 Hello everyone and welcome. My name is James Harding. I am the editor of a slow news company called Tortoise and I ended up leaving a world of fast news, the FT, then the Times of London and then the BBC, because I was finding myself more and more overwhelmed by the information we were getting and worried about the quality and the knock-on effects on politics and policy. And I find that the conversations that we have at Davos are in that spirit. They are that moment you stop and hopefully look away from the inundating wave of information that you get and think, well, how do we make sense of this? And perhaps there's no bigger this than the integrity of the internet, given that it is the way by which we manage all of our business, all of our information, all of our government and most centrally our societies. And in preparing for this, in thinking about the conversation we're going to have about safeguarding the future of the internet, I have to say that I cheated, which I recommend you all do the same, and read the blogs of Wolfgang Kleinwächter. And so my only request is that if you are using your phones during this session, that's because you're reading Wolfgang's blogs rather than messaging because you will find not necessarily things that you all agree with, but certainly the provocations that get you to clarity about what you think. This group, I should say, is also in the spirit of the World Economic Forum. One of Wolfgang's blogs makes the point that in 1996 it was at Davos that people started thinking about the future of cyber interdependence and it makes sense now that we are worrying deeply about the future of the safety and integrity of the internet that we bring together quite such significant players on this subject. So Jen Easterly joins us. Jen, thank you very much for making the journey from the United States, is President Biden's director of cyber security, no small portfolio or problem to try and wrap your head around. And we're going to spend most, I think, of our conversation focused on the declaration of the future of the internet that the US is leading and about 60 other countries are participating in and hope that's a good way of structuring our conversation. Wolfgang Klein Vechiter, as I said, is an academic, Arles University, but probably the leading kind of thinker in this particular area. And Radaw Ali has the unenviable job at the United Nations of overseeing the fight against drugs and crime and more than ever that's on the internet. So that's the group we're going to hopefully share ideas with. I always think the nature of these small things is they're much, much better in many ways and those huge plenary sessions we can all weigh in. At the end of the session, there's sort of 15, 20 minutes even for thoughts and questions. If you've got a comment on the way, I'm not a great one for rules, please do just sort of put your hand up and we'll bring you in in the course of the conversation. But, Jen, can we do one thing before, if you like, we get started on the bigger sort of 2040 picture which is right now in all of the discussion about the war on Ukraine. In fact, in all discussion about any coming military conflict, what we've been warned about is a cyber war and it just doesn't seem to have happened. Now maybe you're seeing it and we're not, but what's your read of how cyber is playing out in Russia's invasion of Ukraine? So it's great to be here with such a distinguished panel. Look, I should say at the outset to your comment, James, about overwhelming news and trying to step back. We had a pretty horrific event yesterday in the States and I just want to say that most of us woke up this morning heart-broken and we are really with the families. That is a small part of my mission. I actually protect infrastructure and schools are part of that so I have school safety and so it's a tough day really for anybody quite frankly. Your question is a great one because I think because of the nature of the war so far and the brutality frankly of the kinetic activity and just the horrific tragedy that we have seen, cyber has sort of been seen as, oh, I haven't seen the spectacular attacks that maybe we saw in 2015 when the lights went out for several hours for hundreds of thousands of people, or even 2016 or the not-petsha attack in 2017. The reality though, James, is there has been a very active cyber component in this war. It's been both an individual component where we've seen destructive attacks, we've seen denial of service attacks, we've seen defacement attacks on both government ministries and critical infrastructure and a pretty serious attack on communications against V-sats that we just recently attributed with our partners to the Russian government that then had bleed-over effects into Europe. And so cyber has been used both on its own but it's also been used to enforce and to enable some of the kinetic attacks that have occurred and actually strengthened them. So to me, I think that it has played a role and what I really worry about is a couple things as this war drags on. We're just getting into the fourth month as the leader of America's cyber defense agency. We have been working with the private sector who of course owns most of the critical infrastructure in the US to make sure that they understand the threat to their networks, to their systems, to their data and that they're able to mitigate the risk of a potential Russian cyber attack on the