 I see many familiar faces out in the crowd, and I'm glad that you're returning to these events. Thank you so much for being here with us. And with that, I'd like to introduce Bob Schieffer. Thank you very much, Andrew. And thank you all for coming. I had a feeling we'd have a big turnout for this one. We try to stay on the news, and we're very much on the news today. Bart Gelman, who's had his name in a paper a lot lately, of the Washington Post. He's a winner of two Pulitzers. He wrote a book, Angler, about Vice President Cheney. It was as New York Times. It was the bestseller. It was also chosen from the Times Books of the Year. Works for the Washington Post, Time Magazine. And of course, he is the one at the Washington Post who had their first story about Edward Snowden. Right over here, my old friend David Sanger. He's been on two Pulitzer teams at the Post. At the Times, you worked there 30 years, right? So he's probably worked at one place longer than anybody on this panel but me, which is really good. And he has two books about the Obama administration. The most recent, of course, is Confront and Conceal. You had some information in that book that had not been known before your book came out. So you have some experience on that kind of thing. And then Jim Lewis, who is, of course, a senior fellow here at CSIS, the acknowledged expert, I think, on cyber war and cyber security. He's been in and out of government most of his career, has a PhD from the University of Chicago. So very long resumes for all these gentlemen, but we'll just stop there. I want to just ask you to start off the threshold question. Why did the Washington Post think it should publish this story? Well, I'll speak for myself and I think that it does represent the Post's view on this. Why wouldn't we? We had a situation in which the Congress passed a law, which everybody gets to read, that says very, very little. The terms are quite opaque. Then the executive makes a secret, highly classified interpretation of what that law says. Then it creates a program. Then it goes to a court and gets this court, the Foreign Intelligence Surveillance Court, which works only in highly classified ways and with no other party present. And the court makes a secret ruling. And all of this is drawing a boundary around, where should the limit be between intelligence gathering and privacy and civil liberties? And that's a conversation that we have not had an opportunity to debate in this country among the general public. And on foundational questions like that of power, because you're talking about the mutual transparency of citizens and the government that's supposed to serve them, I think there were lots of things in this material that needed to be broached. And I think the confirmation of that comes from the fact that there has been an extended, running into several weeks now, and fairly serious public debate about where these lines should be. Did you have any concerns that national security might be damaged with what you published? Yeah, I did. I mean, over my career in journalism, having covered a lot of national security stories, there have been quite a few times when I saw a really hard balance to be struck and when I've had conversations with the government about their concerns. And we had those conversations this time. And I'll tell you how I started the first conversation. I said, I'm not going to hand you this document that I have, but here's the date and title and author. And I know you could find it. And before we start talking, I just want you to know that everything from slides 21 to 27, we're not even thinking about publishing. Let's talk about the rest. And this is the way you presented it to the post? Kind of in that way? Well, yeah. I mean, when I came to the post, I had a similar conversation. I said, you know, I mean, you're going to make your own decisions, because I no longer work there full-time. I did for 21 years. I came back to them on contract for this story. I said, you'll make your own decisions about what you're willing to publish and the start of the conversation. This is the part I would not, myself, be willing to publish. David, how is what Bart did with his story? Is it different in any way from when you did your book? Because you talked about, and we learned for the first time about some of the cyber war abilities that the United States has. And this had here before not been known. Did you go through this same kind of a process? Through a very similar process. I think there were a couple of differences, but mostly a similar thing. And I commend Bart both for his enterprise and for exactly the way he handled it, which I think was extremely responsible. The difference was that in the story that we published in The Times and that I was an excerpt from Confrontant Conceal, which was about Olympic Games, the code name for offensive cyber operation against Iran, but also the first sophisticated use of an offensive cyber weapon. The overall journalistic impetus, I think, was very similar to what you just heard from Bart about this. That in both the case of where the US government draws the line between personal privacy and doing the kind of surveillance it feels it needs for defense, and where the government draws the line on the use of offensive weapons, it's all done in secret. And in many cases, you have to ask the question, how much of this needs to be secret because it's keeping operational details secret, and for which I think we all understand the need to go do that. And how much of this are fundamental issues that need to get debated by the US public and perhaps by a broader public, but certainly by American citizens because it's done in their name. And I think the responsible way to do it is exactly as Bart and which was go to the government and say, this is what I have, that the key elements are going to get published. The question is if there are security concerns about individual elements of it that would endanger somebody's life, endanger an ongoing operation, so forth, we're willing to sit down and hear that and make a case. And then I did what Bart did, too. I took some things right off the table that I knew I shouldn't even get into a conversation with because there wasn't a debate. And then in other cases, there were responsible people in the US government who made a case. And I found over the years in doing this, in the case of my book, wasn't the first time as it wasn't the first time for Bart, that usually once you get involved in that conversation, you can narrow the subject matter pretty quickly if you're dealing with relatively reasonable people. And at the moment that you've got the essence of the story, they're not simply going to say, well, we're just not going to discuss it. Now, that raises a more fundamental question, which is the who elected us question. Why is it that the press gets