i don't think -- if it was, i would have said so. i think as pressure is brought to bear on that group, we will increasingly seek to leave. our estimates that are half of south africa's white middle classes have foreign residents rights if they choose to exercise those rights. you say why are we there. every individual will have to talk for themselves, but certainly i think my colleagues and many others want it to be a success and want to be an influence in allowing it to be successful because while it's turning against us, those upside scenarios remain within reach for south africa and we're not going to die wondering what would have happened had we as a think tank not committed every resource we possibly had to reform. if it's going to go down then it's going to go down in a fact. and unfortunately the trends are starting to turn against us. the gentleman i'm pointing at. >> thank you. i'm piter justin, the ceo of a company called five plus. we focus on growing entrepreneurship economies. i'm curious as i look at statistics on emerging growth economies around the world they often mirror u.s. statistics, 50% of the gdp, et cetera 68% employment driven by entrepreneurship and small business. i wonder what had your thoughts were how that would impact your growth curves. >> well there's no doubt that if south africa is to beat its unemployment crisis, that job creation is not going to be out of large foreign or domestic investors or job creators. that burden is going to have to be borne to a very great extent by communities themselves. now, south africa statistics are interesting. we have levels of emerging entrepreneurship. someone is trying a startup that compare with the brics as an example, but our levels of established entrepreneurship compare with russia former soviet union. what's happening there? it's that the impetus is there to get going, but when you run into the regulatory war that the south african government represents, no small businessman can possibly hope to make it and to drive entrepreneurship, which might have been the fourth piece of advice i'd give to future south african government, what we need to do is remove the dead hand of the south african state. we actually need to establish a ministry that is responsible for going to see other cabinet ministers and saying, are you aware that you have 200 laws on the statute books and which of those do you really need? and if you aren't able -- and otherwise you repeal and you scrap them. massive deregulation of the investment space is necessary. we know that those foreign immigrants that are being attacked are young entrepreneurs. the advantage they have over the south african colleagues is not that they're better educated or come from more peaceful climes or the advantage is by their legal status they're not subject to the many laws and regulations of the south african government and we need to give that freedom to more south africans as well. >> i have two more questions. i have seen two very persistent hands right at the back. the gentleman first on my left and then somewhat in front of me. i will be available here -- i'll try to be available here for half an hour after this meeting. let me just take those two who i have identified. if marian will permit me i will take one more from the right. >> my name is samar, i'm on my own peril just to make that clear. now, since you've painted a very dismal picture of south africa and you keep saying with one or two person change it could get the leftist in why not pick the china model and start all over again, get their own mao and build through that and then they'll have ji shi ping and all that some through china miracle we see today. why not go through that model? >> that is my narrow right scenario. the reason -- it would leave south africa economically better off, but the basic rights and freedoms that the country struggled for for -- certainly through the apartheid era would disappear with it. there was a question. yes, you, sir. >> i'm kyle gibson, i'm with the u.s. chamber of commerce african apairs department and a former cato institute intern in the trade policy department. i want to touch briefly going back to the broad based economic empowerment codes. so you have the narrative of high unemployment rates. you have dropping commodity prices, and you have many african governments, you know continually trying to diversify their economies. with that we see a rising trend in localization policies across the african continent. in south africa it's the broad based economic empowerment codes. with the ways this is trending not only in south africa but across the entire african continent, what is your opinion on future outlook for foreign direct investment, especially from, you know, the u.s. and other western countries as well as, you know, national economic development if there's any influence? >> i'm weakened by the fact we're talking about 55 countries each with their own sets of policies and outlook. as a short answer, in the north africa is starting to look pretty good. zimbabwe is an exception. considering where the continent was and where it's going, we will not again see the hopeless continent front perch. i do like your question though because you're touching on something that i haven't seen many analysts outside of south africa identify, and that is the importance of ensuring that the formative precedent in south africa is the right one. it's an influential precedent for the rest of africa's development. it was the great democratic experiment, and the president that shaped in south africa i think will be definitive to how other african economies -- not that south -- we can learn enormous amount, more now i think we could learn from east africa in terms of attracting investment than they could certainly learn from us. they could learn from us how not to do it. but the danger is very much as wealth starts being created that the political elite will seek to extract that wealth for themselves through what is called an indige nighization policy through what the south africans call an empowerment policy. it is simply that, a means to allow very big government and very big business to work together in a quausiquasicorrupt fashion to secure short-term economic goals for the investor in question and personal economic goals for the government and its supporters. should other countries start to move towards that model i think it bodes ill for western investment, particularly because of the implications of the foreign corrupt practices act. a criticism we often have of the u.s. state department is that on the one hand you have the foreign corrupt practices