Washington, d. C. We will show you some of the interviews we conducted with members of congress, government officials, and technology leaders. On the communicators, we want to introduce you to sujit raman, the associate Deputy Attorney general. What is in your portfolio in that position . Sujit i helped oversee the work we do on cyber issues at the department of justice, so a host of issues related to technology from Security Issues to supplychain issues to cryptocurrencies to encryption and access to data issues, crossborder data issues. What exactly do you do . Do you bring cases against people who have violated u. S. Law . Sujit thats right. At the department of justice, our job is to enforce federal and criminal law. Please bring criminal cases against people, organizations, foreign state actors who violate u. S. Federal law, results in a policy component of what i do which is help the attorney policiesormulate working with the congress, our interagency to advance rule of law issues around the world. Is your position political or career . Sujit i serve in a political office. Im a career employee. I survey little bit of both. Im a career person who serves in a political office. How long have you been at the doj . Sujit i started my career 12 years ago as an assistant attorney for eight years in the district of maryland and three years ago, moved to maine justice where i currently enjoy a leadership role within the department. Andou mentioned encryption, that has been in the news recently with the saudi terrorist in florida and the San Bernardino shooting several years ago. What is the current thinking when it comes to encryption and the doj . Sujit i appreciate the question. I should emphasize at the department of justice, we believe in strong encryption, we believe in making sure it is secure. A major part of the mission is to prosecute cyber criminals who steal data and violate u. S. Federal law, so we believe in encryption, but what we are worried about is what we call borat proof encryption. Proof encryption. It is so strong, essentially only the user can access the content. That is problematic because when we go to a judge, a neutral judge and seek a warrant, which is what the prosecution constitution requires, we run into a situation where we cant execute those lawful orders. Saudi shooter in pensacola, he had two iphones, one of which he put a bullet into, which one would suggest there is information on the phone that he didnt want people have access to. We went to a federal judge, the judge authorized us to seek the contents of that phone. Because of the way the phone has been architected, engineered, we cant get past the past code passcode on those two phones. Wheren see the problem o, he received a court order, we need access to evidence to see if there are coconspirators, understand who the person was communicating with, and even though we have a lawful means of doing it, there is no technical means for us to get to those phones. Extrapolate that out broader society, the number of cases where people are getting into child pornography, evidence on the phone, yet we cant access it. That is fundamentally the problem we have, where we have authorization, weve gone through all requirements the usrth amendment demands of but we are not in a position to access the evidence. What happened with the saudi shooter xfone . Sujit that shooters phone. Sujit the fbis experts were able to put the phone back together. They said the shooter had shot one of the phones, the other was in pretty bad shape when it was recovered from his car, probably the sdn fbi tried to search, get into the phone. The fbi took about a month, exhausted its internal options, ke of foreign partners unfortunately, none of those partners were able to help us. The thirdparty vendor community, third parties who deal with hacking tools. None of those have worked, so in early january, we reached out to apple and soft the companys assistance in trying to help us get past the security functions the company has put into the phones. Those fbi efforts continue. I will not get into specifics, but the ei continues on its own, using its own tools, to try to gain access. Do you have reached out to the Company Since they designed the products to help us figure out how to get in and execute this lawful court order. You compel apple to break into that phone, and is apple capable of doing that . Sujit there are certainly legal questions around that. Case, San Bernardino similar circumstance, the Justice Department did take apple to court and sue the company under the a federal act. That is the Legal Mechanism that forces a thirdparty to assist federal investigators in the execution of a court order, so that would be the Legal Framework under which any kind of litigation would pursue. Our goal is to avoid litigation and work with the company productively and in a voluntary way to ensure that all the cybersecurity aspects are protected, but that when investigators show up with a court order, they have the ability to execute that order. Peter is there a slippery slope . The loss of privacy . Sujit im glad you mentioned the privacy issue, because remember, the Fourth Amendment, which we have had for over 200 years, under our system, is what draws the line when it comes to privacy. There is no absolute no absolute privacy under u. S. Constitutional law. Inherentlyrantly a balance between privacy and public safety, and the warrant draws the line. When a federal judge weighs pros and cons and decides to award a he or she has checked all the boxes that constitution requires between balancing privacy in public safety, and safety. Favor of public there is no privacy issue here. When you seek a war and you have satisfied the privacy issue. When it comes to a dead terrorist, i would say there is , that is in the legal system