to go do this? And that comes to an understanding that I think many people in the United States have about what the role of the media is. And it's disputed by others. And I don't think there are any absolutes here. The US government would like to say that if it's classified, it should never get published. The fact of the matter is almost everything in the realm that you write about when you're writing about national security is classified in some form. I don't think you can write about Iran's nuclear weapons program or North Korea's or our dealings with China without running into something that is classified somewhere. Now, I didn't have documents. I had a story that was assembled over a course of a year and a half. In Bart's case, he had specific documents. And that kicks in the gear and different parts of the classification laws. So Jim, you have seen these kinds of situations before from both inside the government and from outside the government. What do you think of this story? It's true. I think I'm the only one on the panel who's been inside the veil, so to speak. And actually, one of the things I'm wondering, I just went through my five-year review. And I think, why did I bother? I can just wait. It'll be in the poster of the Times or something. And there's no doubt that people in the community are a little depressed. So I feel a lot of empathy for them. But we will rebuild. In this case, I kind of agree. I think more transparency would be a good thing. If they had given some more information on the program to begin with, it would have been easier to manage the public reaction. But at the same time, I'm all for more transparency. I think the program needs to continue. So I hope the debate doesn't lead us into one of these silly compromises where we set up a new advisory board or somehow put in additional constraints. I think that would be a mistake. Let me just ask you at the top here some of the claims that Snowden has made, that he could listen in on any phone call, even the presidents, if he had the number. I have had people both on the record, on television, and off the record saying he vastly overstated his abilities. Do you think he did? I love those television shows and movies where they show like an ops center in the CIA and the guy says, got me a video on St. Peter's Square. And immediately it pops up. Come on, folks. No, of course you can't. Technically it is possible to target someone and to get their phone calls. But there are many, many legal constraints. You really have to have worked with these legal constraints to know how difficult it is. And it's not that easy. There's operational difficulties. There's legal issues. It's not like the movies. What do you think he overstated what his abilities were? I think he was overselling. I think he had a product and it looked for a while, at least in Hong Kong, like he was dangling. Come to me, bring money, and I'll tell you the good stuff. So I think he was overselling. Art. I'm not his lawyer or his advocate. And I'm printing only what I think is true and that I can verify. I wouldn't be so sure that he's wrong about this. And what he's right about for sure is that the legal constraints that Jim is talking about are either lines of code or policies and rules and regulations and supervisory chains and auditing trails, which, given that the whole thing is taking place in secret, can be changed at any time. His principle point is that there has been buildup without our knowledge, a remarkably powerful surveillance apparatus that is in fact touching every American household, even though they are not listening in on all our calls. All, there are some. We're reading all our emails. And that the main constraints on it right now are what the code says, which can be changed, or what the policies are, which can be changed. And what we do know is that when governments accumulate power over time, they find sort of one more reason why you might want to use this, or you get to adjust it on the spectrum just a little bit. And over time, you tend to have a one-way valve in which there's more use made of powerful tools for reasons that are stated in good faith and honestly believed, but that changed the boundaries. Well, how can it be that someone can go to work in a situation like this, in a position like this, work there only three months and somehow get away with what he apparently, we know he got away with some stuff because you printed some of it. I mean, that does not seem right to me. It seems to me that's not a good situation. Jim, can that be? How can that be? Gee, I really want to defend the guys up at the fort here, but it sounds like there was a little glitch. You know, one of the rules to just to move a little bit aside, if you're looking at simple things you could do to make your networks more secure, one of them is to restrict administrator privileges because an administrator can pretty much do whatever they want. He was an administrator, and that was probably the mistake. Is this basically, he's the IT guy in the office like we have at CBS, that when the computers break down, that's the guy that comes in and he knows everybody's password. Be nice to your IT guy. Yeah, exactly. You know, that's right. One of the lessons here. But I mean, is that basically what his job was? Someone I know said, he described him as the help desk. The help desk, yep. Yeah, look, I mean, look, there's been a lot of stuff that is out there that's essentially trivializing him or his credentials or the importance of his job. He worked at the Hawaii sort of large sub-branch of the Threat Operations Center run by the NSA. He was the administrator of a very substantial portion of that system and also in charge of defending it. So, I mean, he was there to watch out for incoming cyber attacks, intrusions on the system, and he also administered a lot of the, that sort of, you know, sort of rules, regulations, and firewalls that prevented sort of inside people and out from getting places where they weren't supposed to. Of course, that gives you a lot of power to get in those places yourself. Is there any suggestion, and I know this is your source and, but is there any suggestion that he took this job for the sole reason that he wanted, he had his mind made up about something that needed to be exposed and he went in there and got this job so he could do that? Well, he had spent a lot more years than these or than this last one working in the intelligence community and he had clearly formed views that developed over time. He never told me that he took this job in order to carry out his plan, but it's looking more and more like that based on the external evidence. What do we make of the fact that, you know, once he does this and he goes to Hong Kong now, he's in Russia and all of that. I mean, this is not your standard whistleblower, is it, David? Well, there are a