[House Hearing, 114 Congress]
[From the U.S. Government Publishing Office]





 INTERNATIONAL DATA FLOWS: PROMOTING DIGITAL TRADE IN THE 21ST CENTURY

=======================================================================

                                HEARING

                               BEFORE THE

                            SUBCOMMITTEE ON
                     COURTS, INTELLECTUAL PROPERTY,
                            AND THE INTERNET

                                 OF THE

                       COMMITTEE ON THE JUDICIARY
                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED FOURTEENTH CONGRESS

                             FIRST SESSION

                               __________

                            NOVEMBER 3, 2015

                               __________

                           Serial No. 114-49

                               __________

         Printed for the use of the Committee on the Judiciary


[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]




      Available via the World Wide Web: http://judiciary.house.gov
                                   ______

                         U.S. GOVERNMENT PUBLISHING OFFICE 

97-419 PDF                     WASHINGTON : 2015 
-----------------------------------------------------------------------
  For sale by the Superintendent of Documents, U.S. Government Publishing 
  Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; 
         DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, 
                          Washington, DC 20402-0001    
      
      
      
      
      
      
      
      
      
      
      
      
      
      
      
      
      
                       COMMITTEE ON THE JUDICIARY

                   BOB GOODLATTE, Virginia, Chairman
F. JAMES SENSENBRENNER, Jr.,         JOHN CONYERS, Jr., Michigan
    Wisconsin                        JERROLD NADLER, New York
LAMAR S. SMITH, Texas                ZOE LOFGREN, California
STEVE CHABOT, Ohio                   SHEILA JACKSON LEE, Texas
DARRELL E. ISSA, California          STEVE COHEN, Tennessee
J. RANDY FORBES, Virginia            HENRY C. ``HANK'' JOHNSON, Jr.,
STEVE KING, Iowa                       Georgia
TRENT FRANKS, Arizona                PEDRO R. PIERLUISI, Puerto Rico
LOUIE GOHMERT, Texas                 JUDY CHU, California
JIM JORDAN, Ohio                     TED DEUTCH, Florida
TED POE, Texas                       LUIS V. GUTIERREZ, Illinois
JASON CHAFFETZ, Utah                 KAREN BASS, California
TOM MARINO, Pennsylvania             CEDRIC RICHMOND, Louisiana
TREY GOWDY, South Carolina           SUZAN DelBENE, Washington
RAUL LABRADOR, Idaho                 HAKEEM JEFFRIES, New York
BLAKE FARENTHOLD, Texas              DAVID N. CICILLINE, Rhode Island
DOUG COLLINS, Georgia                SCOTT PETERS, California
RON DeSANTIS, Florida
MIMI WALTERS, California
KEN BUCK, Colorado
JOHN RATCLIFFE, Texas
DAVE TROTT, Michigan
MIKE BISHOP, Michigan

           Shelley Husband, Chief of Staff & General Counsel
        Perry Apelbaum, Minority Staff Director & Chief Counsel
                                 ------                                

    Subcommittee on Courts, Intellectual Property, and the Internet

                 DARRELL E. ISSA, California, Chairman

                  DOUG COLLINS, Georgia, Vice-Chairman

F. JAMES SENSENBRENNER, Jr.,         JERROLD NADLER, New York
Wisconsin                            JUDY CHU, California
LAMAR S. SMITH, Texas                TED DEUTCH, Florida
STEVE CHABOT, Ohio                   KAREN BASS, California
J. RANDY FORBES, Virginia            CEDRIC RICHMOND, Louisiana
TRENT FRANKS, Arizona                SUZAN DelBENE, Washington
JIM JORDAN, Ohio                     HAKEEM JEFFRIES, New York
TED POE, Texas                       DAVID N. CICILLINE, Rhode Island
JASON CHAFFETZ, Utah                 SCOTT PETERS, California
TOM MARINO, Pennsylvania             ZOE LOFGREN, California
BLAKE FARENTHOLD, Texas              STEVE COHEN, Tennessee
RON DeSANTIS, Florida                HENRY C. ``HANK'' JOHNSON, Jr.,
MIMI WALTERS, California               Georgia

                       Joe Keeley, Chief Counsel

                    Jason Everett, Minority Counsel
                    
                    
                    
                    
                    
                    
                    
                    
                    
                    
                    
                    
                    
                    
                    
                    
                    
                            C O N T E N T S

                              ----------                              

                            NOVEMBER 3, 2015

                                                                   Page

                           OPENING STATEMENTS

The Honorable Darrell E. Issa, a Representative in Congress from 
  the State of California, and Chairman, Subcommittee on Courts, 
  Intellectual Property, and the Internet........................     1
The Honorable Jerrold Nadler, a Representative in Congress from 
  the State of New York, and Ranking Member, Subcommittee on 
  Courts, Intellectual Property, and the Internet................     3
The Honorable Bob Goodlatte, a Representative in Congress from 
  the State of Virginia, and Chairman, Committee on the Judiciary     4
The Honorable John Conyers, Jr., a Representative in Congress 
  from the State of Michigan, and Ranking Member, Committee on 
  the Judiciary..................................................     5

                               WITNESSES

Ambassador Peter Allgeier, President, Coalition of Service 
  Industries (CSI)
  Oral Testimony.................................................    12
  Prepared Statement.............................................    15
Robert D. Atkinson, Ph.D., Founder and President, The Information 
  Technology and Innovation Foundation
  Oral Testimony.................................................    22
  Prepared Statement.............................................    24
Victoria Espinel, President and CEO, BSA | The Software Alliance
  Oral Testimony.................................................    46
  Prepared Statement.............................................    48
Ed Black, President & CEO, The Computer & Communications Industry 
  Association
  Oral Testimony.................................................    54
  Prepared Statement.............................................    56
Mark MacCarthy, Senior Vice President, Public Policy, Software & 
  Information Industry Association
  Oral Testimony.................................................    73
  Prepared Statement.............................................    75

          LETTERS, STATEMENTS, ETC., SUBMITTED FOR THE HEARING

Material submitted by the Honorable John Conyers, Jr., a 
  Representative in Congress from the State of Michigan, and 
  Ranking Member, Committee on the Judiciary.....................     8

                                APPENDIX
               Material Submitted for the Hearing Record

Prepared Statement of Edward M. Dean, Deputy Assistant Secretary 
  for Services, International Trade Administration, U.S. 
  Department of Commerce.........................................   120
Prepared Statement of Nuala O'Connor, President and CEO, Center 
  for Democracy & Technology; and Gregory T. Jojeim, Director, 
  Freedom, Security & Technology Project, Center for Democracy & 
  Technology.....................................................   124
Letter from Michael Beckerman, President & CEO, The Internet 
  Association....................................................   130
Letter from Daphne Keller, Director of Intermediary Liability, 
  Center for Internet and Society, Stanford Law School...........   133
Response to Questions for the Record from Ambassador Peter 
  Allgeier, President, Coalition of Service Industries (CSI).....   137
Response to Questions for the Record from Robert D. Atkinson, 
  Ph.D., Founder and President, The Information Technology and 
  Innovation Foundation..........................................   139
Response to Questions for the Record from Victoria Espinel, 
  President and CEO, BSA | The Software Alliance.................   140
Response to Questions for the Record from Ed Black, President & 
  CEO, The Computer & Communications Industry Association........   142
Response to Questions for the Record from Mark MacCarthy, Senior 
  Vice President, Public Policy, Software & Information Industry 
  Association....................................................   146

 
 INTERNATIONAL DATA FLOWS: PROMOTING DIGITAL TRADE IN THE 21ST CENTURY

                              ----------                              


                       TUESDAY, NOVEMBER 3, 2015

                        House of Representatives

            Subcommittee on Courts, Intellectual Property, 
                            and the Internet

                       Committee on the Judiciary

                            Washington, DC.

