internet was about to get rolled out, there is a man named willis where he was head of the Computer Science department of the rim corporation. He had been a pioneer in computers. He worked at princeton. He was also the Scientific Advisory board of the nsa and he wrote a paper secret at the time. Its been declassified and. You put information online. It mightve been the first use of the word online for multiple unsecured locations. If we are creating an inherent vulnerability. Youre not going to keep secret. When i was doing research for my bucket went to the guy who is the Deputy Director at the time. I say did you read willis first paper . Yeah, sure. I knew what it was he appointed you think . I took it and they said dont create a security requirement for a spin about how hard it is to do what weve got. At that time the Wright Brothers that the first plane has to travel 50 miles in 320 passengers. Lets take this one step at a time. The russians are going to have anything like this for a few decades anyway. By which time for systems and networks have grown up with no provision for security whatsoever. It took a while for computers to start happening. By the time they started happening in the 80s and 90s, it became apparent. There is the National Security director signed by Ronald Reagan in 1984 which was spurred by a feeling of the movie wargames than asking could Something Like this really happen, which basically reads exactly like things you read today. Our Computer Systems face vulnerabilities with electronic intrusion from terrorists, foreign spies. I than nine days, there was a wargame simulation were 25 ranking members of the nsa using commercially Available Technology act into law the Defense Department networks including the links between secretary of defense and the president of the United States. There were no provisions for thinking about this at all. No protocol, no nothing. By the nsa was inside the Defense Department network, they ran across a few from france. They were part of the game. France is happiness in 1997. Right away after that, we start putting intrusion detection systems on their computers. Just what they see. Intruders. Russia then find out. When you read descriptions of whats going on now and we can get into more of this in your question period, but it has been anticipated for 50 years, it has been occurring for 25 years. It has been ensconced in secrecy. All of this is within the National Security agency and other organizations youve never heard of which are by nature everything about them extremely secret. Its only recently we are beginning to be aware of this and think about strategic implications and its impossible solutions. So that is the setup. I guess i am president. This is the christmas cattle only christmas cattle only with surveillance. My book is data and goliath. I look at it and surveillance, how it arose, whats happening and how to deal with this. How do we get that privacy in the world where our selfloathing. This device knows where she lives, where she works, where she slept last night. Well have one. These devices know that i may have to know that to turn them on to work. The Search Engine here is a very intimate device. I used to say my Search Engine knows more about me than my wife does. That is true, but it doesnt go far enough. It knows more about me than i know because it never forget things. I look at this data we are producing and whats happening to it in what we should do about it. But i talk about here is something in the title. Lets talk about that choice. They have been and will be. The aspect is very interesting. 2004, greece has Cell Phone Network like everyone else does. They were surveillance capabilities built into the equipment through the manufacture with ericsson briefed them on the capabilities. They werent turned on. It was delivered to greece. Someone turn them on and we dont know who appeared spied on politicians and Business Leaders for about a year. At the backdoor ability that is being used by somebody who is like not legitimate user of the equipment. Access are not the primary means for my data or control. Access are deliberate. Accidental backdoors are vulnerabilities. You hear a lot about all of this issue. These are programming mistakes that are in Computers Like this one, like your computer, the one that apple downloads patches for that can be used to spy on us. And then there are these deliberate backdoors which are like the ericsson or liquid the fbi wanted apple to do. Who wants these backdoors . What do people do. Cybercriminals want them, terrorists want them. Some of the data leaks you read about how mr. Backdoors. Do we believe the russian government used to access the systems. Police want to. Rival governments want them. So there is this debate about what to do about backdoors. And the debate very much mirrors the nsas to mention. The nsa is the agency with two separate missions. Until very recently they were very separate. The second mission, which is the Intelligence Missions by on their staff and to protect our staff. These missions were much easier to separate when our staff and their stuff are different. When the russians didnt have the same internet we did, it was easier to protect the internet and spy on whatever the russians have. The problem is today we all use the same stuff. Its one world. Well use Microsoft Windows and tcp ip end quote browsers and i found. So when we find these vulnerabilities and think about these backdoors, we have to decide, do we want to close them and secure the systems, securing stand the bad . Do we want to leave them open late in the systems vulnerable so we can spy and they can spy. That is the fundamental debate we have here. Nobody for us, a term used in the Intelligence Community in the United States. General hayden said on television a few years ago that there might be the vulnerabilities that nobody but us can find. We know that seems not to be the case. Once theres a backdoor rechecked controller uses the period a stingray is a trade name for a fake cell phone tower. This is very secretive, has been for a couple decades. The fbi has used this to basically spy on cell phones without a warrant. They put a stingray and they know whos in this room by using the technology. A big fbi secret for many years. They would not prosecute people who threaten to release evidence about that in their defense. Theres one point when the state of florida really some documents in federal marshals can see them before they could release them. The problem is it was in a secret at all. A few years ago some magazine did a survey around the d. C. Area, found a couple dozen of these stingray like devices. We actually dont know who against u. S. Government buildings, foreign embassies not run by s. You now can go on alibaba. Net and they cost about a thousand dollars. And you can conduct this kind of surveillance. This is the problem. Todays programs in tomorrows and the next ad hoc or tools. Once you have a backdoor, everybody can use it. One