Drawn. There two different private sector models. The model that has been2g endod by the president and the subject of Congress SaidTelephone Companies will continue to keep the meta data as their own Business Records and they will be approved fromyl7 obtaining t from the Telephone Companies. There was an alternative proposed that its important to understand what the program was essentially was with them inquiries of it based on reasonable suspicion that they were associated with terrorism. What they are moving towards now is making that query of the Telephone Companies. The intermediate model was lets give the bulk meta data to a third party who would hold it and have the government have the ability to sending the queries. I dont think there was any substantial support for that both because it creates a new security program. You know how it held with somebody else and it didnt seem to provide substantial privacy protections. Lets open it up now for questions from the audience so we will have plenty of time to allow each of you to ask anything you might want to ask on any of the subjects we n any of the subjects we i just wanted to poke the bear a little bit and challenge that line of use. For restricting the use of data and where that line is drawn. What would be your response to the challenge that you really cant its not really voluntary for an individual to provide meta data to a telephone f]mito62 i f qj because whats reasonable depends on what the law is and what the rules are. We moved from the model to this new reasonable expectation of privacy. It may be time and im not smart enough now to think of what the new regime would be. Privacy that doesnt rely on the expectation of privacy. If you are rejecting the third party doctrine, you are allowing people to expand the scope of your home. They can use the tools to get rid of the doctrine. It is not necessarily the consent question, but the wealth of information that is provided. The court was looking at discreet records and telephone calls made. There was not a sense that everything we do is in some ways can be recorded by a third party. Thats where i think its relevant recognizing the wealth of Information Available and that information is provided to a vird party. Even though it was not specifically about a third party issue, the reilly case puts pressure on them and my view is it should force the court and others to think about drawing lines. I was interested to hear the panels thoughts on the use side as well as adequacy of safe quarters and efficacy this was something we had to deal with. This was to facilitate information sharing among the agencies. Basically with respect to signals intelligence, you can share products within the Intelligence Community according to the rules that govern the intelligence products. They were working on a set of rules to allow they are subject to the rules that govern that agency. The protections follow the data. As i said earlier, there is no indication that the rules had been ineffective. I think what the argument has been is people think the law shouldnt allow what the law does allow. Not that we dont have effective controls to enforce the law as it currently exists. It it were to go away completely, would that mean that local police would have to get pens which i dont think they have to do. As a 30 party doctrine, there is a host of others that may takes it place. There is a special needs doctrine that said if the government is engaging in nonlaw enforcement collection, different rules apply and you dont necessarily need suspicions to engage in other activities. There is the possibility of the special needs doctrine that would expand to cover other activities that are taking place. There is a possibility of that. There is a host of other doctrines that may takes it place. That would require them to have an articulation of what the governments purpose was balanced against an evaluation. That doesnt happen when you invoke that. If they found interest in the movements with the arguments that scalia tried to look down the road and foresee some of those unintended consequences, would that mean that would they have to get a warrant if they did it for a month. That was deemed to be you dont have injuries and a privacy interest in that. There concurrences that suggest how easy Technology Made surveillance. Scalia awe the problem, but a lot of cars have data and we collected about the feed of where that car was going. They would have similar issues they had with the meta data. There will be a change. It wont be overruled. Penn registers will be penn registers. There might be limits or recasting largely because these are older doctrines and a lot of consequences from repealing it. The National Security council with the project here in d. C. The government would be in a special advocate president with the private and Civil Liberties interest. I think the president supports the idea of a special advocate and that comports the fisa Court Processes continuing to work whether they change in any respect as a result will remain to be seen. There is a few within the branch that a special advocate construct will not unduly impede the operation of the court. Do we have time here that the other panel did. I have on the tip of my tongue. I have thoughts on the classification and how that affects the debate between the privacy and security. Can you explain what you mean . I forget who actually said it. When you classify everything, you protect nothing. Im curious to see once the information is collected, how is that categorized and how does that affect the argument between being able to achieve both privacy and security concerns . The classification is an independent concept from collection. An executive order of when you classify information and it depends upon the impact of National Security. Obviously the more highly classified information is and the more its protected and the more you can share and make use of it. The classification is a problem. I think for a variety of reasons, there a number of reasons there incentives to classify rather than not classify. It does not affect any desire to cover up problems. Its a series of bureaucratic incentives that push people to classify things. I guess the protections for privacy that exist are a different category from classified information. I think over the last year since the Edward Snowden disclosure first came out, its that there is a problem and a challenge i should say between the transparency you need to describe what it is you are doing and ways to make the American People feel good versus your concern about protecting how you do things. If you are too transparent, the bad guys know how to hide. If you are not, the parade will come up in peoples minds about how you are acting and can take over and prove tell us. I was there for part of it. A move by many was in the Intelligence Community to try to increase the amount of transparenty about what that community does. Thats running against the culture. There security reasons you dont blab about what you do. The lessons in two years are to a much greater extent than in the past, the Intelligence Community would benefit about what its doing and why. Thats easy to say and hard to do. Do any of the panelers have comments on the usa freedom act that is pending in congress and the differences between the house and the Senate Version of the bill . One of the questions related to the prostlagz is not in the house bill, but the senate bill regarding special advocate to be present before the court . There was a provision in the house bill that is different in the senate bill. The house bill also had its not and there differences, but the concept is the same. So bob is speaking and expressing a preference for the senate bill . No. I would not favor one house over another. I think that either of the two there probably will be in the near future9jr7y a statemenm the administration about what the view is on the legislation. I will probably let that come. I wanted to go back to the question raised about ane issu that we havent have with the interconnectedness of databases. Just as one example that is not from the surveillance context, the nofly list. There was a recent ruling out of california in which there was a woman placed on the nofly list by mistake. The box that was checked, the wrong box was checked. According to the courts review, that was discovered after that and it took time before the relevant databases, all the information was cleared from the databases. Thats one of the underlying concerns and issues that motivates some of this debate and discomfort among the the people about collection and about the sufficiency of even the best use protocols with the best instances of mistake and the consequences for real people. In the fisa context, we actually have very stringent and effective rules in that regard. For example, under one particular provision of fisa, we are not allowed to target either the u. S. Concerns or persons who are located within the united states. Sometimes it happens that we think somebody is not a u. S. Person and we discover oh, my gosh, this person has a green card. We didnt know that before. You have to report it to the fisa court and durnlg downstream reporting. All of this is overseen within