 Welcome to this session on the role of intelligence agencies. We have for some time now been developing a quite comprehensive program on geopolitics and international security. And in that work we have also been moving towards emphasizing and interacting with people who are in the area of intelligence, but also people who have opinions on this, and we've got together a very interesting panel to help us discuss this today. We have General Tjell Granhagen, who was until two weeks ago head of the Norwegian Intelligence Service, where Enrollee had for many years and many years in which things were changing fast. So he has left the service, he's happy to speak about what happened in the service, and you can ask him all the questions he ever wanted to know about. We also have Nico Selle, very happy to have you with us. She's the co-founder and co-chairman of Wicker, and if you don't know what that is, you will soon know. But just one key is that she leads the largest group of larger hacker community in the world, and she is active in hacking with a purpose, I think we'll hear more about in a second. We have John Chipman with us, a close friend and partner of the forum, head of the International Institute of Strategic Studies, who's been working on these issues for a long time as well. Very happy to have you with us. Minister Tarokono, who is Minister for National Public Safety in the Cabinet Office of Japan, and of course Japan, a country undergoing a major debate on its security role in the world as well. And then we have Jørgen Stock, who is the director, secretary general of Interpol, the international criminal police organization based in Ljul. That's not an intelligence service. We agree that we should point out that they do not do intelligence, but of course as police services and governments around the world, they will be recipients of information that is gathered through intelligence as well. And to chair us, we have David Rotkopp, who is a chief executive officer and editor of the Foreign Policy Group. Very happy to have you to chair this session. I would just say one sentence from my side as the managing board. I think the big question here is, are intelligence services too powerful or not powerful enough, or both at the same time? When you have the Snowden revelations, a lot of people will go around saying, hey, what's happening? Are they looking into my private communication? That can happen. We have to get it encrypted. We have to have rules of the game. And then there's a terrorist attack, and the same people are asking, how come you didn't pick up the planning for this terrorist attack? Are you not doing your job? And we're confusing the people like Granhagen, although he's not easily confused about this mixed message about how to deal with intelligence and how to organize intelligence services. So that's the question. I will now shut up and leave it to David to run the show. Thank you. Thank you very much. Welcome to all of you. This promises to be a very interesting discussion. I've been given very, very broad ambit for it to go, but there's been one very specific request, and that is that all of you vote before we begin on whether intelligence services are too powerful or not powerful enough. And I believe you can do this by going to w-e-f dot c-h slash vote, and then you'll have the opportunity to vote. And within seconds or minutes or a couple of days, we'll know what the answer is, and we'll see where you stand on this issue. And as you do the voting, I'll explain that we're first going to talk a little bit about whether intelligence capabilities are sufficient to keep us safe from the threats that we perceive are the greatest threats. And then we're going to try to move into next-generation threats, next-generation capabilities, and what the evolving social compact is in this new information age in which between big data and the proliferation of smart devices in the world, almost everyone is carrying with them useful intelligence, and therefore almost everyone becomes a potential target of intelligence inquiries. I should say I'm a little hesitant about this because I do see some friends here in the audience like John Negroponte, who used to be the Director of National Intelligence in the United States. And so it's going to be very difficult to glide over the issues here, and I hope that we have an in-depth conversation. I'm not sure when exactly the numbers come up, but oh, well, there. So 71% of you say that intelligence services are not powerful enough. I wonder if we held this in the village of Davos or somewhere off this mountain whether we'd get exactly the same result. I suspect not, and that may be telling in and of itself. Jurgen, let me start with you in the context of this. I think it's very useful to have the head of a police organization, particularly one as distinguished as Interpol here, because in combating the threats that we hear the most about, the police play an absolutely central role, and the coordination between intelligence services and police is an extremely sensitive and complex issue. Do you think, particularly in light of the recent developments in Europe, that that is working, the tools are in place, the intelligence services are powerful enough to actually support the needs of the police? Thank you very much. First of all, I'd like to thank Espen for highlighting that I'm not representing the intelligence services, but the police. Interpol is, I'd like to highlight that before I start, is connecting 190 member countries, so mainly the police services. These are our main counterparts. We are providing information. We build capacity, which is a big issue to fight the global phenomena. We train police officers. We coordinate cross-border operations, but we don't have any executive powers. I think that's important to understand the mechanism, but we support police to cooperate internationally and to share information. And I think my most important point today is to maybe not to talk about how powerful we are, but the question, could we be more effective if would we be better in sharing the information that is available? Of course, it's not a totally new topic, as