lot of people who would argue he's not a whistleblower at all and, you know, whether or not you think he's a whistleblower probably determines how you come down on the first question you asked about why the press publishes this, what kind of person he is and so forth. I think this has come into an interesting context at a moment when there is a new president in China and the return of a previous president in Russia, both of whom had just met President Obama in separate summit meetings within the past week and a half and both of whom showed a particular willingness to stand up and say, this is not my problem and perhaps enjoy in the case of the Russians how much angst this was causing the United States. In the case of the Chinese, I think they just wanted to get this problem off their plate. The prospect of a year or two years or however long the expedition process took, I think they believed, I know from some Chinese officials who expressed this to me, would be a fairly lengthy process that would erode the relationship at a time that Xi Jinping's got other problems with the United States and that he wants to go deal with and I think they decided that they would take a day or two of heat for letting him out of Hong Kong and that then it would become someone else's problem and that someone else turned out to be Vladimir Putin. Well, do you, Jim, do you think it might have been that they had already gotten everything they needed from it? I mean, is it possible we read all these stories? We don't know, I don't have the expertise to know. Is it possible they could have drained those four computers he had without him even knowing it? I do think he's overstating his position. I do know a little bit about the end talk and he was not like at the center of it. So did he have access to some good data? Yes. Did this stuff come as a surprise to the Chinese or the Russians? No. And so I think one of the problems he had is when he got there he found that the stuff he was flogging, what's attracted a lot of public interest, was not really and started a good debate was not really a surprise to foreign intelligence services. I wanna add something to that. He has said and given me good reason to believe that he's in possession of material that could do extraordinary damage to collections by disclosing things that foreign targets don't know, they may know in principle, but they don't know in practice. And he's not interested in tossing all that out into the public record. He's interested in fostering the debate here. There's been a lot of speculation about whether the Chinese drained his laptops or whether the Russians are doing so now. I wouldn't give a lot of odds on that, but if he gave me even money, I would make a fairly substantial bet against. I know more about the precautions he took and the planning he did anticipating exactly that issue. And I think it would be difficult to do without thumb screws and we haven't seen any sign of that. Do you all think he has done any harm to the national security? Yeah, it's a very hard thing to judge from the outside. And of course, you will always get insiders saying that any revelation of any of these kinds of programs or techniques does harm. And then you hear Jim make a point that he did, which was most of this probably wasn't a surprise to the Russians and the Chinese. Well, if the information is of more surprise to the American people than it is to the Russians or Chinese. Or in the case that I wrote about since the Stuxnet virus had gotten out in 2010 and the Iranians already had the code and they knew somebody had been attacking their systems and they didn't think it was the Swiss. Then the question is, are these programs classified because you're keeping adversaries from knowing about it or you're keeping Americans from knowing about it? And that's a really important base question to go answer. When I looked over the documents that Bart published and that The Guardian published, for some of them, the first question that came into my mind was why was this document classified at all? Let me give you an example. One of the most interesting that got published was one we had written about but not seen called Presidential Decision Directive Number 20 and it was signed by President Obama back last fall. And it was basically the decision directive that lays out the conditions under which the United States would make use of defensive cyber or offensive cyber and who's supposed to go do that and so forth and so on. And each paragraph is marked either confidential or secret or top secret. The entire document was supposed to be declassified in 2037 or something like that. I read through this and I said, gee, I'm almost certain that when the document was signed there were declassified briefings for us on almost all of the major details. And I went back over my notes and there were some interesting, smaller things in the document but most of the big issues we had been briefed on. So I went back to the White House and said, can somebody here just give me the justification for why this document was declassified? And the answer I got back was in short because it was in the interest of the United States to declassify it. That's declassified. That's declassified, I couldn't tell you. So many of these do raise a fundamental question which is would the government find itself in less of a difficult position today if it had said to the world, yes, we have a central repository into which all phone call metadata is poured into and we hold on to it for five years because any terrorist who went to the movies thinks that we can go back and trace a call in 20 seconds. Why the presidential decision directive couldn't have been published at which point it would have become a deterrent for other countries that would see that the president has authorized the use of retaliatory cyber weapons at some point. But no one really wants to engage in that debate inside the US government or at least they don't wanna engage it publicly with all of us. Can I add something on that? Sure. One is that it should not open and close the conversation whether something would improve the public debate and it shouldn't also close the conversation whether something might be damaging or actually could do some damage to national security as one could reasonably define it. I mean, John F. Kennedy's great speech was not that we're willing to pay no price and to secure the blessings of living will bear no burden. That's not what he said. I mean, there's their trade-offs between self-government and self-defense. Constitution begins with six fundamental guiding principles about what we're here for. One of them, the fourth one is to secure the common defense. So there are other issues here and there are balances to be had and sometimes they're easy, sometimes they're hard. I wouldn't, I don't dismiss the security risks that