the government and reported to the court and reported in summary fashion each year to congress. It is possible to get rules and procedures that do protect against these mistakes. I want to thank our panel for sharing their thoughts and wisdom and thanks to the audience for participation. I understand we now are going to break for lunch and bring our lunch back here. Be ready for the next presentation. Thank you very much. In the next panel with the security forum, the director of George Washington universitys Homeland Security policy institute talks about the status of current and emerging Homeland Security threats around the globe. Ladies and gentlemen, im going to get us back under way. Many of you are finishing your lunch. Please continue and we hope that people in the hall way can rejoin us. Be as quiet as you can. Let me reconvene our program at 1 10. We are fortunate to have the next speaker as the post lunch speaker to discuss current and emerging threats to meet the challenge. One only has to read the newspaper or watch television to appreciate how important this support has become again. Americas memory is short, but hopefully people that work with the director and the homeless institute have long memories at the George Washington university where the tell us institute is located. Frank is the speaker and frank is the associate Vice President at the George Washington university. Im sure he is a leader in many other regards with George Washington. Frank is routinely called upon to advice senior officials and the executive branch of u. S. Armed services on a variety of national Homeland Security issues. No one has a Broader Vision of Homeland Security i remember frank from the early days of Homeland Security and he was one of the closest advisers to secretary tom ridge as the department was being stood up. He served in office at the white house called the office of Homeland Security which was a really small shop. It grew into a 40 billion enterprise. Before the white house was involved, literally i could go on and on about his background and resume, but let me now introduce the next speaker. Frank . Thank you for that overly kind introduction. If i were to introduce myself, it would be a bumper sticker. He who displays varying degrees of ignorance. The environment we are facing today plays to one of my strengths. To a add. If you were to close your eyes and have a map in front of you and point to any place on the map, in all likelihood you are going to fall into a bullseye of a crisis that we are facing right now. Im going to spare the lawyer joke. I can tell you one thing. I like lawyers behind me to be in front of all of you. Thats threatening, but i have the greatest respect and association for what the Bar Association does and what joe does and jim turner and what all of you do to advance the security. Many others. We have done great work and you continue to do great work. Our country needs it. What i thought i would do, close your eyes and point to anywhere on the map. Whether its the ukraine or crimea or pyongyang or whether its whats unfolding in syria and iraq, whether its where you see vaflt, vast territory under the control of islamists and foreign terrorist organizations. Whether its the Ebola Outbreak in africa and whether its cyber threats. The reality is unfolding and feels like its unfolding quicker, faster and more dangerously than ever before. I dont know if you had an opportunity to read general flynns interview, it is well worth taking five minutes to read his views. It is the head of the Defense Intelligence agency and the take away. I ask to you read it. This is one of the most dangerous times in his lifetime in terms of an era and threats and compared it perhaps to World War Two where you had the most evil manifestations of what humanity has seen. It is worth looking at. Accelerating all this is the speed and the connection of technology. Whether its social media. If you see how effective social media has been for the adversaries to recruit individuals, look in syria and iraq. You have a surge. You have 13,000 foreign fighters joining the ranks of organizations in the area. These are big numbers. When you are talking about foreign fighter, at least 3,000 of which are westerners. That adds a new level of concern. These are individuals and they speak our language and they know the targets and know everything about us. Many of these people return. Perhaps we dont feel the full effect of what it means right now, but years from now, i think you will see it manifest if dangerous sores of ways. If you look at the environment and try to understand that terrorism environment, it does come in various shapes, sizes and forms. How effective of they . They have been eclipsed. That is the wrong set of questions. Its a conflation of many, Many Organizations that are going in an out source model and they are open source where they are working with, between, and among. They are seeing conflict zones. You cant fully straight them from al qaeda and what you are seeing unfold in syria and iraq. You are starting to see individuals who are being talent spotted who can be turned around. Sent back to the homelands because of the familiarity and because of their recognition of the region. We did a major study in 2007 i want to say. Maybe 2008 or 2009. Army exactly. Look looking at the trends and trajectories, at that time we started looking at that largely because of one particular case. Does anyone here remember that case . This was a naturalized american who went to afghanistan. His intend was to fight alongside taliban. He was intercepted and curned around and said you are a much greater value. He was behind the spot. A sinister plot to suicide and homicide bombings on the new york subway. This was the time our country was blinking really red. He got further along than any of us feel comfortable with. In part because we didnt have the sink ronization and integration we strive for in federal, state, and law enforcement. They materialized in denver and made it to new york. They were looking for the holes. We did analysis on this. The simple take away is they are nothing new if you go back to afghanistan. The first fight with the soviets, there were a number of westerners fighting alongside threats in that region as well. The numbers are growing in terms of scale and the speed is quicker and the demographic is changing and many are coming back to the west. When you look at even the al qaeda threat, i think everyone would have liked to say dingdong the witch is dead and lets worry about all of our challenges that are facing our country. Our Economic Situation and Everything Else we struggle with on a daily basis. The reality is the threat was not dead. I think part of that is getting to the recognition and understanding that its not about networks or organizations alone, but the ideology. To paraphrase bill clinton, its the economy and its the ideology stoop. Its propelling the organization and fueling the organizations and quicker and faster and resonates with the percentage of people around the world. I think that should warrant a lot of concern. We need to continue to push the envelope, but we need to recognize that until we address the ideological underpinnings of the threat, we will have tactics with the strategy. We will have to under mine and help facilitate and attacking it. That is being filled today. Why africa. These are un and under governed spaces. They are afforded the time and ability to maneuver and plot attacks. I think one of the challenging issues we have tried to address, taking drones. Probably not a good topic in front of a bunch of lawyers, but i would rather the enemies look over the shoulders than giving them more time to plot, execute and maneuver and recruit and engage in terrorist activity. Is it the panacea . Absolutely not. Is it an important instrument . Yes, but it has to be coupled and combined with other,o];q2z instruments that we are not that comfortable as a country or a world. Thats something we need to worry about. Isis. If you look at the tragic, tragic news in recent days in terms of the beheading of an american, this is part of their narrative. The narrative is to say we should be afraid and continue to engage in this sort of activity. I would va advice no one to watch that video. In a way we are giving them the oxygen they look for and seek for to be able to fulfill those objectives. That said, we cant ignore this particular issue. I hate to say it, we will see more along these lines. This is what zarqawi was doing. He was terrorist number in iraq. He ran al qaeda . Iraq. He killed a number of wedding goers and family members. That was a lot of besidings and videos and ultimately it didnt sell in the way he was looking for it. It did for a small percentage, but not overall. They were sending notes suggesting that this is too violent. We are never going to be able to win the socalled hearts and minds they were trying to in their obscure and twisted kind of way. Im not sure that has staying power. The cycle is so fast now. They are looking for look at them. If you are to believe what you see, you have 500 brits fighting alongside isis and other terrorist organizations in both iraq and syria. They got up to 100 americans fighting alongside. The