we are all aware. We've been discussing that for a number of years, that we have to be better in sharing. And my main point is we need to be better, not just in sharing, but also in sharing specific information on a multilateral level. Why? Just to give you an example, I learned quite recently in Belgium, somebody, a police officer on the street, made an arrest and checked the name of the person and he became aware that this person was wanted by South Africa for a major offence. I think this example shows that the issues we are talking about really are global now and they show how effective our system is if we are going to share the relevant information, not just bilaterally, but using the multilateral platforms we have. So this is exactly what the UN Security Council highlighted in its resolution 2178, used the already existing global platforms to share your information. Two examples, then I stop. We have about 6,000 profiles of foreign terrorist fighters in our databases. It's important that this information is available not just at the level of the specialized units, but also at the levels of border stations and even the patrol officer in his car at the street who makes checks, checks person, checks cars, need to have access to this important information. The patrol officer on the street needs to be seen as a part of an early warning system. Second example, we have a... Before you go, I want to ask a question. You say 6,000 to the average person in the audience. Is that a large number or a small number? There are 30,000 people in ISIS. We started with 13 profiles a couple of years ago when we opened this database. So with the support from many governments, police services, we've been able to increase this number to 6,000. We know the official numbers of foreign terrorist fighters are around 30,000. I want to have all the 30,000 profiles in the Interpol database to be accessible on a global scale. I just want to establish it's a fraction of that. It's a fraction, you're right. Second example, we have a database called the SLDD, Stolen Lost Travel Documents. More than 55 million stolen and lost travel documents, amongst them several thousand from the conflict zone in Syria and Iraq, are part of this database. And we can see how effective the system can be. A global system can be if a border police officer has access to this information or a police officer on the street has access to this information, really to build a global network to effectively fight a global threat. General, I was very pleased to hear that you're now going to be able to open up all the secrets that you wouldn't have been able to talk about two weeks ago. Are we over-focused on terrorism and our intelligence efforts? I think it's important to be aware that the intelligence agencies have different types of tasks. Obviously, we are expected to warn our authorities on threats like terrorism, like threats in cyberspace, military threats against our countries. But we are also on a general basis going to keep our authorities informed about the global situation, the development in various regions in order to prepare them for the best possible decisions. So there are a number of tasks in which intelligence services are involved. Nico, just as we're beginning our survey here, I'd like your reaction to the poll. It doesn't shock me, necessarily, given this group. And what do you mean by this group? I think most people here haven't been lucky enough to be educated by the best hackers in the world. Once you've been to DEF CON, you learn some things. Actually, there's about 70 nation states that send spies to DEF CON every year. Tell everybody what DEF CON is. DEF CON is the largest hacker community in the world, but we have a gathering in Vegas every year where hackers come in and disclose vulnerabilities in systems to everyone at once, the entire world. There are heroes, really. They're the whistleblowers fighting this. And it's really important that when we find vulnerabilities in systems that everybody knows about it at once because the web is a global resource. And one of the ways that I see intelligence grabbing power that I don't think is good for any of us is by hoarding zero days. So they find a vulnerability in systems and they use them and hide them for their own offense. And that makes us all less secure. And I think we as a global society need to come together and fix these systems as once because we're all sharing the same system. All right. Well, that's one area where there's some concern about the reach of governments. There is a debate going on in Japan about the reach of governments. To make the case that governments like the Japanese government need more authority and more capability than they currently have. Well, my name is Taro Kono, head of the Japan's National Police Organization. In Japan, we don't have an intelligence agency. So the police organization does intelligence and the law enforcement. For some European countries, they wanted to separate the intelligence and the law enforcement for some historic reasons. And Japan, for some historic reasons, we wanted to put the law enforcement intelligence together under the Democratic police force. Japan is an island country and we are relatively homogeneous people. And Japanese language is a very strong barrier one time. But now terrorists could use cyber to attack the critical infrastructure. And you have a Google translator, so the language is not a barrier. And we have 20 million foreign travelers to Japan every year. So we are facing more threat for terrorism. And the Japanese police force is not allowed to wiretap. Well, we could wiretap to investigate crimes or let it commit it. And we usually do 10 wiretapping a year. And conspiracy is not a crime in Japan. So we are not able to participate in UN transnational organized crime convention because we don't have conspiracy laws. The Japanese people and a lot of media have been happy with it. But because of the terrorism attack in Paris and all those cyber crimes, we are now thinking, are we ready or is Japanese police organization strong enough to fend off terrorism? We are hosting G7 summit and the ministerial