    The Subcommittee met, pursuant to call, at 1 p.m., in room 
2141, Rayburn House Office Building, the Honorable Darrell E. 
Issa (Chairman of the Subcommittee) presiding.
    Present: Representatives Issa, Goodlatte, Collins, Smith, 
Chabot, Jordan, Poe, Marino, DeSantis, Nadler, Conyers, Chu, 
DelBene, Jeffries, Cicilline, Peters, Lofgren, and Johnson.
    Staff Present: (Majority) Vishal Amin, Senior Counsel; Eric 
Bagwell, Clerk; and (Minority) Jason Everett, Minority Counsel.
    Mr. Issa. The Committee will come to order.
    Today's hearing concerns digital trade, and specifically 
cross-border data flows. The modern economy requires data flow 
and to flow freely.
    Individuals and businesses rely on technology and the 
efficient and reliable movement of data across borders. The 
recent decision by the European Court of Justice, invalidating 
the 15-year-old Safe Harbor Agreement between the United States 
and the European Union, created uncertainty that's bad for 
business everywhere. We hear that a new Safe Harbor Agreement 
is imminent. But if an agreement is not reached by the end of 
January 2016, then the consequences for transatlantic data flow 
and business operations could be dire.
    To help us reach a new agreement with the EU, the House 
passed a Judicial Redress Act last month. Though it still 
awaits Senate action, it is a strong move by the House to 
support--in support of reaching this vital agreement.
    But cross-border data flow are not simply a transatlantic 
issue. They also figure prominently in the Trans-Pacific 
Partner Agreement, or TPP. As we consider digital trade issues 
more globally, it is important to view the tactics being used 
to restrict it as much as any other point of it. The trade 
barriers being used to restrict cross-border data flows are 
simply nontariff trade barriers. By any other name, it is 
protectionism, and it hurts U.S. competitiveness; it hurts the 
very countries who are implementing these protectionist 
agreements, and ultimately, it will hurt global trading with 
all the partners who depend on data free flow in a 21st 
Century.
    These trade barriers include localization requirements for 
cloud computing. That means that instead of harnessing the 
economies of scale that come from a cloud, companies will be 
forced to house in facilities in individual countries, 
resulting in duplicative infrastructure and higher costs. Let 
us bear in mind that a location anywhere on the face of the 
earth is a location everywhere on the face of the earth. And 
many countries seem to ignore that in favor of basically an 
infrastructure construction project being mandated in their 
country.
    And it's not just technology companies that can be harmed 
by these types of digital trade barriers. In the financial 
services industry, banks use a security practice known as 
charting, that splits a single customer's information into 
discreet packets that are stored in multiple locations to 
prevent a hacker from compromising it. By its very definition, 
this practice would be impossible without the free flow of 
data.
    In July, we held a hearing on The Internet of Things, or 
IOT. This new era of technology relies on sensors transmitting 
data to a cloud for analysis. If the data cannot flow freely 
around the globe, then The Internet of Things technologies will 
not be as successful as they could be, and, in fact, could 
restrict many of the technologies already implemented in The 
Internet of Things.
    If countries are allowed to unduly restrict data flow, what 
is to stop them from creating new market access requirements 
that require companies to share source code, trade secrets, 
utilize--utilize or source solely from local companies, and 
more absurdly, force U.S. studios to alter their story line of 
a movie as a condition of market access.
    The last one isn't that absurd. A report published just 
last week by the U.S.-China Economic and Security Review 
Commission, explains just how China regulator--China's 
regulators do just that as a condition of market access.
    As this Committee works to promote digital trade, we are 
continuing a long battle against market access barriers that 
take surprisingly, and oftentimes, strange forms.
    Though the issues can oft-times seem complex, the goal here 
is to actually make this simple and understandable for the 
American people to ensure free and fair trade, improving U.S. 
competitiveness globally.
    Digital trade helps drive the modern economy, and I look 
forward to our witnesses today and a healthy debate on these 
issues.
    Last but not least, it goes without saying that no one owns 
data in a global environment exclusively. An economic 
transaction for an American who is traveling in a foreign 
country, requires a look-back to their country. If the United 
States refuses to provide that data, while another country 
refuses to provide the information as to what is being bought 
or what service is being procured, then, in fact, you have a 
standoff; I won't let my data flow to you to tell you what 
customer X is buying, and you won't tell me if customer X can 
pay for it. Can you imagine trying to travel with a MasterCard 
or a Visa or an American Express that simply couldn't cross 
international lines? Sounds absurd? Not if everyone says, my 
data is mine, and I won't share.
    And with that, I recognize the Ranking Member for his 
opening statement.
    Mr. Nadler. Thank you, Mr. Chairman.
    Today's global economy is largely a digital economy. Thanks 
to the Internet, massive amounts of data can be sent across the 
global in an instant, connecting businesses and consumers 
alike. The ability to easily transmit data at low cost 
throughout the world has spurred tremendous innovation and 
fostered significant economic growth. But various countries 
have erected barriers to the free flow of data across borders. 
Some of these restrictions are intended to stifle dissent and 
free speech. Some are purely protectionist in nature, or some 
are for other policy reasons, such as protecting the privacy of 
a country's citizens.
    Today's hearing presents a good opportunity to examine what 
rules should govern the international flow of data, and what 
role the United States can play in establishing and enforcing 
these policies.
    When we talk about cross-border data flow, it could be 
something as simple as someone in a New York office of a multi-
national bank and emailing a colleague in the bank's Hong Kong 
office. It could also be someone sitting in Paris accessing 
their Facebook account, or logging onto iTunes and downloading 
movies and songs contained on American servers.
    But it also has much more complex applications. Cloud 
computing allows businesses and consumers to store data and 
service that could be located anywhere in the world. And some 
global businesses gather data across their worldwide operations 
to a centralized location where it can be analyzed to better 
stream their supply chain or improve service to their 
customers.
    Companies of every shape and size, and across nearly every 
industry, rely on data that crosses international borders at 
some point along its journey. That is why it's important that 
we carefully examine any restrictions that might impede the 
free flow of data.
    Some restrictions, like those that block access to social 
media or filter out political dissent, are clearly improper, 
and threaten the human rights of those countries and citizens. 
America should continue to lead the world in opposing 
oppressive regimes that stifle the freedom of their people.
    Other restrictions, like those requiring a company to 
process data domestically, or to locate certain infrastructure 
in-country, are often intended to bolster domestic companies. 
Many of these restrictions can be removed in the context of 
trade agreements.
    But I have been a persistent critic of some such 
agreements, in part, because of their devastating impact on 
American jobs, and we should tread carefully in the digital 
realm before we make some of the same mistakes we have made 
with physical goods.
    More complicated to address the limitations on data flow, 
the countries impose to advance other policy goals, like 
privacy protection. Finding the right balance between 
protecting the needs of American businesses, respecting the 
legitimate policies of other Nations, and to ensure that other 
countries respect ours is not an easy task. That was made clear 
by the recent decision by the Court of Justice of the European 
Union to invalidate the U.S. EU Safe Harbor framework. This 
important agreement enabled more than 4,000 American businesses 
to transfer the personal data of EU citizens to the United 
States if the company certify that they would comply with 
certain adequacy requirements to protect personal privacy.
    The court, however, determined, in part, that because the 
Safe Harbor scheme only applies to companies and not public 
authorities, there was not adequate protection for EU citizens 
from U.S. surveillance activities, and the entire agreement 
was, therefore, invalidated.
    The court also found that EU citizens do not have 
sufficient remedies under U.S. law if their privacy rights 
after a transfer are violated.
    The gentleman from Wisconsin, Mr. Sensenbrenner, and the 
distinguished Ranking Member of the full Committee, Mr. 
Conyers, deserve great credit for working to address the second 
issue by drafting the Judicial Redress Act, which will provide 
important privacy protections for EU citizens under U.S. law.
    The Judicial Redress Act has already passed the House, and 
I hope the Senate will take it up shortly. I also appreciate 
the U.S. Department of Commerce, which is hard at work 
negotiating a new Safe Harbor Agreement. I hope a new agreement 
is reached soon, but I also hope that Congress will view this 
incident as a wake-up call.
    The USA Freedom Act took an important step in curtailing 
surveillance activities, but we should go much further in 
strengthening our privacy protections. It should not take a 
European court to prod us into protecting our own citizens.
    To ensure that businesses have the flexibility they need, 
while consumers have the protections they deserve, the United 
States must work with its partners in the global community to 
set clear standards governing cross-border data flow. I look 
forward to discussing what these standards ought to be with our 
esteemed panel of witnesses today, and I yield back the balance 
of my time.
    Mr. Issa. The gentleman yields back.
    I now recognize the Chairman of the full Committee, Mr. 
Goodlatte, for his opening statement.
    Mr. Goodlatte. Thank you, Mr. Chairman.
    Today's hearing reflects a new twist on the same old song. 
U.S. companies are at the forefront of the digital economy, and 
as our companies look to operate globally, they face new and 
novel nontariff trade barriers that could make it costly, or 
near impossible, to operate overseas. As we work to promote 
digital trade, we must work to make sure that the international 
playing field is fair. When foreign countries attempt to raise 
trade barriers ore put in costly regulations as a cost of doing 
business, we need to call it out for what it is, a barrier to 
free and fair trade.
    We are now in a world where, on one side of the globe, the 
United States has negotiated the Trans-Pacific Partnership 
Trade Agreement, with rules promoting cross-border data flows 
and preventing undue restrictions, such as localization 
requirements.
    And on the other side of the globe, we look at Europe, 
which has invalidated a 15-year-old Safe Harbor Agreement. This 
decision translates into uncertainty for thousands of American 
companies doing business in Europe, which could have a ripple 
effect on our economy.
    As the United States and Europe continue to negotiate the 
new Safe Harbor Agreement, we must understand that this is a 
complex issue for all sides. And we are cautiously optimistic 
that the Administration and our European allies will be able to 
come to an agreement that eliminates uncertainty and allows 
transatlantic commerce to continue.
    In the House, we recently passed the Judicial Redress Act. 
This bipartisan bill, awaiting Senate action, extends certain 
privacy protections to citizens of European countries, as well 
as other allied Nations if the Federal Government willfully 
discloses information in violation of the Privacy Act. Under 
this bill, citizens of designated countries will be extended 
the core benefits of the Privacy Act, which already applies to 
Americans, with regard to information shared with U.S. law 
enforcement authorities, including the ability to bring a 
lawsuit for the intentional or willful disclosure of personal 
information.
    This hearing is important because the rules of the road 
that are considered on digital trade and data flows will either 
promote or impede the growth of the Internet. A recent BSA 
report stated that 90 percent of all of the world's data was 
created in just the last 2 years. While an incredible 
statistic, it also shows how important data and data flows are 
to innovation and economic growth.
    Localization requirements, such as forcing companies to 
locate data centers in a particular country, defeat the whole 
point of cloud computing. New technologies, like The Internet 
of Things and cloud computing, rely on cross-border data flows. 
Undue restrictions could prevent companies like Boeing and GE 
from using IOT sensors in jet engines to send back real-time 
data to their engineers in the United States.
    For global diversified technology and manufacturing 
companies, they would face the absurd situation of not being 
able to move their own R&D data from country to country.
    Restrictions on data flows fail to recognize the importance 
of interconnected global supply chains, and the need for the 
uninterrupted movement of data.
    As this Committee continues to study this issue, it is 
important for us to keep in mind the effects on public policy 
today and in the future.
    I am hopeful that the right policies will help fuel the 
engine of American innovation, prosperity, and creativity. I 
think we have a great panel assembled today, and I look forward 
to hearing from all of our witnesses.
    Thank you, Mr. Chairman.
    Mr. Issa. The gentleman yields back. Thank you.
    We now will hear from the Ranking Member of the full 
Committee, the gentleman from Michigan, Mr. Conyers.
    Mr. Conyers. Thank you, Chairman Issa.
    I think this is a more important hearing than a lot of 
people appreciate it. Certainly, that's the case of myself. And 
to our distinguished list of panelists, we welcome you all, 
particularly Dr. Atkinson. But I just want to get something out 
about the digital trade, because the growth of our economy 
relies on the expansion of the global digital economy, and 
efficient cross-border data flow as digital trade becomes a 
larger portion of the global economy. That's the heart of my 
introductory comments.
    According to the United States International Trade 
Commission, a digital trade increased U.S. average wages and 
helped create about 2.4 million full-time positions in 2011, 
the same year digital trade also increased annual U.S. GDP by 
4.8 percent.
    As we hear from today's witnesses, which I welcome, I'd 
like to have considered the following points: To begin with, 
any discussion on digital trade and unrestricted cross-border 
data flows requires a serious discussion on surveillance 
reform. Earlier this year, a coalition of companies, trade 
associations, civil rights organizations, wrote to the 
leadership of both parties to outline the economic costs of the 
significant erosion of global public trust in both the United 
States Government, and the United States technology sector. 
Their fears appear to have been prescient.
    Last month, citing concerns about insufficient privacy 
safeguards in the U.S. Court of Justice of the European Union 
suspended the U.S. EU Safe Harbor framework that allows about 
4,400 United States-based companies to move digital information 
across the Atlantic. The decision is a reminder that we need to 
have a thorough conversation about surveillance reform. Without 
one, we cannot fully address eliminating restrictions on cross-
border data flow.
    A couple of weeks ago, the House took a step toward a 
fuller discussion by passing H.R. 1428, the Judicial Redress 
Act, which our colleague, Jim Sensenbrenner, introduced, and I 
was proud to be a cosponsor of.
    The bill extends to the citizens of certain foreign 
countries, privacy protection, and it will facilitate 
information-sharing partnerships with law enforcement agencies 
across the globe. This will save lives.
    Although there is far more work to be done, I hope that our 
allies will take our work on the Judicial Redress Act as a sign 
of good faith and a first step.
    We must continue to work to restore the public trust 
necessary for the continued success of the United States 
industry overseas, while protecting individual rights. Digital 
trade and cross-border data flows are transforming how American 
consumers and small businesses operate and interact. For 
example, Ford Motor Company and Boeing, analyze, in real time, 
digital data from their vehicles and aircrafts. This helps them 
diagnose problems and quickly find solutions. This saves 
consumers money and saves lives.
    Similarly, small businesses depend on having efficient 
cross-border data flow in digital trade. For example, digital 
trade affords them the ability to expand into foreign markets. 
Consumers rely on online payment processors, like PayPal, to 
process their payments globally from purchases on online 
platforms and small businesses.
    Finally, the flow of data across international borders 
presents a unique regulatory setting. Congress, the 
Administration, foreign governments, and nongovernmental 
actors, must provide solid consumer protections that safeguard 
the development of these ever-increasing data flows. The smart 
and thoughtful discussion I believe we ought have today will be 
to illuminate barriers to future growth that we need to 
consider and address. According to studies, restrictions like 
data localization mandates hinder economic development in those 
companies that erect barriers to digital trade. We should 
examine how they affect consumers and the United States-based 
businesses.
    Still, some barriers are necessary to protect against the 
digital trade of illegal goods and services, such as digital 
piracy and the trafficking of child pornography.
    I look forward with interest to having the witnesses at 
today's hearing, and I thank the Chairman.
    Mr. Issa. Thank you. The gentleman yields back.
    Without objection, all----
    Mr. Conyers. Mr. Chairman.
    Mr. Issa. For what purpose does the gentleman seek 
recognition?
    Mr. Conyers. For the record, I would like to enter into the 
record an ACLU report concerning the Subcommittee on Courts, 
Intellectual Property, and the Internet hearing dated November 
2, 2015.
    Mr. Issa. Without objection, placed in the record.
    Mr. Conyers. Thank you.
    [The information referred to follows:]
  