but nonetheless, the fbi, because it is a rule of law agency, went to a judge and soft order. Sought think this is the order. Peter is there a comparison to u. S. Mail or email to this case when it comes to phones . Sujit there is a comparison in that anytime we see content as a matter of policy, we seek warrants. If we wanted to search an american or another persons mail within the United States, we go through the Fourth Amendment analysis. We seek lawrence before we search the contents of physical mail, email is the same aim. As a matter of policy, we go to a federal judge, neutral arbiter, get a court order to search the content. It is the same concept when it comes to phones. Your phone has a lot of sensitive personal information about you on it, so when we search it, we make sure we first go to a judge and get that cant to traditional checklist tipped off. Im glad you asked the question, because there are analogs here. Satisfy the Fourth Amendment requirement, we should have access and it is no different with a letter, no different with email, and should be no different with a physical electronic device. What about endtoend encryption and how will that work . Sujit endtoend encryption has significant impacts on Law Enforcement function. Weve spoken publicly, the attorney general and two of his warrant partners issued a public letter to facebook which came out in october of last year, where if facebook were to end to end encrypt all communications on its platform, which the company said it plans to do, that could impact Child Exploitation investigations in because often people who are exploiting children, abusing children, will communicate, try to woo children using Facebook Messenger or communicate over facebook as a website or over instagram. Right now, facebook actually does a pretty good job in monitoring its own networks, so they can see if child pornography is being traded across its networks and when it sees that through the algorithm, it reports it to the center for missing and exploited children, which contact federal or state or local Law Enforcement. Millions of kids were provided to the National Center last year, 18 million tips from facebook. If facebook endtoend encrypts its platforms, the company itself will lose visibility into what is happening on its platforms and the estimation is about 70 to 75 of those tips will go dark. Will never even learned out them, and think of all the children who are being abused as we speak, who we wont be able to track down. That is a very concrete manifestation of what end to end encryption can do. Apple has already endtoend encrypted it i message system, which is similar. If you compare the number of cyber tips facebook reported last year, which was around 18 million, and apple, which reported Something Like 100 or 120, i think, that is the difference. Magicallythat apple runs clean platforms where nobody is engaging in child pornography. No, its that apple has chosen to blind itself to what is happening through its Communications Networks and is unable to produce these tips to the National Center for missing and exploited children. That is a concrete manifestation of what end to end encryption can have on lawenforcement function. We believe in encryption. We want to protect people from having their data stolen. Implementations of encryption, the military grade, laurent proof encryption warrent proof encryption. A lot of people use gmail. Gmail is encrypted from people sending the message, to google servers, to the recipient. Secure means of communication and yet, there is a moment on google servers or the information is decrypted. Why is that . Google wants to filter the material for malware, viruses, to make sure what is happening isnt compromised. Thats also the moment when google can execute a search warrant, so gmail is not warrant proof encrypted. It is very strongly encrypted, but it is not warrant proof encrypted. Thats all we are asking for. Implementation of encryption that keeps communication secure, and yet still allows the processing of court orders. Peter how do other countries do it . Sujit trick question. There are a couple great question. There are a couple ways to look at it. You can go off the spectrum, authoritarian nations like china and russia. They have very intrusive cycle security laws on the books cybersecurity laws on the books and on paper, it requires companies to turn over all sorts of information. That is an open question. We dont know how Companies Like apple are complying or not complying with chinese law. We do know they have made a number of accommodations, particularly in the last year, in response to these authoritarian regimes. A small example is when Chinese Government complained about being in moshi emoji available, the company buckled once the government said to get rid of this. Apple has made accommodations to authoritarian regimes. A more important example is chinese cybersecurity law requires companies doing business in china to store data locally, and to essentially make access to that Data Available on any kind of government request. Apple did not push back. It formed a joint venture with a local chinese company, and as far as we know, is storing all chinese user data in china. Our concern is that the company has already made a number of accommodations to authoritarian regimes which have no due process or rule of law values. Instead, here in america, we are a rule of law society. To us when they push back against us with a lawful order issued by the judge , and we have no insight into authoritarian regimes. The authoritarian country will move regardless of what we do at home but we have seen examples from the united kingdom, australia, other rule of law countries that have enacted legislation because they realize you need to find a balance between privacy and public