meetings in Japan this year. And 2020 Olympic game is coming up. So we are at the crossroad. Should we increase capability or should we be content with what we have? There is unequal distribution among the countries of the world of intelligence capabilities and access to data. The UK, the U.S., 5I countries have special superpower status in this intelligence world. Talk a little bit about what you see as the responsibilities and challenges that go with that status. Certainly, well, first to bring in, I think, to make the point that there is no international law that governs international espionage. There is an international law on conflict, there is international law of the sea, there is international law on humanitarian intervention. But there is no international law that prohibits international espionage. So the constraint, legal constraint on any intelligence service is uniquely the constraint that the host country, the domestic legal system places on itself. So some countries, going to the point of whether they are powerful or not, have no domestic legal constraint on the operation of their intelligence services. I would imagine that is the case with North Korea. Other countries like the United States and the United Kingdom have a fairly elaborate domestic legal structure for what their intelligence agents cannot do. Going to Mr. Konow's point about your 10 wiretaps a year, the UK Home Secretary will probably sign two thousand warrants a year. So that's several every day in order to allow MI5 to intercept traffic. The United Kingdom has a comparative advantage because in the last century they laid the fiber optic cables, cable and wireless did that. So the United Kingdom's GCHQ, along with the US National Security Agency and the intelligence agencies of Canada, New Zealand and Australia, between them, they really have a high percentage of the state manufactured signals intelligence in the world. And I think since Snowden, certainly in the United States and recently in the United Kingdom, there has been, I wouldn't, I would put it over 85%, I would imagine. So it's important to say that any country that has a national telecommunications network has a nation's signals intelligence capacity of its own. So the unique qualities that the Five Eyes had and especially the United Kingdom and the United States are now more heavily distributed amongst other countries that have national telecommunications networks and an ability to engage in some signals intelligence activity which in the past they might not have been able to do. But we are now in the United Kingdom in the midst of an intense debate. We are going to pass a new bill in Parliament, the draft investigatory powers bill that now has a kind of double lock system in order to ensure that we have a stronger covenant between the intelligence services and our public opinion. There will be a ministerial signature required and also a judicial second opinion required before warrants are issued. There will be exceptions for national security where in the celebrated phrase, the home secretary or the foreign secretary is woken up at three o'clock in the morning. You can sign a warrant but within five days a judicial review has to take place that that warrant was properly procured. So the domestic legal environment in the United States and the United Kingdom I think is becoming stronger and needs to become stronger in order to have that public support for the intelligence activity that still needs to take place to secure our citizens. So we seem to be at a kind of a moment of some tension here in the sense that in terms of the intelligence that we've got in terms of threats like terrorist threat we may not have enough. We are growing but there's still a significant amount to go in certain countries such as Japan. There are severe constraints on the government in terms of protecting themselves. Meanwhile capabilities are proliferating rapidly as a result of technological changes and new data sources that may be of interest are proliferating. We're going for what observer it is, 20 billion devices on the internet, 50 billion by 2020. It just changes the landscape in terms of all of this. John points out there's no international law affecting espionage. There's not even a clear definition of what espionage is. In fact in a sort of celebrated moment before the US Congress a few months ago the John Clappers sat in front of the Congress and said that a whole group of things that might be described as espionage were just really the way countries go about their business nowadays. And we're in this kind of definitional phase. What is really spying? What isn't spying? What's normal? What's not normal? And I wanted to turn to you Niko and you seem to have a comment you want to throw in so feel free to do that. But we seem to be at sort of a technological turning point for the planet and we haven't really had a debate about the underlying philosophical and legal parameters with which we should be operating beyond that turning point. And I'm just sort of wondering what your view is on that. I agree. I think with intelligence and law enforcement you have to be really careful what you wish for here because I think by getting more power in ways like with the Investigatory Act which would make wicker my company illegal in your country actually harms us more. So one of the most important lessons I learned was from Thomas Cross, a very famous hacker in 2009. He taught us all how to break into lawful intercept machines. And at that point it was very clear that a backdoor for the good guys will always equal a backdoor for the bad guys. In fact, I think this is such an important lesson that we brought him back to teach the kids how to break into lawful intercept machines this year. So by giving yourselves wiretap power or more power you're actually causing more security harm than good. And I think if you take it a step further with the crypto wars in the 60s and 70s it was a very different time. We're a global corporation right now and we're all connected. So let's just play this out a little bit. We give the UK a backdoor because we trust the UK. We're friends with you guys. Let's say