[inaudible conversations] [inaudible conversations] resuming the questions. Thank you very much. Mr. Zatko, i just wanted to follow up a little bit on the repeated suggestions that youve made in your testimony that Cyber Security vulnerabilities will expose the United States to risk and to attacks and the twitter security failure threatened the countrys National Security. Good with that . Yes, sir. Okay. So i guess hidden ad buyers, we saw the same thing with facebook when they were taking ads with the payments denominated in rubles and not bothering to figure out there might have been russians behind those ads and you mentioned concerns about hidden chinese ad buyers, but if we could talk a little bit more about the National Security risk associated with, for instance, the unregistered Saudi Foreign agent who worked at twitter or the pressure to hire Indian Government agents. Walk us through a scenario of how an individual planted in twitter like that could create a National Security risk for the United States and if you would, make particular reference to the fact that at least when i use twitter, im sending stuff out. Its intended to be public. So how in that environment can a Foreign Agent create National Security risk of any significant nature . Yes, sir. There are several aspects to that. Theres the nonPublic Information that we have spoken about earlier today, your location, your phone number, your email address, things that arent advertised to the world. In fact, i believe, 200 million, if we want to say regular users, not necessarily from a National Security standpoint, twitter in 2020 internally assessed that they lost information on 200 million users for email addresses, phone numbers, other information like that. This is the information that you need in order to start taking over other peoples accounts. With your phone number and an email address, i can hijack your phone number, i can then change your gmail, your coin base, your ameritrade, your other accounts. I can cause financial harm that way and i can then assume your identity and more importantly, i probably want to be able to understand your whereabouts, your network, and understand, well, ill give you an example, in Foreign Governments a concern and then we can apply that to the United States. There were requests for information about members in the farmers protest. There might be organizations or groups in the United States where once i know your home address and your home phone number, i can approach you in real life. I can put pressure on you, i could possibly recruit you, you could be witting or unwitting accomplish and i could target you for influence operations in the real world. Let me just offer the thought that my home address and phone number and email address are pretty widely known and indeed, in the public domain, so how does twitter access to that information, is there more or whats the difference between being able to look me up in the phone book and having twitter access that information . Having been in the Public Sector myself, yes, a lot of my information became known. Theres also a lot of people who are in particular roles where that information is not known, and the targeting of them, perhaps, staffers, perhaps aides, perhaps people around you influencing you to build that network, which we have seen within not twitter, but which the u. S. And Intelligence Committee has seen as part of the game in the Intelligence Community and world. Okay. So, just play that out for me a little bit more, given that so much of this information is available through other channels. What would the end game be for, lets say, a Foreign Government seeking to put that kind of pressure on somebody who could make a difference or a decision about the benefit of the foreign country . Perhaps identifying a relative, a family member, a colleague who is in Financial Issues or has other elements that can be leveraged against them. To help them influence you in a particular fashion without your awareness. So youre able to somebody would be able to create a sort of a family or personal network around an individual twitter user and extract information about folks this that network . Thats one particular aspect that intelligence communities are to do. How would that take place through the if somebodys gotten into the twitter system, how do they find that out . Well, it might be used in combination with other Data Collection sources. For instance, one of the concerns of u. S. People travelling to other countries is, was there information in the opm data base and can that information be crossindexed against the Health Care Data industry bases that have been lost. Do we know that this person has a particular political bias on twitter and start to tie all of these things together for people of influence or access within governments or within sensitive positions. Thank you very much, my time is up. Thank you, senator whitehouse. Senator graham im sorry, senator cornyn. Mr. Zatko, i want to explore just in the next six minutes the kind of data that is available on american citizens that can be used for appropriate or inappropriate purposes. Youre familiar with the concept of ubiquitous technical surveillance, arent you . I can understand those words together and get the general context, i believe, sir, yes. Basically all the cameras that are publicly posted, data on your smart phone, youve already talked about geo location data, the type of transactions you engage in. Where your home is, how much you paid for it. Even google earth may have taken a picture of your home or your place of business, so theres already huge volumes of Data Available for whatever purposes, even above and beyond what social media collects, correct . Yes, sir, theres a lot of information about a lot of us in many different ways, available through technology right now. And i dare say, i bet most americans just cant fathom, the volume of data and thats without even getting to things like social media. For example, in 2015, i think it was, there was a hack of the office of Personnel Management