US deliberate maybe in retaliation for the severe costs that have been imposed on the Kremlin. Maybe a bleed-over effect as we saw in Europe on those V-sats communications terminals or maybe something like the not-petsha attack folks will remember in 2017 when there was a Russian attack on a server in Ukraine that then bled-over and affected multinational corporations around the world to the tune of $10 billion or the potential unleashing of criminally aligned ransomware groups. Of course everybody remembers the colonial pipeline attack where shut down gas to the eastern seaboard for four days and had a massive psychological impact and really brought cyber to the fore. So I think we have seen cyber even though it may not have been as spectacular as folks were expecting. I think it's played a significant role in this fight. I think we'll continue to see it and again I think we need to be on high alert for attacks that can occur in Europe or for attacks that occur in the homeland as well. Will you just explain, Jen, the United States NATO allies have provided weaponry for the Ukrainian people, for Ukraine. What's the provision of cyber capabilities and particularly offensive cyber capabilities against Russia? So I am the nation's cyber defender so I don't do the offence mission but I've spent a good bit of my time in that space helping to stand up cyber command. Of course we work very closely with our intelligence community partners and with our US cyber command partners because quite frankly we have to be cohesive as a US government. Wolfgang was making some comments on this earlier about the tribal nature of some of the cyber actors in this space but certainly as has been publicly reported we've had capabilities that have been forward to help work with our partners to make sure that they understand the space. What we have been doing is we serve as what's called the US cert, the computer emergency response team. So we work with 100 certs around the world to share information about technical data indicators of compromise mitigation guidance. And we've of course been working with the Ukraine cert before the invasion but really on a daily basis since the invasion kicked off to help them understand the nature of the threat and also to share information that can help us understand how to better protect our networks. James I think if there is silver lining is probably not the right word but I think if I'm encouraged by anything it is the alliances back. This global cooperation and collaboration not just to the political level but really the work that we've been doing with our cyber defender compatriots across the world I think is a positive sign and really speaks to the main topic of this panel and kind of the declaration where we brought countries together as this is not a mission that we're going to be able to do as one country. This is all about collective defence, collective safety, collective security, collective resilience. Can I just pick up on that point about collective. So I'm sure most people here have read the or have at least read the reporting on the declaration on the future of the internet. And it strikes me that it's quite interesting these five pillars the way it's organised. The second one if I read it right is around the integrity of the internet that we don't have a splint internet. We don't have two or possibly several different internets and you just mentioned this kind of collective effort but it's a collective effort of some not all. It's very different from the membership of the United Nations. 60 countries is not 180 and do you think that even with the best intentions what you're in effect setting up is a western declaration of the internet. Yeah it means certainly best of intentions to work with our like-minded partners and Wolfgang should really weigh in here because I know he has some strong views on that and how it relates to other efforts going on. I think it would be terrific if other countries joined in. I worry a lot about the vulcanisation of the internet, the splint internet as you called it. And you know we were talking earlier about there are many pieces of paper out there and some are just words so what we need I think is to take advantage of this moment in time where we can either come together globally or we can splinter further to try and bring together nations. We may not agree on everything but to try and forge what ultimately needs to be a secure resilient free and interoperable. Interoperable is the key word for China because remember we need to have an interoperable internet to be able to use it for commerce and so there are some incentive levers there that I think we can pull but this is not a trivial problem. I appreciate that one of the sort of incredible headaches of working for the UN in any capacity is trying to balance the interests of quite so many members with quite so many different agendas. In this particular case though the argument at least in probably all our lives has been the internet is a public good, a good for all and every citizen of the earth benefits. Do you think that that period of time is coming to an end that in effect the internet is breaking up and that the job of the UN is going to be to try and bridge those gaps? Not at all I think that the countries are getting together and they got together in December 2019 with the General Assembly resolution asking for a global convention to regulate and prevent crimes that