MS. DIANE REHMThanks for joining us. I'm Diane Rehm. Tech giants Apple and Google have announced the operating systems on their newest phones will be encrypted. That means law enforcement won't be able to access photos, emails and videos on a password-protected Smartphone. And the FCC is considering giving a Swedish company control over the nation's phone routing system.

MS. DIANE REHMJoining me to discuss concerns over encrypted Smartphones, intelligence-gathering and national security, investigative journalist and author James Bamford, Gregory Nojeim of the Center for Democracy and Technology, David Sanger of the New York Times and Donald (sic) Hosko of the Law Enforcement Legal Defense Fund.

MS. DIANE REHMDo join us. Call us, 800-433-8850. Send an email to drshow@wamu.org. Follow us on Facebook or send us a tweet. Thank you all for being here.

MR. DAVID SANGERGood morning.

MR. JAMES BAMFORDGood morning, Diane.

MR. RONALD HOSKOGood morning. Thanks very much.

REHMGood to see you all. David Sanger, let me start with you. Remind us of what Apple and Google said and why.

SANGERWell, Diane, if there's a meta-story a year and a half after the Snowden revelations, it's that the Silicon Valley firms that need to be able to sell their products not only here, but abroad -- abroad being probably at this point the bigger growth markets for them -- need to demonstrate that they don't have backdoors that American intelligence, American law enforcement can get to.

SANGERAnd we can talk a little bit later on about why that is and what the reactions have been in places like Germany and China and Brazil. And so each one of them has started up programs to basically be able to demonstrate and publicize that they don't have these back doors. So when iPhone brought out -- when Apple brought out the iPhone 6 and the new operating system, iOS 8, with it, it had an innovative and quite different encryption system to it.

SANGERAnd, of course, this is just two weeks ago, two or three weeks ago. And the encryption system is basically built around that little code that you type in when you want to unlock your phone. Most people use four digits. If you want this to be safer, you'd use six or more. And it creates a algorithm that's built around that code and so let's say that you're phone was picked up by the police or troops grabbed an iPhone that had this system in it when they are doing a raid in Afghanistan or in Iraq or in Syria.

SANGERAnd the first thing they'd want to do is pull the phone apart. With the old system, you could send it to Apple with a warrant stapled to it and if it was an American citizen, in that case, and they could drain out the data. This time, they would tell you that data is all gibberish to Apple because the encoding has encrypted it and you need the person's code in order to de-encrypt it.

SANGERAnd they advertise in their white paper that came out with the publication of the new operating system that a brute force de-encryption, in other words, just having a computer try and do it by itself, would take five and a half years. Now, we don't know if that number's right or wrong, but that's essentially it. So they have abrogated to themselves saying, we can't give you the data.

REHMJames Bamford, does this all go back to the Snowden affair?

BAMFORDOh, definitely, Diane. This is all blowback from the Snowden leaks. The Snowden leaks, what they did was they showed that the government can't be trusted, they can't be trusted to deal honestly with communications. So if you thought you had encryption, the NSA was working behind the scenes to develop back doors into that encryption or forcing the companies to secretly weaken some of this encryption.

BAMFORDAt the same time they've been building enormous code-breaking capabilities down in Oakridge, Tennessee, for example. They're been working on what's known as a exaflop computer. That's a computer that will do a billion-billion operations a second. So on the one hand here, you have the blowback from the Snowden affair, the Snowden leaks, forcing these companies to sort of cater to the customer's desire for privacy and on the other hand, you have the NSA that is working very hard at finding ways, still, into encryption by building these exaflop computers and so forth.

REHMSo Ron Hosko, what is all this going to mean for law enforcement?

HOSKOWell, I think that Director Comey's comments in The Post last week point right to it. This post-Snowden hangover that we have in government and in our society today is rebuilding the tension between what is privacy, what are the privacy interests that we're trying to protect and how do we define security. Is security the security of our country against violent criminals and external threats or is it my personal security in my data?