records. I think it was 22 million records of government employees, including their applications for security clearances, was hacked, reportedly, by the peoples republic of china, and then if people decide that they want to figure out their family ancestry and use one of the dna testing companies, my understanding is many of the testing much of the testing is outsourced to places like china, where obviously its not secure from Chinese Government access and so, when were talking about the privacy concerns of americans, this is not just limited to platforms like twitter and social media, correct . Thats correct, sir. I was informed i was in that opm data base and my information and my security information was collected as well. And turning to twitter, youve already talked about the lack of what i would call protection from Insider Threats in the Intelligence Community. If youre working in the Intelligence Community do they have logging protocols that will determine who accesses what information correct so it can be audited later on to determine whether that had been inappropriate access. Thats the sort of protocols or mechanisms that were not available at places like twitter, when you worked there, correct . Yes, sir, correct. And so, anyone who could get access to that information could, on top of all the information that ive asked you about earlier, outside of social mead, if youd looked at the cumulative data picture, is that the kind of information that Foreign Governments like the peoples republic of china, are regularly accessing for their purposes . I cant say whether theyre regularly accessing, i dont have that direct information. I have been i am aware that some people and organizations have gotten very good at cross indexing, across very large amounts much Data Collected on numerous people from various sources, opm, medical, et cetera. Twitter would be a very decent contribution to that multisource collection. And thats where things like Artificial Intelligence can come in to comb or mine vast sources of data for more targeted or narrow purpose, is that right . The ability to collect and mine, yes, has been augmented by modern ai techniques. So, there are, what i would call defensive concerns about peoples or individuals or governments access to your personal data, but there are also offensive concerns as well and thats where the issue of disinformation or a term that became popularized during the 2016 election aftermath was active measures. These are efforts by Foreign Governments, perhaps, Foreign Intelligence Services to actively create a narrative or a message that is essentially propaganda by this Foreign Government that can be used to influence American Public opinion, is that accurate . Not just american, but worldwide, myanmar and acknowledging the disinformation on their platform contribute today genocide. And as you pointed out earlier, when you look at the Data Available to each one of us as american citizens for whatever purposes for good or ill, theres also a lot of information about who we interact with, right . Theres something in the Intelligence Community, sometimes they talk about pattern of life, maybe youd want to talk about a network of friends and associates, family members and the like from which inquiring minds could obtain Additional Data about us . Yes, and to your point, Information Operations are of a concern. Twitter acknowledges that they do happen on their platform. They have disclosed numerous ones and they are aware of others that are ongoing. Im aware that tik tok, which is a chinese company, i believe, and even instagram, which is owned by facebook, have 13yearold age restrictions in terms of their terms of use. But theres no theres no limitation on peoples ability to pretend to be a adult, to pretend to be somebody that theyre not and gain access to social media accounts and to use it for whatever purposes they wish. I cant speak to tik tok or facebook, im not familiar with their internal technology for age, and i know that was a challenge at twitter and from what i was told the majority of agegating was voluntary selfreporting of what your age was. And finally, can you tell me, do you have recommendations based on your 30 years of experience and in terms of Data Security and what sort of regulations or laws that congress and the federal government should consider passing . We dont have time to talk about all of those here today, but wed certainly welcome any of your recommendations, insights. Do you think this needs to be an area where the federal government needs to be actively engaged . Yes, sir, i do. Id be happy to supplement my written report. Thank you. Thank you, senator cornyn. Senator hirono. Thank you, mr. Chairman. Thank you for coming to testify, mr. Zatko. Your testimony and all of your responses to the various questions we have asked you says to me that this situation regarding Data Security and National Security issues with regards to twitter is massive and that twitter is not doing very much to be helpful at all. In fact, there are major disincentives to twitter doing anything to spending the time or the resources to address the concerns that you raised. So, for example, the fcc, resource with record to china to keep twitter under any kind of, even a Consent Decree that was entered into, but back in 2011, and more recently theyre contemplating making twitter pay 150 million for some misuse of information. 