are taking place. In this space called the internet so the global crime prevention and criminal justice response is what countries are asking for. So there is a realisation between different parties that there needs to be some harmonisation of legislation between the west, the east, the north and the south. We all need to have in this space some regulation that protects, prevents but also addresses crimes that are developing at a speed and of a new nature that we are not necessarily all aware of and that a country alone and you have just said that no country, even the US, the largest, the most advanced ones are not able to stop crimes that are taking place in the internet space alone. So there has to be, I think it's a realisation that global cooperation and collaboration is needed. There has been great progress because while at the beginning when we were given this assignment to have a convention by September 2024 and to share the text of the convention with the General Assembly of September 24 we thought we will never be there. But actually and among the reasons what's happening in Ukraine among other things and among them is Covid by the way which has made countries realise how this has become an integral part of education, of health, of commerce, of a lot of activities and so much is going on in the criminal space and criminals are always ahead of the curve so they are always innovating and countries are not keeping up with this innovation in crimes. So there is this I think realisation and there is a big hope because we see countries coming together and sitting and discussing and we have a road map of days with topics of six sessions with very specific topics. Another realisation is the realisation that the private sector and civil society have to be included in this discussion. So countries have realised that no one country is able to do this alone and that governments alone will not be able to do it and private sector experts, individual experts, academia is also coming into the discussion. This is of itself the reason for my hope. Hope or confidence, do you think you'll hit that 2024 deadline? Well, I'm certainly hopeful. We're doing everything that we can. We have more than 200 NGOs that are already involved and entities that are already providing input and information. So between meetings that are constantly discussions that are taking place, some are very, very promising discussions and we see that even between countries that come from two very different premises, there is a realisation that there will be a minimum of agreement on some basic principles to protect the people, protect women, protect children, the vulnerable, also access to computers, human rights involvement. There are a lot of elements that countries are agreeing on and there are now very specific topics for the six planned sessions. I'm going to come back to you because I want to hear from Wolfgang. Wolfgang, will you just follow Rada's point. Where do you think there won't be agreement? Where are we not going to find ourselves having some kind of global agreement around the future of the internet? Academics are working with scenarios. Looking into the future, you can always have a worst case scenario and what I've learned over the many years is at the end of the day the reality will be elsewhere in the middle. Bill Clinton has sometimes just defined as a process of stumbling forward. So we are stumbling from one point to another point. There will be never a clarity or now we have settled the problem. So it's an ongoing process which will keep us busy the next 20 years. So if it comes to the options for global arrangements, so I think what we see that while there is an acceptance that the global issue, national interests are playing a bigger and bigger role because the internet now penetrates all areas. It's a big issue of policy in a given country. So while 20 years ago a lot of governments said it's a technical issues and we have some experts but we are dealing here with big policy, economy policy or things like that. Now big policy in every country is internet policy and this makes it difficult. And here we have a problem because the internet is a layered system and on the ground layer we have all the technical specifications like the domain. System IP addresses, root servers, name servers, which enable communication. We have to philosophy of one world, one internet. But on the application layer we have one world, 193 national jurisdictions. And this is a natural conflict. And so that means it would be an illusion to expect to move from one world to 193 national jurisdictions. That means harmonising of the global level. It's impossible. The risk is what we see and some big governments have probably a dream not tomorrow but the day after tomorrow to have one world on the ground level to splinter to control it because certainly if you control the transport layer then you have also control on the application layer. So there is a conflict between the two layers. And the starting point here for forecasts is what are the real interests. And what I see is that while national interests are playing an important role and you have divergency there are common interests even among China and the US. And to say because the ground layer is, some people have said all these critical resources are like the air of the internet. And in the real world you have no Chinese air, no American air, you have clean air or