HOSKOI think, as your other guests have mentioned, whether it's five days, five years to crack that code or five minutes, if a life is at stake, and I believe we will encounter times when they will be, if a life is at stake, those minutes count, those seconds count. And if we hear from the company that it'll take us five years or five weeks, that's gonna be too long.

REHMAnd one very relevant and imminent example could be this case in Charlottesville where they are trying to get a hold of a cell phone to search data related to one dead young woman and one missing young woman.

HOSKOAbsolutely. We know that hundreds of millions of us are carrying around these phones or these Smartphones today. It's become our primary means of communication in many respects. Our data is stored there, important images are stored there and if law enforcement obtains lawful access to those devices through means and through methodologies that are defined by the courts and defined by Congress and they try to get legitimate lawful access and they are intentionally blocked by this technology, it's going to create opportunities for criminals to conspire and to execute their schemes and we're not going to be able to stop them.

REHMDavid Sanger, Ron mentioned Congress. Is this setting up a battle on the Hill when Congress returns, a move to go after Apple and Google?

SANGERWell, it might. But what's interesting is that we are a year and a half after the Snowden affair where we thought that there would be all kinds of legislation in the other direction, putting restrictions on the NSA, putting restrictions -- greater privacy restrictions. That was certainly the mood from the time of the first Snowden revelations in June or thereabouts of 2013 going forward. And, in fact, we haven't seen many of those.

SANGERAnd, if anything, I think you might argue that the pendulum probably has shifted some now because of ISIS, because of fears, again, about attacks in the United States. And, you know, Ron raises a really interesting question because on the one hand, one way to look at this problem is to say that in a democracy, it is not up to Apple or any other individual company to create a technology that is clearly designed, whether they admit it or not, to try to stop a lawfully executed warrant from actually turning over data.

SANGEROkay. So that's one way to look at it. In other words, that this should be decided by a government. The other way to look at it would be, and this is sort of what Apple executives say. The Apple executives insist, oh, you know, we don't think the government brought them on themselves. We think the customers brought this to us. Our customers want more privacy protection. They don't want to think that if they lose their phone or it's grabbed by somebody who doesn't have a legal warrant into it that they can get the data out of it and therefore we have to offer them what they demand the most, which is good encryption. So good, in this case, that Apple itself doesn't know the code.

REHMWhat about that, James Bamford?

BAMFORDWell, you know, there are other alternatives that the government can go to. There's a lot of information in the Cloud. A lot of people have their photography, their pictures and so forth on their phone, but it also is in the Cloud. So there's other ways. There's tracing cell phones through the towers where communications are bounced off of and so forth. So there's other alternatives. This isn't the end of the world.

REHMYou're saying that if the NSA really wanted to go after information, if somebody synchs their phone with their computer, if they put stuff in the Cloud, then the NSA does have access.

BAMFORDOh, exactly. Yeah, they can get a search warrant for whatever company has the Cloud and that information wouldn't necessarily be encrypted. It's only encrypted on the phone because it's encrypted by a password and so forth. So there are other alternatives. And it's always the government coming up with these kidnap excuses or whatever that we always need this extra availability of security.

BAMFORDThe problem is that the NSA has a past of abusing privacy to an enormous extent and that's the reason you're having all this blowback from customers who are saying I don't want to have my data sent to NSA. I did a piece for the New York Times last week in the op-ed section that discussed what -- last summer, I spent three days with Ed Snowden. He told me that they were sending data from NSA that's picked up in the United States to Israel without ever taking the names or private information out of that communications.

BAMFORDThey don't do that to any other country so that was extraordinarily invasive.

REHMJames Bamford, investigative journalist, author of "The Shadow Factory: The NSA From 9/11 To The Eavesdropping on America." Short break. We'll be right back.

REHMAnd welcome back as we talk about Apple and Google's decision to encrypt its new iPhone and its Android phone. Here in the studio, Gregory Nojeim. He's senior counsel at the Center for Democracy and Technology. David Sanger of the New York Times, Ron Hosko. He's president of the Law Enforcement Legal Defense Fund. He's former assistant director of the FBI Criminal Investigative Division. And James Bamford, investigative journalist. Greg Nojeim, what do you see as the likelihood that Congress is going to come back and update the law to respond to Apple and Google?