  [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
  
    

                               __________
    Mr. Issa. You're most welcome.
    Without objection, other members' opening statements will 
be made a part of the record. We now move to our distinguished 
panel for today.
    The witnesses' written statements will be entered into the 
record in their entirety, and I'd ask you to please summarize, 
within 5 minutes or less, your opening statement.
    To help us stay within the timing, as you may be used to, 
you will see a red, yellow, and green light in front of you. 
Please think of them like you do the lights that you never, 
never run in your daily driving habits.
    Before I introduce the witnesses, I would ask that all 
witnesses please rise to take the oath pursuant to the 
Committee rules. Raise your right hands.
    Do you solemnly swear or affirm that the testimony you're 
about to give will be the truth, the whole truth, and nothing 
but the truth?
    Please be seated.
    Let the record reflect that all witnesses answered in the 
affirmative.
    Our witnesses today include Ambassador Peter Allgeier, 
president of the Coalition of Service Industries; Dr. Robert 
Atkinson, president of the Information Technology and 
Innovation Foundation; Ms. Victoria Espinel, president and CEO 
of BSA, the Business Software Alliance, or the Software 
Alliance now as we want to call it; and Mr. Ed Black, president 
and CEO of the Computer and Communications Industry 
Association; and certainly never least, Mr. Mark McCarthy, 
senior vice president of Public Policy for the Software & 
Information Industry Association.
    And with that, we'll go down, starting with the Ambassador. 
Oh, and before you begin, I would note that we're going to go 
about 5 or 10 minutes into when the bells ring, and then we'll 
be gone for roughly half an hour, but we'll try to get through 
as many witnesses as possible.
    Ambassador.