polluted air. So it would make no sense to splinter the ground layer at this moment. The situation could be different in 20 years from now. In so far I see a chance that you have a reachment and an agreement in certain areas, probably on a case by case basis. Faithful recognition, AI based faithful recognition could be in a real where everybody agree and even China has supported the UNESCO declaration on Essex on AI. So there are small fields where you have common agreement but then you have to live with the disagreement. And this will be a battle for the next many years. Can we get into that and please I catch my eye if you want to weigh in on any of these things. Can we get into the sort of granular areas where there might be some agreement and then the gaps. But before we do that, can you just help me with one thing for giving me this is probably a stupid question. I grew up with this idea of one world one internet. And I completely understand the analogy of the air, clean air polluted air. There's no such thing as national air. But I did also grow up with the idea of national sovereignty and accountable governments. And I just wonder whether or not the fear, the implicit fear of a fragmentation of the internet is founded whether or not actually if we did have different transport systems and different application systems globally we would have a more competitive digital space. And we would also have potentially a more democratically or at least nationally accountable one. And I wonder whether we're too fearful of break up and actually there are merits to it. In the early days we had a lot of ideas of an alternative route. We are talking about the route of the internet which includes the domain name system. And then a guy called Metcalf came up with the Metcalf law and said okay the value of the internet is growing exponentially with the number of its participants. That means if you have four billion in one internet and then four million in another internet that's no real competition. So in so far all ideas of an alternate internet failed in the past because this was too big to change it. If you and China has introduced this idea in my eyes as a test a couple of years ago in the ITU and said okay the internet is based on the TCP IP protocol which has some weaknesses, security latency. Let's discuss a new internet protocol for 5G applications and things like that. This has provoked a big discussion and certainly you could have an alternative internet. And if China, India, Iran and Brazil goes together they could create a network of two or three billion. But what would be the result then? You would need an exit visa from the younger route and an entry visa into the bricks route. You could call it a bricks route. So I think it's not at the moment, it's not in the interest of nobody. That's why you know people even in China say they have now accepted ICANN and say we can live with this. What the situation will be in 20 years. That's a different story. Jen, do you agree with that? Yeah, I do agree with it. Where I'm thinking about is really going back to the point about the transport layer as opposed to the application layer. Because among that declaration where I focus on is on the secure piece and Wolfgang was saying back in 97 we weren't really having these conversations. And it's interesting because over the past couple days we are having a conversation among security geeks like me about cyber security. But I fear that many of our world leaders, many of our business leaders see security as somebody else's business. As opposed to something that is truly core to our freedom, our human rights, our ability to exchange information freely and our ability to conduct commerce. And so I really think even as we worry about the things on the application layer, I really think that we need to put a lot more investment and effort into realizing that quite frankly if we are not securing the internet, if we're allowing rampant cybercrime, if we're allowing continued espionage, if we're allowing destructive activity and disruption activity and that then manifests in effects against our critical infrastructure, I think that's a huge issue for the world. So I think the focus there is incredibly important as well. Can we turn to that? Can we talk a bit about commerce and crime, the kind of serious crime trial that you have to deal with? The question I think for pretty much everyone in the room in one form or other is the increase of cyber attacks. And I don't mean just national infrastructure, I mean corporate cyber attacks. One of the issues and I think we talked about this before Joan, one of the issues I think for lots of companies is that when that ransomware arrives, the rules country by country and the interpretation of the rules country by country is pretty opaque. And I just wondered whether or not you think we're moving to some agreed understanding of what you're required to report when you shouldn't actually pay. What's the system for dealing with and repelling cyber attacks? Do you feel as though it's clear enough for companies? Yeah, for companies in the US specifically, there was a new law put in place to mandate reporting of cyber incidents, but that is just for critical infrastructure companies. Now that is a huge swath, but that doesn't necessarily mean a small business. So that doesn't only capture a portion of what might have an impact in 72 hours for a significant cyber incident