are involved in having this debate. I mean, even when a country or a terrorist organization has good reason to think that the NSA could be listening, you could compare it to the elevator cameras we all know are there every day but we don't all behave all the time as though we'd like to have our photographs in the elevator put on the internet. You forget, you stop thinking about it, you stop worrying about it and so by calling attention there's a chance that you're dissuading people from going there but it's very clear that in the PRISM document, the description of this program which gets information from nine of the largest Silicon Valley communications providers that, and it's explicit in the document and in the markings, the most highly classified portion of the document was the listing of the nine companies, Microsoft, Yahoo, Google, Facebook and so on. That's the number one secret in there and when I had conversations with government officials about what we were gonna print and what we weren't I said, if the harm you envision consists of private companies taking a reputational or market loss because the American people don't like what they're doing, that's why we're gonna publish it. I mean, that is a high reason, a very high stake that would make you wanna publish the information. What can we do, Jim? I mean, you have a better fix on this than probably any of us here and I remember before when I was talking to you before the presidential debate and you told me some of the things that we can do. I mean, it is amazing, but I mean, there's a difference, isn't there, in capability and abusing of capability, which is one of the questions that comes up here, but we do have, just tell us a little bit about what kind of capabilities we have. I'd like to know. Ooh, ooh, that's a, that are not classified. That's a tough one, yeah. No, it's fair to say that after September 11th, there was a lot of effort to integrate intelligence sources and expand some collection abilities and one of the things that was most useful was, you capture some guy's cell phone in Afghanistan, you look in the cell phone, there's some numbers. Interesting, one of them's in the US. Who is that person in the US talking to? And at that point, you're kind of stuck. You really need to know this, you really do, but to do it, you're going to have to get essentially what's like your phone bill, right? So that's what they're collecting. And if you don't do that, you may have unhappy surprises. So a lot of it is this ability to collect and combine a SIGINT, a HUMINT, stuff captured on the battlefield. That's where the edge comes from now. This is not new, if you remember, there was the echelon debate in the 1990s where the Europeans suddenly became excited because they thought there was a global system to collect all traffic and they did a big investigation of it in the European Commission. And they concluded, well, you know, it's really not so bad as we think. And I think that's where we're going to end up here. There are trade-offs, we do need to debate them. More transparency would be useful, but we need this collection capability. Do you take issue with my new friend, Jim, on what are two points here? I told him we were going to be fighting all night, so. First of all, there's a legitimate problem here that you've identified. Absolutely, you had an intelligence legal framework in which you could spy on the bad guys overseas and you could get warrants to spy on known bad guys or suspected bad guys domestically. But when you got to the scene, which is what you care a lot about if you're trying to protect the country, you had inhibitions, you had barriers that were hard to get through. But what you've just described is really not what these programs that we're writing about now are doing. If you pick up somebody's pocket litter in Afghanistan, and it's got 35 phone numbers and 17 email addresses, that's where you can go out and get individual fies of warrants by going to court and saying, this was in the so-and-so's pocket. And we want to get a warrant to look into that. You can do that. You have to show only that the information you want is relevant to an authorized national security investigation. That is a very low bar. It'd be easy to meet in that case every time. What they're using these programs for is what people conventionally call data mining and what's actually called contact chaining in this context. They're looking for unknown suspects, unknown plots by finding hidden relationships among people. And so if you start with one contact, one, I suppose it's a terrorist contact, you say who's in touch with that person and then who's in touch with all those people. That's called going out two hops. It's an exponential growth in the number of people that you're surveilling that way. Everybody remembers the six degrees of separation idea, which is that once you get six degrees of separation from you or me or anyone else in the room, you've encompassed the whole planet. So two hops is pretty far. It's a big number. But this is such an old technique that when they used to train it, and this is declassified so you can find it on the web. They used to teach you how to do this using mail, using envelopes. Of course you want to find the guys who you don't know about. And you have one person you know and you want to say what is the network that he is involved in. And you have to look at people who are not known, not suspects that you couldn't get a warrant on. And I think the administration probably is a little miffed because they probably feel like they went out of their way to do this in a constitutionally safe manner, not public enough. But this is a traditional technique that goes at least back to the 19th century. I mean they were teaching it to children when I was a boy, so. Jim's a long time friend and I've been agreement with him that this method has been used a lot. The mistake I think that the US government may have made along the way was the judgment that what was declassified for doing it with mail had to remain classified when it had to do with email or with phone numbers and so forth. And it does raise the question that got raised back in the days when Jim Ryzen and Eric Whitblow wrote their story in what 2005 so that the warrant was wiretapping. Or again, you ask the question, why couldn't the government have at least described the outlines of this program? Was they leave themselves open to the same kind of exposure and debate then and the argument about whether or not it really needed to be classified? And what you discover when you go back and you look at some of these cases, including warrantless wiretapping, I would argue even WikiLeaks that the amount of damage that we were told was going to be done probably overstated a bit what damage was actually done. It's very clear why they, one reason why they don't want to have