MR. GREG NOJEIMI think it's unlikely that Congress would impose technology mandates on Apple and Google and other companies to make their products more vulnerable and less secure. And the reason it would be unwise for Congress to do that is because law enforcement isn't the only one that's trying to get at the information on your phone. If your phone gets lost, it's important that the contents be encrypted because that will make it more difficult for the bad guys to use what you put on your phone.

MR. GREG NOJEIMRemember, the bad guys want your phone for two reasons. They want your phone because it has value in and of itself. They want to sell it. But they can also use the data that's on your phone to steal your identity. Having that data encrypted makes it harder for them to commit that crime. It increases your personal security. I don't think Congress would reverse this decision.

REHMRonald Hosko, here's an email from Jake who says, "These encryption methods are only as secure as the key length. Four- to six-digit pins can be brute force hacked in hours, if not minutes."

HOSKOWell, I think that the firms are already refuting that. They are talking about algorithms that will take potentially years to break by a brute force attack. But I also think, Diane, that one of the things that Jim mentioned is -- really points to the challenge of law enforcement in our country. I do believe in the post note and disclosure era that we, the big wig and that includes media, have conflated what was happening in the NSA and with what law enforcement does day to day where we have hundreds of thousands of police on the streets.

HOSKOAnd rest assured that if the NSA develops a backdoor to any particular technology, the Peoria police department cannot call the NSA and get access to that backdoor. That is not going to happen. So we're talking about hundreds of thousands of police across our country who are going to be blocked out from doing their day-to-day job because they don't have the resources, they don't have the people, they don't have the technology to do what perhaps NSA can or what the FBI might be able to do with a lot of time and money invested.

REHMDavid Sanger.

SANGERYou know, Ron's exactly right and you do have a conflict of government interest here. But what's astounding is so far the government has not stepped up and said what Ron just did, okay, which is you've got a set of domestic enforcement mechanisms that were probably the biggest victim of the NSA disclosures. And then the question comes, was that the NSA's problem or fault? Was that the director of national intelligence office's problem? Or was it the problem of policymakers who didn't think through what disclosures would affect the local enforcement? And that issue isn't going away.

SANGERAnd the fact of the matter is I think that the drive right now is still going to be more toward protection of data because every week that you pick up the paper you hear about some group in eastern Europe that's gotten into Target last Christmas, Home Depot this summer, right. And all you're thinking is, how do I protect that set of data that is on my phone.

REHMMy data, my own data.

SANGERMy data, that's right.

REHMJames Bamford, what do you say to Ron Hosko however that local law enforcement is going to be dramatically hindered in some investigations by virtue of this encryption?

BAMFORDWell, it's funny. It's like a pendulum. The pendulum swings sometimes towards heavier security and other times towards heavier privacy. And after Snowden it's swinging the other way towards heavier privacy. People are looking at what happened at Target. They're looking at what happened at other places and they don't want their data taken. You can argue we're not going to solve the next kidnapping or whatever but still, people have their own personal interests in their phones.

BAMFORDAnd I think people are going to be very reluctant if Congress tries to pass a bill saying that that data that's now on that phone is going to be accessible to the U.S. government. And in addition to that, there's -- if you're looking at the broader picture here, the companies out in Silicon Valley are losing billions and billions of dollars because nobody trusts their systems anymore overseas. I was in Brazil several times this year and talking to the people down there about the security that they lost because NSA has a great deal of eavesdropping going on in Brazil.

REHMBut the New York Times is reporting this morning that China has now approved the iPhone 6 after some deep thinking.

SANGERThey have but it was interesting to read into their announcement because, first of all, they raised a number of security concerns about it which Apple's trying to answer. Actually Apple has been, I would say, more forthcoming in their answers to the Chinese in effort to get the approval than they have in their answers sometimes to reporters about...

REHMReally.

SANGER...right, which tells you something about the size...

