Between different intelligence agencies and between Law Enforcement that existed previously to 2,000. This was removed after 9 11 to facilitate information sharing to what we referred to cloak is now giving the government ability to connect dots. This goal has also let to an unexpected lending of Law Enforcement which typically intentionally far more restricted in surveillance capacities and Intelligence Surveillance which has been treated in a loose matter. What we anticipate to start asking is can we create instead of the laws, chains and fences submitting to intelligence sharing and use of Law Enforcement surveillance that we have previously with the law. So these are the types of topics that we want to start putting the excellent panel that we have here today and i will kick it off by sprucing our moderator, raj day, hes also at the Security Group and Crisis Management team. Raj served as a general counselor and prior to his service, raj serves in the white house as a Staff Security and serving to the president of the United States. I will hand it over to raj. Thank you all of you, thank you all of you for coming. First, let me repeat, thank you for google to hosting the event and thank you for focusing on this issue and National Security which is the forefront of everything these days. No doubt there is been a great deal of focus on intelligence collection. I think there is less attention paid to the post collection treatment of intelligence. How is information used, how is it shared and how long does it retain . We had a few flash points. By and large issues about use sharing and retention are less sexy an the collection issues thats dominating the headlines. Given that we are in an era of big data and iot objects collecting data and social media, clearly use data is the next forefront, intelligence is the topic for today. We could not have a more qualifying panel with us. We have becki richards. She serves as the chief director at nsa, we were colleagues together. She served in that role since 2014, prior to serving at nsa, she worked at dhs in a variety of civil roles and as an acting director and director for come compliance. Thank you, for joining us becki. Immediately to her left is peter. Hes the professor of laws and ethics. Hes also a senior fellow with the future privacy form. Peter served as one of five members of president obamas review group on intelligence and communication technology. The independent group of experts that president obama has to review signal intelligence and community. To peters left, we have sharon radford. Sharon previously is joining the board. She served for eight years as a senior counsel at the senior constitution project. She worked on a wide variety of matters including National Security and Cyber Security and government secrecy issues. She also served as a member for the department of homeland community. To sharons left, we have nema. We have kept you busy for the last 17 years. She works at the chief of staff office at dhs, concentrating on civil rights issues. Was an investigative counsel with the over site and government reform committee. We have an amazing array of perspectives and experience. So with that, why dont we get started . Now, most of you know that the Intelligence Committee has long considered close collection protection for u. S. Personal information in the form something called minimizization, those are designed to collect. These sorts of things are required by statues. And an executive order of 1, 2, triple 3. Becki, maybe to make sure we are on the same panl ge, could you provide us a sense of what those authorities are and basic Civil Liberties can Privacy Protection for things like section 205 and executives. Thoroughly, thank you for everyone being here. I am going to we just want to make sure we are all starti starting we start with 702 where we are meant to be targeting foreign person outside of the United States with the assistant of the u. S. Provider. These are people who are foreigners, outside the United States. There are two ways that we do that collection. There is one referred to as prism. This is where we go to the u. S. Provider and the other one is referred to upstream. There are a couple of specific requirements of safe guards. Upstream, this is where it is on the back. There is no u. S. Person query. Upstream also, we retain the information for two years. In the prism, u. S. Prison query can be done. Those has to be done if we a articulated if we expect to recei receive safety intelligence. As a way of sort of last year, as we recorded in the odni transparency and it was issued in may of 2016. We had roughly a little under the 4500 u. S. Person turn out that we used against it and in a meta data contest, we did roughly 23,000. That gives you a little bit. For 702 prism, the retention is five years. Those are the basic outlines of what those are. There are extensive training. We do a number of, we have strong Compliant Program and we have a recording process when there is a problem, record an incident and we mediate. But, really a strong compliance program, you want to make sure people are recording it. If you have zero compliance, you have an in effective program. We want to set the stage to understand that when folks have incidents reporting, we are all human and we make mistakes. Executive order triple three is different authorities. This is where we are collecting outside of theit United States. There are no u. S. Person queries, did i get that right. I want to make sure that folks dont think that we are targeting the u. S. No, you cannot do u. S. Person query. E a we are looking at foreign information and like 702, you are not allowed to do u. S. Person query. There is hostage and consent or war zone or where there is battle and you may have military. In concerns you want to do that. In that instance, well be taking that information for five years. We need to over lay pde 28 which was issued 2014. It is president ial directed that basically provides