the US, right? Do we trust them with the master keys? They weren't able to keep spies entire sexual history records safe, right? With the OPM breach, like how could they keep keys safe? But then let's say, okay, let's get back that. Okay, well now we've set precedent that the UK we have to give a backdoor to the UK and then we have to give a backdoor to China. And before you know it, there are keys all over the place and it's made the entire internet way less secure. Could I put the other point of principle here which is that we still live in a world of states. Governments owe a duty of care to their citizens and the citizens expect their states within a clear legal context to be able to protect them. Public highways are surveyed. All sorts of things are surveyed every day. The question of principle is whether the internet should become a no-go area for governments or an area in which the governments don't have a particularly right to intervene in order to regulate the legal activity as between their citizens or citizens of other countries. And I think there is an important philosophical point there. My judgment is that in carefully circumstances governments should be able to understand what citizens are doing on the internet when it affects public security. On the question here of how one deals with difficult governments the question is not to apply a double standard but a single standard. So if you trust the domestic regulation of the United Kingdom to know that these backdoors will be used in only very circumscribed areas you might be able to justify to yourself why that is done and still have an answer to the North Korea industry why you wouldn't provide it back to them because their domestic legal structure is not... There are other questions of principle too and one of them which relates to your point is protect what? Protect whom? Protect whom from what? And so everybody walks around, in my mind the image is a little bit like from a Peanuts comic, do you remember the old Peanuts comic? There was a character named Pigpen and Pigpen walked around and there was a little cloud of dust at his feet and this is what we all look like in data terms. We're walking around and we're throwing off all this data all the time. Well the question is whose data is that? Is it the person who's throwing it off? Is it the company that's collecting it? Is it the government in which the data is being thrown off? Is it anybody who has an interest in that data? Since that data is the foundational element of the global economy going forward it's the basic unit of economic measure of the global economy. It's the value. Who gets that value? Privacy laws make the decision about who gets that value and you have the US heading off in one direction with a privacy standard, the Europeans heading in another direction with a privacy standard, a whole set of other countries that are more authoritarian and yet another direction with privacy standard and so we have to answer multiple questions of principle. Are we getting precariously close to a point where this debate is going to make people more dangerous, more at risk in your view in terms of terror threats? Or is this precisely the right debate to be having right now? I think that the debate, of course the police operates in most and all of our member countries in a strict legal framework. Also that the sharing internationally is, there is of course a law allowing to share or not allowing to share. So it depends on the legal framework. To a certain extent as we know it depends also on the commitment to share, the cultural background maybe, so there are still opportunities in the already existing system to be more effective. The question you raised, of course, that's something the lawmakers have to decide at the end. I think it's the police role to identify gaps in our work. So when I was a young police officer, of course I was able on the basis of a court order to search houses, to take records, to take most of the time it was paperwork, which then we read nowadays in the light of encryption anonymization, of course we have problems and we have to tell the lawmakers that at a certain point we can't start investigations or we have to stop investigations, take the example of child exploitation in the internet without certain information. We are not able to do anything to get behind the criminals. So this is something we have to explain. I think we all remember the director of the FBI, Jim Comey, raising the discussion in the US about going dark, which is a major issue and we have to identify these gaps, but of course at the end it's a decision that has to be taken by the lawmakers, but it requires a debate on privacy issue on the one hand and security gaps on the other hand and balancing these interests. Of course as law enforcement we understand that. It's very misleading and unproductive to say that privacy and security are on opposite teams. They're on the same team and by having private communications we are all more secure. Spies use wicker every day to fight terrorists. It's no different than a teenager's private communications. Yeah, but again, you can't have security without privacy and the other way around, two sides of a metal of course. So it's not to play one against the other, but of course I think the challenge is to balance these interests in light of huge technological developments that's going on and again the police role is to identify gaps where we can't continue investigating or where we can close security gaps or prevent terrorist attacks from taking place. We have to face the same things that we've been facing with policing from the beginning of time, which is crime is a rare occurrence and there are other things that are day to day occurrences which deserve protection within that context even more so because they happen more frequently generally. Yeah, I was not surprised by the result of the little poll you made here with four out of five saying that intelligence agencies are not powerful enough. I think there is a and I think you would probably have the same answer also if you ask the broader public. We've made polls in Norway on the confidence of intelligence