REHM...how many people they want to sign up.

SANGERRight. And there's been a lot of concern because the black market price of the new iPhone has been dropping in China. That may reflect more economic -- the economic conditions in China right now.

REHMBut will the encryption system in China be different from that here?

SANGERNo. It's the same iOS 6 and you have to think that the Chinese government is concerned for the same reason that the NSA and law enforcement is concerned. The difference is that the Chinese government has such monitoring of the actual phone, text and email systems that as soon as you send something out of that phone -- and that's what they're concerned about, they're concerned about the organization of protests -- I mean, think of how much of the Hong Kong protests right now are being done by -- you know, being put together by text and phone.

SANGERBut Jim raises a very good point which is that you've had countries that are capitalizing on the NSA disclosures in an effort to try to get people to buy their own products. So the Chinese have basically told government officials, we want you to buy Huawei which is one of the big Chinese producers. The Brazilians are thinking of all kinds of restrictions. The Germans keep talking about a German-only internet so that if one German is emailing another German, it doesn't run through the United States. Now I don't know why they are living in the fantasy that that slows the NSA down for more than a half a millisecond but that's where they're headed.

REHMGreg Nojeim.

NOJEIMWe're living in the golden age of surveillance. All of the things that law enforcement officials are saying, that the phones will make it difficult for them to do, the fact of the matter is that much of the data on the phones is backed up in the cloud, it's backed up on your personal computer and it's more available to law enforcement than ever it was in the past.

REHMBut how about for those who are just using their cell phones, not backing it up on their computers?

NOJEIMYeah, they're a rare bird nowadays. They are a rare bird. The fact is that we like to be able to access our data no matter what device we're using. It's a great thing. It's the internet age. It's what gives us a digital life. And the idea that we wouldn't be able to do that or that we would have to build in security vulnerabilities that make our digital lives less secure I think is not the road that we will go down.

REHMRon Hosko.

HOSKOWell, I agree with Greg. I mean, he makes a good point that more and more data is out there, whether it's on the cloud or transmitted back and forth or just look at Facebook. However, we know over the last 13 or so years just looking at the national security threat to our country. And we know, you know, from looking at how criminal actors pay attention to what's in the media, learn from how they got caught or their friend got caught, whether that's in a courtroom disclosure, an affidavit that's made public, we are facing serious enemies, whether it's a criminal or national security threat, who are learning and who are evolving. They are changing their tactics.

HOSKOI'll give you a quick example. Child exploitation is a huge problem globally. In fact, yesterday and today there's the global alliance against child sexual abuse online is a 53-country consortium. This is global. In our own country there are certainly tens of thousands of people who are child sexual abusers who are looking at images, who are creating images, who are posting images. And we've seen through recent operations -- when I was at the FBI -- just take for example -- and my colleagues certainly know about the onion router where the FBI engage in an operation to peel back some of the layers of the onion router which in effect obfuscates where you get online and what's coming out the other side, who you're talking to. The middle is just a fur ball.

HOSKOAnd -- but through our techniques and through our investigation we saw where tens of thousands of child sex predators were gathering up in dark places on the internet.

REHMAnd are you saying that with this new encryption, the FBI could not have done that?

HOSKOI am saying that child sex predators, drug dealers, kidnappers, national security plotters are paying attention to what our government does because we announce it. We announce it in our public hearings, we put it in books. And they're learning from it. And so now we see just in one area of what the FBI does in child sex exploitation tens of thousands of predators gathering around this perverse little place in our universe where they think with impunity they can go watch, they can post the most sickening images you can imagine.

REHMWhat about that, James Bamford? How does that figure in to the overall picture of security?

BAMFORDWell, that's always been a problem. It's the -- this problem with Tor, as with being discussed here, this problem of having the ability to hide all this information. And that was limited just to a small group of people in the past. But now with basically end-to-end encryption, which is what Apple and Android are offering -- or Apple and Android is going to be coming up soon and Google are offering, is that for everybody.