even that degree of transparency is because the more you know about this the more it creeps you out. I mean let's review the bidding of what we now know about these programs. They are collecting all of the metadata involving telephone calls and internet communications which is chats, emails, video, voice over IP. Bart, just to help me understand this, when you talk about the metadata and you say email, does that mean they're getting the email message or they're just getting- No, they're not getting the content and the president has come out and said don't worry, the impact on privacy is modest. We're not reading your email, we're just looking at who you sent to from when. But a lot more than that. NSA calls it DNI, digital network information. It includes also unique device identifiers, locations. On the phone stuff they say they're not collecting location. On the internet stuff they are. And if you gave me the choice right now based on current sort of data management techniques, here's the choice. I will subject myself either to one month of having someone read all my email and listen to all my phone calls or one month of all my metadata I would take the content in a second. You could listen to me and read all my notes. The impingement of my privacy would be much less even though the law says otherwise the whole framework of our jurisprudence is based on different assumptions. With the metadata, you know who someone's talking to when, where they are. And if you start thinking about associating that with everyone's because they are getting all of yours. Then they can tell whether you are negotiating secret business deal. Whether you have a medical condition. Whether you're having an extra matter of affair. Whether you're thinking of leaving your job. Whether you haven't come out with your sexual preference. I'm not saying they are doing that. They have now taken all of the information they would need to do that. And they are holding it. And no one is watching. That doesn't make any sense. Because you know there's a limited number of analysts and they can only look at so much. And priority number one is not your sex life. It might be really interesting. Priority number one is terrorism, proliferation. A couple countries that we have bad relationships with. There aren't that many analysts. No one is reading your stuff. And the idea that your stuff might be being read is true especially for these guys. You're good targets for foreign intelligence agencies. So is China or Russia or people like that looking at your email? Wouldn't surprise me in the least. Is NSA looking at your email? No, right. And so that's a difference. When I hear this, it is not a perfect world. You know it's not a 19th century agrarian republic where men and dinosaurs coexisted. What it is is a place where we have these trade-offs. It creeps you out to have people looking at your metadata. It creeps me out to find unattended luggage in O'Hare Airport. Right. You pick. Did you like Boston? When you collect these phone numbers, okay, and then you connect up two of them and you decide we need to, is there a capability? Is that on what I used to call on tape or is that somewhere recorded that you can play back? I mean the email would be there. But would a telephone conversation be there? When they analyze the metadata, who you're talking to, from where, what device, and so on, they call that the surface analysis and they use it for leads to go get the content underneath the surface. And so once they decide that you're a person of interest to them, then prospectively they can collect your communications in real time or go back and get terabytes of your old communications that are stored on servers at Facebook and Google and so on. But would conversations be stored, Vart? I guess that's, I'm saying if you- Telephone conversations, no. But they don't need it. Once they start becoming interested in Yuba, then they can listen to last record and slice and dice their conversations going forward. I do not believe that there's not any present evidence that they're either capable of or actually collecting all communications content so that they can go back and play it back later. And he didn't reveal one dark secret and I guess we should be appreciative of that and the dark secret. So when I started working on this stuff a long time ago, you know, from the State Department with NSA, they kept talking about something called the bit bucket. It's like, what the heck? They, there's too much information and all intelligence agencies suffer from this now. You can, it's easy to collect, it's hard to analyze. So they just park it, right? They just park it. So they used to park it in freight cars over outside Fort Mead, you know, when it was in the olden days. There just, there aren't enough people to read all this stuff. And so the content has to be, and one of the things that's improved is the ability to focus in on persistence of interest. Well they're not enough people to read all the content and listen to all the calls, but there's plenty of people and plenty of processing power to do all the metadata analysis. It does, it's not hard. It's just, again, it's adding a few lines of code, adding a few cycles to a vast computing capability. I want to go to you all for questions. So while you're thinking of questions, let me just go back to Jim. I was very interested in one thing that you wrote. You talked about some of the myths and things now that we're talking about cyber. You said we are not in a cyber war with China right now. And I just thought it was interesting what you had to say. Why did you say that? And I forget who said it, but I think it was you. The Chinese probably couldn't wait to get this guy out of Hong Kong. I mean, what a pain in the neck. And now the Russians are probably trying to think of ways they can, you know, ship him off somewhere. Because these are great powers, they're responsible. Yes, China engages in espionage. I apparently, I read in the papers now that we do too. You know? But espionage is not war, right? And so great powers engage in espionage, but it's not war, it's not an attack. It's not the use of force. It's not even coercive, right, unless you intend it. So the Chinese take advantage of weaknesses. We take advantage of weaknesses, but that's not warfare. And sometimes people say this a lot, that we're in a Cold War with China. It's not the Cold War. They're the second largest economy in the world. They're one of our biggest trading partners. It's not the Soviet Union. So no, I don't think we're in a war with them. Can I just look in on that briefly? Jim is right on the espionage side of this. President Obama's gone to some length to differentiate the kind of traditional espionage from the theft of intellectual property. And so there is something of a commercial war underway. And on the Cold War question