and 24 hours to report if you paid a ransom. So we are starting to put some of the infrastructure in place to understand that ecosystem of cyber attacks. But quite frankly, we think we only see about 25 to 30% of what's there. So it's very hard to weigh in on what is actually happening and therefore it's hard for us to come together to say this is what we need to do globally to reduce risk. Certainly we can talk about the things that we need to do to manage risk, the mitigations we need to take around cyber attacks, but ultimately ransomware is a form of crime and crime will continue to happen. The issue is we want to be able to lower it as much as possible and the only way we can do that is to again, first principles, fundamentally focus on how we secure our systems and our networks. Because I think it's important for every leader to understand that most of these cyber attacks are successful, not because of some exotic, well resourced, long time developed nation state attack. It's because that business or that entity was not doing the basics to keep themselves safe. And that's why education on cyber security I think is so incredibly important. Is the 24 hour window for reporting if you have paid a ransom, an implicit approval by the government of the United States for paying ransoms? It is not at all an implicit approval. You know James and we've talked about this before. Our recommendation and it's not a law, the recommendation of the US government, the strong one is not to pay the ransom. So will you just explain Jen, the reason I'm just being slightly mischievous there is I don't understand why if there's a system for paying a ransom and a mandated reporting requirement that works, because if I was running the company I think well okay the government acknowledges that we can pay ransoms we probably will. Certainly not an acknowledgement. I mean at the end of the day many of these firms don't want to acknowledge that and so you could actually say this is sort of an incentive that they don't want to pay and so you could read it both ways in your on brand misdifus interpretation. So your point is that the reporting requirement is intended to disincentivise the paying of ransoms. You know the Congress had the reporting requirements and so I think at the end of the day it was to better understand the ecosystem but certainly there is a disincentive if you have had to first of all if you have a breach to report and that's what we're trying to fix. You know we're not in this business from a cyber defence perspective to name to shame to stab the wounded but we are trying to understand what that threat environment is and first and foremost to help people to be able to mitigate risk to their networks. Thank you. I'm going to come to everyone for questions and thoughts so please do you know put your hands up as I said but rather can you just tell us a little bit about that specific issue you know sort of your executive director I think of the UN office for drugs and crime. Often at these events we talk a lot about the corporate end of this but the really hard end of it the really violent and dangerous end is your responsibility. What do you see is necessary in order to improve the internet to reduce the impact in terms of drugs and crime. I think building on what was just said there isn't this element of the global cooperation but there's also an element of cooperation at the national level between the government and the non-government private sector and NGOs and also building capacity of institutions. So being the secretariat for the new convention on cybercrime is just one element of our work but other elements include capacity building strengthening the capacity of the private sector companies, SMEs, government institutions and member states that are not the size of the US the very small countries and places where there's no regulation where there are a lot of abuses where there are exposure to the dark net there's a lot happening at the dark net and what you have just described what the US is trying to do in my understanding is that they're encouraging people to report to understand the ecosystem and to get better clarity in order to better regulate. So it's a process, it's a journey and I think as the process is developing better understanding and better collaboration will take place but at the national level there's an element of capacity building, there's an element of national regulation but there's also investigation collecting evidence. There's this whole story of cryptocurrencies and how it's used on the internet in an illegal form, digital forensic evidence. These are small interventions here and there where a lot of investment needs to happen in infrastructure and capacity building in the cyber security space is a wider and bigger space than what we are specifically speaking about which is cybercrime and how can we define those crimes. Investigators and the criminal justice system that's a whole area where the criminal justice system is not able to deal with because they have not been trained and they have not been exposed and many many many countries do not have laws or regulations or training for the criminal justice system from end to end to address these issues. So this is also a side of our work. What are you most worried about in terms of developments that you see in cybercrime? I mean there's a whole range of things and it's constantly again developing so there's the