service and police security services and it's pretty high. People in general want to ensure national security they want to ensure public security and in a changing world I think they realize that intelligence services need to be empowered to do that. There will always be discussions to what extent should intelligence and security services be allowed to do that. I think we need that discussion. I think it's extremely important that there is transparency. If anything good came out of Snowden I think the good thing was that I think leaders in intelligence and security services today realize that there has to be a dialogue on these issues. They will never go into details on methods and sources and capabilities but there needs to be a discussion and there needs to be an understanding in general on how these services operate in executing their very important work on behalf of the society. Do you agree? I think in Japan the debate is still lagging behind. We are debating what needs to be protected. Some people say we say we need to protect people. Some people say we need to protect constitution. The Japanese constitution the interpretation of the Japanese constitution was we don't have collective defense. So Japan has to defend our country independently. And this year, last year we finally changed the interpretation. We could allow government to exercise power of collective defense to defend Japan. So the next step is what we are going to defend against terrorism. I think we need to tell people the real threat is coming from terrorism. It's right there. It's a clear and present danger. And the law enforcement or intelligence community need to have more power to deal with it. And people still may not believe it. So the poll was very shocking to me. I thought it would have been overwhelmingly the intelligence community today to be very powerful. But it was totally opposite. So I think we still need to... But it's possible that audiences at Dallas could be wrong. I really hope that's the case. I think we still need to talk to our people that this is a danger we are facing. And this is what we need to do. We really need to convince it. I think Japan may be in a different league. Let me ask you two questions. Would you get the result that the general thinks he would get if he were taking it back home in Norway? You think the general public would be broadly supportive of stronger intelligence services? What the general public supports is the quality of intelligence service in the UK. There wasn't in fact a poll taken in the UK and I think something like 72% of the British public thought their intelligence services performed a proper and proportionate role. So there is strong public support going forward into the the world of the future. One of the things that I see is that I think we've spent the first sort of 15 years of the 21st century fighting the last wars of the 20th century. And that a lot of the terrorism that we see is a manifestation of certain parts of the world to keep up with progress and it's produced unrest and it has spread out consequences for all of us. But that as we get into the 21st century a whole set of new issues and threats emerge from a wired world a world where in 5, 6, 7, 10 years from now the vast majority of people on the planet are going to be connected in a man-made system for the first time. Almost all of economic activity is going to take place inside that system. It's going to change in its nature. Education, the delivery of government services essentially everything is going to take place within that system. And so we need to develop new rules of the road to address those 21st century challenges as opposed to over focusing the structure of the intelligence community on 20th century challenges. What do you see as the new challenges emerging from the 21st century that ought to be coloring this discussion as much as perhaps are concerned about terror? Well, the principal change in the world of intelligence agencies has been from a near exclusive focus on interstate espionage and trying to discover secrets that are actually being held by governments to addressing many of these trans national issues that on occasion requires intercepting the communications of individuals or groups that are non-state actors in the proliferation of these means of communication and the variety of instruments that are being used to put enormous pressures on intelligence agencies. But I would add the point that hasn't yet been made while there is an extraordinary amount of signals intelligence and national technical means that goes on the bigger intelligence agencies and the better intelligence agencies still need to rely a great deal on human intelligence and the human intelligence task today is extraordinarily challenging giving the difficulty of penetrating non-state actors as opposed to penetrating state actors during the Cold War inserting an agent in Warsaw or in Moscow was a doable affair there was trade craft that could do that you could bribe people and the like now when you think of the challenges that a British national would have inserting himself into an ISIL network in Syria and getting trusted by that network and after a period of time being able credibly to report back what their plans were those are very challenging tasks and I think there will be very few intelligence agencies in the world including the very best ones that will be able to insert human agents in the variety of transnational activities that are being taken so I think that will be a big pressure and will make people judge that the challenges on intelligence agencies are really very large today and much larger than they were in the past. Okay well that's a challenge to intelligence agencies what do you see as emerging challenges associated with this kind of quantum leap that we're in the midst of making in terms of the nature of life in the connected world well let me agree with John for a minute that was something we didn't expect to happen here today so which is at DEF CON every year Chris Hagnaggy hosts a contest called the social engineering contest and they get 100% of the targets 100% of the time and they don't even