BAMFORDBefore you had to do some -- a lot of fairly complicated work in order to get tore to work for you. But now with Apple offering this to everybody, all you have to do is buy an iPhone and you have that same amount of secrecy.

REHMInvestigative journalist James Bamford and you're listening to "The Diane Rehm Show." I'm going to open the phones now, 800-433-8850. Let's go first to Jacob in Lansing, Mich. You're on the air.

JACOBHi. My original question had to do with the ticking time bomb scenario that everyone tries to use as a reason to build backdoors into the songs and whatnot. But just to sort of turn that around, what about a person that has government information that a foreign government uses the same backdoor to access to say kill thousands of Americans. I mean, why would we want to weaken it for everybody?

JACOBAnd on another note, the to, about the Chinese using the tor, the Chinese people over there. It's one way for them to access the internet and it was also -- excuse me -- was developed by the U.S. Navy. So, I mean, it's been used as a tool of freedom but it's also been used as a tool for evil. But I think that's what we have to live within the world.

REHMAll right. Thanks for joining us. Greg.

NOJEIMThere was one case -- well, there is a tech mandate now on phone companies to build the phone switching systems so that they're wiretap ready. One of those systems was sold to a foreign government that used it. And in that case some criminals that were in country used this security vulnerability built into the phone for -- built into the system for law enforcement surveillance to listen in on parliamentarians and politicians in this country.

NOJEIMSo every time the government tries to compel or does compel building in a security vulnerability, it creates a risk, a risk that we don't want to create because there are a lot more bad guys out there trying to get this information than there are law enforcement. And we have to account for that as we make these decisions.

NOJEIMYou know, we could order society broadly around law enforcement needs. We could tell the builders to build the windows at eyelevel so law enforcement could look in into homes. We don't do that. We don't do that because there are other societal interests at stake, privacy and personal security that we have to protect and account for.

REHMDavid Sanger.

SANGERThe last time Congress acted on this was 1994. And that was when they passed the law that required the telecom providers to be able to create just this portal that Greg refers to so that they could turn over data. So think how much has happened in the 20 years since. The law, in its current form, doesn't cover companies like Apple, which was not a cell phone maker at the time or a Smart Phone maker. Doesn't cover Google, doesn't cover email, doesn't cover text messages, except something that might run through the big providers, Verizon and AT&T and so forth.

SANGERSo the law is totally out of date and needs to be completely rewritten. But as soon as you get to rewriting it, you're going to create all these debates that Greg has rightly pointed out here. And it's all a question of how you view the intention of the person breaking in. So Director Comey rightly said on Thursday, you know, what do I tell the parents of a child who's been kidnapped? I can't get the data, and neither can Apple, off of the phone.

SANGERAnd on the other hand, you know, you see the United States government very active in places like China polling data off of cell phone networks.

REHMJames Bamford.

BAMFORDWell, one of the other issues is the government seems to always find a way. For example, during the '90s there was this move by the Clinton Administration for a clipper chip. And that was to give the government access to sort of the key to encryption that was being developed. And the -- that was turned down by Congress but yet the NSA found a way secretly around it. So I wouldn't be surprised if there's a way that the NSA could find a way around this.

REHMJames Bamford, Greg Nojeim, David Sanger, Ronald Hosko, they're all here to answer your questions.

REHMAnd we have lots of emails, lots of phone calls. Here's an email from Phyllis, who says, "In a democracy can a firm like Apple or Google impose encryption that government cannot easily break? That is not the question. The question is what right does the government have to snoop on my every thought and word? I hate all this snooping." What do you think?

HOSKOWell, I think two things. I'm going to back to David's comment earlier, because I think what he was doing was really defining the role of Congress. Congress has the right to regulate commerce between the states. And they certainly have the right to have hearings and way privacy versus security and snooping, if you will. And come to a decision and impose that decision on the tech manufacturers to say, you will create a backdoor, you will create a model where under certain circumstances law enforcement or the national security interests have a key.