illegal access to computer data, illegal interference in computer systems and data and these are important but we also see a lot of child online abuse and exploitation. In the first six months of the COVID and the lockdowns we've seen more than 9000 sites for child exploitation and abuse. So there's also a lot of commerce and trade of firearms, a lot of efforts and activities in radicalization and violent extremism happening on the internet. There's the hate speech, there is the dissemination of this information. So there's a lot happening that is addressing youth that is very disruptive not just the commerce side of it but also the education element and what can be shared or not shared or the misinformation that is being shared. So now that the internet is part of our lives as an interfering with everything there's a lot, there has been a lot of trades on fake vaccines on the internet for instance. At a time where countries were rushing to buy vaccines and to buy medication there was a lot of equipment that is traded on the internet that is fake that is falsified medication. There's a lot that is happening in the area of illicit trade. Firearms trade is happening on the internet, small weapons trade is happening in the internet. So there's a lot of regulation that needs to take place and just like any cross-border organized criminal activity there is the country of the initiation that's the country that is receiving the issue. And there are the transit countries that are not necessarily involved. Questions, thoughts, observations, deeply held worries, unspoken anxieties, all of these things live around our thinking on the internet. In fact one has a thought while you're marshalling. Hello, my name is Malte from the Rotary League Forum. A couple of years ago in this very room Jonathan Citrin was bringing forward the notion of actually getting a license to operate on the internet. I would like to know what the panel has an opinion on that one. Jen, do you want to start? Yeah, I like it but probably not in the way that Jonathan intended it. I think when you think about digital natives versus digital immigrants, all our kids are very facile on all kinds of devices these days from the youngest of ages. And they learn how to operate them but they don't necessarily learn how to secure themselves. I think anybody that is using technology needs to understand at a very minimum how to make sure that they're secure. And it's not rocket science at the end of the day. It's things like passwords, strong passwords and a password keeper. It's updating software. It's multi-factor authentication. It's training on how to protect yourself from phishing email and things like that. I think we focus too much on just how to operate and not enough on how to secure. And so this is an area where I'm very focused. In particular I am on a serious campaign to get everybody to enable two-factor authentication. So if I can get everybody here and everybody online to help with that campaign at the end of the day to be able to be secure I think is fundamental to being able to operate effectively. My answer is it makes more sense to invest in ethical education because to make the good guys stronger. You have a licensed system in the traffic and you have people who ignore the law. That means how to remove the bad guys from the highway. So that means a licensed system will not settle the problem. But to invest in education is an investment in the future to make the whole system more safe. But you have to tell all the truth. This problem will be with us the next 20 years. This will not go away. And we have a big problem. So Janis with defence. But in the internet, offence is easy and cheap. Defence is complex and expensive. So that means you have a huge gap here between defence and offence. Normally between defence and offence you have more or less it's on an equal level. But in cyber this is this huge gap. And this is a problem in so far cyber security starts at home. And that's why training education is so important. And this is better than to create another bureaucracy. Are there questions? Volker, can I just follow up on one thing? The question is around individual responsibility. When we talk about safeguarding the internet, actually what we're looking to is our governments to secure it. And the underlying question at the start of our conversation was about the division between values in political systems and how that translates into safeguarding the internet. I think it's more difficult for them to answer the question directly. Do you think that autocratic governments will be better at safeguarding the internet than democratic governments? They will do it differently. I'm sure they will. Like always, the dialectics of the processes is that even in a bad system you have good elements. And in a good system you have bad elements. You have to understand the contradictions within the system. But we have universal values. I think that's why the title of the declaration from 1948 says it's the universal declaration of human rights. And that's the basic criteria. Under this you can have different ways how to handle this. And that's the problem when you have the opportunity to agree on these universal terms. Then you have to learn at the same time to live that other countries do it in a different way. The inherent conflict will not go away. You will not harmonise 193 jurisdictions. So that means you have to live with