here, I don't think we're in one now, but I think we're pretty close on the verge of one. And that is because the cyber issue has now moved to the center of the relationship. And it's made far more complex by all of the issues that Jim raises. China is the world's second largest economy, a very major trading partner and lender of the United States. And that constrains us from doing some things that we did to the old Soviet Union during the Cold War. But that doesn't necessarily mean we're not headed into a Cold War. It just means we're headed into a much more complicated version of it unless this goes off into a different direction. Questions? Right here. Yeah, sure. And tell us your name. That Ron Marks, G.W. Homeland Security Policy Institute. Congratulations, Jim, you kept your clearance. It was a close run thing, I'll tell ya. It's okay, I just had mine done, I understand. I guess the question I would ask, maybe I'll ask it to Mr. Schieffer, which is we lived through, you and I are old enough to certainly remember and you covered Richard Nixon. There was a time in which, under Kennedy and Johnson, a lot of the practices that he engaged in would have been acceptable, or at least they were kept quiet and people ignored them or they were kept down. One of the things that just strikes me about this is we've been at this war now for about 12 or 13 years and there's certainly been a lot of hints along the line and a lot of statements along the line that the press may or may not have picked up on or didn't pick up on. They would indicate that this kind of thing was beginning to coalesce and come together. You think we've just arrived at a point where, I mean, I realize that this guy has sort of set off the firestorm but is he Mrs. O'Leary's cow? Is there just a lot of stuff sort of laying around here that somebody finally coalesced and kicked together or is this something that sort of brand new discovery? It doesn't strike me like that but I'm just curious as to what your view point is. I mean, are you saying that this is somehow has something to do with other things that are going? Well, I'm not so sure the press has done a great job over the last four or five or six years of doing what you're doing right now. Because one of the jobs of the press really, at least as I grew up in the last 40 years was the idea that they would be the watchdog. And there's been a lot of this stuff out there and we've seen a lot of reporting and people have read the Patriot Act and people have heard all of this stuff around but for the most part it's been in bits and rumors in here and there. And we haven't really had the kind of press fall. Do you think the press has failed to some extent in this? Well, the press always fails. I mean, you know. It's intelligence fails. It always, every time one of these things happens we always look back and say, well, the press fell down on the job this time. I mean, I think buying large press has done a pretty good job. But I mean, you know, I think after 9-11 a lot of people including me didn't want to go through 9-11 again. And I am not one who thinks that Edward Snowden is a great hero. You know, sometimes sources are good people and sometimes they're other kind of people and this is Bart's source. But I mean, I have real questions. I mean, I said on television a couple of Sundays ago that people like Martin Luther King Jr. and Rosa Parks were my heroes, but they kind of stayed around. They didn't run off to China. And I think if Edward Snowden had a case to make I don't think he helped his case by his behavior once this came out. I actually think, and Bart knows this, I think the Post acted very responsibly and in the way they vetted this story. I also think that like Jim, we need to know more about what's going on here. But I don't know. We could always do a better job than we do. I guess that's what I'd say. Would you, do you want to say something? I do actually. I really liked the framing of the question about whether there was an intelligence failure by the press. Because I mean, it's a fair question because we're always happy to say there's an intelligence failure. If the US intelligence community is somehow unable to predict every future event, and I don't think that's a fair standard to hold them to even though it's their job to do their best. So did we fail to understand and present as these things were happening that they were happening? Sure we did. But I'll tell you for sure, in my case at least it was not for lack of trying. I mean, my last book on Cheney devoted, I don't know, I guess two and a half chapters to the Bush era surveillance programs. And I turned up a lot, but what I broke my sword on was exactly what was the NSA doing. And especially what was it doing that the Justice Department thought was such a big problem that there was very nearly a mass resignation in March of 2004. And there was a really interesting story to tell if you treat that question as an impenetrable black box. But I couldn't figure it out. And so whether you, whether Edward Snowden is a whistleblower or a cow or a hero or a villain, what he has done among other things is to enable a public debate in which we all get to participate in deciding how much power we want the government to have in the course of our demand that it protect us. You know, and I would just add this, this is all taking place at a time when we're undergoing a cultural change in this country brought on by communications revolution and the capabilities that we now have and with the coming of the social media. You know, people of a younger generation than mine now put on Facebook things that people my age wouldn't have discussed in mixed company back there. I mean, people have a different idea of what privacy is now. And I think that somehow factors into all this in some kind of way. I mean, you know, we see this growing feeling among, especially the younger generation, they don't believe much of anything that the government or anybody else tells them anymore. Well, I think that has to do with more than just the government running this program that it's been running in and on the secrecy. I think that has to do with a lot of things going back to Watergate. If I could just chime in for just a brief moment. Look, on any given day, I figure I'm lucky if I understand two or 3% of what's going on around me in the US government. So I'm sure there's a lot. You got to approach these jobs with a lot of humility that we don't understand a lot and we're putting a lot of effort into it. But if you go back over the past four or five years, you go back to that article I mentioned that Jim Ryzen and Eric Wifflau wrote. You go back to our coverage of the FISA renewal debate. If you go into our coverage of Stuxnet and Olympic Games and the use of offensive weapons, if you go back and look at other work that a BART has done, including in