TESTIMONY OF AMBASSADOR PETER ALLGEIER, PRESIDENT, COALITION OF 
                    SERVICE INDUSTRIES (CSI)

    Mr. Allgeier. Thank you very much, Mr. Chairman, Mr. 
Ranking Member, and Members of the Subcommittee for allowing me 
to participate in today's hearing.
    The global economy today is in the midst of two revolutions 
that are inextricably linked: The digital revolution and the 
services revolution. And the United States is in the best 
position to define the courses of these revolutions, and to 
benefit from them if we follow appropriate policies, especially 
in international trade.
    Now, the services revolution is evident from the fact that 
service is, by far, the largest source of jobs, of GDP, and of 
job growth. And more importantly, they are the enablers of all 
other sectors of the economy, including manufacturing, 
agriculture, and energy.
    At the center of the service's revolution, however, is the 
second revolution, the digital revolution. And all services, 
indeed, all parts of the economy, depend upon digital 
communication within their own businesses, with their 
customers, and with their suppliers. And the Internet, of 
course, is emblematic of the digital revolution. This 
revolution has enabled services to be delivered digitally 
across borders to a degree that was unimaginable two decades 
ago. But, the international rules and provisions governing 
trade and services and digital trade have not kept up with 
these developments. So they urgently need to be updated and 
brought into line with the realities of a digitally-connected 
world.
    Now, as a number of the members already have said, many 
countries do not share our entrepreneurial and technological 
aptitudes and seek to get advantage by imposing legal 
restrictions on the ability of a firm to manage and move its 
own data across borders, or they impose requirements to store 
data on local servers. A common measure by such countries is 
for the government to require that foreign firms establish 
facilities for storing and processing their data in the 
jurisdiction that they are serving.
    This tendency is particularly pronounced in regulated 
sectors such as banking, insurance, and telecommunications.
    These localization requirements essentially make cloud 
computing services impossible. Examples of local data storage 
and processing requirements abound, just, for example, in 
Greece, in China, in India, in Russia, in Indonesia, and in 
Malaysia.
    So it is essential that our government oppose attempts, in 
all sectors, to impose localization requirements on local 
businesses. The opportunity to do so lies in the various trade 
negotiations that are occurring now. The Trans-Pacific 
Partnership, the Transatlantic Trade and Investment 
Partnership, the Trade in Services Agreement in Geneva, and 
also work in the World Trade Organization.
    These negotiations should set the standards for digital 
trade by, one, ensuring parties can transfer, access, process 
and store data across borders; two, prohibiting parties from 
requiring the establishment or use of local servers; three, 
ensuring nondiscriminatory treatment of digital products and 
services from other parties; and four, allowing parties to 
regulate cross-border data flows for legitimate policy reasons, 
but only within the accepted standards that are included in the 
World Trade Organization in the GATS, the General Agreement on 
Trade in Services.
    So how are we doing with respect to using these trade 
agreements? The TPP has made important progress in advancing 
the objective of freedom for cross-border data flows and 
prohibitions on localization requirements. However, it includes 
one very disturbing exception to the prohibition on 
localization requirements, and that is that financial services, 
including banking and insurance, are excluded from the 
localization prohibition. Every other business has that 
prohibition in this agreement. But most disturbing is that this 
exception was at the insistence of the U.S. Government, and 
this misguided position gives our trading partners the perfect 
political argument to impose such requirements on our 
businesses.
    What we need to do, in addition to fixing that, is to 
ensure that we don't repeat that mistake in the negotiations 
that are taking place elsewhere in the transatlantic 
negotiations, and in the Trade in Services Agreement.
    I'll just make one point about Safe Harbor, because that 
also is something that is extremely important. Everybody knows 
that that decision was just handed down by the Court of Justice 
in Europe. Our member companies are very eager to work with the 
Congress and the Administration to find a solution that 
preserves our companies' ability to move data across the 
Atlantic, but with appropriate respect for individuals' 
privacy.
    So thank you, Mr. Chairman and members. We very much 
appreciate the opportunity to be part of this today, and 
congratulate you on the attention that you are paying to this 
issue. It's extremely important to the service industry, but 
also to the economy more broadly. Thank you.
    [The prepared statement of Mr. Allgeier follows:]
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
                               __________
    Mr. Issa. Thank you, Ambassador.
    Dr. Atkinson.

TESTIMONY OF ROBERT D. ATKINSON, Ph.D., FOUNDER AND PRESIDENT, 
      THE INFORMATION TECHNOLOGY AND INNOVATION FOUNDATION

    Mr. Atkinson. Good afternoon, Chairman Issa, Ranking Member 
Nadler, Members of the Subcommittee. It's a pleasure to be here 
today to talk about this critical issue. And in my written 
testimony, I go into great length and detail on all the 
economic benefits to both the global and the U.S. economy from 
cross-border data flows, so I won't go into that too much, but 
I want to make one point that a couple of others have made, 
which is, this is not, quote, ``just a Silicon Valley thing.'' 
Cross-border data flows are critical to a wide variety of 
industry, mining, agriculture, automobile production, finance, 
retailers.
    So this is really something that's affecting all of our 
industries, all sizes of companies. And, unfortunately, we 
don't have the ability to control our own fate here, because a 
growing number of Nations are engaging in digital 
protectionism. Some of the policy reasons for them are, 
perhaps, legitimate in the sense that they have this concern 
for privacy. In other cases, privacy is a guise for just naked 
protectionism; they don't want data to flow outside their 
country in order to benefit their own domestic companies. And 
in, still, other cases, companies are requiring data to reside 
in their borders so they can have unfetterred government access 
to that data without the rule of law.
    But whatever the rationale, this data protectionism hurts 
the U.S. economy. It raises costs for our companies; it makes 
them have less global market share. That's why in 2013, ITIF 
estimated that the cost to U.S. technology companies alone from 
all of the Snowden revelations and the backlash against us and 
the restrictions that companies--countries were putting in 
place under the guise of the Snowden revelations, we stood--our 
technology companies stood to lose anywhere between 21- and $35 
billion by next year in revenues, in global revenues. That 
hurts not just our technology companies, but the U.S. economy 
and U.S. workers.
    So what do we need to do? I think one of the things we 
cannot do for a lot of, I think, reasons, but one is we cannot 
simply say that the way to solve this problem is to adopt the 
most stringent privacy regime in the world. We can't have 
another region, another country, tell us what our laws and 
rules should be with regard to privacy. Our view is our privacy 
rules and policies are actually the reason we lead in the 
global digital economy, not the other way around. So we cannot 
have one solution.
    The good news is, we don't have to have one solution. The 
way--we've argued very, very strongly that when a foreign--when 
a U.S. company operates on foreign soil, they're subject to the 
laws of that country. They can't just--just by moving data back 
to the U.S., they can't get out of their legal obligation. They 
can't then say, well, we're going to use U.S. privacy policies, 
even though we have a branch in Brussels.
    So in a lot of ways, I think this is a lot of much ado 
about nothing. We can look just, for example, at the Canadian 
privacy commissioner, who has filed a number of successful 
suits against U.S. companies who have branch plants or 
facilities in Canada, who have broken, or purportedly, broken 
Canadian privacy law by moving the data back to the U.S., 
processing it in a way that was against Canadian rules. The 
Canadian Government had the ability and the right to bring 
action against those U.S. companies. They did so, and they 
prevailed. There's no reason why Europe couldn't do the exact 
same thing.
    So what do we need do? I agree with the Ambassador, we 
really need to push forward on two steps: The first step being 
trade agreements. TPP purportedly has--reportedly has strong 
agreements, protections for digital trade there, TiSA as well. 
But I think the key challenge there is really making sure that 
any national security or privacy exceptions are very, very 
narrow. The risk is that the exceptions won't be narrow, and 
countries will use this again as a guise to restrict--to 
restrict data flows.
    I also think the U.S. should not be overly defensive, at 
least on the commercial side of the ledger. We have a right to 
do what we're doing. Our companies aren't really breaking any 
laws, by and large. And I think it's time for us to at least 
put on the table the possibility of a WTO suit against Europe. 
Europe has, as we all know, cut off our access to data flows to 
the U.S. because of the Safe Harbor. They have not cut off data 
flows to Israel; they have not cut off data flows to Argentina, 
neither--both of those countries still have agreements with 
Europe, and yet, there is no evidence that the national 
security protections for government access to that data in 
Israel or Argentina are any less stringent than ours. If Europe 
wants to go down this path, they should cut off data flows from 
every country in the world, not just the United States.
    And lastly, we need to--one area we do need to act on is 
with regard to government access of data. Our companies in 
America can comply with foreign laws quite well, and when they 
don't, they can be prosecuted. What they can't comply with is 
what government does with data. That's why we've proposed that 
we work with Europe to craft what we call the Geneva convention 
on the acts on data, where we come up with a set of norms and 
rules that we would all agree with in terms of government 
access to data to restore that trust.
    Thank you for the opportunity to appear before you today.
    [The prepared statement of Mr. Atkinson follows:]
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
    