150 million fine for a multibillion Dollar Company is nothing to provide any kind of incentives for them to change what theyre doing. And yes, there is information out there from so many different sources and including our appliances, and cars and everything else, however, twitter is a huge, if i can call it a single platform, where one can access information. So who is going to force twitter, really, to do anything . If we were to adopt some of the legislation contemplated. If we dont have an agency that can implement or enforce that law, then were back where we started from. So, what is it going to take to force twitter to change its ways . Well, this starts at the top in twitter and you need an executive team thats willing to go in and say, you know, the executive team themselves acknowledged and i heard them say we have 10 years of unpaid debt here that at some point we really need to get a head up. And they need to prioritize that and to my understanding, a boards primary role is to make sure that the right executives are in charge of the company, the ceo in particular, to make sure that they were they are, you know, sending the company in the right direction. This needs to be longterm incentive rather than shortterm for the companies because the shortterm incentives mean theyre going to run from fire to fire and not actually pay down debt for a longlived valuable company. So your description of twitter, theyre mainly focused on the shortterm monetary incentives. Who is going to force them to look at the longterm . Do people need to go to prison . I mean, what do we need to do to get twitter to from what youre telling me, they cannot even identify Foreign Agents in their midst. Yes, maam. And you know, to be blunt, some Foreign Agents probably would be pretty good and difficult to identify, but some were in this case, not, and theyre only to my awareness, identified once theyre brought to them. Theyre not even attempting to. I think Holding People accountable is a good start. I think that is something that people are concerned of, but what you can only hold people accountable if you can measure and quantify what their targets are and what changes need to happen, and if you say, such as what i saw, you know, twitter needs to have a Mature SoftwareSecurity Program or a Security Program. Thats a very ambiguous and qualitative term. So holding accountability and setting quantitative goals and standards that can be measured and audited independently, i believe, is whats going to be required to change management structures and drive changes in companies when its needed such as this. So we dont even have the kind of standards to which we can hold twitter accountable to . Is that right . From what i saw, they were able to be answered in the affirmative without actually meaningfully making the the intent of the regulators was correct, but you could then say, yes, ive done this, hold up an isolated example and allow somebody to assume that that example was at, you know, the whole environment, knowing that well, excuse me, do french regulators have better standards to which to hold twitter accountable to . My understanding is that one of the reasons that the french is more feared, they dig in technically and go towards more quantitative results that are less easy for organizations to sort of word smith around an area of answers. I think thats something we can learn a lesson from. And are you sure that youve discovered twitter compromises its user data long after users closed their accounts. You stated that the accounts are simply deactivated where the data is not fully deleted. At the time of your departure from twitter, was the company was that the companys continuing general practice, that they dont really eliminate the data . Yes, i was told straight out by the chief privacy officer that the ftc had come and asked, does twitter delete user information once they leave the platform and the reason the person told me this, i need you to know this, other regulators are asking us and this ruse is not going to hold up. Instead of deleting, we reply we deactivate the users, because we do not delete the user data and and you would think that this would be something to delete the user. And for the users, to deactivate, isnt there something that technically they could do. This goes to one of the fundamental root problems i mentioned in my opening statement. They would need to know what data it is and where they got it who its attached to. If they did that which should be a fundamental expectation i would have as a user, yes, at that point they could absolutely delete the information. Thank you. Senator graham is recognized for six minutes. Thank you very much for coming to this committee and giving us your insight. Something goodwill come from this. Do you believe that . I hope so, im basically risking my career and reputation and if something good comes from this five, 10 years down the road. Youre willing to take the risk, its that important to you . Yes, ive been doing this for 30 years, and people in the industry know im willing to put it on the line to improve things. Im going to work with my democratic colleagues to make sure its not in vain. Let me ask you a question, do you still use twitter. I still have an account on twitter, i proceed it occasionally, i have not tweeted since i left. Given what you know, would you recommend that all of us continue to use twitter or take a timeout . I think that twitter has a hugely valuable service and shapes no matter what you said today youre okay with the rest of us still tweeting . I think people should look at the information theyre getting off of it differently and i think that people should put pressure on twitter and ask questions from the public as well as from the government and regulators. Youre not asking to shut them down, youre asking them to get better . Absolutely, sir. Okay. Would you buy twitter, given what you know . laughter if you had the money . Well, i guess that depends on the price. [laughter] thats fair enough, but i guess the reason i ask that, you know, for the rest of us, we take what you say seriously, its pretty unnerving. Im going to go ahead and use twitter, but ill use it differently and if nothing good comes out of that, shame on us all. Let me tell you where im heading, theres no way to deal with this without bipartisanship, and im working with Elizabeth Warren, and we have this general understanding among ourselves that the regulatory system regarding social media is not working effectively. Do you agree with that . Based upon what i saw, a lot of things arent working effectively, yes, sir. The federal trade commission, thus the primary regulator for twitter, as far as we know . I do