act. on the other hand, your investors in africa run the risk of being exposed to government that is increasingly become less democratic, more authoritarian and there's not enough of an effort to create an environment that would be conducive to long-term investment. the winner in all of this ultimately remains china's view on africa. the last gentleman today. you, sir. >> thank you. i'm with the united states of africa 2017 project. a message for you and the south african people. tell zuma to stop interfering with us creating the federation. that is the only you're going to survive as an economic entity if you don't be part of this federation, the status that south africa or nigeria or ethiopia or egypt will attain is that of mexico 40 years ago. so you need to join the federation. take that message to the people and it's private sector driven. the federation is geared to what kato stand for. limited interference of the stupid governing class. >> thank you, sir. thank you, marian. >> thank you very much. [ applause ] here is some of what we're covering on c-span3 today. at 10:00 eastern a senate hearing on global health programs including testimony from musician elton john who will talk about the work of the elton john aids foundation. and at 2:30 eastern the senate small business committee looks at the effect of federal labor laws on the seafood industry. watch both hearings live here on c-span3 and at cspan.org. google vice president vint cerf is credited with co-founding the internet. he spoke at the national press club about a variety of internet related topics including cyber security, net neutrality and protecting free speech online. this is an hour. >> good afternoon and welcome. my name is john hughes. i'm an editor for bloomberg first word, that's our breaking news desk here in washington, and i am the president of the national press club. we are the world's leading organization for journalists. we are committed to our profession's future through programs just like this, and we fight for a free press worldwide. for more information about the club visit our website press.org, and to donate to programs offered through our club's journalism institute visit press.org/institute. on behalf of our members worldwide, i want to welcome people in our audience to today's newsmaker luncheon. i'd also like to welcome our c-span and public radio audiences. you can follow the action on twitter using #npclunch. remember, the public attends our lunches. applause is not evidence of a lack of journalistic objectivity. after our guest's speech we'll have requestquestion and answer period. i will ask as many questions as time permits. our head table includes guests of our speaker and working journalists who are club members. i'd ask each person to stand briefly as names are announced. from the audience's right, pender mccarter, retired public relations director for ieee. jackie keisel former presidential innovation fellow at the white house fema, and gsa. bill yarnoff, vice president of business development at the diplomatic courier. tam har bert, technology fre lancer and chair of the national press club's freelance committee. jonathan fisher senior editor at slate. susan molinari vice president of public policy and government relations at google and a guest of our speaker. allison fitzgerald, managing editor at the center for public integrity and a member of the national press club board of governors. skipping over our speaker for a moment lori russo, managing director at stanton communications and the speaker's committee member who organized today's lunch. thank you, lori. haley sukiyama, technology reporter for "the washington post." tom risen, technology reporter for "u.s. news & world report." wayne rash washington bureau chief for e week. joshua higgins, technology reporter for "inside washington publishers." [ applause ] so a little more than 40 years ago, the first international conference on computer communication gathered in the basement of the washington hilton. attendees witnessed a demonstration of new technology that enabled advance applications to run between computers here in washington and others around the country. arpanet, a network created by the advanced research projects agency, was the earliest version of the internet. one of those involved in the demonstration that day is today's speaker. since then in 1972 vint cerf has developed and advanced the architecture and utility of the internet ushered the continued spread of the web and become one of the most widely respected authorities on internet policy and governance. many call him a father of the internet. since 2005, dr. cerf has served as the chief internet evangelist for google. he says he took that moniker because they wouldn't approve the title of arch duke. dr. cerf is obviously well versed on the value and capabilities of the internet. recently he voiced concern that the 21st century could become an information black hole unless we find ways to preserve photos, documents, and other digital content which is hard because we don't know how computers of the future will function. his solution for now, if you want to make sure that some important information survives for posterity, print it out. dr. cerf's current project is the interplanetary internet, which he is working on with nasa's jet propulsion laboratory. it is exactly what it sounds like, a computer network for planet to planet communication. his list of awards and commendations is as you can imagine, quite lengthy. if you want to learn more about them, you'll just have to look them up on the internet. >> google it! >> please give a warm national press club welcome to google's chief internet evangelist, vint cerf. [ applause ] >> well first of all, thank you very much. this is theorem number 208 which reads, if you feed them, they'll come, and here you are and i'm here, too, so it's my favorite theorem. i'm glad we proved it again. second, i'm not going to use any presentation charts or anything. my motto is power corrupts and power point corrupts absolutely so you will have to just listen to vint instead. i did want to tell you a little anecdote which i think is relevant to especially this population. i worked on something called mci mail which back in the 1980s. we turned it on on september 27th 1983 and among the first people to sign up for this electronic mail service were reporters, one of whom was william f. buckley and i maintained a lovely correspondence with bill over time before he passed away, and i remember that i had come and gone to mci left to join bonb kahn. in around 2003 it was clear that charging people for e-mail