HOSKOThe other piece that I have to go back to is this, I think that -- and I hate to, you know, criticize my former colleagues, but I will in a little way. I think that the FBI and certainly DOJ has not done an effective job in defining the distinction between the law enforcement and the work that the FBI does and the collection that took place at the NSA. And I certainly believe that there are great patriots at the NSA, but the FBI and law enforcement are guided by far different regulations.

HOSKOThere are layers and layers -- and you can go on the internet and search the domestic investigations and operations guide that is inches thick, that guide how any case can be initiated, that can guide its progress. And the notion that FBI agents are swimming around in random data because they have the time or inclination is just faulty.

REHMGreg Nojeim?

NOJEIMGo onto the DOJ's website and look up that manual. It talks about seizing computers and digital data. It will tell you that the FBI thinks that it doesn't need a warrant to seize data in the cloud that's over 180 days old. And it's outdated. There are -- there have been court decisions that say that that information's constitutionally protected, but outside of the areas where those court decisions have been rendered, sometimes law enforcement tries to get that data without a warrant.

NOJEIMNow, we have antiquated laws. We do. The 1986 Electronic Communications Privacy Act hasn't had a complete update since 1986 when it was enacted. We need to update those laws to provide more privacy, not less security.

REHMAll right. Let's go to Andrea, in Dayton, Ohio. You're on the air.

ANDREAHello, Diane. And thank you so much for having this discussion. I feel it's extremely important. So far developments in encryption technologies seem like they've outpaced the policies that govern them. And I really do appreciate what both of your -- or all of your guests are saying -- excuse me.

ANDREABut I know that there are real concerns about this encryption providing protection to criminal activities, such as Silk Road, child exploitation, protection of hackers. And that there's also good things for those encryptions that some of your guests have noted, the protection of personal information, you know, enabling people who are trying to speak out against repressive governments to communicate and organize.

ANDREABut what I'm wondering is where is the middle ground here? Why does everything seem like it's taking such a confrontational tone? And why can't these two groups, who both have people's interests in mind, come together and kind of find that middle ground to provide that policy to govern this encryption?

REHMWhat do you think James?

BAMFORDWell, I think the problem really goes back to Congress. The Congress was asleep at the switch while the NSA was doing all these things. If the Congress had been more active originally in trying to restrain NSA from some of this, we might not be in this problem right now. But I just think that there's this enormous amount of information that's come out from the Snowden leaks that shows that the government is doing everything possible to find out what you're saying, what your computer says.

REHMBut it all does come back to this balance between security and privacy.

BAMFORDAnd the balance has been far on the NSA side because Congress hasn't acted for the last 10, 15 years for the consumer.

REHMAnd, David Sanger, another phone related intelligence query this week in the battle for control of the nation's phone routing system. Explain that.

SANGERWell, the phone routing and text routing has belonged to a small, has been controlled by a very small company in Virginia under the rules that were set, and a bidding that was set by the FCC. And there is discussion now -- no decisions -- that it may switch to an American subsidiary of Ericsson, which is a Swedish firm. This raises a question very much like the dispute that took place in the middle of the Bush administration -- I think, Diane, we discussed it on a show one time -- when Dubai Ports, a Dubai company was going to take over part of the operation of the Posts of New York and New Jersey.

SANGERAnd there was this big national security question, which seemed to me to be a little bit overblown, about whether or not you wanted your ports run by a foreign firm. And in the end, the political dispute became so great that Dubai Ports pulled out. In this case, a former director of Homeland Security, Mike Chertoff, has been hired to do a study -- hired by the company, the currently -- the American company that currently runs the switching system -- to examine whether there are national security implications here.

SANGERAnd he raised some possibilities in a report that he's getting ready to publish and give to the FCC. In my view -- and I need to learn a little more about this -- it's a little like Dubai Ports. I mean, any American subsidiary of Ericsson, a Swedish firm, a firm that belongs to an ally -- would be under the same U.S. law that the current operator would be under. And so…

REHMExcept, I must say, Mr. Chertoff said it would be a counterintelligence bonanza for adversaries of the nation, a security disaster for the U.S., if it were turned over. What do you think?