Angler, and there are many other reporters in this town who have broken very big stories along the way. I think there has been a steady drum beat. Has it been as broad as we would like? No, but the only way you get these stories is by beginning to pull on the string and hope that a little more of it unravels along the way. And you know, and the other part is this is one of the most complicated stories that I can recall in recent times. I mean, you know, we all go back to the old Ronald Reagan trust would verify. The government's telling us, you got to trust us, but they can't give us the information that helps us to verify it because that is somehow classified. And it's very difficult to know exactly what the government has done. They do have these enormous capabilities, but have they abused it? You have these people that are supposed to be on the oversight committees on Capitol Hill saying actually no. And maybe they're right and maybe they're wrong. I don't know, but that's just another thing that makes it a very difficult one to cover. Over here, yeah. Lloyd, here comes the microphone. Go ahead. So I can't help but think of Dr. Strangelove's doomsday machine that they never told anybody about when we're talking about this thing. Well, what good is this program if nobody knows about it? You know, why are we keeping this secret? I think that's something you're talking about David, but that's beside the point. I think the most important thing here is I'm 31. I voted for Obama in 08. Definitely did not vote for him in 12. This is the context of this story, that Obama, this story, everything is now, making us, as you just said Bob, my generation is having a very hard time believing traditional news outlets, politicians themselves. We're seeing a degradation of public trust. From me personally and from pretty much everybody that I know and I think, you know, this is what needs to be talked about more in the media. How are we going to repair this? Are we going to repair this? What can we do about it? So what are your thoughts on that? Well it's interesting that you bring that up and I sometimes define it as the legitimacy, which is you accept unquestioningly the authority of the Congress, the courts, the president and you say yes, or the press and say yes, I can trust them. It's a hard problem and so I'm still working through it and I'll just give you an initial hypothesis, which is the internet has had in some, we've seen this before. We saw this with the printing press. Floods of new information were available to new audiences. They could read the Bible and say hey, I don't see any divine right of kings in here, you know? And we're going through a similar process. This is the political effect of the internet. It is degrading the legitimacy of existing institutions. There might be other explanations. Governments over promise, I don't know. So work in progress, but this could take a long time to work through. Well and the other part of it is with the coming of the internet, I mean most people, whether they agreed with the editorial policy of David's newspaper or BART, they generally accepted what was on the news pages as the basic facts. Because I mean they generally accepted that mainstream media did a certain bidding. That basically we didn't print anything or broadcast, I mean unless we'd gone to some trouble to find out it's true. Now you're overwhelmed with information from every corner, some of which is true and a great deal of which bears no resemblance to the truth. And I think that is one reason that is so difficult now why people have such questions about what something is true or not. And I think that's part of it. Back here in the back. Just in a quick note on that, maybe the solution in part is more transparency. And that's maybe what, that's a lot of us, you mentioned Dr. Strangelove in the 2008 report we did on cybersecurity, we had that quote in it. And a lot of us have been pushing them, we can talk about nuclear weapons, why can't we talk about the cyber stuff? So maybe the initial step is more transparency. Back in the back. Yes, Steve Benson from CSIS, it's a two-part question. Since the ISP, the internet service providers were acknowledged in the article and so much data is available, was there any impacts when this was made known to the public? Was there any perceived impact based on the public's demise of trust for internet service providers? And the second question is, does my bill go up or down because of the use of my data? Your bill has gone up and up and up, but it doesn't get charged in cash and you never see it. The bill you're paying is the revelation that the revelations that you are giving to a enormous 30 billion plus dollar a year industry of people you've never heard of, like flurry, axiom. Besides, it's the ad-debt works, it's the marketing people, it's the big data brokers, and although it's true that ideas of privacy are different now and people post things on Facebook, we are not losing our privacy primarily because of the things that we reveal. We're losing our privacy because of things that are being done completely without our knowledge or our ability to understand. You click on Terms of Service that are essentially unregulated. The only regulation is you can't say something that is factually untrue, but if you try to read it, it's hard to figure out what fact is even being asserted in those terms. And I've recently been taking a look at what's happening behind your back, just purely on the commercial side, when you tap on Angry Birds. Do you all think we're safer now than we were on 9-11? I'm sorry. I'm sorry. I think he has, I have an answer to your... Where does your money go? Oh, your taxes are paying for that. I mean, there was, I mean, when they first started collecting all this data, there was an emergency appropriation. I reported it, some hundreds of millions of dollars to get bigger pots to put the data in and bigger computers to sip through it at the NSA. So there are some tax costs. Let me just... Do you think, Jim, that for all this, it's expenditure and all this that's happened, you think we're safer now than we were on 9-11? I'll start by saying that I'm happy because I went to a hacker conference and they gave me a bumper sticker that said, NSA, free backup services. So you are getting some value. No, if you compare how... It was a bitter lesson, but if you compare how things worked in the 90s and people were well-intentioned and were trying hard and how they work now, we're better off. There are problems. And one of the problems is that one of the reasons, there is no other way to do national level surveillance. I was in a huge exercise where we did not use communication surveillance and tried to track terrorists who were in the US. We could not find them. So you put all the pieces together, FBI and CIA are working together better. NSA has