                               __________
    Mr. Issa. And thank you.
    Ms. Espinel. Sorry. Ms. Espinel. I do that. I apologize. 
Thanks. Victoria.

       TESTIMONY OF VICTORIA ESPINEL, PRESIDENT AND CEO, 
                  BSA | THE SOFTWARE ALLIANCE

    Ms. Espinel. Thank you, Mr. Chairman, Ranking Member, and 
Members of the Subcommittee.
    Mr. Issa. Try--Victoria, pull it a little closer to see if 
that works.
    Ms. Espinel. Maybe mine is off. Can I borrow yours? Thank 
you.
    Mr. Issa. These are very effective.
    Ms. Espinel. Thank you. My name is Victoria Espinel, and 
thank you for the opportunity to testify today on behalf of BSA 
| The Software Alliance. Promoting international trade by 
eliminating barriers for cross-border data flows is a top 
priority for us and for our members. And today's hearing 
presents a tremendous opportunity to explore three areas: 
First, the growing importance of data and digital trade; 
second, forward-looking efforts to expand such trades through 
agreements like the Trans-Pacific Partnership, and troubling 
recent developments in Europe and other markets that could 
derail these potential opportunities.
    International trade is critical to our members, and as is 
the case for many other sectors, international trade for our 
members increasingly involves data services and digital, rather 
than physical transactions. The economic implications of the 
software-enabled data revolution are enormous. Economists 
predict that making better use of data could lead to a data 
dividend of $1.6 trillion in the next 4 years. And that 
efficiency gains alone could add almost $15 trillion to the 
global GDP by 2030. That's an amount that's equal to the 
current economy of the United States.
    But beyond the economic implications, data is central to 
the lives of billions of people around the world. Farmers use 
data to reduce pesticides in water use while increasing yields; 
families are cutting down on their commute times; cities are 
redesigning transportation routes that save time and reduce 
pollution; doctors are using data to save the lives of 
premature babies and do research on Alzheimer's; people around 
the world are using data to improve their lives.
    Because the actual processing and analysis of data often 
takes place in various locations that are miles, or even 
continents apart, it is critically important to be able to move 
data freely across national borders. And as excited as BSA 
members are about the potential for software and data-driven 
innovation to spur growth, we are deeply concerned about steps 
that several U.S. trading partners have considered, or taken to 
erect barriers to digital trade and cross-border data flows, 
including Brazil, Nigeria, China, Russia, and many others.
    These barriers take many forms. Sometimes they expressly 
require the data stay in country, or they impose unreasonable 
conditions in order to send it abroad, and other cases, they 
require the use of domestic data centers or other equipment.
    In light of the troubling growth and barriers to data 
flows, BSA members welcome the recently concluded TPP. We 
understand, based on briefings and discussions with U.S. and 
TPP partners, that the agreement include several commitments 
that are vital to digital trade.
    First, robust commitments on cross-border data flows, 
including explicit prohibitions on data and server localization 
mandates; second, a prohibition against imposing custom duties 
on digital products; and third, prohibitions against requiring 
companies to disclose software service code as a condition of 
competing in the market.
    This is the first time that strong enforceable rules on 
data have been included in the FTA agreement, and it is a 
historic opportunity. We look toward to studying carefully the 
final text, and to working with the Administration and Members 
of Congress as the agreement moves forward.
    While we are pleased by the important rules that the TPP 
will provide with many of our transpacific trading partners, we 
are concerned about potential new obstacles that have recently 
arisen with our biggest transatlantic trading partner, the 
European Union.
    As the Subcommittee is aware, the European Court of Justice 
recently handed down a decision that invalidates the Safe 
Harbor, a mechanism that nearly 5,000 U.S. companies of all 
sizes have relied on for more than a decade, to facilitate 
digital commerce with customers, suppliers, and partners in 
Europe. The invalidation of Safe Harbor has broad ramifications 
with transatlantic trade, not only for software, but for many 
other sectors of the economy as well.
    The current situation has led to uncertainty for Europeans 
and American individuals and the businesses that serve their 
needs and the millions of customers that are served by them. We 
encourage Congress and the U.S. Government to respond with 
urgency and focus. And we thank each and every member of this 
Committee for their vote or Judicial Redress Act, and we hope 
that the Senate follows your lead.
    Our members work hard to build privacy and security into 
their products and services, and are committed to protecting 
the data in their care, regardless of where that data 
originates. We are ready to work with Congress and the U.S. 
Government and with the EU and its member states, to ensure 
that data continues to move across our borders for the benefit 
of both Americans and Europeans.
    Thank you, again, for providing this opportunity to share 
our views on these important matters, and I look forward to 
your questions.
    [The prepared statement of Ms. Espinel follows:]
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
                               __________
    Mr. Issa. Thank you.
    Mr. Black.

    TESTIMONY OF ED BLACK, PRESIDENT & CEO, THE COMPUTER & 
              COMMUNICATIONS INDUSTRY ASSOCIATION

    Mr. Black. Mr. Chairman, Ranking Member, and Members of the 
Subcommittee, thank you for your focus on this important issue.
    Mr. Issa. I'm afraid now you're not quite loud enough.
    Mr. Black. Thank you for your focus on this important 
issue. CCIA members and our industry are directly impacted by 
barriers to international data flow, as are many other industry 
sectors that utilize our services. CCIA members alone generate 
revenues in excess of $540 billion, and employ over 750,000 
workers. International data flows are critical to U.S. economic 
interests. While the top Internet brands are American-based, 
the majority of their users are abroad. And increasingly, our 
most important exports are access to platforms and provision of 
services. Internet platforms uniquely empower businesses to 
participate in the global economy.
    Small businesses in the U.S. would be the biggest winners 
if we can eliminate digital trade barriers. This is not a zero-
sum game, but a win-win one. Global citizens and economies 
would also benefit if other governments eliminate digital trade 
barriers, which effectively lock their own citizens out of the 
21st century economy.
    U.S. policies have not adequately adapted to the new 
reality. We excel at the export of bits, but under current 
trade rules, countries can far more easily block bits than 
bananas. While TPP begins to make progress on digital trade, 
the situation worsens faster than U.S. policy can respond. We 
must do more. We should bring trade cases against countries who 
block bits.
    Unless the trade system meaningfully responds to Internet 
trade barriers, our industries have little to gain from the 
trade agenda. Five issues must be prioritized: Internet 
blocking; forced localization; intermediary liability; balanced 
copyright; and data protection. TPP should make progress on 
blocking and forced localization, but the problem is worsening. 
A third of the world's 3 billion-plus Internet users live where 
social media or messaging apps have been blocked, and adoption 
of forced localization policies abroad keeps accelerating.
    Sensible intermediary liability rules are essential. 
Internet businesses have thrived here because of carefully-
crafted legal safe harbors, but foreign liability rules 
frequently favor domestic plaintiffs. Foreign courts often 
shoot the messenger when users express unfavorable views online 
about government, royalty, or national heroes. This has to 
change.
    Particularly troubling is so-called EU right to be 
forgotten. European data regulators are prohibiting online 
services from simply linking to published news accounts about 
individuals. Some have even prohibited linking to stories that 
reported on these cases, and have even demanded removal of such 
links worldwide. If foreign officials punish U.S. companies, 
for pointing U.S. citizens to lawfully published news articles, 
we must stand up for free trade and free speech.
    Another barrier for digital exports is unbalanced 
copyright. We have failed to export strong copyright 
limitations along with strong protections. Thus, we are seeing 
demands for snippet taxes to be paid for the privilege of 
quoting news. Such taxes on U.S. services subsidize foreign 
news publishers and violate international law. Since U.S. 
policy hasn't made them a priority, we're seeing such laws 
metastasize in Spain, Germany, and elsewhere.
    Finally, data protection barriers are a problem. Recently, 
the EU Court of Justice, as my colleagues have mentioned, 
struck down the Safe Harbor framework. This has been used by 
thousands of U.S. companies to lawfully transfer data between 
Europe and the U.S. This decision forces thousands of 
businesses to find alternative tools to ensure they can 
lawfully transfer data from the EU. Current alternatives are 
costly, piecemeal, and difficult to implement for all 
companies, especially smaller ones. It is essential that a Safe 
Harbor framework be implemented promptly.
    For the Internet to flourish as a tool for innovation, 
expression, and commerce, we must commit to showing that users 
worldwide continue to have confidence in the services of U.S. 
Internet companies. Passage of the U.S. Freedom Act was a step 
in the right direction, as will be the hoped-for passage of the 
Judicial Redress Act. Our domestic policies must also reinforce 
our own commitment to the free flow of data. For example, since 
cross-border access to competitive telecommunications is 
essential to facilitating the free flow of data, eliminating 
bottlenecks in U.S. telecom networks via proceedings, such as 
FCC's current special access reform review will enhance our 
global credibility.
    In conclusion, our economy's future is intertwined with the 
Internet, but threats to Internet commerce proliferate. We must 
prioritize protecting this vital part of U.S. commerce. Thank 
you.
    [The prepared statement of Mr. Black follows:]
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
    