need to send agents away they use the phone and Facebook and through those two pieces of information alone they're able to manipulate people to get the information they want and this is the kind of tool that people and intelligence world should and can use instead of putting holes in our systems and our private communications that both threatens human rights and threatens the people fighting the terrorists. I think on the other end of it something that we keep track of really closely is again private communications and looking around the world at where it's potentially illegal or not illegal and it almost maps exactly to the totalitarian regimes these are the places where they are surveilling their citizens on a daily basis and I always say UK really you want to join the red team because you're not usually on that side right but we can use the governments that are surveilling their people every day we can use that against them and we should okay I think that's an unfair comment in a way because you know when I'm glad we're returning to normal here well look in the United States in the 1950s the FBI had the authority if it started judicial warrant to intercept a first class piece of post, steam open the envelope read the communication, put the letter back in the post and send it on its way and it would do that rarely and only when it was able to get a judicial warrant and the debate about privacy and security in the United States was not what it is today this difference in technology has changed the intensity and nature of the debate but the issue of principle is still the same can democratically elected governments in carefully circumscribed circumstances intercept a communication in order to prevent a horrific and I think that democratic societies would wish those governments to do this in these circumscribed ways and total privacy in the internet is not compatible but there was a phrase in what you just said which was in carefully circumscribed ways that's all we have in the United Kingdom the United Kingdom is not joining authoritarian government it's got a very rigorous law but has not done it in circumscribed ways and that's the government of the United States which seems to have determined that the Fourth Amendment doesn't cover metadata and yet metadata is precisely the kind of thing that you might have found in a notebook in the 1950s at the time that you were steaming this open and because it determined that it did not cover metadata it therefore allowed the mass warehousing of certain kinds of information in not circumscribed ways and that illustrates precisely the tension that we are dealing with here partially because a lot of lawmakers a lot of the people who are supposed to be grappling with these problems don't even understand the core issues they don't have the ability to have the conversation I had a conversation once with a guy who was a former top US intelligence official former CIA director and he said he used to go in and brief the cabinet or the National Security Council on these issues and he said they looked at him like he was Rain Man like he was speaking not understanding his word does the newness of some of these issues affect the competency of lawmakers to actually make reasonable judgments around these questions? Maybe I think it's the role again of law enforcement and to limit my comment on the role of law enforcement to identify the gaps we have and I fully share your view in the past we've been able to do on the basis of court order as we do today encryption, anonymization, mass data these are the huge problems all around the globe in effectively doing law enforcement and catch the criminals and there is transition going on so we need to develop let's say a criminalistic 4.0 now following these huge technological developments and they don't wait until decisions are made or new law is established in the member countries we heard a lot here during the days in Davos about industry 4.0 the smart car, smart home the internet of everything so that provides huge opportunities for criminals to attack our systems our private computers our critical infrastructures and of course terrorists can make use of this as we see that the underground economy is now more and more professional you don't need to be an expert to attack a system I could do that simply sitting on the couch on my sofa and buying the stuff from the underground economy and the internet and that leads to the difficult again the difficult discussions to balance freedom and security and that's the challenge for all our societies but again technology moves forward and we try to do our job in protecting societies and that's the difficulty we have a lot of questions all together no congratulations that's your job to write the question but I want to try you're now two weeks out of this job so I'm sure you're going to be completely open with me here are there issues of competency within senior government officials about understanding the nature of these technological challenges it is difficult I mean but I think from my experience we had a good dialogue with our authorities and I think the methods and the work of intelligence services is pretty good pretty well understood in the Norwegian government but let me make another comment because you introduced the thermal metadata here with the challenges that we face both when it comes to international terrorism and in cyberspace the problem is not to identify the known actors the known actors are easy to monitor, they're easy to find out there the problem is the actors that we don't know about terrorism as a phenomenon has changed radically over the last three or four years at least here in Europe before it used to be something that happened out there and was prepared out there in the world that was then exported into our home countries today we have the phenomena of jihadism and we have the remote radicalization of people in our home countries we don't know the actors in this play and in order to identify them we have the possibility to use metadata we would be absolutely in the black in the same way when it comes to the serious cyber threats against our governments against