protection to all people around United States and the world, excuse me. That is, what that is tha has been is a couple of things. In that document, we are being transparent. We are explaining how we are doing our business. We also put forward both collection, reasons we would use both information. We give six of those. Those are things that you expect, terrorism and threats to military. Those sorts of activities. In addition, it says that well provide comparable productions and safe guards to serve average foreigners. We have an essence like are we tension for that information thats five years. Before we could have kept the information in theory forever if you thought it is information of foreigner. Thats no longer the case. All of those things put together that you over lay that ppd 28 across both seven and two. Those are the basic protections there and how those work. Becky. Peter, can you talk about the focus that you and your fellow members have on close collection issues. How dominate was it near your conversations and recommendations and your thoughts thank you, raj. A word on this surveillance that i mentioned twice. That was in the encryption setting. I wrote a paper that was published six years ago now. And its gotten kicked up as a contrary to going dark. Instead of going dark, we have a lot of sensors and a lot of way to collect nflinformation. The answers are, what are the checks and balances and how do you build a system to stop it from happening. 702 could collect a lot of data at the technical level but there is a lot of checks and balances built in. Part of it is going in, we have top secrets at both of you at the nsa, so the nice feature that the u. S. Approach is that we had people with clearances coming from outside to look at how things worked. When we looked at section 702. This is 2013 after snowden. We found looking at concrete cases. We have real doubt of the meta data program and recommended for it to be shut down. We thought when you target specific people that are not in the u. S. And not u. S. Persons and going through the procedures and the compliance things that exist, thats getting Important Information for National Security purposes. Thats one thing. We also have some concerns. The concerns were about the usage possibly overtime. So, our set of concerns were about ways that could be used against u. S. Person and maybe later in the talk today, well talk more about how much the same concerns should apply for our friends germany or england as we do in the u. S. There is three recommendations that we made. The first one was that we should purge certain information when we find out about it. If we find u. S. Person information in the database that 702 has been collected from, then we should purge it, the u. S. Person part and i have talked todd becky before now, it seems to be the five years detention would apply to that. This responded to this sort of thing where we get rid of it after a retention period. The second had to do with closely to the chain chained link fence is not quite as a wall as stuff can get through. Collected under 702, they are never targeted. If you find evidence accidentally about u. S. Person, we said we should not use that evidence against the u. S. Person. That, the idea there is if you want to be paranoid about Law Enforcement people and everyone has their own, if you want to be paranoid, you can imagine a Law Enforcement system that says this is great, lets use 702 to the maximum and get a huge database and use it to prosecute against u. S. Person. Basically, you will be using the foreign intelligence back door to get in to this ability. One way to cut it back is to reduce the use of it because you could not use it as evidence in court. And, the third recommendation, thats not adopted. It would be a big thing if it works. The third of our three and i will stop is that in this hypothetical database about 702, that maybe a fun page to search. Rather than teaching it as an array of lets go search it database. It was accidentally about this u. S. Person, the whole thing targets a non u. S. Person. If you are going to go into this database of this u. S. Person then you should have a warrant and you should have the right kind of trigger of the right level of cause for that and talking to you before, the administration adopted a reasonably likely standards. Of intelligence foreign values. There is been a no go of fun rule but there has to be a reasonable showing of foreign intelligence value. Thats the standard and people who have been around and there is published standard for other agencies. Do we know what other agencies are coverings the la. This last thing i am going say is i keep on getting confused and it is hard to get it right. So there is a complexity to it but i think the overall idea is there is a reason to have targeting against non u. S. Person over seas when we think it is a foreign intelligence value, thats valuable and how do we build safe guard around is is what the review group is trying to figure out. What i like you to start with is how does a club start on this and what recommendations have been made thank you, raj. I would like to thank you for inviting me to speak today. The our agency is a fairly new independent Agency Within the executive branch created on the 9 11 commission. Our commission is to review Counter Terrorism programs to ensure that they balance National Security concerns with private and Civil Liberties. 