thing you have to realize is terrorism is a small numbers business. We cant afford a small member of incidents because it has catastrophic impact. Especially in terms of threats to the homeland. Even the foreign fighter issue aside, if you look at isis, its arguably the most funded terrorist organization in history. They robbed banks and have oil fields. Someone is buying this. I hope thats where we squeeze that. They have a sense of momentum. Most importantly they have safe haven. They turn the cannons away in terms of the threat there looking here. Unless we can ramp up the activity. Thats why i support air strikes right now. I dont see better alternatives. The threat level had dropped. Right now i think thats not to suggest we dont have more capabilities, but in terms of intent and numbers, we have to take it incredibly seriously. In terms of the actual Counter Terrorism state craft tools we need to bring to bear, it is about addressing the narrative. There great programs that people are not aware of at state department. The other entities or forwardleaning in terms of pushing back. Even using humor to defeat the resonance of the adversarys message. I think we need to do a lot more. In terms of other safe hachs, obviously mali is that warrants great concern for a lot of folks. The french deserve a lot of credit for how they i never thought i would say viva la france in a National Security sense. Even in a Counter Terrorism standpoint they got in front of what was going to be a much greater threat in terms of immedia immediacy. That doesnt last forever. How do we start addressing the issues . Nigeria, this is one of the most gruesome organizations and most brutal and barbaric in terms of iraq. You want to turn off the and stop reading your twitter feeds. You want to stop reading the newspapers. It is a gruesome organization. You have people being killed eye regular basis. You are seeing vicious ied campaigns in the region. You are seeing swaths of girls and now boys being kidnapped, for what . For try to be human. For trying to be part of society. Im not sure to get our arms around that, but we have to build it up because we cant do it all. Boots on the ground should be the last option we ever have in the places. Light footprints, yes. Heavy footprints, not so much. That plays to the enemys narrative and quite honestly as much as we can deal with Counter Terrorism, we will never kill and capture our victory alone. It has to be followed up with the solutions and the like. There has been good news, but im not sure its beginning to fade. Here you also have a very vicious terrorist organization that can easily and the community that has been least integrated. And we are not out of the woods there either. That would have been the most dangerous. And we have a lot to worry about overseas. What is new is old and new is old. Russia is back. We need to start thinking about what all of that means a when started to work the issues in the 90s, we were worried about state sponsored terrorism. Its back. Whether its ha mazz or hezbollah or awe tonnuous organizations or whether its russia in terms of what you are seeing providing some plausible deniability using theirs, thats how they attack through cyber means and starting to see it now through physical means. Thats why they have greater concerns. They have nukes and lots of them. Those can be Game Changers. They have to be careful in terms of how we engage the issues. As brutal and gruesome as terrorism is, when you are dealing with a nuclear threat, that can be a game changer quickly. Obviously you have biodefense issues. That perhaps if i were to look at from an instrumentality perspective, the area we have done the least amount of work that we ought to do more. Whether it is natural outbreaks and disease or whether its Foreign Terrorists or nation states engaging in warfare agents. These are the gifts that keep giving and the things that can be Game Changers and Tipping Point types of threats. We need to be cognizant of. We have a homegrown threat. That comes in various stripes and forms. I think here we are going to be traveling overseas. They are going to stay off the screams and still be significant and real threats. A long winded way of saying he aint out of the woods, but i think there is potential for optimism here. A lot of this is coming at a time where Americans Trust in government is at an all time low so we have to engage in the instrumentalities and maintain that balance because we dont want to tip it too far, but at the same time we need to acknowledge and not wish threats away. This is possibling up most of my time, we are at a very early stage in recognizing the threat and what it means. We are not going to defeat cyber. Wing going to use cyber to achieve objectives. Whether its on the radicalization side or Computer Network exploit. If you are using that as a weapon to be able to attack. We are not seeing it out of the field idea. Its a more sophisticated attacking and a Computer Network exploi exploits. We have to get a little more clarity in terms of what we mean or most concerned about. If we were to rack at the top of the list, it would be the russias and the chinas. By and large, their intent unless escalating in this situation is not to take down an attack system unless they are threatened. Something happens in the gulf, maybe that will trigger something. Maybe that will force the russians to it matters. Those are the jobs. Thats the intellectual property and the imagine that keeps america Going Forward and it is vulnerable and susceptible and stolen at huge amounts like that. If you are in the chinese minds, what would deter you from not . If you look at the post discussion, all of this moral equivalency. You engage. Im shocked there is gambling going on. We are not engaging to support apple or ibm or ford or any american company. The difference is there you have National Assets and resources being engaged and used to benefit companies. Thats an unfair Playing Field. Thats not a Playing Field anyone should want to play on because then it gets to the very core of who we are of who america is as a country. To me thats a market place issue that needs to be addressed. I am optimistic we can get to those solutions. Take the russians and the chinese. Are they going to continue to look to space and the internet of things . I cant separate what is physical and cyber anymore. They are one in the same. But who are the countries we need to be worried about from a National Security immediate perspective and attack perspective. Thats iran. Thats north korea. What they can engage, they can try to engage through cyber means and quite honestly they are. They are attempting and doing the equivalent of intelligence on the battlefield and even a company like city or bank of america, they were not built to defend against the states, we cant separate what is the government and the private5 j sector. If i were to tell you who am i most concerned with, it would probably be the government of iran through proxies like hezbollah or other proxies they are using. The russians are doing this every day. And it does provide that plausibility deniability. The smoking key bores are hard to find. I dont know who is behind that keyboard at the time. We are getting better, but by no means 100 . Finally you are starting to see. Criminal enterprises with capabilities that used to be in the hands of governments alone. These are largely russianspeaking criminal enterprises. I mean, just look at the target hack. Thats what youre seeing, thats what youre read iing. If you think thats the only thing going on right now, im glad it opens up peoples eyes and puts some ownership in executives to address the issue, but they are the ones that got caught. If you think they are alone, think again. The reality is that those that have been hacked are those that are to be hacked and those that arent aware that they have been hacked. So to me when youre starting to look at some of the corporate priorities and some of the business challenges and executives, cybers at the top of the list Going Forward. If youre looking at it from a National Security standpoint, yes, from a foreign counterintelligence cyber is high, but you need to be concerned about those engaged. Bottom line is we need to use a little more claire uty and precision when we talk about cyberer. And right now if you were to pick up a newspaper, you wouldnt be able to do that. Are there going to be cyber drive by shooters, absolutely. Are they going to cause harm, yes. But its not the same as a foreign nation engaging in an attack. Will foreign terrorist organizations turn to cyber . They are trying. Im still more worried about kinetic attacks because that fuels their recruiting that has visuals. But are they going to engage in cyber, absolutely. And if i were to have to take worst case scenarios, its the convergence of physical and cyber. Its a multiplier to a kinetic attack. Thats what we need to be worrying about Going Forward. All that said and done, i really dont mean i think i know it was yogi bah ra who said it was the future the end of the cold war, threat forecasting is made astroll ji look credible. To shape it. And i feel like were in react mode. Were tired. Were reacting to crises everywhere. We