our societies if we weren't able to use the access to metadata we would be completely blind so we have to be honest about these things we cannot solve all problems I've heard politicians saying that we will give intelligence services the tools that they need but we need to understand that dealing with the unpredictable dealing with the unknown threats is a very difficult matter you make a good case but I think it suggests that a debate ought to take place about this a public debate about it and the level of awareness within the public about the nature of these issues is quite low and so that creates a problem associated with it Nico you want to jump in I want to come to you in a second I want to come back to something and I'd like you to think a little bit about the hierarchy of threats every time I sit in a discussion about the requirement that we have massive intelligence capabilities and surveillance the example that's always given is terrorism terrorism is not an existential threat to any major country in the world terrorism takes a toll in the last year 20 or 30,000 people it's tragic most of it is in a handful of countries the number of times it affects most of the rest of the world is extremely limited there are other greater threats that are out there or cyber crime and I'd like to talk a little bit about the hierarchy of threats and whether we're letting one particular kind of threat drive this discussion too much so there are I would say three secure messaging apps in the world that I would trust of those wicker is the only one that doesn't have any metadata attached to it in other words we can't even tell who our users are who they're talking to when or how often they're the one in the world that does that that's why all the spies use us that's why they're not using the other encryption techniques because this is very important for spies and human rights activists it's a key tool and then I guess going back to what John said with Hoover and the FBI I consider that a huge stain on American history and I would take it a step back further to the American Revolution and George Washington had a theory and he said we're not going to be like the Brits and I refuse to spy on my citizens and censor their information and that's when they created the U.S. Post Office and this is what makes a strong social society because you need to have strong social discourse and now that we're all one society we all need to have strong social discourse and we all should follow George Washington's lead important point I'd like to come back in a second to how the global trends are going in this regard but let's talk about this hierarchy of threats are we too focused on terrorism yes I think so two things Japan is good at is controlling guns or banning guns I mean in U.S. much much more people are killed by guns than terrorism you know before talking about the metadata or you know wiretapping they should do something about the gun control the other thing we are good at is immigration control keep tracking of foreign workers in Japan and I think that probably a higher priority and we're also worried about the terrorism but probably more so in the cyber world ISIL may not be able to reach Japan and do terrorism just like in Paris but if they start cyber attack on critical infrastructure the distance doesn't really matter if we are not ready for it Japan could be an easy target so the Japanese police force is stepping up measures against the cyber crime so that's the hierarchy I think what do you think well the fact that a threat is not existential is not a reason why one shouldn't seek to counter it if not only what was going to counter existential threats but if there is no security then we could disband most of our police force and most of our army so I don't see the existentiality of a threat as a reason why we should encounter it I think it all depends where you sit of course I mean if you are sitting in Syria I think terrorism is a pretty high threat to your local village and to your municipal security to your regional security in the UK we don't have a major international security threat that is imminent and present but we have to have armed forces to defend our security and to project power to protect our citizens abroad and also to engage in humanitarian interventions the expiltration of citizens there's a wide variety of totally proper purposes to which our armed forces are being put our intelligence agencies work across a wide variety of issues now a lot more foreign policies I think informed by intelligence information that might have been in the past by the way it's very heavily lawyered about 40 years ago MI6 might have had one part-time lawyer now there are probably 40 full-time lawyers that work in MI6 we in the United Kingdom as the United States are a society of laws and of rules and intelligence agencies effectively with strong public support and that public support exists I do think that terrorism is a very important security risk to the United Kingdom for the reason that Kel said that in our European societies we have unfortunately a lot of homegrown jihadis people from communities that have been too separated from society that haven't been assimilated or integrated with strategic getters in the United Kingdom where people feel separated from the community and therefore being more easily radicalized over the internet or abroad and our citizens expect us to be able to ensure that those individuals don't go on to perform terrorist acts in the United Kingdom in the last six months I think probably seven terrorist acts that might have created a certain loss of life in London were prevented by the intelligence services that's a very significant number seven of the sides that took place possibly in Paris last November so they're active against a very present threat and I don't think anybody's arguing and certainly by posing the question I'm not arguing that terrorism isn't important but in the context of the US and in the context of your point the number of people who died in terrorists related incidents in the United States is one six hundredth number of people who died of gun related deaths and that it's