I think both broad and domestically they are not going to forecast what we are going to be going through as we are traveling home to see loved ones but we are on high alert. Mostly abroad. I think there was significant concerns in thailand, pakistan but, thats the world were living in. Wonder, but at some point that is part of it but when will the enhanced threat end. This is something for the long term. Well, thank you both for being. Tomorrow, a federal budget analysis. That will be part of the discussion hosted by the brookings institution. That is live at 9 30 a. M. Eastern on cspan three. 3. We were also have live coverage it later in the day from the Economic Club of washington dc. That is live at 7 00 here on. Span next, Edward Snowden talks about government surveillance. He also discusses the recent Senate Report. This is from a conference on privacy and Civil Liberties posted by the Cato Institute. This is one hour. While we arrange for him to be able to be heard and to hear us, we want to set up we have had a year of disclosures that have ignited it debate. So the question is for someone who has paid an extraordinary price, surrendered a fairly comfortable life, do you feel satisfied with what youve seen, how this is unfolding . Youve seen major legislation proposed, nothing yet passed, weve seen a president ial directive. Are you satisfied with the reaction youve had . First of all i want to confirm, can everyone hear me . Yes. Yes. Hello. Great. Okay. Thanks. Apologize there. I am broadly satisfied with whats happened in the last year. We have seen an extraordinary change in Public Awareness. We have seen an increased openness. I would say innovative spirit in government, not by choice, but by necessity. I believe we had bob lits speaking earlier, which was great. He mentioned theyll be more transparent in the future because they recognize these policies of over classification, over secrecy, are not helpful and, in fact, are damaging. I think we should really scrutinize the value not just of the governments, shall we say, improvement, and not just the encouraging moves were seeing around the world in the court systems. A number of panelists have spoken about the beneficial things were seeing in the United States court system. The First Federal court system, or the first open federal courts review programs found theyre unlikely theyre likely unconstitutional. The European Court justices struck down the european version of sort of a smith v. Maryland. Said the Data Retention directive is unallowable, a fundamental vile rights. Weve seen the United Nations issue reports that mass surveillance is not permissible under any circumstances. It is necessarily a contradiction of our fundamental values and it is an inherent violation of rights. We see a lot of things like that. But beyond that we see the real change thats happening is actually occurring outside of court, outside of congress, outside of the executive agencies entirely, and this is happening through things Like Technology companies. Let me actually make sure that ive i can see these right. What weve seen are things on the technological side, sort of in the fabric of the internet, where immediately upon the Public Awareness of the problem, technologists, academics, engineers around the world all came together and went, this is a serious concern. And how do we address this . How do we solve these problems . How do we make sure we dont have to deal with this in the future . We see that individuals as well are taking action, taking steps to try to retrieve their rights that have been sort of unnecessarily taken out of their hands, out of their domain. This is a poll done by a canadian group. They dont really have a dog in the fight. They got a representative sample of Internet Users around the world and they found that 60 had sort of heard of the revelations of last year. Of those 60 , 39 of those had taken active steps to improve the security of their privacy of communications online. And it was interesting how the media interpreted this. Because they said, well, this is a minority. People must not care that much. Nobody is really making changes. But when youre actually doing the math on what 39 of 60 of the worlds global Internet Users is, thats 702 Million People around the world who are now safer today than they were just a year and a half ago. And this is i think really where we begin to see the framework of how we can move forward in the absence of political reform, in the absence of legal reform, and this is good. Because what weve seen politically around the world throughout the development in history is that politics is about power. When you have people in great power positions, when you have super states, they will not cede any sort of authority that theyve claimed back to the public, back to civil society, unless they are afraid of a more undercutting alternative. And this is really what is setting us up to really have a sort of renaissance of security and of liberty in the way we associate, the way we speak, the way reresearch online. Its critical. When we think about reforms, we think about the challenges, these are big picture problems, but at the same time these are only the things happening within the United States. And the policies of the National Security agency and Central Intelligence agency and the f. B. I. , as bad as theyve been in regard to respecting the boundaries foundations of our rights, they are good relative to many governments around the world. So we have to think about not just how to protect the rights of americans, but protect the rights of individuals around the world who live under regimes who are much less liberal and much more authoritarian. The only way we can do that is to ensure that there are International Standards that are well agreed upon as to what behavior is proper and improper. We have court mechanisms that can enforce these and, ultimately, fundamentally, we can enforce