last example early on the documents i was involved in writing articles about them. Theres something called quantum quantum was the big secret the nsa didnt want us to release. A lot of the system by which the nsa intercept your internet requests to facebook and slips now where into the return of antitakeover systems. Kind of cool technology. It is sort of me. And this was their big secret, using this for a lot of really good port and spying missions. There is a hacker tool that does the exact same thing. You could download it. Last year, make it one of these was part of an undergraduate homework assignment at m. I. T. These are capabilities that slow down. The result of leaping backdoors open his vulnerabilities. If indeed we are choosing between security for everybody for vulnerability for everybody, the question to ask is what they saw as safer. United state industrialized world, Internet Security is so important that we are safer is securing our systems even if it means losing intelligence capabilities. I think that sets you up nicely. [inaudible] you give us the right one. I know who you are. Just making sure for everyone elses. Thanks very much. For the three people for whom nonfiction is your chance, as an historian and law professor i can hardly be otherwise. For the 80 of you are more will have privacy or concerns, i share this concern and that is why about this book. In my view the attacks on privacy are one of the most serious threats to liberty in a 90s date today and i dont say that lightly. In many ways the encryption debate even about section 702 is like watching the shadows on the wall behind us that is burning and theres bigger issues at stake. In particular i talk about three that are coming together with confluence of these factors changing the right to privacy. First is over the past 15 years weve seen a radical expansion and National Security authorities. Despite efforts by congress to rein the executive branch and in the 1970s and the 1978 foreign Intelligence Surveillance act, the executive branch on dead to 9 11 back enough side of the law altogether. When the actions became known the executives tried to shoehorn into statutory provisions and proved exceedingly ill fit. Newline a scathing Intelligence Agency more power as well as brad secret, legal interpretations that stretch the ordinary meaning of english language. The government managed to reintroduce the founding generations for good reasons not to prohibit in the Fourth Amendment. The second fact dirt is that the speaker standards adopted a National Security are now bleeding over into criminal law with profound implications for rates across the board. I talk about this in the book at great length. The Fourth Amendment doctrine is failing to provide the backstop for the changes we are seeing particularly because it does not account for them in their back room. That means they can be accessed, combined and analyzed, even as the resource constraints which protect the privacy of dropped away. The Network Convergence is accelerating the process and the dichotomy of the court has used to protect privacy for their four dichotomies. Personal space versus public space. Content versus noncontent. Personal information versus their party data in domestic information versus international information. Those dichotomies, personal versus publics faith, content versus noncontent and domestic First InternationalCompanies Operate dynamited the new technologies that have emerged. These three factors come in the broader surveillance authorities and the failure of Fourth Amendment doctrines are leading to an airing of our right in my view that the feature in the United States. I want to say word about a general warrant. This is why we have the Fourth Amendment. The general warrant is a document issued by a court of the executive branch which gives officials about it already to search for nbcs private documents without any prior evidence of wrongdoing. It does not specify within a particular date to be searched for the papers or records to be seized. Not supported by oath or affirmation of any wrongdoing. It amounts to a fishing expedition to find evidence of illegal activities. For centuries prior to the american founding, english or assembly go scholars reject a general warrant is the worst exercise that radical power. The idea was to to the idea of the sanctity of the home. They famously said of ones home to him as castles for his refuge. William pitt then said in an inch apart and then before founding his endeavor bounce houses called his castle because it is surrounded by a moat or defended by a law . No, the poorest man may bid defiance to all the forces of the crown. The wind may blow through it. The storm may enter, but the king of england may not enter. All his forces dare not caught the thresholds of the ruined tenement. When they left england expected the rights of englishmen would come with them. In the new world General Motors began proliferating again. James otis says taking on mr. Mrs. M. Is one of the most famous in American History. The crown should have the power. I love to my dying day opposed at all the powers and faculties god has given me come to such of slavery on one hand is the spread of assistant lives. General moran with the first instrument of arbitrary government power. That costs one king of england has had in the other has thrown. The concerns about the sanctity of the home and the importance of ensuring privacy for security. One of the most essential branches is the freedom of ones house, a mans home is his castle and he says well guarded as the castle. They would annihilate this privilege. John matters later wrote about otis adoration then and they are the child liberty was forwarded. All of our early state constitutions or not to prohibit and when madison took on writing the bill of rights, he vowed to create a prohibition on these warrants and so we have the Fourth Amendment to be a secure in their persons, houses, papers against unreasonable search and seizure. What unreasonable methods against the common law of which general warrant violated the common law. The government could not collect private information. They had to have a warrant and that had to be specific to the second part of the Fourth Amendment goes on in my cell particulars of exactly what has to be included for that warrant to be valid. No warrant shall issue but upon probable cause supported by oath or affirmation in describing the place to be searched. So with that history in mind, because perhaps, forgive them for being surprised in june of 2013 to bake a announcing the united state with the data in a phonorecord. They required verizon to turn over the detailed record of the metadata created by communications both with the United States and abroad and entirely within the United States. Issued by the secret court the foreign Intelligence Surveillance court, the order did not name any individual and did not specify the crime. There is not oath or affirmation. It did not indicate a particula