SANGERThat depends entirely on whether or not the data --where the data is located, what kind of locks are on it. It could be a counterintelligence disaster with an American company that a Chinese firm or a Russian firm gets into.

REHMJames?

BAMFORDWell, there are a number of restrictions. First of all, there is an American subsidiary that's actually going to be running this.

REHMRight.

BAMFORDAnd there are national security considerations that are always taken into consideration on things like this, the boards of directors and so forth. The management has to be -- have security clearances a lot of times. So there's -- there are restrictions. It isn't just opening this up to foreign access totally. So there -- it -- there is concerns, obviously. But I don't think they're quite the concerns that Mike Chertoff has made out.

REHMRon Hosko, where's the FBI stand on this?

HOSKOWell, I'd like to just go back to your caller's comment for a second. First, I think we could use her up on Capitol Hill.

REHMFinding that balance.

HOSKOThat's right. And I think some of this discussion that we are having today and that's going on in our society is really about leadership. We have seen Apple, to their credit, and some of the other tech providers, show the leadership in a void to go out and create these technologies and start to market them aggressively.

HOSKONow, in response, you've heard the director of the FBI step up and put down his marker and say, this is going to be a problem for us in our government, whether it's the FBI, local police or the national security branch of what we do, and put down his marker, in effect. And so the question of leadership comes back to where is our Congress? Where is their voice? I believe that, unfortunately, in our country we need a crisis for our Congress to move.

REHMBut talk about where the FBI stands on the routing issue.

HOSKOI don't know the current stance. I mean, I left about five months ago. And so I don't watch them day to day, although I do watch occasionally. I think that if we are to give over the keys of any sort to a foreign government or to foreign possession, that's a potentially risk.

REHMWhat's the difference between a foreign government and a foreign possession? You said it remains in the hands of an American company.

BAMFORDWell, it's not the first time this happened. There's been many instances where a multi-national company gets involved in something involving U.S. national security. And there are certain set procedures, the -- who have -- who can be on the boards of directors, sort of a divestment between the foreign owners and so forth. So this isn't the first time it's come up, but it's being made, I think, larger -- a larger issue than it should be at this point.

REHMDo you agree with that, Greg?

NOJEIMIt seems to me that what's important here is what is the legal regime that governs the activities of whoever has control? If that legal regime is in good shape, then it matters less who has the control, just so long as they have the security clearances, as Jim was mentioning. And right now, we have an outdated legal regime.

SANGERDiane, flip this around. Supposing for a moment -- just for sake of argument, that the U.S. government decides Ericsson can't run this system. It's got to be a U.S. company. Don't the Germans, the next month, say, you know, you're right. And Google really shouldn't be running Gmail systems that are being used by Germans. And the Brazilians step in and say the same thing. The Chinese have already done this. Right.

SANGERSo, you know, we have sometimes a hard time in this country sort of thinking this chess game two or three steps further out. And if the U.S. block this you have handed an argument for any country that's looking for a way to fight back against the American dominance of the internet.

NOJEIMGermany just turned down a contract that Verizon had had with the -- Germany just turned down a contract with Verizon, a multimillion dollar contract for these reasons.

BAMFORDAnd Brazil also. I was -- I've been down there a couple time this year and talked to the people down there. And they're -- they were shocked to find out that all their undersea cables, the cables that connect them to the -- to Europe and Asia and so forth, if you look at the undersea cable system, they all go to Miami before they go anywhere else, which gives the NSA tremendous access to virtually all their communications. So what they're doing now is developing -- or actually buying a new cable that goes directly from Brazil to Portugal, bypassing the United States.

REHMAll right.

BAMFORDAnd they've switched from a U.S. satellite manufacturer to a French satellite manufacturer. So there are these enormous economic hardships that some of these U.S. companies are going through because of these revelations.

REHMAll right. To Durham, N.H. Hi, Peter.