need to be in the business of shaping the environment and, yes, im a proud american to our national interest. And then do so in a way thats collectively beneficial for society. Ill leave it at that. I spoke way too long. I want to engage in any sorts of questions, but thank you. [ applause ] do you have any questions . When you were. Talking about france having citizens and Great Britain having citizens and the french going into mali, can we count on our western allies at all to come in and help us . My big concern is the land grab going on. Now theres a home base. Thats a questigreat questio. I will tell you when it comes to the five is, theres no sunlight. Yes, we can count on them. Do they have the capacity and capability is another question. I do think that they have a lot of capability and they are one of our closest allies and if they have something they will provide it. Quite honestly the brits are probably upset with all the leaks. It stymied some of their capabilities. In terms of the french, thats a complex because as happy as i was in terms of what i saw in mali, and by the way, they went against all indigenous polls, there was less than 20 support at the time of french engage me ment. He went against the polls of his own country. That said they are still selling stuff to the russians. Is that state sponsored terrorism taking out civilian airlines . I dont know, good question. Im not very happy in terms of what we are seeing. Who is buying this oil . That should be the sets of questions we need to be asking. Once you dry up some of their funding well, obviously, you minimize their ability to project power and deploy forces in the same kind of way were seeing right now. So when you start looking at our allies on counterterrorism issues, i think u. S. france has been a strong partnership. Perfect, no, but the politics of it all doesnt really affect the ops. It doesnt affect the relationships on the ground where it matters. Because we both have great interests to address these issues. But it was also a frenchman that came back and shot up people at a jewish museum. I mean, that was the first indicator that you have foreign fighters coming back and engaging in terrorist activity. So i am very concerned if you look at the numbers of brits that are fighting overseas. Even before isis, you saw a number of brits from Southeast Asia joining up with al qaeda and the arabian e peninsula, which kind of confused me. The way the brits security folks would explain it was they knew the authorities were on to them if they kept traveling it to pakistan. They go there and come back and have the same street creds to their audiences. We have to make this stuff not cool. Its gruesome. Its awful. People die u. Yet theres this cool factor thats triggering some of this in their twisted little world. So bottom line is with the brits, i have every bit of confidence what they can do, they will bring to the fight. They have actually been other than russia, i would like to see them get a little stronger. But i think they have been a good partner. In terms of counterterrorism issue, im optimistic that our relationship with france is strong. Now the question is can we get our arms all around this. The belgiums there are fighter. Are they a friend, absolutely. But do they have the capacity to get their arms around this. And lets be serious. Us, do we know everyone who has gone overseas . Did we know the numbers until we started seeing some of them on the battlefields . Probably not. Okay, thank you. Thanks, frank, for an excellent presentation. Basically two questions. First has to do with the efficacy of counterterrorism measures. Or the preeminence of the lack of adequate measures against that. Thats one question. Whats your state on the efficacy of implementation. Secondly, a post nato withdraw in afghanistan, what threats do you see to our allies as well as the homeland. Those are great questions. I apologize i didnt bring up afghanistan. Lets not make the same mistakes were seeing right now in iraq. Thats a longer set of questions. And im not making a political decision on whether or not we should have huge boots on the ground, but there are measures short of that that can be taken, must be taken and we cant take our eye off that ball. That vacuum can be filled really fast. And by the way, i also neglected to discuss when i mentioned the fata region, many others, these are the bads of the bads. And if theres one sense of optimism its that they are looking a little bit over their shoulder. If they stop looking over their shoulder, they are going to be using that time unfortunately not to our best interest. So in terms of and your first question was on the financial side. You know this better than. I do because i think you teach a course looking at some of the financerelated issues, but its not just countries. It is individuals. And when we can get the precision to be able to address those matters, they are effective. You do have individuals that are fueling some of this. Some of them in socalled allied countries so i am concerned about some of that. But in the isis situation, they dont need that. Thats what makes it that much more frightening. Theyve got the oil. Thats very different than what we have seen in the recent past in the past decade of socalled long war. We havent had a very wealthy, open ability to maneuver in daylight organization. You have that there. Its well financed on their own. Its well armed. They took the technology. They took the weaponry. Its heavily armed. Unfortunately, they have a lot of Training Experience based on their activity. So they are heartened. And they are adaptive. We tend to think that they dont learn. The reality is they do learn. And they become more resilient and adaptive based on recent history. Thats something we always need to stay ahead of the curve. I think thats all instruments of stay craft. Thanks a lot. [ applause ] coming up in an hour, the House Rules Committee will meet to take up two bills before they hit the house floor. One would restrict the epas attempt to define which waters it regulates under the clean another condemns president obama for not giving Congress Advanced notice of the bergdahl taliban prisoner exchange. Well bring you that meeting of the rules Committee Live at 5 00 p. M. Eastern here on cspan 3. Sglrvelgs now a look at the Homeland Securitys where an antiterrorism standards. Discuss issues arising in the securityfocused regulation under those chemical facilities that are deemed to be at the highest risk of terrorist attack or exploitation. Before i get going, i want to apologize if my speech is difficult to understand or slurred at points. Interesting thing happened it to me a few weeks ago when i traveled to the discussions on chemical security, i got on the plane with a sinus in. Fection and got off with a facial nerve paralysis that is temporary. So theres a bit of mumbling, not much blinking or smiling, at least on this side of the face. But note i am smiling on the inside. Especially talking about the program and that is exactly what we are here to discuss today. We are here at a very exciting time in the history of the program. We have working with our stake holders made significant forward progress having gone from not having approved a single facility site security plan or ssp as of security plans having granted final approval to more than 1,000 of those plans and conducted 1,500 inspections at the facilities. Congress taking note of this forward progress is now considering longterm authorization of the program, which would go farther towards providing a stable platform for continued success while affording our industry stake holders the certainty they deserve as they contemplate making investments. We published an advanced notice of rule making. Developing the next generation of the regulation. So both longterm authorization and maturation are sited in report to the president outlining the path forward for implementation of executive order 13650 on improving chemical safety and security. The title of that report was a shared commitment and as with all things related to chemical security, implementation of the program has taken by in and effort across a numb of different communities. As my boss noted in this mornings keynote address, security is not something we can achieve through option at dhs. This is very true. A great deal of work across an array of groups has gone into fos fering the success of security plans to Industry Associations and attorneys who have helped us to spread the word about the program and to identify potentially regulated entities to members of congress and Congressional Staff which who have championed authorization of the program. Im delighted to be joined by pan panelists who will provide thoughts and perspectives on the program from each of o these perspectives. First, we have todd clesman, starting closest to me. One of the true pioneers in development of cfats program. Todd serves as the Technical Authority on the regulation and on the secure handling of Ammonium Nitrate act and responsible for providing advice and counsel in my role as director of the office. Todd including as the branch chief and as acting deputy director. Todd has been working on chemical Security Issues since april of 