their stuff. All three agencies are talking. We're better off. NCTC is a plus. We are safer. Are we safe? I leave that to you guys. Lloyd Hand had a question. I guess, Paul, I just... A comment and a question. I agree that a free and robust press is a cynical non for a free society like ours. And I may it always be that way. On the other hand, I agree with what you said earlier, Bob, that Martin Luther King and others who engaged in civil disobedience took their medicine. They didn't run off. Last night, I heard on Paris Morgan interviewing Alan Dershowitz. And they were talking about Green Wall. And Dershowitz said, when the law says that when you knowingly publish classified information, that's a felony. Did you know that you were publishing classified information? Wow, this is an entirely different kind of conversation. You can take the fifth. Of course, I knew I was publishing classified information. It had stamps on it. And I put the stamps in the paper. And there have been available theories of prosecution for many years now. In fact, since 1917, as you know, in the Espionage Act, under which a person who publishes information relating to the national defense, even if it's not classified, it doesn't have a stamp on it. And by the way, there are X number of active divisions in the army down the line that's relevant to the national defense. There have been available theories under which you could prosecute a report or a newspaper for publishing that stuff. And on balance, there has yet to be any administration that thought that that would be the right call to make in terms of how we organize our society. And if they did, then we would have an opportunity to test the constitutionality of an interpretation of that law that would apply it to First Amendment protected activities. And we'll just have to see. I'm not a lawyer and I'm not at all cavalier about this, but it is true what David said, that if you're going to cover foreign affairs or national security or national defense, it is very difficult to write almost any story which could not be interpreted as breaching the lines of the Espionage Act. I mean, just what's made that point, that they could and have always been able to make that choice and have it done it. But just to put comment that we know, no one's commented on, I don't believe earlier, that, and the question is, it's true that Snowden precipitated this debate. My question is, was it a necessary way to precipitate debate? And the other comment is, it's important to keep in mind that all of these programs were legal. There was not, was an illegal aspect about it. The Congress enacted these laws and it's unfortunate that the good many of the congressmen didn't go to the briefings where they'd learned more about it over the last several years. I think one of the, and I'm gonna get you all to quote on this, but I think one of the things that there should be more attention to is this congressional oversight. And the fact, is it not true that when they had the most recent briefing for the Congress, they unfortunately had it on Friday afternoon and they all left town because they had to get back home. And I think that's one thing that deserves a lot more publicity, whatever you'd like. Well, in terms of the oversight side, this is extraordinarily complex stuff, technically, operationally, and legally. And the way Congress works and the way, in fact, senior executives work in every branch of government, you need staff to master the details and advise you on it. And it is a very small minority of members of Congress who have staff with requisite clearances to even get these briefings. If you're not on the intelligence committee and to some extent certain appropriation subcommittees or judiciary subcommittees, you don't have that staff. It's probably one in 10. That's one thing. Is this thing legal? According to every interpretation of the law that's happened so far among all three branches of government, what is happening is legal. There are lots of things that are legal or could be legal, depending on what the law was or what the judicial decision was, that we as a society might like to debate. Right now, the FISA court, we know now and we didn't know until now, the FISA court has radically reinterpreted some of the features of the Patriot Act. For example, Section 215, business records. The FBI's been telling us every year, we get only a few dozen times a year, do we even use this provision to get business records? It used to be that the interpretation of FISA was that a facility against which you collected business records was a phone number or an email address. And now it is all of them. Now it is the entirety of the call database at Verizon and each of the other two or three big companies. No one knew they did that. I'm quite confident that if real lawyers and unlike me get a chance to ever read that opinion, there will be very significant disagreement in the legal community about whether it's constitutional but that can't be tested right now. Just, and this has to be the last comment. Just a very quick one, you raised a very good question which is, do you need these kind of revelations in order to have the debate? History suggests you probably do. Jim mentioned that we managed to have a good debate about nuclear weapons, even though everything about nuclear weapons is classified, how you use them, where we keep them, so forth and so on, but we had a 25 year long debate that sort of ended up at the end of the human missile crisis 50 years ago, including the conditions under which we would use nuclear weapons. In the case of drones, it actually took a very active press writing about the subject every few weeks in order to force the government of the United States to begin to debate out the question of the conditions under which we would use drones. In the case of offensive cyber, it's been the same thing. You've needed revelations in order for there to be a debate and so far it's a very small debate about whether or not we wanna be using this new class of weapons. And I think as the stories that Bart has run as indicated, you wouldn't have the debate unless people can stop and say, well wait a minute, there's a law that was written when the only metadata you could look at was an address on the outside of an envelope, still apply in an era where you're walking around with a cell phone and as you move from one tower to another, somebody could figure out, they say that they don't, but somebody could figure out exactly where you are. So the nature of the data is so much richer today that applying a law that was written even 30 or 40 years ago may not make sense anymore. All right, well we have to end it there. Thank you all very much and thank you all on behalf of PCU and CSI. Thank you so much. Wanna thanks? Thank you so much. Let's go for it. Let's go for it. Thank you. Thanks a lot.