wasn't exactly a great business model anymore so we shut down the mci mail service, and i got a whole bunch of angry e-mails from reporters who said i have had my mci mail dressaddress since 1983, how can you do that? but the honest answer was it was time for that service to go. so i have two themes that i would like to address this afternoon. the first one has to do with technology, and i will drop into geek a bit. i apologize but it's the only way to be precise. and then i want to talk a little bit about policy. so i have eight points or so on the tech side and four or five points on the policy side. so let me start on the technology side. i'm really proud of the fact that the internet continues to evolve. this is not a design which was fixed in time 40 years ago but rather it's one which has adapted to new technology. it has swept in new communications capability. it has become an important element of the smartphone both the internet and the smartphones and the world wide web are all mutually reinforcing in many many ways. so one of the things that bob and i didn't quite get right was the amount of numerical address space that's needed in the internet. when we designed it 40 years ago, we did some calculations and estimated that 4.3 billion terminations ought to be enough for an experiment. and so the version of the network that most of you are using is calledi p version 4 or tcip version 4 which was designed back around that time. well, we got it wrong. we ran out of the ip version 4 experimental address space around 2011. the ceo of aaron, the american registry for internet numbers. you can wave at him. if you need ip addresses he's the guy to talk to. but we need ip 6 now which has 128 bits of address space. it's 3.4 times ten to the 38th addresses. this is a number only the congress can appreciate. but it is absolutely vital we get all of the isps to turn ipv 6 on. the software is in your laptops and desktops and mobiles but the internet service providers need to turn it on in parallel with the ip version 4 service. you can do me two favors. one as individuals, talk to your isps and demand an answer when am i going to get ipv 6 addresses, i want dates and times. and second as reporters will you kindly do the same thing but do so with the megaphone afforded to you by the fourth estate. why do i care about having lots morei p addresses? one answer is the next wave of stuff is the internet of things. you all know that, but this is real. every appliance that you can possibly imagine is shifting from electromechanical controls to programmable controls. once you put a computer inside of anything, there's an opportunity to put it on the net. now, there are good thing and bad things about that. the good thing about the internet is everything is connected. the bad thing about the internet is everything is connected. so we really need the address space in order to accommodate this explosion of devices. cisco says there may be 50 billion devices by 2020, and they may not be as crazy as it sounds because every lightbulb could potentially has its own ip address. some of them already do like the lightbulbs made by phillips, h-u-e, you can control the color and light intensity from your mobile and to do that you need an internet address. we need to get ipv 6 impli emented. that's the first technology point. the second one is even more obscure, the label is buffer bloat, and you might think, okay, so what is this? when you're watching streaming videos, have you ever noticed sometimes they get real jerky and things slow down and the delays are going up and you sit there waiting for things to reload. it turns out it is not true that having more buffer memory space is always a good thing. let me explain. you have a router at home typically, maybe supplied by cable or tellico company. or maybe you bought one and installed it or hired a geek to do that. so this thing has memory in it and imagine for a moment that you're running a local network at home and it's running at maybe 100 megabits a second or maybe 10 megabits or maybe a gigabit per second but the connection you have out to the rest of the world is not running that fast. unless you happen to be on one of the google fiber networks in which case you're getting a gigabit per second but most of them don't quite get to that speed. so what happens? the program you have running inside the house is pushing data like crazy into this buffer which is filling up and emptying slowly because the data rate on the other end is slower than the rate at which you're pumping it in. there are increasing amounts of delay from the standpoint of the sender waiting to hear acknowledgements coming back from the other end.at some point the program inside your house is saying, oh my god, they didn't get what i sent, i better send it again. you keep resending and you create a highly congestive condition. what you have to do is design the system so that it doesn't put too much buffer space in the path. it should put only enough to deal with the differential between the high speed and low speed side. of course, this also works in the other direction. so there is -- here is the code word for you. the letters that you want to refer to are called codel-fq. c-o-d-e-l dash fq. you could say also by the way i want codel fq in my route other and i want a poodle. okay. next point, all of you are familiar with the fact we're really bad at picking passwords and some of us still use password for a pass words because that's easy to remember but everybody else knows that so that's not a good thing. so you're told please make up complicated passwords with punctuation and other stuff and keep changing them all the time and you can never remember them so you make a list and stick it on your computer or put it in your wallet. okay. so at google you will remember and some of you reported that we were attacked in 2010 and penetrated, and so we decided we needed to do something about that. so in addition to user name and password, which we still ask people to change on a regular basis, we also have a piece of hardware. it is called a gnubby and don't ask me why. i have no idea. this little gadget is a two factor authentication device. essentially it generates a random one time password using a krip toe graphic algorithm. when i log into my google accounts, and you could do this too using g mail when you log in if you're acting for two factor you a then at this if ication. if you have this device you tickle it because the light came on and it sends the data back and forth or it sends you a random number to your mobile or you have an algorithm running in the mobile that