2004. During that time todd has served as a member of the original chemical Security Task force tasked with developing the cfats program. The First National strategy for securing the chemical sector. Next to todd, we have elizabeth oneill, who is the senior manager of Government Relations at Chemical Manufacturers. She has responsibility for the chemical security and chemical security fort foal ya. She works on a variety of safety and Security Issues include iin the chemical program. She represents the chemical sector and chair of the working group for the implementation of the summit which just occurred last month and that is a tremendous event annually if you have the opportunity to be there and many of you have been at that event. She previously managed Government Relations at the National Association of chemical house and senate. She holds a masters of public affairs. Todd also as well as law school. The university of michigan law school. Elizabeth has played a huge role in advancing the cfats program on ideas for new tools to help prepare forn authorization inspections, a product titled what to expect when were inspecting. So just another plug for cfatsrelated products. Next we have joan ohara, who is the acting General Council for Homeland Security. Joan joined the security as council in august 20111 providing legal analysis and advice on numerous questions involving domestic and International Law with a special emphasis on civil rights and privacy issues. In december of 2012 joan was promoted to deputy chief council in june of this year. As acting General Council she helps to overdee the implementation of the legislative agenda and lead attorney for cfats. She also advises mike mccall on all homeland. Securityrelated issues. Prior to becoming a lawyer, joan spent more than a decade in professional athletics. She was a resident athlete at the u. S. Olympic Training Center in san diego where she was a scholar training with the rowing team and became the u. S. National champion in the single and quadruple skulls. She began her career as a coach. She was head coach at Wesley College leading them to a championship bid and Number One National ranking. And head coach at san diego where she was named west coast conference coach of the year. Joan was born and raised on long island, new york. She holds a masters degree from San Diego State university as well as a bachelors in art history from loyola college. Joan really has been the driving force behind the push to get cfats authorized on a longterm basis, something that will be hugely important as we continue to move the program forward. Finally, we have evan wolf, no relation, but evan is a partner in washington, d. C. Office where e he helps lead the privacy and Cyber Security practice. It focuses on privacy and Data Security including regulatory compliance, safety act, Corporate International investigations, Corporate Compliance in government nance Cyber Security and environmental audits. He has significant experience in the area of Infrastructure Protection prior to entering private practice, he serves as an adviser and was involved in the development of dhs. Previously he held the position of Homeland Security project analyst to the mooider corporation. Evan serves on the external advisory board, the National Security task force and is involved with the aba and is the cochair of the Homeland SecurityLaw Institute and Senior Adviser to the committee on law and National Security. So evan has in past years organized this panel and graciously invited me to sit on the panel. Somehow this year hes managed to trick me into moderating. Well see if he pulls that off again next year. In 2011 evan was invited to serve as member of the aspen institutes Homeland Security group and he serves as the senior negotiate for Homeland Security countertism program. At the center for strategic and international studies. So without further delay, im going to turn this over to our esteemed panelists for their remarks going in order starting with todd. Thank you very much, dave. As the first person with the joy of speaking about cfats today, i thought i would give some background on how the program works. I recognize a handful of faces out there so this is going to be redundant for those who are almost as well verse d as the panelists r but i want to make sure everyone els what were talking about as a program before e we look at our future priorities. As dave mentioned earlier, this is our Regulatory Program for the department focused on security at high risk chemical facilities. When the department was given this authority, one of the things we decided to do was rather than try to define a chemical facility, we wanted to look at the chemicals that present the risks at these facilities. We started instead of defining that term by developing a list of 325 chemicals, which if presented in certain quantities could cause risks either through off site e release itself or theft and diversion and used elsewhere in the communities. Any facility that possesses an amount of these 325 amount of interest is required to submit information through an online assessment. Now the top screen is a fairly simple online tool asking for basic facility information. Typically things like the name, the owner of the facility, where its located and most importantly what chemicals of interest it has on site and what quantities and depending on the material how thats stored or where thats stored. Based on this information, they are able to make a quick determination whether that is likely to present a higher risk. Because were focused on the chemicals and not the type of facility, the community is broader that what folks think of chemical facilities. It includes not only manufacturers, warehouses and distributors, but also things like colleges and universities and hospitals. So part of our challenge has been reach iing that broader audience. Now for those facilities who are initially determined to be high risk based on that information, they will receive notification that you are a high risk facility and e we ask those facilities to submit an assessment. These are resource intensive, provide more information about the facility, the materials it has on site, how it uses it in process, some information about potential vulnerabilities and mitigating measures and well use this to make a final determination regarding whether that facility is high risk. If either from the top screen assessment, we make a determination that a facility is not high risk. It will receive notification it is not part of the program and done its obligations unless it makes a modification or change to its holdings and thus we ask it to provide updated information to e reassess the risk. For those facilities determined to be high risk, they are the lucky ones who get to do a site security plan and submit that to the department and implement the plan once its approved. The process that is used as we have developed a group of 18 riskbased performance standards, which cover all aspects of security. They look at some of the more fundamental principles such as Cyber Security, personal security and also the administrative aspects of security such as training, recordkeeping, organizational structure. But because its performance based, the facility has to propose how its going to meet these standards. You wont see anything saying you have to have a tenfoot fence with barbed wire. In essence the facility can build off of what it has already done. It has the choice of the specific risks associated with the facility. They will submit the plan to the department where it will be reviewed. We issue a letter of authorization. Following the letter of authorization, well send a teem of inspectors. We have 100 inspectors throughout the country. They will spend two days on the facility going over the plan and making sure that now they are seeing it in person that the plan is commensurate to the level of risk presented by the facility. If at that point in time the plan looks good. The facility will receive a letter of approval. Thats a golden ticket, youre in compliance with the program. At that point in time, it is the facilitys responsibility to continue to implement that security plan Going Forward and pure yodically the department will verify that. Dave went through some of the statistics. We have 3,300 facilities. So Going Forward over the next will be continuing to work with the facilities to get them through the authorization inspection and approval stage. Were currently working at a pace of 120 authorizations a month with 100 or so inspections a month and 80 or so approval. So were looking at a two or threeyear time frame to get through the remainder of the inspections. Over that time well be transitioning to a core focus of compliance inspections. We started those last year. We have done close to 50 or so to date. But our prime focus will still be on getting those facilities to the approval stage for the next couple years. Now beyond just implementing the program, which obviously is our prime mission and reason for being, there are a number of other things we are focused on. They are going to be touched on by the other panelists. I want to point out a couple of the ones that will be taking a lot of our time and attention over the