Cspan is brought to you by youe or satellite provider. The communicators looked at technology and its impact on voting and democracy recently with speakers at the state of the net Conference Held in washington d. C. Heres a look. Host katie harbath, is the Global Politics director for facebook. What does that entail . Guest being the Global Politics and government outreach director means that myself and my team who are situated across the world work with governments, elected officials, candidates on how to best use facebook to communicate with citizens. And then we also help to work on facebooks overall efforts in elections which includes protecting the integrity of elections on our platform whether thats through preventing foreign interference, fake accounts, etc. , but then also helping to teach people how to use their Civic Engagement tools so more people can have a voice in the political process. Host people heard you say what you did, and theyre going you didnt do a very good job in 2016. Guest theres certainly things that happened on our platform in 2016 that shouldnt have, and we take a great responsibility of making sure that we can, going forward, take the steps that we need to prevent interference on our platform. We did a lot in 2017 with elections in france and germany, for instance, and we are more than doubling our team here in 2018 to be looking forward to the elections not just here in the United States, but italy, colombia, mexico and brazil. Host so, katie harbath, recent headlines from a blog post on facebook, tell me if these are fair when it says that facebook admits social media sometimes harms democracy. Is that a fair headline . Guest i think what we at facebook and what were trying to do with the hard questions blog is really bring outward the discussion of these sort of hard questions that we have to grapple with. Because like i said, things on our platform did happen in 2016 that shouldnt have. But theres also a lot of positive aspects that social media can bring to democracy. So we are trying to take a critical look at ourselves to understand where we need to get better, but also to engage the Broader Community because we know that we cant do it without them, and we want to make sure, too, that anything were doing is going to have a positive impact. Host but at what point is facebooks responsibility over and its up to the individual to figure it out . Guest i think its a lot of the Broader Community all has unique roles that they need to play when it comes to protecting the integrity of elections. Not just online, but across the board. Were trying to take steps to help people to better identify where there might be false news, to try to provide them different perspectives of where different parties stand on the issues. We do Public Service announcements to help people think through how they might be able to detect what is or is not false news. Also, like i said, engaging the Broader Community so everyone can do their part. Host is there a censorship issue here . Guest i think that one of the things were definitely trying to do is we dont take downfalls news. If people do down false news. Even if people go through all our warnings, they can still do so on our platform. So we are trying to strike that right balance here. Its more helping people to be more critical consumers of news and information versus us necessarily being arbiters of truth ourself. Host katie harbath, can you be a candidate in todays world and not be on facebook, have a facebook presencesome. Guest theres certainly candidates that do, and i dont think facebook alone can be something that helps people win elections, but it certainly has become a critical tool for candidates to speak with their citizens, to engage with them and get their message out. Host what are you doing here at the state of the net conference . Guest were on a panel about discussing internets role in democracy and having a lot of the same conversation that we had here today. Host and what was your main point that you wanted to make in your presentation . Guest that we are taking our responsibility seriously about protecting thing beingty about protecting our integrity. Ing. Host what is one of those products . Guest our perspectives products where if somebody clicks on a link about the election, we havent launched in the u. S. , but we have overseas. People will get to see where the different parties or candidates stand on the issues, so thats something were hoping to potentially to bring here to the United States for the midterms. Host we look forward to having you back on the communicators. Guest thank you so much. Host and now joining us on the communicators is dr. Candice hoke who is with the Marshall Center for cybersecurity and privacy protection. Candice hoke, what is that . Guest we have an interdisciplinary cybersecurity and privacy research, and to some degree, an Advocacy Center on top of our educational role. We are trying to provide a range of services to the business, legal and educational communities to understand the needs for greater cybersecurity and the sort of mechanisms by which better security and privacy goals can be achieved. Host and this is marshall is a law school in cleveland, correct . Guest yes, it is. Host whats the connection between cybersecurity and the lawsome. Guest well, the law has become rather late in coming to the cybersecurity table. We perceived a gap in the understandings that lawyers needed in order to be able to properly advise and support their business as well as personal clients in achieving their goals now that so much business is run either on the internet or