generates the random number for you. all of those cases imply you had to have this other thing your mobile or the little gnubby device or a message coming from google giving you the latest one-time password in addition to knowing your user name and password. that's what it's two factor authentication. it means if somebody got your user name and password they can't get in because they don't have the second factor. we would like to encourage everyone to adopt that practice because that will make the network safer for you and for me. fourth point, security is and safety and privacy are really important in the net, and one way to achieve that in part is to use what's called https hypertext transport protocol is what was invented in 1989 and it was released as part of the world wide web. there's a secure version of this. called ht tps and the purpose behind it is to encrypt the traffic between you, your laptop, desktop, mobile, tablet, and the server on the other end, google in my case. and so the idea here is that everyone should be making use of this krip toe graphic means of transmitting data back and forth. while. >> you are using web-based applications, the information is kept in encrypted form and only decrypted when it reaches the other end. so this is called encryption for transmission. which leads me to the fifth point which is that google and others believe that all transmissions regardless of whether it's from your edge device to our services or between our data centers or any other place ought to be encrypted in order to protect confidentiality. and so we see krip toe as a very, very important technology which should be incorporated into normal use on the net. i know i don't have very much time so i won't tell you stories about how i worked with nsa way back in 1975 to design and build a secured internet. the only problem was that the details were classified at the time and i couldn't share it with any of my colleagues. how we have the technology available to make it a more confidential environment. we think also it's important to encrypt data once it lands in place. your laptops should be encrypted. your mobiles should be encrypted. we won't encrypt data that lands in our data center as we move it back and forth between the data centers. we keep it encrypted so even if the data center were penetrated or you lost your laptop or your tablet, the information will be very hard for someone to extract. so crypto is important. the seventh point is dns set. you know what the dough name system is because you use domain names all the time. this is a security extension. how do i do this in a couple seconds? when you do a look up of a domain name, you may not see that happening but when you type www.google.com, your xu ser says where the hell is that on the net? i need a number and it looks it up in the domain name system which is a big distributed database. it gets back an ip numerical address. so these two pieces of information, domain name and ip address, are very important. now, what happens if somebody can go in and change the numeric address associated with the domain name? you may think you're logging into bank of america.com, but if somebody has hacked the system, you're off to some bad site which is extracting your user name and password and everything else. so the solution to this problem is to use something called a digital signature. some of you have heard the term public key kriping toography. we can digitally sign the binding between the domain name and the ip address. so when you get that pair back from doing the query you can check did anybody change the binding? has anybody altered the numerical part and by checking the digital signature you can verify it has not been modified. this protects against all kinds of spoofing kinds of attack that is would otherwise be of harm. so we think dns should be implemented. it is being implemented throughout the domain name system but we need more implementation as it goes down into the hierarchy. the eighth thing on the geek side it's bcp-38. what the hell is that? this is best communication practices number 38. basically what this says is that if you are operating a network and you are going to accept traffic from people that will eventually be sent out to the rest of the internet, the first thing you should do is check to see whether the source internet address, the knew mir cal internet address that's coming from whoever is giving the traffic, is coming from a legitimate source. is it really coming from a network that owns that address space or is responsible for that address space? and so bcp-38 basically says don't let traffic into the net that has fake source addresses. it's possible to fake the source address biy just stating this is coming from that place over there even though it's coming from here. we don't want people to do that so we think again the isps should be executing that bcp-38 thing. so you can tell that i have a very strong message which i ask you to amplify to tell the isps time to get on the stick to improve the safety security and confidentiality of the net. okay. now we'll switch over to policy and they told me they were going to tell me when this thing was going to die. what does it say? it says i have 19 minutes left? >> it says it's 19 after so you've got -- >> 3.5 seconds. >> 7 minutes. >> okay. eight things in seven minutes. first of all some of you, i hope, are reading about and some of you may be write being that the ntia has to transfer whatever responsibilities it still retains to the internet corporation for assigned names and numbers. the multistakeholder bodies of the internet, all of us become part of the operation of policy develop for the internet rather than having a specific agency of the u.s. government taking responsibility for that. when the ican was created in 1998, that was the intent. there was supposed to a two or three year period where everybody settled down and then the then-ntia would relinquish responsibility for any further direct interaction. well, it's been some years since 1998. it's now time and ntia has proposed to do that. it's asked the community to show how it would operate without the benefit of this ntia oversight, and so although there is controversy over this, i am a strong believer that we should -- the government should step away from this special responsibility or authority and return this to the community which has created and operated the internet since its inception inception. that's point number one. second, i can't imagine you would disagree that freedom of expression and access to information is absolutely fundamental to our democratic