next year and beyond. The first with dave, the longterm authorization. Initially we provided a threeyear program. And it has been reauthorized on a basis on the process. Why theres never been fear it will go away, it provides instability for departments longterm planning and regulated community. A lot of times they are going to have to look at three to fiveyear budget periods when looking at improvements and stability to know the program not only is not going to go away but still going to look the same many years down the road as critical to allow them through the proper planning and take appropriate action to address the security. So not only the department, i dont want to speak on behalf of the industry, but industry is supportive of getting longterm authorization here. The second thing thats going to be a priority Going Forward is working on improving the regulations themselves. Even in the absence of permanent legislation. Dave mentioned the first step were taking is the advanced notice of rule making which was e released earlier this week. Thats open for a 60day common period. It closed october 17th and will be hosting a number of listening sessions across the country really soliciting comments. We did identify some specific areas that were particularly interested in hearing from not only the regulated community, but stake holders at large such as the overall approach, how the process work, how the nontraditional facilities are handled. The chemicals of interest list. Should some be removed . Are the threshold levels correct . Definitions in terminology and the riskbased performance standards. So these arey3l some areas tha have received a lotc of feedba over the years. This is the first formal effort to take a look at the regulations themselves and to potentially enhance the regulation based on stake holder feedback. We encourage folks if youre interested in this program, take a look at the proposed rule making. Its a fairly quick read. We really encourage Public Comment and participation in this process. Now one of the things were doing outside of the rule making process but is equally important and critical to the heart of the program is looking at our methodology and ways to enhance that process. Over the past year, we have completed an external peer review with members of the private sector and other federal agencies taking a look at how we look at high risk facilities and determine what risk they pose. The Government Accountability office also did an audit during that timeframe and received recommendations from the Peer Review Panel and our hard at work developing a plan to address some of those recommendations. We expect to do that over the next 12 to 18 months and so thats one of the things we hope will provide some improvements to the Overall Program without jeopardizing the stability that we have built over the past few years. And finally although this is not cfats specific, its the executive order that dave mentioned. The department is one of the trichairs on this committee and were committed to working with all stake holders. Not only our federal partners, but also the private sector in finding ways to more efficiently enhance and improve the chemical s safety across the country. Just about a month or two ago, we submitted a report to the prosecute which e detailed the progress since the issue went last year. More importantly it provides a road map for the anticipates we want to do Going Forward. As dave mentioned, the title of shared commitment, is not a government only effort. Were going to need to engage with the private sector and members of the other federal, state and local entities engaged. If we want to find good ways to be r more efficient on our approach. So thats another thing if youre interested. Take a look at that report. Theres going to be plenty of opportunities for engagement and involvement in the process. And i know were going to be spending a lot of time working on it. We look forward to a good collaborative relationship on that effort. Thats it from me. Good afternoon, im elizabeth oneill, Senior Management of Government Relations at the society of Chemical Manufacturers and affiliates. Im pleased to partner with these groups including evan wolf and my Committee Colleagues to engage in constructive dialogue on security today. For 93 years just a little bit about, we have been and continue to be the leading trade association representing the batch, custom and specialty chemical industry. Our companies employ more than 100,000 workers across the country and produce some 50,000 products valued at 60 billion annually. From pharmaceuticals and construction products, they make materials that help make our standard of living possible. Over 80 of members are small businesses. We ed a advocate on behalf of a industry that creates the Building Blocks of daily living and contributes to the betterment of society. Regulators and stake holders in order to ensure the passage of rational laws and regulations and abundant to save lives and enable the manufacturing of other products. All members are subject to osha regulations. Virtually all are subject to epa regulation. But maintaining the security of our facilities has been a private for members. After the tragic events of 9 11, members did not wait for new government. Regulations before researching, investigating and implementing security measures to address these new threats. Under. The flagship Environment Health and safety and Security Management program, members were required to conduct security vulnerability assessments and o to implement security measures. A methodology was designed for batch custom and specialty chemical facilities approved by the center for chemical process safety for an effective methodology separate. Our members have spent millions of dollars and have devoted countless man hours to secure their operations and right now our Member Companies are 99 compliant in which we believe will continue to the foreseeable future. We have heard an introduction today including an overview and program focus for the next year and will hear the legislative priorities in congress. From an industry perspective on the program, we believe cfats is working to improve facilities across the united states. And though there were initial challenges, dhs is implement in the program well. We have three priorities for cfats. First, the program must be given longterm authorization by congress fully supported by the administration. Second, we can improve the program and will continue to work with the dhs through rule making and continue to monitor and press for changes for the methodology. Finally, our industry is significa significantly impacted by the executive order 13650, a priority for us will be to work with the agencies and whoous it house in months and years to come as government makes changes to build a stronger cfats program. While we believe cfats is working and dhs has improved in implement i implementing the program well in Companies Across the u. S. , as a result of the chemical sector strong cooperation with dhs theres been 100 compliance by industry with requirements to submit svas and site security plans. Cfats is reducing risks in a marketbased way. Over 3,000 facilities have changed inventories in ways that have enabled them to screen out of the program. Cfats is driving facilities to reduce hazards, relying not on mandates but on the companys expert judgment to do so where it makes sense where it can be done without reducing quality to some other point in the supply chain. We support the program. The programs flexible approach prevents against attack by ing the industrys ability to remain innovative and members have quite literally bought into the program. Costs a lot of time and money to plan we werent certain that cfats would continue since it had been basically taken over by the appropriations cycle and had not be authorized. This was a concern for industry because they are investing money and resources in trying to come ply with the cfats scan. If youre going to have to make new investments. That wasnt good for industry. It also wasnt good for dhs, cho is trying to build on the framework that they had had in place to not have that certainty that the program would even continue was not helping them out at all either. Noigs that, there seemed to be sort of like the top ten list of complaints and shortcomings about cfats through its history. And a lot of those, as i said, were common. So i was hearing the same things over and over from a lot of different stakeholders. It seemed like a smart way to address all of these concerns collectively would would be for congress to authorize the program. Not only would it provide the certainty and stability and give everybody a little bit of a sense of peace of mind, it would also provide congress with the best opportunity to make improvements in law. So we were obviously providing a lot of oversight and Holding Hearing hearings, providing guidance, writing letters, addressing all the problems we had heard. The most powerful tool that our congress has is to put these directives into legislation. So it seemed that it made sense to try and authorize the program, give it the certainty while including in that legislation mandates to correct what we had been