different approaches. But the challenge is to agree on these universal values. And then to pick out where you can agree on very concrete issues. In so far ransomware could be a door opener for a new understanding. But this is an interest of all. I have an interesting parallel. In the middle ages we had this pirates on the higher sea, which made money on the basis of a letter of protection from a certain country. And it took 100 years of negotiations that all countries agreed in the Paris Law of the Sea Convention from 1865 so that such letters should not be given to pirates because the letter said as long as you attack the ships of our enemy then you can use our harbour. And in so far a lot of people said I'm safe. I have a harbour and I will not attack the ships of my safe haven but attack the ships of others. And this is the situation we have now in cyberspace. So a lot of countries are hosting cyber criminals on the basis that they will not attack infrastructure in this country. But this is backfiring. And in so far if it comes to ransomware it's critical for everybody. And if we could have... I'm skeptical when you say the long list of issues. I would... I do not see any chance to agree on a global level on hate speech and fake news. But I see a chance to agree on some of the issues you mentioned first to interception in networks or in computers. When I mentioned hate speech I was responding to his question about what are my concerns about the other risks but actually the discussion is much more focused and it's based on the premises that you have just mentioned that there is a global realisation that no one is safe and that we will be respecting sovereignty which you have also mentioned. So while respecting national sovereignty and agreeing at the same time on adequate protection of human rights I can see that there will be some common ground on some few and not an extensive list but on few basic things that countries... What are they like? Will he tell us what they are? It's still being discussed between countries but providing safe haven to criminals. No country is safe. There is a minimum level of security that is needed by all to protect commerce and economics and other things. I think there is this realisation that countries need to get together from both sides of the aisle to really agree on things that will protect them all. This realisation is... Two things have happened. This realisation that nobody is safe on how critical the internet can be to our life after COVID and the fact that there is a huge divide because COVID also has exposed the world, the fragility of the world and there is a huge divide. So countries are not at the same level of development or penetration of the internet but it's happening very quickly. So as you have said it will be a discussion for 20 years to come but there could be a minimum level of agreement I hope. Does anyone have time for one more question, sir? Ellen, you speak about governments and countries. If you include software and hardware, for example, hardware from China factory, software from Russia, internet security software. So what do you think about? Jen, why don't you do that? We have made it pretty clear that we are concerned about software or hardware from nations that have shown a propensity to go after networks from an espionage or a disruptive or disruptive and so we've actually taken some of that out of our federal systems and have joined with partners around the world. I worry a lot about how we can keep up with what we don't know out there. Obviously, Huawei, Kaspersky, their discussions going on with the latter and certainly from a federal government perspective we've removed it from our networks but at the end of the day I don't think that we are not going to come to any sort of a collective agreement on issues like that and so we are going to have to continue to stay ahead of working with our like-minded partners, stay ahead of issues that might actually threaten things that we control. Going to the larger issue about governments, autocratic, democratic, our critical infrastructure is largely owned and operated by the private sector and so while we can tell the federal government, hey you need to remove these types of equipment or software from your networks, at the end of the day we can't really make those kinds of statements on private networks so it's very hard to shape that ecosystem for security in any sort of collective way. Jen, thank you. Do stick around and I'm sure people want to have Word with World or with Wolfgang or with Jen. We try to keep things on time so for that reason I'm going to bring things to a close and I'm going to bring things to a close if I might with just one point. It's pretty easy to be in Davos in 2022 and think to yourself that a world that for a generation has been coming together is coming apart and so I just want to, if you'd like, end with the optimistic note that Rader you offered us which is there is possibility that between now and 2024 we will get to a global agreement even on a set of minimums. That's the beginnings to something that we've never had before and that the actually thoughtful work on a declaration on the future of the internet gets us quite a long way there so I hope people take some comfort from the meaningful and constructive work that's being done. Please join me in thanking our panellist Rader Wali, Wolfgang, Kleinvechter and Jenny Salih. Thank you very much.