societies and we need to make sure that the internet continues to support that. i'd like to add one more freedom to this and that's freedom from harm. we don't often speak about that but unless people fell they are safe in using the internet then they will not use it, and if they don't then some companies' business models including mine, may very well be undermined. so it's very, very important in addition to the freedom of expression and assembly and access to information that we do everything we can to protect people from harm which is why i was talking about all those other geek things a little while ago. point number three has to do with nondiscrimination and in particular none of the isps or the broadband providers should have anything at all to say about where the traffic comes from and where it's going. everybody should have equal access to the net. you should have the ability to go anywhere you want to on the net and in principle do whatever it is you want to do. of course, if it turns out to be illegal, that's a different problem. but none of the providers of access to this system should be telling you what you can and can't do. so that's a nondiscrimination element. that's showing up in the net neutrality orders that have come from the fcc. preserving user choice is fundamental again to the internet's utility. similarly the fourth item on the policy list is equal access to performance features. if you have the need for low latency because you're playing some kind of video game or you need high bandwidth because you're streaming video, you should have access to that. there shouldn't be possible for the broadband provider to pick and choose who gets access to that and who doesn't. this should be openly available to everyone. i didn't say free but what i said is everyone should have equal access to those capabilities. and finally, i think it's very important that we encourage not only here in the u.s. but everywhere around the world the adoption of policies that would encourage the creation of more internet. now, of course i'd say that. but, look, here is my problem. at google my job is to get more internet built all around the world and in talking to eric schmidt the other day, he said, you know, you can't retire. and i said why not? he said well you're only half done. you have 3 billion people up. you have another 4 billion people to go. so i could use some help in case any of you are interested. we really need to help countries recognize the importance of investment in internet infrastructure for the benefit of their citizens, and so that is my fifth and last point on policy and since i am clearly over time, i will stop there mr. chairman and turn the floor over to you to ask grilling questions. thank you. [ applause ] >> thank you. thank you very much. the internet was created by the u.s. defense advanced research project's agency or darpa and now it is global yet no one really owns the internet. is it possible that a multistakeholder governance environment can actually work? >> boy that was a nice gimme. thank you for that one. first of all he's right. darrpa did sponsor this initially. the answer is absolutely yes and how can i possibly prove that? well, we turned the internet on on january 1st 1983. okay, do the math. how long ago was that? 1983. 32 years. now, who do you suppose was actually running it at that point? it wasn't the defense department. i was sitting -- actually i had left the defense department. i was off at mci doing mci mail at the time, but my colleagues were parts of universities. they were in the private sector running, building, and operating pieces of the internet, and it's been that way ever since. it has always been the private sectors role to build and operate these pieces. of course, the defense department has pieces of its own. so does the national science foundation and nsf -- nsf doesn't run the nsf net anymore. they started it in 1986 and they shut it down in 1995 and they didn't need it anymore because there were commercial services available. the private sector and the civil society and the technical community and the academic community and governments all have a responsibility including you, to be part of the policymaking apparatus for the internet. the things that you do to protect your own safety and security and privacy affect me, too, because if you don't do a good job, then you become an avenue through which attacks can be made and phishing attacks occur and access to things that shouldn't be accessed by the wrong parties happen. so we all have this shared responsibility to make policy decisions about the internet. the enforcement of policy could be the responsibility of specific organizations and individuals and the lake, but the policy making thing should be multistakeholder. as far as i can tell that has been working for the last 32 years, and it can continue to work if you just let it. next question. >> got several questions about hacking and, you know, the white house and the state department have had networks hacked. will there come a day when such hacks are not possible and someone else wonders who is responsible for cyber security? who is ultimately can stop the hacks from happening? >> the answer lies in the previous response as well because we are all responsible for improving the safety and security of the internet. your own choices your practices, the practices of the internet service providers are all part of this fabric that we have to maintain. there's a visual model i have in my head. imagine that you have a set of homes whose backyards are all shared so there's this big kind of a park and the front doors go out this way going outward. imagine there's some nincompoop who inn cysts on leaving his house unlocked. even if all the houses are locked one guys lets someone into the interior. we all have a role to play to make it more secure and safe. there are different places in the internet's architecture where attacks can be launched. this is a very layered system. and so the mechanisms that might work at one layer may have no effect at another. i'll give you an example. suppose somebody says, the solution to e-mail problem is that we should encrypt everything and so as long as we encrypt the e-mail as it goes through the net, everything will be okay. well, okay. let's analyze this a little bit. the source of the e-mail using a laptop which has become infected somehow. maybe they plugged in a usb that was infected or they stuck in a dvd or maybe they went to a website that had malware on board. so this computer which you don't know or the user doesn't know is infected composes a piece of e-mail