hearing and what we felt were some of the shortcomings to the program. So thats how it all kbot started. And i have worked very closely with elizabeth and a lot of her colleagues as well as with dave and his team and we felt the time was write for this authorization to sort of put our faith in daves team to get this program on track. They had come in very eager to make a lot of improvements and had been showing us that they were serious about it, demonstrating improvements consistently. E we felt like this was the right time to give them our confidence and hep them to make corrections but to continue to build on the momentum they were generating. So the process is something that i dpo like to talk about because i find it very encouraging. We were very collaborative in getting this done. Everybody who was a stakeholder whether it was dhs, the regulated community, other committees in congress with shared jurisdiction over this program, everyone came to the table and shared their ideas and their concerns and what we tried to do was put together a bill that would address what seemed to be the most pressing and Common Concerns among those groups. So youre going to have different segments of industry, different stakeholders of dhs versus the energy and Commerce Committee where they might have particular asks that potentially could be not necessarily in conflict with one another, but controversial. But there were a lot of ideas that we had in common. So we really tried to focus on those. What were the fixes that we could make, what were the most important elements to address and codify. So it was actually an intense experience and it went on for eight months to a year with a roth of back and forth and sharing of ideas, disagreeing over ideas, coming to accommodations for various reasons, but. Everybody came to the table with an open mind and a willingness to compromise what might be specific individual requests for the greater good of getting this done. Getting the program authorized, providing that stability and certainty, taking care of some of the fundamental shortcomings and problems with the program. So in that respect, i that ugt it was a good. Process. Erbe had a voice. Everyone was heard. People had the opportunity to hash out ideas, come up with new solutions, perhaps, things that hadnt been proposed in the past. We also worked right from the beginning with our counterparts. I think thats largely a part of the reason why this bill has gotten through our Senate Homeland committee and its very likely to get to the senate floor because the senate had input on this all along. We didnt just come up with a product and throw it across the desk and say you better pass this. They had input right from the beginning. So all that is to say, i am encouraged by this process and i think when people feel they can communicate and come to the table with an open mind and all the stakeholders are included, we can get things done, which is not necessarily the tone at the moment on capitol hill. But it does happen. Some of the issues specifically that we addressed in our bill were the backlog. Cfats was behind on inspections and approvals. As you heard dave say shs they have gotten through quite a bit. They have made great process in the last six months or so. But we wanted to help facilitate that. We wanted to demand they got through the backlog faster. The pace was not acceptable, but we wanted to make sure they had the tools and authorities they needed to do that. Another issue was the tragedy at west, texas, with the fertilizer facility that exploded there. That was not a security cfatsrelated issue. It did show us what could result and what the impact on the community could be when chemical facilities were vulnerable. What did result from that incident was an acknowledgment that there were a lot of small facilities out there that dhs was not aware of. They had been relying very heavily on associations to help them identify the facilities. Mainly those facilities were members of larger associations. When you had a facility like the west fertilizer plant that had like seven employees or something, they are not a member of a big association. So we wanted to help to solve that problem and we have addr s addressed that in the bill as well among the directives we put in there, we have asked dhs to engage much more closely and much more actively with state and locals to really get out in the field and talk to people who know where these facilities are. Another issue was and i wont go into the specifics, but making sure the program was w k workable for the regulated community. As we got into things, it seemed like there were some redundancies. That industry was asked to comply with. We wanted to make sure that we were serving the dual purpose as facilitator of making sure dhs had what it needed to ensure security, but at the same time, making sure that the process was not overly burdensome or almost prohibitively dismt for the regulative community. Thats something e we engaged with everyone to find solutions to some of those problems. There are a lot of things that are addressed in the bill. Those are just some of the highlights, but i think this is a very good start. This authorization gives congress, as i said, the ability to provide in law directives to the program. Its also given us the opportunity to partner with dhs as much as it seems sometimes that congress and the administration are sort of playing on different teams, were not. So our objective was not to shake our finger and scold dhs, but to partner with them and help them to achieve National Security, which is what my committees primary goal is. So ive given it several thoughts on this bill and this process throughout the last couple months, but i generally have concluded and saying and open this up to you as well, its important that were hearing from everyone who has a stake in this issue in this cfats program. So if you come to our committee with ideas not just with problems but ideas for solutions as well, its very, very helpful to us. We really are listening. We go to Great Lengths to try to incorporate great ideas coming from the regulated community. Youre living it. So i would just conclude by encouraging everyone here and spread the word that if you have continued concerns or ideas for this program, dont hesitate to come to the helm and we would love to include you in the process. Part of the benefit of having the last name wolf means youre either at the end of the line or beginning of the line. Im going to be brief in my remarks. Before i do, i want to make two points. First of all, id like to thank personally and professionally the panel and everyone else in the room who works for congress or the department for your commitment to everything you have done to improve dhs. Having been there at the beginning, those of us that were there early on, we dedicated as much of our effort as we could at the time. The department has vastly improved over time. Largely through the dedication of everyone at dhs and the hill. On that note, 109 oversight committ committees. I still think theres a lot of work that congress can do on making their oversight on the department more efficient and easy. Ill leave that stump speech on its own for now and applaud for the work done and ask others to model that. Also just as the lawyer in the private sector on the panel, none of my remarks represent any commitments or legal advice that im give. Ing to anyone in this room. Also nothing represents any indicates to my clients. With that, id like to spend a few minutes just talking about the structure and the questions that dhs proposed in the rule making. I really think and once again, i applaud the direction that dhs has brought the program in. The program has not only improved in the efficiency and the metrics they can talk about and i understand thats an important point, but also in the quality. I will also state were at a point. This is a program that was created quickly with 800 words of legislation with a very short timeframe and from that theres been a large regulatory footprint thats been built and managed as efficiently as you could. Part of both driving old automobiles and managing the program that was quickly developed is that not only do we need new guidance, but we need opportunities to work transparentally with the stake holders. Thats why i really do applaud dhs for their taking the time to put together the advance and listen to us. With that, im going to spend a few minutes talking about some of the issues. The first is in their description with the regulatory approach, i really think were at a time and point where we can and at a technical understanding where we can identify what is high risk facilities and think about it not in terms of risk elimination, but in risk reduction, which is what others have been talking about for a long time. Both in the trade organizations and Member Companies. As we had to convince dhs early on, having a facility list its chemicals or e below the threshold is not a bad thing but a good thing. Thats evidence of risk elimination. A risk reduction. We need to continue down that path of defining what is a highrisk chemical facility. I think the legislation will help. Dhs has a real opportunity to focus on those highrisk chemical