through computerized information systems. So theres, there are huge issues that lawyers need to understand. Host has the law kept up with cybersecurity . Cybersecurity, you say, has gone ahead of the law, but have lawmakers been proactive when it comes to cybersecurity . Guest insufficiently. Insufficiently, and in part its because many of our lawmakers are lawyers who were not trained in any of these technical subjects, and also i think the view has been that perhaps its better for the law to have a light touch rather than interfere with the innovative capacity of our business sector. The problem there is that the market has not adequately addressed Security Issues or to some degree privacy issues as well, and there really is a role for informed government policy. So we need the policymakers to be better informed, we need the lawyers to be better informed. And truly the commercial sector as well as sort of the live ares of average americans will be better if we foster greater cybersecurity and privacy protections. Host so specifically here at the state of the net conference, what are you speaking on . Guest election cybersecurity, which is my area of specialty. Elections and Voting Systems. Host are Voting Systems, is there an unhackable Voting System . Guest there is very good question. All Voting Systems that we have produced thus far are hackable to some degree the if theyre based on computers and software. If we use paper Ballot Systems where the voter marks a paper ballot or directs a a machine, even one with software, to mark a paper ballot, voter can look at that ballot, affirm these are my choices. It can be counted by softwarebased machines, but then we have that paper record to check to see if the machine has cheated, if it has been hacked. Unfortunately, large numbers of voters in this country are using softwarebased Voting Systems that have no paper records or no votercreated paper records, and so the machines can cheat. And presumptively, they are cheating because its easy to cheat, and its almost undetectable in many cases. So part of what senator klobuchar was speaking about at the beginning of this Conference Today was the importance of our recognizing and redressing the problems with the election vulnerabilities and particularly Voting Systems, but also the larger Election Office problems. Because weve never funded our Election Offices at the level thats needed in order to protect them from hacking, whether its from cyber criminals or nationstate actors like russia or just domestic partisans. Host now, dr. Hoke, you said that presumptively these machines can be hacked or have been hacked. Do we have proof of an election outcome based on hacking . Guest another very good question. Part of the trouble are our laws that prevent the ability to look at election equipment to see if it has been hacked. In fact, there have been lawsuits including in 2016, jill steins lawsuit, for instance, which sought forensics evaluations in several different states and were blocked each and every time. Now, these laws were very wellbased before softwarebased equipment. But our Companies Know that they must be able to audit and forensically evaluate their own equipment to see if theres been a counting error, whether theres been hacking against their databases, whatever. And were preventing our own election boards and our election equipment from being evaluated. Now, in some cases we would be able to discover whether hacking had occurred, but many other cases some really smart hacks hack with no, leave no trace or very little unless theres a very sophisticated hacker. So, but as senator klobuchar was saying in her earlier talk today, we have proof of nationstate, particularly russian, attacks on particularly our databases in 2016 and before. We were looking a little more then in part because the department of Homeland Security contacted me in early july of 2016 and wanted to know what should they be doing. And i sort of laid out different kinds of problems that i thought they should be attending to. And so that was im very happy that they did start paying attention. Host what were some of those recommendations that you gave to dhs . Guest well, i said you should be watching russia in particular, and you need to Pay Attention to and set up operations that would allow you to be able to discern whether there are probes or attacks on Election Offices or election networks. We really need to be able to know early enough so that we can put a stop to it. We dont have that kind of capability in most states and certainly not for election jurisdictions. They are so underfunded, and theyve never had the Security Operations that, say, a Large Company would have that has significant, well say, attractiveness to hackers. Now, banks, of course, are highly attractive for all sorts of cyber criminals. So are Health Care Institutions because the Health Care Records are marketable at a very high dollar rate. Most people before 2016 kept denying that elections were attractive because they kept saying things like theres no financial value. And we would say meaning my colleagues in the Election Integrity movement would say, come on now. The u. S. Economy and the u. S. Military and the u. S. Budget, the largest in the world, this is not value that someone would want to control through manipulating our investments, excuse me, our election systems . Why would you say our banks but not our government . Why would you say not our elections . So unfortunately, the deniers had control over the Decision Making until the information came out in 2016. Host so the commonwealth of virginia returned a complete paper