with malware in it. then we encrypt it. it goes all the way through the net, nobody is see anything, it gets to the end and its decrypted and the malware does the damage. we have to put prevention in various layers in the system using various and sundry technologies. so in a very -- it's kind of an odd ball answer here but it's sort of everybody's responsibility to do this, but each layer and each provider of service at those layers has a responsibility just as we do at google. we're way up in the application space and we're doing everything we can to protect against the kinds of attacks which could be launched against our layers of the architecture, but there are other layers below us, the ones doing transport, that also need to contribute to the safety of the system. >> right now we use social and credit history to verify our legal identity. if social security numbers didn't exist, what would identity verification look like and is there a better way to do identity verification? >> the short answer is yes. would you like me to elaborate? so, first of all, social security numbers were not intended to be identifiers used in commerce right? but they are. or the last four digits which is almost worse. second, the social security numbers don't have any check digits for anything. there's no way to tell whether this is a valid or invalid social security number. it's just nine digits. we could do a lot better especially with today's technology. one possible would be to issue a certificate which identifies a public key that belongs to you and to you alone. and what you would want is to have the private key that goes with it. this is public key crypto stuff. this is this weird stuff that my friends came up with in 1977. it's kind of like a door with two locks. you have two keys, one key locks the door but it doesn't unlock it. the other key unlocks the door but it doesn't lock it. and so you have these two different krip toe graphic keys that work together to create security. so you can imagine having an identifier that has been digitally signed by an authority that would issue those identifiers. that authority could be a state government because that's where the ssns come from or it -- i guess it's a federal government but the states issue these things -- does anybody know the answer to that? is it correct that the states issue the social security numbers but they do so -- the federal government does it. okay. thank you. so the federal government could issue these certificates and as long as the digital signature works it's a way of validating yourself remotely. somebody could send you a challenge saying are you really vint cerf with this public key? if they encrypt that in my public key, only i can decrypt it in my private key just like the only guy who can unlock the door with the private key and then i could send a response back to that party -- using that party's public key to encrypt the response. so we can verify that each of us have a credential issued by the federal government that has a public and private key associated with it. it's more complex than that but we don't have time to go into all the details but that's the essence of what could happen. it would be a lot better. by the way here is another opportunity for policy. if we could agree on an international basis about the bona fides that have to be shown before you get one of these credentials, then we might be able to make a digital signature as significant and as author tay tiff as a wet signature is today but we have to agree on a global scale what bona fides have to be presented in order to get this authorizing digital signature and certificate. i think that would be a really good thing to do because it would encourage e-commerce and it would also give us some protection against the abuse of our social security numbers. so that's the long answer. >> in addition to printing out our photos what else should we as a society be doing to preserve information? that is preserve our culture for future generations? >> that's a great question. i really didn't say princet everything, but some people who are in the business of printing photographs decided that's what i said. and you can't blame them. printed photography has gotten kind of different from all of the stuff you see on flickr and everything else. here is the problem. every single day when you use software in your laptops or desktops and what have you, you create complex files. if you're using a text document editor microsoft word or something else, the file that you create is actually a pretty complex object. and in order to correctly render it or allow the document to be edited, you need a piece of software to help you. that's the application program. now, i want you to imagine that it's the year, you know, 2150, and you're doris kearns goodwin's great, great granddaughter, and you want to write about the beginnings of the 21st century. you remember doris kearns goodwin wrote that wonderful story about lincoln his team of rivals. if you read it, i hope you had the same reaction i did. the dialogue seemed very plausible. the opinions that were being stated and the words that were being used made it seem like she must have been a fly on the wall 150 years ago. of course she wasn't she went to 100 different libraries and collected the physical correspondence of the principals and used that to recreate the dialogue of the time. now imagine it's 2150 and you're trying to write about the beginning of the 21st century and you can't find a damn thing because all the e-mail has evaporated or worse you have these giant disks full of bits that represent the e-mail, but the application program and the operating system it ran on and the hardware that the operating system animated don't work anymore. they're gone nobody has supported them. you have a pile of rotten bits on your hands. i want to prevent that from happening. there are only a few ways i know of to do it. the best way i have seen so far i lectured about this with my partners at carnegie mellon last week at stanford university, this guy -- i practiced so hard to say that. we saul him satya or obvious reasons. he's developed a virtual machine capability that will allow him to emulate hardware pretty much of any kind and then run the operating systems on that emulated machine and then run the application on the emulated operating system and it works. he demonstrated. this is not slide ware. he showed 20 different emulations of different machines and different operating systems and, my god he was showing me 1997 turbotax running on a mac including the crappy graphics and everything else. it was really a