not believe that twitter should have been able to be viewed as in compliance. My point is, do you know when the federal trade commission was founded . No, sir, i do not. 1914, a lot has happened since 1914, world war i , world war ii, social media explosion. And would you say that the regulatory bodies are sort of outgunned here . On big tech, i think theyre absolutely outgunned. Theyre big time outgunned and paying 150 million fine seems to be of little consequence, is that your testimony . In this case, absolutely. Okay. So just imagine what i just said, mr. Chairman, a company doesnt mind paying 150 million if they can get back on doing what theyre doing. So one of the things im trying to do with senator warren and others is create a consequence for these to give them an incentive to do better, dont you think thats where we should be headed . Yes, sir, i do. One thing, do you have a car. Yes, sir, i do. Do you have a drivers license. Yes, sir. If you drive a car you need a license. If you sell real estate. You need a license. If you practice law, you need a license. If youre involved in the securities business you need to get licensed. Is there any licensing requirements to run a social Media Company . Not beyond not to the best of my knowledge. Can you sue a social Media Company if they do you wrong . I do not know. The answer is no. Theyre not licensed, you cant sue them and to be shocked that we have a problem is kind of naive on our part. Here is what i promise to you. Were going to take your testimony, were going to learn from it and create a system more like europe, a Regulatory Environment with teeth, an agency that came about after 1914, with the power to deal with privacy issues, content moderation, if youre going to be in this space, you have to harden your sights against foreign interference. You have to protect your sites against criminality, if somebody takes your content down youll have an appeal process outside the group who did it. Does that sound kind of like where we need to be going . Those sound good to me and i would happen that measurable and transparent, and thank you, sir. Well, were head that had way, with my good friend senator hawley who is going to join the grahamwarren team. Were going to come up with a regulatory system to make sure that people in this space pay better attention, they have consequences if they dont change their behavior, its long past due. Would you say that the companies are talking about are some of the most powerful in the history of the world . I dont know, sir. Well, ill say that. I will say that these Companies Make massive amounts of money, theyre virtually unregulated. Their regulatory body was founded in 1914, theyre completely outgunned and under our law you cant sue them when youre wronged. Having said that theres much value to the companies, facebook, twitter, google, they add value to life, but theres a dark side and were going to address the dark side. So, i will just close with this, your testimony today has legitimized what most of us feel is a process out of control, that the Regulatory Environments insufficient to the task. Its time to up our game in this country. Im not about putting these people out of business, im about making them do business in a normal way, and take their job more seriously. And if Elizabeth Warren and Lindsey Graham can come together around that concept, i think were off to the races as a body. Thank you very much, and what you did today will not be in vain. Thank you very much, sir. If what ive done can contribute to positive change, it will be worth it. Thank you. Thank you, senator graham. Mr. Zatko, thank you for joining us, mudge, thank you for joining us. And id like to ask you in terms of the corporate incentives at the top of the company. Something like pushing patches and security updates to employee devices, cyber hygiene is not easy about you thats a relatively low cost way to mitigate a lot of risk and there is significant risk, reputational risk, financial risk. So, why, based upon your experience working within twitters corporate leadership, would the company not have elected to take that step, to mitigate risk in that relatively low cost way or other steps like that . I didnt see any financial incentives at the top levels that would then give prioritization to such efforts, in fact, i saw incentives counter to that, and combined with a culture where the Company Needs a crisis to operate, and is driven by crises. Those didnt afford time or focus from what i saw to do the basics. And what are the incentives against Something Like patching . So, it was just ill give you an example. One. Things i was surprised while i was there, we did a media day from the executives for the street. It was the first one twitter had done in a very long time, its Ambitious Goals for revenue growth, growth i was concerned the company would not be able to hit. Not too many months after that, there was an internal Value Creation award presented to me offering 10 million if we tripled these growth goals. Growth goals and i raised concerns saying, i dont know how we can do that unless we entirely cut corners everywhere. I do not like this incentive structure. How are we going to be able to devote resources to the basics such as fixing security patching, getting the systems uptodate, building a development and testing environment for all how is the growth incentive hostile to Something Like pushing Software Updates to employee devices . And given that that is a you know, as i understand it, a fundamental security practice, a basic cyber hygiene project, why were you unable to implement a change like that, that sort of baseline hygiene practice where youd want all employee devices to be updated to the latest version . Yes, i brought that up numerous times. I was repeatedly told that, you know, 92 of the systems had Security Software and i kept asking what is the Security Software reporting. It took me a month, plus, to get the truth, that 30 theyd turned off Software Updates. There was a culture of not reporting bad results up, only