facilities, which will reduce the amount of numbers that it would look at, but also improve the efficiency. The core part of that and the second point id like to make is what ill call clearing the regulatory lanes. There are clear exemptions. There were some very clear legislative and regulatory exemptions they were given to build the program around such as the Maritime Transportation security act and other Regulatory Programs. And those that have grown out since the program was developed. Its an opportunity for dhs to focus on the highrisk facilities that are identified and let other programs that have been developed by states take over their agencies so we dont have programs moving on to the secondary that they have asked for comments on the treatment of nontraditional chemical facilities so we dont end up with facilities that really have burdensome approach to managing the regulation. One example ill use is especially forratn5k thei nontraditional chemical facilities is what ill take is a sign of success from the Clean Air Act. I think we would want to use a 40yearold piece of legislation thats been through the Supreme Court many times as an example of a perfect regulation. There are some important opportunities to take rules. For example, for some of the given the fact that the Clean Air Act affects almost every industry across america, they have implementation plans that are given at an industry or subindustry or sector role. If youre a pulp and paper mill, you have a guidance on what implementation, and these arent prescriptive, direction on how you can comply and achieve compliance with the regulations. That may be a great way of partnering to speak to what Suzanne Spaulding raised earlier today with partnering with industry. To really enter into a dialogue facilities achieve come plints or risk elimination. I think we have the opportunity now, and i hope dhs will think long and hard about finding more efficient and effective ways of working with these nontraditional chemical facilities. To the riskbased performance standards as well, as with Everything Else in the regulation, as i think lincoln often said, when you dont have a lot of time to write something, you write long speeches, and writing with efficiency is often hard. The 18 rdpss were a good starting point. I think as we have an opportunity to reflect on what are the focused areas of risk and security, i think we can come up with efficiencies. I also agree we should come up with the top ten. Ill lay down the gauntlet that we should have ten standards. If we think about the core elements the companies are focused on this day and age, and the security of the agencies. In the last seven or eight years, we didnt have the plethora of ip addressable cameras that we have now. Weve changed technology, and we also need to change how we look at the regulatory model in this case. I quickly am mentioning the chemicals of interest. Other than i think it would be great to come up with another name for it other than coi or appendix a. I think the list was set out as answering the initial question of what is potentially a highrisk chemical facility. I think we have many years of identifying who are the highrisk facilities. I think we could put the appendix a list on a diet and get it reduced to fewer chemicals, that would reduce the footprint of industry in the program. And the last point id like to make is what ill call the one touch approach to the cpac program. What i didnt know when i was at dhs, that i know now, its not unusual for a single facility within the course of a day, month or year to interact with multiple dhs Regulatory Programs, whether its Maritime Transportation security act, the twik program or cpac. And dhs has had a challenge in that the programs are managed and appropriated separately. And theyre managed at a different component of the department. I think we can make these more efficient. We, meaning industry and government, by continuing to work together. I think twik is a great example where dhs is working with personal surety programs. I think we need to think about a onetouch approach so industry doesnt have to spend as much time answering the same questions to the same departments, since i am a fan of one dhs. Wi without quite so much rigger. With that, ill turn it over to mr. Wolff. Thank you, to all of you. I think we have a few minutes for questions from the audience. We have a microphone up front, so please fire away. I want to thank all the people here. Basically two questions. The first is, what kind of methodology does beatrice use to determine risk levels . Is it the simple mapping of threat, vulnerability and consequence information, or is it Something Else . Secondly, given the era of data breaches and snowden leaks, how do you really maintain the confidentiali confidentiality, or the protection of the information as far as chemical facilities go . Do you have the ssi, cbi, or bcii . There is some type of confusion as to what categorization to use to preserve and protect important and relative information that is sent to the address by the chemical facilities. Thanks. Thank you for the question. It sounds like a great one for our senior policy adviser. Thank you. When it comes to the risk methodology, the department in general, ill use the consequence vulnerability and threat, we look at it in two different stages. The security vulnerability assessment. The former one is almost a hundred percent driven by small consequence. It depends on the Security Issues. If youre talking about the modeling, and thats using an improvised explosive device, and we look how easy it is to convert. We have a little bit more threat piece. Our initial vision was to use vulnerability. We didnt have a lot of confidence in the selfreported data. So we have not been using vulnerability as one of the factors. Thats one of the recommendations we received from both gao and the Peer Review Panel. But generally speaking, we are consistent with the dhs model of consequential vulnerability and threat, deciding what the risk is for an individual facility. For the information protection piece, cbi, its the information regime that was developed. So anything with peer information or chemicals on site of the security plans, all that would be protected under cbi for our program. And that is how we maintain it secure the information. Do we have other questions out there . Mr. Kennedy . You guys are stuck in between two walls. Ive never really seen this before. I do a lot of chemical Security Issues obviously, and im also an honorary regulatory geek as well. The question that i had was, for fix some of these issues . And also, moving forward, could you just sort of explain kind of what the time line if i had an idea, like a checklist or Something Like that, and i propose it, and i make comments, in the next reiteration in the final rule, will you take those into consideration and weigh that over another option of what dhs could do . Or another person . I just want to know exactly how that would work, nuts and boltswise. Ill do my best. I know theres general counsel members in the audience. So give me a sign if im talking about ill look over here. From the perspective, will it impinge the dialogue. That certainly does restrain some of the ways well communicate with our stakeholders and communities. But i look at it as more of an opportunity because its going to formally open it up to stakeholders, who otherwise might not have the benefit of attending events like this, otherwise providing more direct communication. I see that as a positive. It will allow us hopefully to elicit more feedback. Once the period closes, dialogue can expand a little bit. But there will be constraints that might not otherwise have existed. As far as the time rg, that im not going to wager on. Ive guessed many times in the past, and im almost always wrong. I can tell you the next steps would be our intention, it really depends on the results from the comments. This is open for 60 days. We would review the comments received during that time period. And start to formalize a rule. This is more openended on giving us your general feedback, the next document you would see from the department would be many, many months after its concluded. Notice of proposal will include the proposed rule of thumb. We would hopefully assess and evaluate the feedback, on studies, analysis, what have you, and come up with what we think the next generation might look like. Again, wed go through a Public Comment period where folks have a better idea of what our specific modifications might be. They can provide comments and feedback on the specific modifications. So again, i cant really go to task after that. Hopefully it would go smoothly and go to a final rule. This is all complicated by the legislation, which if it gets passed, may throw everything into another position. We do take seriously the requirements and restrictions of the administrative procedures act with respect to rule making. We certainly do all we can to avoid being thrown in apa jail. Were very committed to continuing dialogue and transparency Going Forward. Final question . If not, i will thank everyone who has taken time out to be in our audience, and a special thanks to todd, elizabeth, joan and evan for serving on