these through technology on the basis of all of this i would say im tremendously satisfied. Julia . Sandisk corporation well, hello. It is great to meet you, because you did a great job of marketing my book for me. I was already half way through writing it when your revelations came out, and i benefited greatly from that, so thank you. Also, i want to say one other thing. I dont know if anyone has seen citizen four but in case you were not convinced that Edward Snowden was great, appearing in your bathrobe is really a brave move in a documentary film, so if you havent seen it, there is a bathrobe scene. At any rate entirely unflattering. You know, everyone makes their own choice about that. We could have a bathrobe up or down vote, you know. So, you know, im a huge fan of encryption and i try to use as much encryption as possible. I think that youre right that there is a renaissance of encryption programs going on. But i am concerned about an arms race. So if i, a citizen, am trying to beat huge agencies trying to defeat my encryption and im trying to keep one step ahead of them, i feel this is something where im under funded. Right . Im concerned that im not going to win that. I think we have some evidence, actually, that the arms race is escalating. I would point to one thing that really disturbs me which is weve seen a lot more spy tactics that involve spoofing, we saw the d. E. A. Spoofing a facebook page. We saw the f. B. I. Spoofing an Associated Press article. We saw the n. S. A. Spoofing a linkedin page. Weve seen commercial hacking companies spoofing adobe updates. And so i would like to hear what you have to say about, can we win this race in a world where we might not be able to trust the contents that we see in front of us . Are we going to enter a world we cant authenticate anything we see online . This is a real challenge. Computer security is a field rapidly expanding i think much more so than almost any other academic discipline. It is a fertile field. Computers are so fundamentally insecure today it is impossible to rely on them and trust them fully. Many reasons i was successful is i did not have to rely on any particular computer or communication. This is not a world we want. This is the reason were having the debate and people are fighting in countries around the world to push back against this kind of evasiveness, this kind of truth in policies, also the state of play in terms of our security around the world. Now, there are a number of business interests that have been referenced by some of the other panelists. The representative from the aclu, matt greene, john hopkins professor, and many others who referenced the fact that there are commercial incentives today to find vulnerabilities, weaknesses in our system. And rather than work to fix those, rather than work to secure our systems, they actually leave those open. They will sell them to the highest bidder and use those to enable the exact kind of masquerade attacks, spoofing attacks, phishing attacks you are describing. More concerningly, we see agencies of government, for example, the National Security agency, which has secured the name, actually using this same paradigm to weaken our own infrastructure. Weve seen them go to bodies and spy on them and look for vulnerabilities and rather than fix those standards, rather than correct those flaws, they leave them in to try to exploit them and in other cases look at where they can introduce them to make them less secure overall in certain vulnerabilities where they did not exist before so they could exploit them and gain access. We can understand the intentions for why they might want to seek to do this. It would give them access in novel places, places previously denied, but at the same time the same vulnerabilities can be used against the American Government, american people, allies and other citizens around the world. But also in our products and services. Google has had a pretty big presence here. Its not just about google. It is about every American Service around the world and product. If were creating phones that have inherent insecurities, were creating flaws in our standards and protocols that every interoperable system relies upon, were weakening the basis of our modern economy, because america relies more on the internet for productivity, for trade, for economic gain and comparative advantage than any other nation on earth and, yes, it may give us some sort of comparative advantage in spying on china, once they discover it, theyll be able to use the same thing against us and even if not them, even if its latin america, russia, france, and they begin to do the same thing, we quickly learn that being able to spy on other country, particularly based on how we restrict the uses of the product of intelligence, for example, the American Government is very fond of saying recently that we dont give economic secrets to private companies, we find out that the benefit of having secrets on other countries is worth less than the benefit they gain from knowing ours because we put more into research and Development Efforts than other countries do comparatively. We put more into education and research than other countries do. We put more in military spending than other countries do. So if everyone is insecure at an equal level we dont benefit because we have the best spy agency. We actually lose because we are more reliant on security than everyone else. Edward, you alluded to and julia was alluding to also the spoofing and the sort of suite of malware tools collectively referred to as quantum. One of the stories that flow from your disclosures that i found most troubling was related to that and the idea of a system apparently called turbine that is delivering these in an automated way, to think of it very crudely, an a. I. For hacking that lives on the internet backbone and pushes out malware to thousands and potentially hundreds of thousands of target computers, categories