                               __________
    Mr. Issa. Thank you.
    Mr. MacCarthy.

  TESTIMONY OF MARK MacCARTHY, SENIOR VICE PRESIDENT, PUBLIC 
      POLICY, SOFTWARE & INFORMATION INDUSTRY ASSOCIATION

    Mr. MacCarthy. Chairman Issa, Ranking Member Nadler----
    Mr. Issa. Once again, we'd like to hear you better.
    Mr. MacCarthy. Is that better?
    Mr. Issa. Pull it a little closer, and let's see.
    Mr. MacCarthy. Is that better?
    Mr. Issa. Yes. Sequestration gets us all.
    Mr. MacCarthy. On behalf of the technology trade 
association, thank you for your equipment.
    I want to make a few points in my testimony. First, cross-
border data flows fuel 21st century trade and investment across 
all sectors of the economy, not just technology or Internet 
companies.
    Second, one goal of U.S. policy is to reduce barriers to 
trade--to traditional flows around the world. We should stay 
the course on this wise policy.
    And third, the recent European decision on the Safe Harbor 
is a step backwards for open data flows. A new, workable, Safe 
Harbor must be put in place as soon as possible.
    Mr. Chairman, digital trade involves tech products like 
software, where exports are growing at about 9 percent a year. 
But digital trade also involves business services generally, 
financial sector, royalties and licensing revenue, and 
communication services. It is 60 percent of all trade and 
services, it's growing three times faster than other service 
exports.
    Digital trade increases our economic output by up to $711 
billion a year. As Mr. Conyers mentioned, that's 4.8 percent of 
our gross domestic product, and it increases employment by 2.4 
million workers. We have a global surplus in digital trade of 
$150 billion. A loss of open data flows would not be a minor 
sector-specific irritant. Data localization mandates have been 
studied for other economies. They would impose large welfare 
losses up to $63 billion for China, and $193 billion for the 
European Union.
    Mr. Chairman, one goal of the U.S. trade policy is to 
promote cross-border data flows. Congress has instructed U.S. 
trade negotiators to dismantle measures that impede digital 
trade in goods and services that restrict cross-border data 
flows, or require a local storage or processing of data. Any 
exceptions have to be narrow, the least restrictive on trade 
and nondiscriminatory.
    The United States has largely achieved these goals in the 
TPP agreement, although I concur with Ambassador Allgeier's 
remarks on financial services. That's an unfortunate exception, 
but we must seek similar outcomes in TTIP and TiSA.
    Mr. Chairman, the demise of the Safe Harbor is a setback 
for open data flows. It has been in place since 2000, and the 
invalidation just this month left 4,400 companies in legal 
limbo, and that's not just technology companies. The list of 
Safe Harbor companies include many SIIA members, companies in 
online publishing and information services. In fact, the list 
of Safe Harbor companies reads like a Who's Who of American 
brand name corporations, including Ford Motor Company, 
Starbucks, and the Walt Disney Company.
    We need a new Safe Harbor. We need a Safe Harbor 2.0. 
Congress can help your passage of the Judicial Redress Act with 
a step forward. It's a modest step, but one that we need to 
follow in the Senate. We're hopeful that the Senate will act 
quickly on this bill and move forward with it.
    Mr. Chairman, we urge this Committee to stay the course on 
promoting data flows and to help establish a new Safe Harbor 
for transatlantic data sharing. I stand ready to answer any 
questions you might have.
    [The prepared statement of Mr. MacCarthy follows:]