phenomenal performance. so the ability to preserve software applications and operating systems and emulate the hardware is exactly the best answer so far. imagine running those emulations in the cloud so that those machines are available to anyone. this is not a trivial technical problem and also there is intellectual property issues. how do i get ahold of the software? what rights can i get? what if i have the object code and i'm running it on the cloud and somebody says, you can't do that because they didn't pay. it's 150 years since you did anything with that software, you know. give me a break. you remember what happened when the xerox machines were created and the librarians said people should have the right to copy a limited amount of material this way and the publishers were saying no, no no. people -- i'll publish one book and people will make xerox copies and i will never make any money. that didn't happen. we need a preservation use like that associated with copy right so that preservation as an act is not only sanctioned but encouraged so that our digital content will survive over long periods of time. that's my long answer to that question. >> combine a couple questions here. in 1979 bob kahy urged you to create a brain trust in case you got hit by a bus and couldn't continue your work. who do you view as the brain trust today and part two of that is do you feel there is enough technical expertise or even consultation with technology experts among those who craft technology policy? so who is the brain trust and is the brain trust being consulted like it should in technology policy? >> okay. so the answer to the last part is no. the answer to the first part is that the original group that i created at bob's request was called the internet configuration control board. iccb. we made it as boring as possible so nobody would want to be a member of that board and then i appointed the people who were the lead researchers on the development of the internet at multiple universities around the u.s. and so the iccf morphed into the internet activities boards around 1985-later became the internet architecture board and now the internet architect architecture bord and the around engineering task force and the internet research task force housed in the internet society are the brain trust for the technical evolution of the internet. it's where the bulk of the new protocols are coming from. it's not to disenfranchise corporate entities, but the core of the internet's evolution still comes from that brain trust. i have lived here in washington since 1976, and i have considered it to be both a privilege and a responsibility to try to help policymakers understand enough about the internet so that policies they make make some sense. and, you know, i'm not looking for technical depth here. i'm looking for simple cartoon models of how the networkworks that are accurate enough so if you reason with those simple models, you will reach the right kind of conclusions about what of conclusions about what pollicy policies are implementable and which ones are not. the last thing you want is a policy that requires you to double the speed of light or abandoned the law of gravity. our job is to try to be helpful to provide clear enough explanations for how this stuff works so that when policy gets developed, it actually is implementable and makes sense. the worst thing in the world is to pass laws that can't be enforced or can't be implemented because it encourages disrespect for the law and that's not a good thing. >> looking over the past two decades or so, what are the one or two developments in the internet that you are most pleased with and most disappointed with? >> well, starting with the last one, spam is a kind of a disappointment. i have to have say i'm very proud of my company google because we've done a very good job of filtering out an awful lot of spam. if you happen to be using g-mail, if you ever looked at your spam folder, it's amazing how much stuff you didn't have to look at especially how to enlarge body parts and all that stuff. so it's an annoying side effect that e-mail is essentially free. it meanings the spammers don't have to pay for what they do. and there are crazy ideas like charge 0.002 cents for every e-mail. it's not enforceable so forget that. spam is annoying, but there are ways of filtering out. the thing i was most astonished by -- proud is a very funny word to use here. in fact, let me go down an alley for a moment. some of you have kids, right. you might have learned what i learned, which is don't take too much credit for when your kids do well so when they screw up you don't have to take too much blame. i think that, you know, proud is the wrong word to use about internet. i'm just grateful to have been part of this story. however, with regard to surprises, when the worldwide web hope isshowed up in 1989, no one really noticed. but when the mosaic browser showed up around 1993 this was absolutely astonishing because it turned the internet into a magazine. it had imagery and color and formatted text. it was really quite eye opening. on top of that, the browsers had this feature that if you wanted to see how the web page was built, you could ask the browser to show you the html. so this was open. everybody could copy everybody's web page and they did. then they found new ways of making them more interesting. so the webmaster was a kind of role which didn't exist before the worldwide web, and it was sort of enhanced by the fact that everybody could share each other's web pages and how they were built. so the thing that astonished me was the amount of content that poured into the net once web browsers and html were available. it was just astonishing how much information people wanted to share, not because they wanted to be paid, but they wanted to know that their information was useful to somebody else. so you hear this story about information is power. nonsense. it's information sharing that's power. we've seen it, and we've seen it over the past 20 years. we're going to see it over the next 20 years maybe the next 20 decades too. so the thing that i like the most about the internet is that it is evolvable. it is scaleable. it's well over a million times bigger than it was when we turned it on. there aren't too many protocols that will allow you to do that kind of scaling. and it has invited creativity. we use the term permissionless innovation very deliberately. you don't have to get permission from every isp in the world to invent a new product or a service and put it up on the net, and it should stay that way. >> this questioner says you are said