2014, the board issued a comprehensive report analyzing the 702 program which included ten recommendations. I wont go through all of that today. Two of them are relevant to todays discussion. They did focus on the process of querying, information thats collected. I am sure you are familiar so this is looking at once you have the collected 702 data. How can an analyst go through and look at that and when they conduct searches, using particular identifiers and associating with a u. S. Person, we call it a u. S. Person query. This is an area of great amount of focus because as you know becky has made clear, this program cannot target the u. S. Person. They are collected because they are on the other end of the conversation with a target, for example. The boar recommendations, the fbi and csa, they do have different standards and practices. With regard to the fbi, it was a twopart recommendations. The board recommended and this was something that the board had learned in the review that this is a fairly common practice for fbi animalysts conducting holdings that would run against 702 data. Some limits should be placed on the fbi use in connection with non foreign intelligence criminal matters. It get into more details. The second recommendations focuses on the nsa and cia kw queries. It should only be permitted if it is based on a statement of facts showing that it is likely returned of intelligence information as defined. The board recommended that the agency issue some documents to meet the standard. In passing that member colin did stating that, the gear a queries can be on the content of communications and made separately of the meta data so he made that distinction. Board members continually to wrote separately to further refine their views. On recommendation two, regarding the fbi, this consistented sh s members explaining what they would like to see on the fbi when they conduct those querieq. On recommendation three with regarding to nsa and cia, there was a further divergence. Beyond recommendation three, a conducted foreign intelligence and seeking for Court Approval for United States person identifier. That could be used for such query. They wanted to have a judicial officer approve these u. S. Person queriequeries. Thats a little bit different from the review Group Recommendations that peter was talking about in that, although both would seek a judicial approval, then chairman dean and member wall would apply to lower standards than a fall probable cause standard and use the same standard that applies at the reasonable likelihood to return foreign intelligence information. Board members, colins, wrote separately to explain why would not impose this for courts approval. Based on the boards review of the current use and extensive over site at the nsa and cia which we characterize as rigoro rigorous, the majority is required such a requirement. Before i turn this back to roaj. I want to pick up what has happened since the board. Back in february of this year, the board issued a short recommendation assessment report looking at where we stand on implementation as and recommendations. The board found that recommendation has been implement implemented. This was done back in november of 2015, the court aprovproved, revised information for the fbi that addressed both parts of the boards recommendations. The first part is making more clear how frequently they would use these kinds of queries and addressed by a certain footnote but did appear in the classified information that well release this past center and with regards of limits and i gotten this clear when i say unclassified. The fbi implemented this by including a text. The actual text footnote was redacted. Do you know how many lines . You can look at it and make your assessment. Recommendation three of cia and nsa, this was addressed in november of 2015 when the court aprov approved procedures for both of those agencies. It approved additional language to implement the boards recommendations and standards that it did indeed meet that recommendation and those are both available in the unredacted that came out this summer. One aside here is the board did assess recommendations is being implemented because with the cia as we said in the february report, with respect of the cias meta data, the cia plants this implement. The cias procedures do not reflect changes to implement this with regard to meta data queries. Thats on different queries of different agencies. Those all, those thats implemented by the agency or in the process of being implemented. Now, you have seen these changes being developed and participated in discussions for r the past few years. Of course, you know what the agencies are doing and putting out publicly, what do you see the big picture issues when it comes to intelligence information usage. First, i kind of want to talk about what the world that i worry about. Wh whats the world that the aicu worry about. We are not talking about a dozen or hundred email transactions a year but we worry in the millions. In your everyday, normal criminal enforcement in which case generally to go to a neutral judge to get a warrant, demonstratiing a problem where someone has been accused of a crime. We worry about all that happen ng the world where even that information is gained and even that it is used in a criminal court, that person does not know. They dont know enough to say look, i think the nsa may collected this and i would like to challenge it because i think my right is is violated. I want to talk about why i think some of the procedures are inadequate and leading us closer and closer to this world. The first thing i want to highlight is we have been talking a lot about foreign intelligence, we are only keeping the stuff we are only clearing things that is only returning foreign intelligence. Foreign sbel jerintelligence is term. It could include a journalist over seas communicating over a drone program. It could include Human Rights Organization about foreign policies. It could include information about everyday citizens abroad communicating with the u. S. Talking about affairs. I think much broader than the public thinks when they think of foreign intelligence, when they think that, they think of stopping terrorist attacks and thats not what foreign intelligence means under neither of these authorities. The second thing i want to talk about is now we have this foreign intelligence information, we are going to allow agency such as the fbi who have Law Enforcement authority to run queries on it. Theyre no