PETERHi, Diane. My question is it seems like -- I'm wondering why the, like, law enforcement agencies feel that they have the right to all of our phone and text information when it seems like it would used less for, like, kidnapping. Because I don't think kidnappers are out texting and calling people about their kidnapping victims. And it seems like it'd be more used for like non-violent drug users and things like that.

REHMWhat do you think, Ron?

HOSKOWell, I think your caller's defining the problem. The notion that law enforcement agencies across the country have ready access to all your phone and text information or your internet traffic is an absurd one. And I think that's the misinformation that the FBI and others in government have to make clear to a uniformed public. The FBI' internal procedures -- and I'm just talking the FBI -- are rigorous on how you open a case, how you move a case forward, what authorities are required.

HOSKOAnd those authorities come from Congress and the courts. It's not FBI making up what they get and when they get it. These requirements are laid out for the FBI by the courts and Congress. They're shaped by them. I agree a lot of the authorities right now are out of date and they have to be reconsidered and refreshed. But the notion that law enforcement anywhere has ready access to your internet traffic without a cause is ridiculous.

REHMHere's an email from Chase, who says, "Since the security vulnerability of any device connected to the internet is now pretty widely known, can't an argument be made that anything stored or transmitted on a mobile device falls outside a reasonable expectation of privacy?" Greg?

NOJEIMThat, you know, that's a really good question. And part of what we're debating is what should your privacy be? You know? And I think that we want a world where we're able to communicate privately because otherwise we're not going to communicate.

REHMMaybe you can only do that face to face.

BAMFORDBut think of it this way, Diane. Before we all had smart phones, what did we do for our contacts? We carried around a little book. And you had names and phone numbers.

REHMNotes. Sure.

BAMFORD…and addresses and all that. And that was considered to be completely within the protections of privacy. However, Congress defined that. The fact that you're putting it into a Smartphone and then the question is, you know, are we protecting the device or are we protecting the information? And I think the courts have been pretty clear. You're protecting the information as an extension of the individual.

NOJEIMWell, one other problem, I think, is when you're talking about communicating between two people, that's information obviously that's being shared with somebody. But the -- another problem is with Google, for example. There are times when you do Google searches where you're not sharing that information with anybody. In essence, that's become an extension of your brain.

NOJEIMBecause if you're thinking of going on vacation and you're not telling anybody where, or you have a -- finally discover you have a disease you don't want anybody to know, you start searching about a particular disease. So you're not communicating that to another human being, yet the government now would have access to that information that's basically just within your brain.

REHMSo how can we find a balance or is there no way at this point to assume that there will be a needed balance between privacy, your own privacy and what needs to be known in the case of a terrorist attack?

HOSKOWell, to me that balance can be struck in hearings on Capitol Hill, where all the interests are -- the informed interests are put into play, where we have an informed panel of speakers, in our case probably dozens of them to push forward their interests, to have Congress poke at it and prod it and question it and tease out what's real from what's fantasy.

REHMAnd so what do you think, David Sanger?

SANGERWell, I, you know, on a domestic…

REHMWe're almost out of time.

SANGEROn a domestic level we're all trying to talk about this balance, but we're forgetting that we live in a global village out here.

REHMRight.

SANGERSo you have parts of the U.S. government that are looking -- as the FBI would be -- to get this data. You have the State Department, meanwhile, going off to try to provide an internet in a box to dissident groups around the world so they can anonymize their data. And so, you know, we have to remember we're talking about more than individual liberty here. We're talking about national interests.

REHMJames?

BAMFORDWell, I did a cover story this summer for Wired, "Three Days with Ed Snowden." And his main point that he wanted to get across was that what we need is end to end encryption, total encryption everywhere. And that's pretty much what a lot of people are pushing for now. So it will cut off the government from any kind of snooping on your…

REHMYou've got five seconds, Greg.

NOJEIMWe're out of balance. What Apple and…

REHMWe're out of balance.

NOJEIM…Google have done is start to restore it.

REHMAll right. Gregory Nojeim, David Sanger, James Banford, Ronald Hosko, thank you all so much. I'll be looking for those hearings. Thanks for listening all. I'm Diane Rehm.