reporting good results up. Because that was the internal incentive structure. Youre rewarded based upon relationships and how you performed in a in an emergency, not for identifying existing errors and doing the groundwork for keeping lights on running the business. My inability to find such information is disturbing. You couldnt get the authorization, for example, to implement an mdm system or pushing patches out to devices or couldnt work the procksy to make it happen . I had the authorization, i couldnt give i couldnt get the real information because people were misrepresenting to the executive team and the executive team was then further misrepresenting only good news and incorrect news to the board. So, it took me several months to start going and getting truth and finding out this had been a culture only present good and positive reports up and thats how you move forward in the company. Lets talk about the data, much of it no doubt sensitive within twitters possession, and some of the most alarming aspect ever your disclosure and testimony is the extent that twitter may not know what it has. What would be of course, you dont know what you dont know. What would be the example of the kind of data sets that twitter might possess, but not fully understand it possesses . And what would be the mechanism, other than monitoring user activity, by which it could have accumulated such data. Sure, one example i was surprised to see that in an internal incident review in 2020, 50 million twitter employees information had been exposed, and that number confused me because twitter doesnt have 50 million employees. Twitter has all of the information of all past employees, contractors, and other users because they havent deleted that data. Theyve kept that data in that system and those systems when theyre exposed, expose that information. That was surprising to me. Im sorry, what was the second part of your question, sir. No, thats helpful and running low on time. Let me get to the next point and noi some of my colleagues covered it, but the risks associated with targeted advertising, whether for the purpose of inducing targeted users to click on links that could then harvest data about their devices or their web use or their location or possibly inject malware for targeted influence complains. Can you say what you view to be targeted capability of enterprise clients of twitter to target ads and links to specific users . Yeah, so that area wasnt specifically my domain. That was under the executive fails engineering. The parts i believe are relevant were not only the additional report that we talked about earlier with the information operation, but i did see that data sets internally to the organization when i first joined, thousands of users had access to the advertisers information including routing and banking numbers and when i first joined ne they could change the banking numbers, and you could see that of nike or apple might be problematic. And following up with mr. Hawley, and as much detail as possible, what documents, records, with as much specificity as you could muster right now, would you suggest that the congress should seek from twitter to understand the extent of the lax security practices and also what data might have been exfiltrated when and by whom, what the level of National Security risk might be. What should we be seeking from this company so we can assess the level of risk and make policy accordingly . Yes, sir, i believe, submitted 100plus pages in my disclosure with data talking about the data and providing a road map. I would do disservice to the large numbers of sources and locations of the data, but hopefully my lawful disclosures provide that road map. And well do the followup, thank you for your testimony. Senator hawley, six minutes. Thank you for being here, thanks for your testimony. I want to make sure i get this straight youve stated toed and in your report, 4,000 twitter employees are classified as engineers, is that right . Yes, sir. At the time half of the employees, i believe, there were 7,000 plus fulltime employees. Got it. And that means that these 4,000ish employees would have had access to live user data all over twitter and access personal information including their live data, have i got that right . Yes, sir, they would have access to the production environment if they spent the time to meander around and look around and so the large troves of data. Did you testify early i know that twitter has ip locations and they use geo Location Services based on ip addresses. Wow, 4,000 employees with access to that data. Thats extraordinary. So, those employees would be in a position then if they wanted to to get this information and docs twitter users. Thats a concern of mine. Wow, thats a significant concern, 4,000 people with the ability to doc individual users who pick up the phone and use twitter. Thats extraordinary. Have you ever seen it happen . I have seen numerous situations where twitter engineers had to patch a problem and i said what was the problem and they said, oh, engineers can tweet as anybody, the data was exposed in that part and reactionary in finding these wounds left and right and putting bandaids on them because the systemic underlying problems were not addressed the broad too much information in too many twitter. When you say that twitter engineers could tweet as anybody, tell me what that means. That meant that the twitter engineer, understanding how the running systems and the data flows were operating, could nen access and inject or put forward information as, as i mentioned in my oral statement, as any of the senators sitting here today. And have you ever seen that happen . Not with the no, not directly. Not directly. Are you concerned its happened . Do you have some reason to believe its happened . The number of cases that were reported to me by individual engineers, saying, hey, we found this and try and have somebody fix this, where that was the exact problem and we wouldnt know if it happened in the past, yes, im concerned. Wow, i think thats pretty