safety. Investigatorythe powers act, which allows their government access under circumstances. Last year enacted legislation which is a step in the right direction. That ruleing globally of law countries are moving in ways that we support and authoritarian nations are moving in ways that give us considerable pause. Society in United States, we need to be a part of the broader international conversation, because this is such a pressing Public Policy issue. There needs to be an active debate in the United States and unfortunately, right now, it is really the Tech Companies that are making policy. It is their Technical Innovations that are setting the bar and that is not how it should be in a democratic society. Peter peter it seems the two cases we talked about, San Bernardino and pensacola, apple phones. Does it make a difference if this were a korean Samsung Phone . Our legal authorities are company neutral, so from a legal perspective, it wouldnt make any difference which company we are talking about. Sujit peter how much of your time is spent on Digital Currency . Sujit Digital Currencies are a significant part of what i do. Cryptocurrencies have the potential for great innovation. Our concern is it is also for bad an opportunity actors that arent in a regulated space to engage in money flows across borders. Our concern is that the dark web you see a lot of people transacting on the dark went through cryptocurrencies. Our goal is to make sure we have insight into what is happening when people are exchanging money, and it is certainly one of our priorities. Withar to a lawful act, encryption, when there is a court authorized means for Law Enforcement to get information or gain access, that we maintain the ability to gain access. Peter one of the secrets about bitcoin is nobody knows who owns it and where it is located, wrecked . Is an interesting example because you contract Bitcoin Transactions. It is a publicly available ledger. The way Block Chain Technology works is you contract Bitcoin Transactions because they have to be logged in a publicly accessible toger anyone engaging in the transactions. This is something we have spoken about publicly. Bitcoin itself is something we can track under appropriate circumstances. What is concerning to us is there are a number of cryptocurrencies which are more peertopeer. Similar to the Communications Issues we have talked about. There is no centralized ledger. That creates significant investigatory and policy issues for us, terrorist financing issues i mentioned earlier. We have no interest in snooping on people. An interest is when we have authorized court order to be able to gain access or insight into what is happening and increasingly with so many of these currency exchanges located abroad, they dont comply with u. S. Moneylaundering rules. We have considerable concern that a lot of the information is not accessible to us, even with court authorization. Peter where do you gain expertise on these crypto issues . Sujit ive got access to some of the smartest people in the government, and so when we try to inform policy on these issues, we talked to the experts, we talked to prosecutors in the field, our fbi agents, colleagues in the intel community. Did try to gain insight and advocate for reasonable Public Policy. Peter what is the role of congress in developing regulations that we have been discussing . Sujit congress has an active role. The people rule and it will be up to congress to come up with intelligible, reasonable rules in this area. There is an active conversation on capitol hill as we speak and were contributing to that as appropriate. Peter sujit raman is the associate Deputy Attorney general and has been our guest on the communicators. And joining us on the communicators is jim baker. Mr. Baker, how does one become the general counsel of the fbi . By james ive worked in the department of justice for a long time and among other things in terms of gaining technical expertise, i also build a lot of relationships. One of those was with my boss when he was Deputy Attorney general, jim comey. We worked together at the doj and in the private sector and when he became director, he asked me to take on that job. P peter how long were you in that position . James four years. Peter what did the technical part of that job entail . James multiple things, really. The general counsel, so a lawyers job. He have to be a lawyer, so knowing enough about the important areas of the law that the fbi deals with in order to figure to spot issues, out whose help you need, how to answer questions from senior executives, how to bring in the right people. Goal was toys my make sure the bureau got the best answer there was. Sometimes, that might not be me giving the answer, but usually involved other experts, either from within the bureau, department of justice, or other government agency. Peter in your fbi career, and especially as general counsel, did you find year after year, the increase in technical or Technology Cases increasing . James absolutely. Over the years. I worked at the department of andice from 1991 to 2018 absolutely, technology became much more important, to the point that really today, i think are not competently representing their clients if they dont have a sufficient understanding of technology. This is something i preach frequently to the folks that worked with me in the office of general counsel and elsewhere in the fbi and doj. Ofdoesnt matter what area law you working today, you need to understand technology sufficiently better than you need sufficiently. That does not mean writing code, but it means spotting the legal issues out there, address concerns her clients have come of the clients, the people the fbi trying to do investigations or investigation support are using technology and need help making sure