ballot guest they did. Host and took off their guest they did. Congratulations. Host congratulations. Is that the future . Guest yes, in fact, that is what most Computer Security specialists and the voting Security Specialists would say, that is exactly what needs to happen nationwide. Because no matter what happens in virginia and many other states that have moved to this system, there will be that votercreated paper record that can be audited as a which can on the Voting Systems. As a check on the Voting Systems. We just need to make sure were going to have statistically valid auditing built in as a routine, not as a result of litigation. It needs to be we need to understand just like business entities and now the government as well, we must audit our systems constantly. We must to determine whether they are cheating on us, whether they have been programmed to cheat, whether they just have a malfunction. You audit. Thats why we have big auditing entities in the nation right now and legal compulsion for businesses to use auditing, internal and external auditing. We need to do this for our elections. Its just basic quality assurance. No one should be fearful of auditing elections and to build it into our processes. That is a security, that is a transparency for the american public, for the Voting System vendors so that they can show which ones are actually able to count correctly, for the Election Officials who are charged by law to deliver honest, fair, transparent elections. So, yes, that is the answer. We dont have to completely ditch computerbased election equipment, we just have to use the proper checks on that equipment. And then we also have to invest in our election systems, excuse me, our offices so that they have the kind of equipment and Network Architectures inhouse so that they can prevent cyber hacking to the greatest degree possible. But if it occurs, theyll be able to discover it and recover. Thats the resilience aspect. Senator klobuchar was mentioning the bipartisan bill that senator graham, Lindsey Graham and she are sponsoring, and they have a similar one in the house. That seeks to fund the paper Ballot Systems in all the states that dont have them with the audit plus the Election Security consulting to upgrade our Election Offices. Its a travesty that we could think we could run Fair Elections in this day and time without those two components. So why arent we doing it . [laughter] so im very hopeful that we will be addressing this problem. Host and finally, dr. Hoke, when you see at blackhat a voting machine hacked within minutes guest i was there, i was a speaker, yes. [laughter] host do you have suspicions about the 2016 election . Guest i have suspicions about any election equipment and elections that are run without the auditing capacity and routine auditing. Why . Because as ive said previously, thats basically saying to the world of hackers come here, hack us, we wont be checking. We are a piece of cake for you. So you can hack our elections completely undiscovered. Now, thats ru for the largest true for the largest voting jurisdictions in pennsylvania, whole states like georgia. Why would we allow this . Why would any state, why would our nation allow our election systems to basically be run at this level of, say, ineptitude . Of denial of the threats . Its a National Security issue, its a fundamental democracy issue, its a fundamental fairness issue. So, you know, we need to redress it. [laughter] host candice hoke is the founding director of the Marshall Law School center for cybersecurity and privacy protection. Guest thank you so much. Host and now on the communicators we want to introduce you to ambassador karen kornbluh. Ambassador, where did you get that title . Guest ah, i was ambassador to the organization for can Economic Cooperation development which is a Multilateral Organization in paris, france, and i did that in the first term of the obama administration. Host your background, though, is rather varied, and we want to talk to you about some of that digital background. Guest yep. Host how could you use that over at the oecd . Guest so ive been working on internet policy for about two decades, and when i got to the oecd, i knew that it had been parking lot of the process part of the process of taking the u. S. Framework for regulating the internet and social using it overseas. But that consensus, that International Consensus was starting to fray as russia and china and other countries were coming in, and they wanted more heavyhanded regulation of internet by some of these countries that wanted to have more authoritarian control. So we used the oecd, and we did oecd internet policy making principles that said we need to have a free flow of information across countries, but we need to have individual countries be able to do their own policy making whether its Consumer Protection or privacy, that countries can do their own regulation but across country there needs to be free flow and respect for human rights. And we got 34 countries to sign on to that. That was an interesting time. I think well be talking today about the fact that at that period of time, 2010, 2011, we were talking about internet freedom, we were seeing the internet being used to disrupt countries in the middle east and bring democracy, so there was that kind of attitude. And now we see something, a very different attitude. Host lets go back to that era, and that was the arab spring. Guest exactly. Host but we also saw where egypt could essentially flip a switch and cut off internet traffic to that country. I thought the internet was borderless. Guest thats really interest