significant testimony. Let me make sure that i understand, also, just this point. A Facebook Whistleblower came forward a couple of years ago now, came to me into my office and told at facebook they at least had policies on the books that restricted back End Developers from using or from accessing user data. Now, whether or not those policies were ever followed who really knows. Is it your testimony to me that twitter had no similar policies in place that would have restricted these 4,000 engineers from accessing user data in this way. Not technical enforcement, technical policies that enforced. I did see basic policies such as hey, youre not supposed to access inappropriate systems, but i also saw policies saying that your work, laptops, should only run in the following setups and i was aware that i dont believe that any of the laptops were on those policies. None of the laptops. Based on the policies that i read that any of the laptops in compliance with that. Zero in compliance with the policy, thats extraordinary. Let me ask you about this, that same Facebook Whistleblower told us a couple of years ago now, that twitters content moderation staff routinely collaborated with content moderators at facebook and google. Is that true to your knowledge . Do you have any information to that . That would be in a team under counsel and i wouldnt have firsthand knowledge of that. And are you aware of any twitter policies that would have prohibited coordination and content moderation between facebook, google and twitter . Not to the best of my knowledge, im not aware. So its imminently possible is what youre saying . Yes, sir. Let me ask you about this, are you aware of any communications regarding content moderation with twitter staff and the United States government in your time at the company . Im familiar of the conversations that happened through the department of Homeland Security, the traffic light protocol, whether a message is sent out to organizations about threats that maybe the fbi or other organizations had insight into. So, earlier this year, documents that we obtained from a different whistleblower at the department of Homeland Security exposed that the disinformation board that the department of Homeland Security set up that first on the disinformation boards list of companies to meet with, was twitter. And they had an extensive memo, which by the way is Public Information now, weve released it, you can go and look at it, that they had a memo prepared with notes for this meeting for twitter, talking about cooperation, and content moderation, and frankly, in monitoring americans speech and now we know that thousands of twitter employees have access to this. This was all in the documents. I guess my question to you and i know you werent in those meetings, but why do you suppose that the disinformation board had twitter first on the list as entities to come to talk about coordinating, mon moderating american speech . I can say that twitter is tremendous platform and operations run on twitter. Do you think that twitter has proved so pliant to government censorship and monitoring people and im thinking of the hunter biden story and we now know that twitter killed the hunter biden reporting and mark zuck burg pushed facebook to do so, and throttled it down and twitter locked up accounts trying to report what we now know is a true story and by your own report, twitter ceo proposed caving to the russian governments command to spy on users and this occurred as you were preparing twitter employees to prepare for the russian invasion of ukraine. That sounds like a company thats pliant to governments to weaponize the platform and spy on users. Whats your view . I wasnt there when the hunter biden issue happened and i dont have any information on that. I wasnt briefed into it or involved in any investigations. The ceo was the cto at the time when he proposed to me that, hey, what do you think about, why dont we just let russia perform their own moderation, theyre a democracy, why should we why shouldnt we let them do it . I didnt know what to think at the time and then, sir, i was a little flabbergasted. I know what to think, that twitter has been all too eager to take private information from its users without telling them, to sell it and monetize it without their permission, to expose them to the worst kind of security threats, to censor them, to spy on them. Youve painted a picture in many ways not only out of control, but a malign actor. Thank you. Thank you, senator hawley. Thank you for appearing before the committee today. The hearing record will remain open for one week for submission of materials for the record. With that this hearing is adjourned. [inaudible conversations] [inaudible conversations] cspan now is a free mobile app featuring your unfiltered view of whats happening in washington, live and on demand. Keep up with the days biggest events with live streams of floor proceedings with hearings from the u. S. Congress, white house events, the courts, campaigns and more from the world of politics, all at your fingertips. You can also stay current with the latest episodes of washington journal and find scheduling information for cspans tv network and cspan radio, plus a variety of compelling podcasts. Its available now at the apple store and google play downloaded free today. Cspan your front row seat to washington, anytime, anywhere. The senates coming in for more work on president bidens judicial nominations. Two votes planned at 11 30 a. M. Eastern. One on whether to confirm to the 1st Circuit Court of appeals and another on advancing the nomination of a judge to be 2nd Circuit Court. And later, a shortterm spending bill to fund the government past september 30th. Senator Chuck Schumer says hell bring a bill on samesex marriage. Will lead the senate in prayer. The chaplain let us pray. Almighty god, lord of hosts, we praise you for choosing to make yourself known to us in the unfolding of your loving providence. Our hearts expand with joy because of your presence. Empower us to keep our minds steadfastly