to have been a candidate for the office of u.s. chief technology officer. wants to know if you would have taken that job. really, a larger question also is, would you consider moving over to the government side to help sort out some of these issues in some kind of senior role, if offered? >> wow. so this is a hypothetical, mr. chairman. so first of all, the answer is there were news reports i might have been on the list. i don't actually know. i consulted with some of my friends, including eric. eric said, you know, why don't you just be the chief technology officer's best friend? so i made good friends with him and his successor and of course megan, who's now there as cto. i thought that was pretty good advice. now, i have served in the government. i served six years at darpa. i really enjoyed that time. it was an empowering moment for me. it was a period of time where i worked with incredibly smart people, but my whole career has been that way. i'm at google surrounded by incredibly smart people. most of them are smarter than i am. i learn that every single day especially when the 25-year-olds run over and say, why don't we do "x," for some value of "x." i'm sitting there thinking we did that 25 years ago and that didn't work. but 25 years ago, there's a reason why it didn't work. that reason may no longer be valid. it could be that computers are cheaper, faster, there's more memory, something else is economically feasible that wasn't before. i have been forced to rethink my own views on these things over and over and over again. and let me tell you, nothing keeps you younger than having to rethink your own positions. so for me, i think i don't feel the need to become part of the government. but i want very much to have an opportunity to provide support and help if i can. and i will do that if i'm allowed. >> do you want to see congress pass the usa freedom act? and congress just had a hearing on encryption focusing on privacy rights versus law enforcement's desire for a back door into cell phones et cetera. what do you think congress should do? >> so first of all this back door idea is indicative of a real tension here. this global system is used and abused like a lot of technology. there isn't anything about the technology that determines whether or not it's constructive or destructive use. it's just a neutral tool, and some people abuse it. so we have to do something. we wish to protect the citizens of our country and others from harm in this network. and so you have to ask yourself well, how can i do that? what steps can i take? and the tension pretty obviously is that if you use things like cryptography to protect privacy and confidentiality, which i'm sure you all care about, there's this question about what about the law enforcement people and what can they do. the proposal to put back doors into things is reminiscent of something else some of you will have reported on, the clipper chip, back in the '90s. i was absolutely adamantly against the clipper chip idea. and the reason was very simple. if you have a back door, somebody will find it. and that somebody may be a bad guy or bad guys and they will intentionally abuse their access. so creating this kind of technology is super super risky. so i don't think that's the right answer. at the same time, i accept the governments are there in part to protect their citizens from harm. the question is, how do you do that? there's this spectrum. imagine that on one end, we live in a society where there is no privacy at all. everything is known. everything you're planning to do is known. it might be a very safe society to live in, but it might not be one you want to live in. on the other hand, what about a society where there's absolute privacy, nobody knows what you're planning to do at all, and bad stuff happens. so you feel that your privacy is protected but your safety has now been diminished. there must be some place in between, and it isn't the same place for everyone. it isn't the same place for every culture. and it isn't the same place for every nation. our job in the u.s. is to figure out where is that balance for us. i think the congress is forced now to struggle with that. they're going to have to listen to these various arguments about protection and safety on the one hand and preservation and privacy and confident chaliality on other. i'm not persuade that building back doors is the right way forward. >> the way the fcc's title two net neutrality rules are written, do you think they offer equal opportunity download speeds while forbearing enough title two rules like content fees and regulation. >> this is a really interesting problem that some of you have lived through for a couple of decades. i think that tom wheeler didn't have a whole lot of choice. the fcc asserted a set of neutrality rules, which were intended to protect user choice. they were essentially told by the supreme court, you do not have the legal basis to enforce your network neutrality preferences. so i think wheeler had three possibilities. one, do nothing in which case the net neutrality notions to the extent that people agree they're helpful and useful and preserve user choice, would simply not succeed because of the lack of legal basis for fcc's enforcement. the second possibility would have been to get the congress to create a new title in the telecommunications act specific to internet. some of you will remember there was a brand "x" decision. the cable companies and the telephone companies were saying we are not regulated the same way. this is correct. there's two different titles in the telecom act for dealing with these two entities. yet, they were both proprovideing internet service. the complaint was, we're providing internet services under different rules, this isn't fair. the question is what to do. one possibility might have been get the congress to adopt an internet title that was appropriates appropriate to the internet technology. the choice that was made instead was to treat internet as if it's just an information service that had no layered structure had no telecommunications component. it was just an information service, end of story. well, that led

Related Keywords

Mexico , United States , Nigeria , China , Cape Town , Western Cape , South Africa , Zimbabwe , Russia , Washington , District Of Columbia , America , South Africans , South African , Soviet , American , Susan Molinari , William F Buckley , Lori Russo , Kyle Gibson , Carnegie Mellon , Tom Wheeler , Eric Schmidt , John Hughes , Pender Mccarter , Doris Kearns Goodwin , Allison Fitzgerald , Jonathan Fisher , Vint Cerf , Elton John , Joshua Higgins ,