    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
                               __________
    Mr. Issa. Thank you.
    With that, Mr. Nadler has responsibility on the floor with 
his votes, so he will do the round of questioning, and then we 
will recess until after three quick votes.
    Mr. Nadler. Thank you, Mr. Chairman.
    Dr. Atkinson, in your testimony, you urge the U.S. to lead 
on reform of government access to data, so that other Nations 
do not have an excuse to restrict cross-border data flows. You 
also note that after the Edward Snowden revelations about the 
U.S. Government's expansive intrusive surveillance programs, a 
number of countries pulled data out of the U.S., and imposed 
restrictions on the flow of data to this country.
    Can you describe the impact that the Snowden revelations 
had on American companies? And can you expand on what sorts of 
reforms we should put in place, if we lead on reform, as I 
agree we must?
    Mr. Atkinson. Sure. Thank you.
    For a long time, countries were wanting to do these kinds 
of things, but never had the sort of public excuse or 
rationale. And a case in point is China. China, in the last 
year and a half, as I document in my testimony, has put in 
place a number of restrictive policies that negatively affect 
U.S. companies. And the goal there--and the reason they say 
they are doing it is because exactly because of the Snowden 
revelation. They talk about secure and controllable technology 
and other kinds.
    And these are, just frankly, just an outright guise on 
their part. This is a policy they've long wanted to do to 
punish, or to favor their own domestic companies at the expense 
of U.S. companies. We see that in Germany, for example, where 
you have some major German technology companies that are 
marketing themselves as NSA free, and pushing the European 
Commission to adopt policies like the, quote, ``European 
cloud,'' so that NSA or other law enforcement agencies in the 
U.S. couldn't get access to the data.
    And there have been a number of cases that have been 
documented where U.S. technology companies have actually lost 
market share. We see that in Australia, where one of the 
leading cloud providers, domestic cloud providers in Australia, 
has been arguing the exact same thing; in fact, funding a 
report, trying to convince the Australian Government to ban 
storage of data outside the country with U.S. providers.
    So in our view, it has been a systemic effort to target the 
leadership of U.S. technology companies. And what do we do 
about it? As I said, I really--I think it's a two-part process. 
It is that we do need--there are some reforms that we need to 
make domestically, a number of people talk about judicial 
redress, other steps that we could take. But at the same time, 
I would agree with a couple of other panelists who said I think 
we just have to get tougher on trade enforcement and 
negotiations with these countries, particularly China, which is 
getting away with murder on many, many fronts engaged in a 
systemic effort to take market share away from U.S. companies.
    Mr. Nadler. Thank you. And as you know, FBI Director Comey 
and other law enforcement officials have argued that the 
government must maintain a backdoor into technology, and have 
opposed strong encryption measures. Do you think that would be 
a mistake? And if so, why?
    Mr. Atkinson. I do think that's a mistake. I think it's a 
mistake for several reasons: Number one, if the technology is 
inextricably going in the direction of unbreakables, encryption 
where the key is not public, it's just between two parties, the 
technology provider doesn't have the key, the government 
doesn't have the key, that's where the technology is going. I 
think the FBI is fighting a losing battle there, as they fought 
a losing battle in the '90's with the clipper chip.
    The second problem with that is if they mandate--try to 
mandate that, they are setting, I think, a dangerous precedent, 
for example, by letting the Chinese Government do the exact 
same thing. The Chinese Government is trying to do the same 
thing right now to prevent encryption in China for U.S. 
companies.
    And, finally, weakening our encryption technology that U.S. 
companies would use, why give the FBI more access? We would 
also give the Chinese and the Russians and anybody else who 
wants to do harm to us, it would give them access as well.
    Mr. Nadler. Thank you. My last question to you, and I think 
for this series is, as you explained in your testimony, support 
for free trade and data does not mean we must allow the free 
flow of illegal content like child pornography or email stem or 
pirate creations and other banned products. But what if two 
countries have different standards of what is illegal or 
objectionable? You may have a country that thinks political 
dissent is objectionable, but pirated movies are perfectly 
acceptable. Even in a less extreme case, countries may treat 
certain content differently under the law. How should countries 
determine what data should be permitted to flow freely between 
them in cases of disagreement on these standards?
    Mr. Atkinson. Because, as I said earlier, I think it's an 
un--essentially, an untenable project that we would end up with 
global harmony on every single rule with regard to the 
Internet. We're not going to be able to do that. And we're 
certainly not going to be able to do that with free speech. 
There are certain countries, particularly more traditional, 
religious countries that find pornography objectionable. We 
dealt with our--at least we have free speech, we might found 
objectionable, but we allow it. We are not going to be able to 
agree on that. And for certain things like that, countries are 
going to do that, and I think we are just going to have to be 
okay with that.
    Another example was in Germany, you're not allowed to 
download a copy of Mein Kampf. In the U.S., we can. Again, 
we're not going to change the German view. I don't know whether 
they are right or wrong, it doesn't make any difference. Where 
we can and should, though, take action is there are certain 
things that are clearly illegal under the WT0 framework for 
intellectual property.
    For example, piracy and intellectual property, thus, can be 
prosecuted. So when countries engaged in steps, for example, to 
block certain Web sites that are clear piracy sites, like, for 
example, a domain called the Pirate Bay, that should be quite--
you know, we should be encouraging that. That's quite different 
than blocking, say, you know, Facebook or something like that, 
or blocking some site just because you don't want competition.
    I think the key step, though, is we have to understand, 
just in free trade--in good free trade, there's certain things 
that we don't allow trade in. Like elephant ivory, we signed a 
global agreement, we shouldn't trade in that. It doesn't mean 
we don't support free trade. I would argue we should apply the 
same standards, things like malware or a pirated content and 
the like.
    Mr. Nadler. Thank you very much.
    Mr. Issa. I thank all of you. We're going to--we'll stand 
in recess until 5 minutes after the last of 3 votes begin, 
because I will vote, and I will walk. So 5 minutes after that, 
I will be here, and we will pick up with those who are present.
    We stand in recess.
    [Recess].
    Mr. Issa. The Committee will come to order. I'll now 
recognize myself for my 5 minutes or longer, if people doddle 
getting back.
    Ambassador, when you talked about--I believe you talked 
about the carveout for banks. Can you go through one thing with 
me? What could possibly prompt the United States Government to 
want to carve out banks?
    Mr. Allgeier. Well, our understanding, from having met with 
various agencies in the U.S. Government, is that the Treasury 
Department wants to maintain the flexibility that sometime in 
the future, it might want to impose a localization requirement. 
We do not understand that because the issue is, will data be 
made available for prudential reasons, security, for law 
enforcement. And in this world, it doesn't matter where the 
data is. You can get it instantaneously, as you know.
    Mr. Issa. Well, let me ask you a rhetorical question: 
Localization versus duplication. If the United States 
Government had said that on all American persons and/or all 
accounts, whether owned by non-U.S. persons or U.S. persons, 
there must be maintained a copy in the United States, thus not 
requiring localization but simply the ability to get a copy 
related to U.S. bank accounts, wouldn't that have met all of 
their requirements?
    Mr. Allgeier. Well, that certainly does add an element of 
additional cost to the operation, and so in that sense, they're 
not happy--wouldn't be happy about that.
    Mr. Issa. Well, I hear you, but I want to have a dialogue 
for a moment, because I think part of the data question for all 
of us is cost. I hear you say cost, but in the--with the 
possible exception of the IRS, it doesn't seem they'll maintain 
6 weeks of backups. In the ordinary course, backups are a 
relatively cheap mass storage.
    So, again, the question I have for you is, regardless of 
where live data is hosted, realistically, the only American 
interest, the only U.S. interest was, for purposes of the IRS, 
7 years worth of data, right? So let me ask again, wouldn't any 
country, for purposes of sufficient information to allow them 
to make the appropriate tracking for tax purposes, either 
demand that it be maintained, a copy be maintained where they 
could reach it by a U.S. law enforcement agency, or an 
agreement that would allow a long-arm relationship?
    So, for example, if you're going to host in Britain, 
Germany, somewhere, there has to be an ability for the IRS to 
be able to ask for and receive that. Would that be an example--
as a former trade ambassador, would that be an example of these 
carveouts that you think are limited but appropriate as long as 
you can demonstrate the need, the specific need that is being 
preserved?
    Mr. Allgeier. Well, certainly, it is an improvement in the 
sense that it's limited. But I guess the question again I say 
is, first of all, these businesses, insurance and banking, are 
highly regulated. If they don't provide the data, they can lose 
their license, and so----
    Mr. Issa. Okay. You've made my case in a sense. Isn't it 
true that without the U.S. having imposed this, they already 
had other requirements, the FDIC, and so on, that would have 
required banks and other financial institutions for various 
reasons to have a copy available for their observation and 
review, right?
    Mr. Allgeier. Well, they have to make it available. The 
question is if the server is in Singapore and the IRS or the 
Fed or anybody else comes and says I want this data, how long 
does it take them to get it from Singapore? It doesn't take 
them any faster----
    Mr. Issa. It depends on the bandwidth of the pipe.
    Mr. MacCarthy.
    Mr. MacCarthy. Mr. Chairman, I used to work at Visa, the 
payment card company, and so I'm familiar with how----
    Mr. Issa. Visa? Payment card?
    Mr. MacCarthy. Yeah.
    Mr. Issa. Small company. Okay.
    Mr. MacCarthy. Small company.
    Mr. Issa. I've heard of it.
    Mr. MacCarthy. I left there in 2008, but before that, we 
were familiar with the rules that the Federal regulators had in 
place, and they actually provided for outsourcing of bank 
records, and they had rules and guidance for how it should be 
done, making sure that U.S. law followed the records. And under 
existing case law, they have a full authority to reach out 
wherever the bank records are stored, and have the bank produce 
them for----
    Mr. Issa. So your position is that the United States asking 
for this in the trade agreement was unnecessary and 
counterproductive?
    Mr. MacCarthy. Unnecessary, counterproductive, and----
    Mr. Issa. Is there anyone that disagrees with it being 
unnecessary and counterproductive? Okay. Then we'll consider 
that it was unnecessary, counterproductive.
    I'll close--because I want to get to the other folks that 
are now coming back--with a very simple question: To the best 
of your knowledge--and, you know, Mr. Snowden helped us have 
some of this knowledge, but--and WikiLeaks did, too, for that 
matter--isn't it true, that, for example, Nigeria, a country 
that loses half a billion dollars a month of oil, which is 
tangible and hard to steal, is, in fact, a place where if the 
United States wanted to get any and all records hosted there, 
they would be able to do so easier in Nigeria, and be able to 
do so without the court's supervision at all? Because 
ultimately, once something leaves the United States, the United 
States is under no obligation not to--the NSA, which has been 
mentioned here previously, can simply take what they want, 
assuming they have the technology.
    Isn't that true that the countries who demand that the data 
be kept in their country and out of the U.S. actually lose 
protection that is granted in the United States for under the 
Fourth and other amendments?
    Okay. We'll assume that I knew the answer to that one. Ms. 
Espinel?
    Ms. Espinel. I was just going to point out that there is a 
certain irony in a country like Nigeria, which is one of the 
countries that's putting in place things like data localization 
laws.
    Mr. Issa. I used them because they can't even keep track of 
their own oil.