of target computers and the goal is to eventually be able to sort of automatically compromise millions of computers around the world. That was i was surprised at sort of how little i dont know if anyone here is aware of turbine, i guess this is not a representative audience but i dont know how many people heard that before. It seems like of all of this sort of stunning stuff, people have heard a fair amount about the telephony program and maybe something about prism but a lot of the other stuff, i guess im surprised that it hasnt gone as much hasnt gotten as much attention as the earlier disclosures. Im wondering what the what have you thought deserved a few more stories and hasnt gotten that much attention and what bothers you most . Right. This could go on for days as opposed to the short time we have here but really what youre touching on is a fundamental problem that we discussed earlier. Weve got a few representatives in congress trying to protect and promote the interests of millions of americans, but the classification authorities who provide the clearances, offices like the d. N. I. , say their staff cant be cleared. This is problematic because people in d. N. I. , people at c. I. A. , at the n. S. A. , say i wish i had this and that. Id want a private secretary, too. They dont represent millions of people. They represent small agencies. The same dynamic happens with the press. We have a few editors, a few reporters who are not grounded. They dont have a background in technology. They dont have ph. Ds in computer science. They dont know what stories matter and which dont. In technical reporting, in main stream news at the new york times, the Washington Post, its incredibly a modern thing. This hasnt happened before. So one of the reasons we dont see the media real keen on stories that are of critical importance, is because they dont realize they are of critical importance. And because of this, were increasingly reliant on the Technical Community to kind of do this for us and represent us. Now, this is increasing the dangers over time i believe because what we see is an increasingly disempowered citizen class and even in politics, because they have no idea what is going on that matters and an increasing empowerment of people who have sort of an elite, technological diversity. I think this is dangerous over time because you will see a concentration of power around small groups, small individuals, who can increasingly Impact Society in greater and greater ways. I, personally, am an example of this. Im not the worlds expert in technology but because i was where i was, because i saw massive crimes against the constitution happening on an unprecedented scale, and i had the technological skills and capability to do something about it, i was able to change the conversation in a way, make some small contribution to the public that has really had an outside impact. We do not want our government to rely on this model because that relies on the actions of the individuals. This is inherently dangerous. Back to the basic question, stories that have been overlooked, one of the very significant stories is the fact that all of this information were collecting in bulk, bulk collection, the governments euphemism for mass surveillance, the unreasonable seizure that is forbidden by the fourth amendment, these programs, mass collection, the 215s and what not, the n. S. A. And so forth assert this is okay because they apply what is called minimalization. They say if we see youre a u. S. Citizen well remove your name and replace it with a pseudonym. We will take measures like this and say an analyst cant target the u. S. Citizen though we can target and read all of your information. We cant look at you. We have to look at who youre talking to. That kind of thing. But this is not done when were sharing this with overseas allies in many cases. There was a story that was run i believe last year, late last year, that showed that we were sharing unminimized information that included information on u. S. Political figures, on judges, on officials across the spectrum, private industry, private businesses, private individuals, their private records were being shared en masse with israel. This did not get a lot of play in the Mainstream Press in the u. S. In the new york times, the later investigated this and said why. This is a story of public importance. There wasnt a really satisfactory answer. One of the editors previously worked for the l. A. Times and also sat on this story. We also saw a story last year in the Huffington Post that found that the National SecurityAgency Documents reflected that they were intercepting, collecting, and planning to use information on individuals pornography habits to discredit them in their communities and in public on the basis of the political views they held. Now, these individuals were islamists. Their politics were considered radical. So we can understand why this sort of interest would be there. But it also said these individuals were not suspected to be associated with violence. These were not actually terrorists. These were people who on the basis of secret judgments made by a secret agency with no public oversight and with no authorizing legislation had decided that a certain brand of political viewpoints would authorize the intrusive monitoring collection and eventual disbursement of your private records related to your sexual activities. This is a fundamentally unamerican thing. We have to ask ourselves, why do we allow this in the first place . Okay. Maybe mistakes were made. But how do we i think this follows to a fundamental point. I dont want to be on bob. He came to the forum. He is kind of what weve got. He is doing a hard job. We all know he is trying to do his best. He said something fundamentally concerning in regards to false testimony of james clapper. He said, that the real problem was not that the most senior official in the United States