half the number of people who died of diabetes sugar is a much greater threat in the United States than terrorism but we don't have the same kind of debate about it there's a more compelling statistic which I think that 41 people were killed in the United States as a result of toaster accidents and that's more than we're killed on behalf of the public toasters are very dangerous that's a subject of our next panel but let me just remind you that the priorities of intelligence services are not priorities that the intelligence services make up themselves they reflect first of all the political guidance here which again reflects the needs of the society the needs of the people so of course the focus on terrorism here comes from the psychological effect that terror has in a society the fear that terror has made just think about the fundamental changes to transportation air transportation that 9-11 made globally to us that is why terror has such a high priority and why we are expected to do something about terrorism just this year beginning on the 1st of January this year what happened just in these few days globally on a global scale this is really a challenge and I'm afraid to say it will increase very much so our membership the 190 member countries they for sure they request us to provide support in three areas terrorism, organized crime and cyber crime these are the main priorities where they expect us to provide support again I'm not minimizing but for example cyber crime is an area where we haven't really touched upon this debate touched upon it in little bits but clearly that's going to grow it's also going to change it will tremendously grow change the nature and big data world everybody becomes a target and the responsibility for defense against cyber crime is dramatically tilted in the direction of the private sector and so that's going to change the balance and how one deals with some of these threats and the private sector is going to have to know how to cope with that and when you mention cyber here I think that illustrates the new area that is coming into this so far a lot of focus has been on cyber crime but I think we need to look at cyber in a more broader context and the threat in cyber towards national security and I think when we start understanding the potential threats the potential hazards that come with our interlinked digital systems we will realize that the potential threat of bad guys or state actors operating in that domain is going to could have far broader implications than terror itself so we've got four minutes left and what I want to do is I want to go to each one of you and I want to give you 30 seconds and I'd like you to make the case for one power that ought to be added to intelligence services because they need it and don't have it or one power that ought to be taken away from the services because they've got it and they don't need it and then we're going to leave 30 seconds to poll you all again on this question that we opened with so go ahead we have to work against fragmentation of information we have to better cooperate amongst law enforcement with the intelligence there is still room for improvement and as this was mentioned and also was a topic here in Davos I would underline your last comment there I think broader dialogue more transparency between law enforcement, government intelligence, private sector is absolutely essential here we need to keep that dialogue going in order to understand the needs understand the challenges that we face so I welcome very much that you put the question back up now I just want to give you a chance please vote so when I get to the end of these three we've got the answer I think intelligence services need to be trusted by the people and politics or politician need to sort of shouldn't use intelligence service to get into the dirty politics the politics is polarized in many countries but the politicians shouldn't really get the intelligence service into this and we need to get the confidence high there needs to be a dialogue between the intelligence agencies in the ICT community as to what would be the circumstances of proper and proportionate collaboration between the two I think that will still take some time the United Kingdom had a special envoy to the United States to talk about this issue with the ICT companies and I think now the debate is beginning to spring back in terms of a sensible relationship between the United Kingdom's intelligence agencies the United States intelligence agencies in the ICT community when the ICT community is convinced that there is a judicious legal context in which specific interventions will take place I would say that the intelligence world needs to have less power in terms of putting holes in the web that can impact us all and they also need to do a better job of utilizing the holes that the bad people have in their systems too because it's a lot easier to own someone's phone than to break encryption that all of us use super helpful what's the result of the poll well there's been a slight slight return to no there's been a slight adjustment here among all of you clearly this is a complicated issue it is you know I do not by any means suggest that we ought to make light of the threat that's posed by terrorism and the tools that we have are not necessarily adequate to meeting that threat right now and I think we have some that we need to enhance meanwhile we should also beware the slippery slope that has been the hallmark of the post 9-11 era that suggests that if a small group of people can inflict a large amount of damage on a big city that any small group of people anywhere can pose a threat because when you accept that argument that anybody anywhere can pose a threat then you begin to carve away at civil liberties in a way that's extremely dangerous for societies we are going to face these problems in much greater scale as we move forward into this big data era into this industrial age that's why this debate is so important that's why it's so important that you take it home to all of your countries and continue it thank you very much to this great panel for a great discussion thank you very much