    Ms. Espinel. When I think the processes that we have in the 
United States to protect due processes and civil liberties. I 
think our system would stand up well against their system. So 
Nigerial is one of the countries of the concern, and there is a 
certain irony there.
    Mr. Issa. But let me do a final, and it's a rhetorical 
question, but isn't it true, really, that Nigeria hosting their 
Nigerian information really simply means that, like China and 
other countries, they have the ability to take, without due 
process potentially, the information of their citizens where if 
it's hosted in the U.S., there would be due process?
    Yes, Dr. Atkinson.
    Mr. Atkinson. I completely agree with that. There are a lot 
of countries that have nowhere near the due process, the rule 
of law that we have, and in that sense, data stored in those 
countries can be quite problematic. That's why I raised my 
earlier point about the European Commission cutting us off in 
the Safe Harbor, but leaving in some other countries that have 
at least the same, if not more dubious protections for 
government access to data.
    Mr. Issa. Thank you. And I look forward to additional 
questions.
    And with that, I'd like to go to the Ranking Member of the 
full Committee, the gentleman from Michigan, Mr. Conyers.
    Mr. Conyers. Thank you, Mr. Chairman.
    I am struck by the unanimity among the five witnesses 
today, and I commend them all.
    Let me start with Dr. Atkinson. And keeping in mind the 
privacy concerns of Americans and our allies, how can the 
United States and its trade partners move forward to advance 
free data trade? And I understand you have some regrets about 
strong encryption.
    Mr. Atkinson. Is the question--I'm sorry--about encryption? 
Is that----
    Mr. Conyers. No. It's how they advance free data trade. 
That's the main idea here in this question.
    Mr. Atkinson. Well, I think the challenge is that countries 
will use the guise of privacy as an excuse for protectionism. 
And as I--I think the Chairman's comment--question alluded to 
this, I think, central point, which is, as long as countries--
as long as companies have nexus in a country, if they're doing 
business in a country, they cannot get out from under that 
country's privacy and commercial security rules and laws by 
moving data to a third country.
    They still have to comply with those laws no matter where 
the data are located. And I think that's really the fundamental 
principle that we have to go by with this. So you can protect--
you could have--you can protect the privacy of your citizens, 
and you don't have to require the data be located there, as 
long as you have jurisdiction over the company doing business 
there.
    Mr. Conyers. Thank you.
    Mr. Allgeier, with regards to privacy, what's been done, 
and what do you think still needs to be done in order to ensure 
the viability of cross-border data flows?
    Mr. Allgeier. Well, there is a structure in place already 
in the WTO, the World Trade Organization, and the agreement 
there on trade and services. And what it says explicitly is 
that governments may put in various restrictions on data to 
achieve certain ends.
    And one of them, specifically, is to protect the privacy of 
individuals in the processing and dissemination of personal 
data. And so, all of the countries are obliged to recognize 
that. And so, if a country does put in place certain privacy 
rules, that's legitimate.
    Mr. Conyers. Absolutely.
    Now, we passed the Judicial Redress Act. We are hoping that 
the other body will act with appropriate swiftness. But I think 
we may have something else to think about.
    Mr. MacCarthy, can you elaborate on how the Judicial 
Redress Act affects the companies that you represent?
    Mr. MacCarthy. Thank you for that question. The Act doesn't 
directly affect our companies. What it does do is to create a 
reason for the European negotiators in Safe Harbor to move 
ahead with finalizing the agreement. And when the agreement is 
finalized, then it would create enormous benefits for our 
companies and for Europe as well.
    The second reason is that there's a separate agreement 
called the umbrella agreement, which is a law enforcement 
agreement, where the Judicial Redress Act is actually an 
intrinsic part of that agreement and has to be finalized before 
the agreement is itself going into effect.
    If I might, Mr. Chairman, if I could ask unanimous consent, 
there's an op-ed that I published in today's Hill on this very 
issue, if I could ask unanimous consent that it be included in 
the record of the Committee hearing.
    Mr. Conyers. As soon as I see it.
    Mr. MacCarthy. Okay.
    Mr. Conyers. Ms. Espinel, how does the recent invalidation 
of the U.S.-European Safe Harbor agreement impact the software 
industry?
    Ms. Espinel. Thank you. So we are very concerned about the 
revocation of the Safe Harbor, and it has implications not just 
for software, but across our economic sectors. The cross-border 
data is used by nearly 5,000 companies, some of them large, 
many of them quite small, that use it to do all sorts of 
things, including process payrolls so that their employees get 
paid at home.
    So we have significant concerns about the European Court of 
Justice decision that undermine the process put in place by the 
Safe Harbor. That said, we do think there is a path forward, 
and we think there are three things that need to happen: The 
first is that we need as, quickly as possible, to have the U.S. 
and the European negotiators come to agreement on a new Safe 
Harbor; the second thing is we need to have some reasonable, 
appropriate period of time for companies to be able to come 
into compliance with the new rules under that Safe Harbor; but 
third, because we know this will continue to evolve and change, 
we need to work together, the United States and Europe, 
industry and Congress, on coming up with a global, sustainable 
long-term solution. It's clear that we need a new global 
framework for data and how it moves. And that needs to be an 
important part of the process as well.
    I'll just say lastly, going to the point that Mr. MacCarthy 
made, passage of the Judicial Redress Act by the House is 
tremendously helpful, and so we thank all of you for your vote 
on that, and we hope the Senate follows your lead. That is, you 
know, important, both for our own domestic system, but is also 
helpful in terms of concluding negotiations on the Safe Harbor 
with Europe.
    Mr. Conyers. Thank you.
    Thanks, Chairman Issa. I yield back.
    Mr. Issa. Thank you.
    We now go to the gentleman from Ohio, Mr. Chabot.
    Mr. Chabot. I thank the Chairman for yielding, and also for 
holding this very, I think, important and very interesting 
hearing this afternoon.
    It has been mentioned that barriers to free trade in the 
digital arena have a particularly adverse impact on small 
businesses, and I happen to be the Chairman of the House Small 
Business Committee, so I'd just like to ask--give each of the 
witnesses an opportunity to address what steps should be taken, 
specifically, to address this adverse impact on small 
businesses.
    And I'll start with you, Mr. Allgeier, Ambassador Allgeier. 
If that's okay, and I'll just go down the line. If you don't 
have anything to say, that's okay, too, but----
    Mr. Allgeier. No. Thank you very much.
    What we find, of course, is that the digital technology has 
opened the world to small businesses. I mean, in the past, 
let's say a small business wanted to go overseas, well you'd 
have to find an agent, and you'd have to have a presence 
overseas. Now you put your product up on the Internet, whether 
it's a good or a service, and it's called random exporting. You 
don't know whether your next customer is coming from Boise, 
Idaho, or Bangladesh.
    And then with the combination of express delivery and 
electronic payments, you're in the international market. And so 
it's extremely important that the movement of data remain open, 
and that people be able to have access to the Internet, and 
particularly small businesses or people in poor areas.
    Mr. Chabot. Thank you.
    Dr. Atkinson.
    Mr. Atkinson. With the way the European Commission is 
negotiating the Safe Harbor, it's possible and hopeful that 
that will happen. But if it doesn't, people are talking about 
other possible ways that companies can get access to finding 
corporate rules and other types of model agreements. Those are 
clumsy, they're expensive, they're time-consuming, but large 
corporations can do that. Small companies really can't, and 
that would be the real harm here, or the biggest harm.
    And so that's why I think we have to really insist that we 
put these very strict rules in trade agreements so that 
companies don't have to do these very expensive workarounds 
with--particularly in Europe where they'd have to go to 28, or 
if you include the German lander or the states there, perhaps 
almost 40 different jurisdictions to be able to move data. And 
if you're a small company that's doing business in all of those 
jurisdictions in Europe, it's going to be almost impossible for 
you to be able to do that.
    Mr. Chabot. Thank you.
    Ms. Espinel.
    Ms. Espinel. So I think the risks and some of the options 
for small companies can be even more serious than for the large 
companies. So I would say a couple of things: One is 
specifically with respect to the Safe Harbor, as I said, the 
United States and Europe need to come together on a new 
agreement as quickly as possible. There needs to be some 
appropriate period of time for companies to come into 
compliance.
    And then we need a long-term sustainable solution. But 
picking up on what Dr. Atkinson said, part of that is making 
sure that we have a good global framework for how data moves 
around and pushing back on restrictions of data.
    You know, when I think about kind of the moment that we're 
in with data, and, you know, we live in a world where data is 
increasingly important, not just to big companies, but to small 
companies, not just to software, but to all of our sectors, it 
is an interesting fact that there is no comprehensive 
enforceable trade rules on data.
    So it's kind of--you know, we're sort of at the moment that 
intellectual property was back in the Uruguay round, when the 
WTO was being established. There were no global rules on 
intellectual property in the trading system. That was a very 
difficult negotiation, but it was also very farsighted, on 
behalf of the United States and the other trading partners, to 
come together at the end of the Uruguay round, and agree to a 
global framework for intellectual property rules.
    And I think that is exactly the moment that we are in right 
now with data. It is clear that it is a complicated new issue. 
It is also clear that it is going to be a driver of the U.S. 
economy and the global economy, and we need U.S. and other 
countries to lead on this issue and establish a global 
framework.
    I think TPP, we understand, it could be--based on what we 
know about it, it could be the beginning of that. I think it's 
a real historic opportunity. But we are going to need to have 
those rules applied broadly across the world.
    Mr. Chabot. Thank you.
    Mr. Black and Mr. MacCarthy, I've only got about 30 seconds 
left.
    Mr. Black. My colleagues have been very articulate. Let me 
just stress that we are in a new era, and digital trade, if we 
want to make a metaphor back to original trade, blocking a Web 
site, doing various kinds of barriers or like blocking a port, 
and the openness of the trading system and going forward is so 
much tied to data and digital activity.
    And Ms. Espinel is absolutely right. We need--our laws are 
based on historical outdated concepts of what trade is about. 
And we really need to see--and that's why we call for some 
precedent-setting efforts in the WTO to bring some cases to 
start relaying some criteria and ground rules for how the 
problem should be dealt with.
    Mr. Chabot. Thank you. Mr. Chairman, is it okay if Mr. 
MacCarthy answers real quickly?
    Mr. Issa. Without objection.
    Mr. Chabot. Thank you.
    Mr. MacCarthy. The one point I'd add to everything else my 
colleagues have mentioned is that in this global framework for 
data, which I think is a great idea, we have to make sure that 
whatever rules affect the flow of data, whether they are 
privacy rules or consumer protection rules, or whatever, 
they're narrowly crafted, that they're least restrictive of 
trade. We can't take away the option for countries to enforce 
their privacy of consumer protection laws, but they can't 
unnecessarily trample on cross-border trade.
    Mr. Chabot. Thank you.
    I yield back, Mr. Chairman.
    Mr. Issa. I thank the gentleman.
    We now go to my colleague, the gentlelady from California, 
Ms. Chu.
    Ms. Chu. Thank you, Mr. Chair.
    Dr. Atkinson, you state that several countries around the 
world are limiting free trade in data, and you argue they are 
motivated by privacy and security concerns, national security 
and law enforcement concerns, and the desire for economic 
growth. The European Court of Justice recognized that the U.S. 
lacks an adequate level of protection for EU data amongst other 
privacy concerns.
    Within this context, can you tell me how the EU views 
individual privacy and data security, and to what laws or 
principles do they have in place and what do we have in place 
here in the U.S.?
    Mr. Atkinson. Thank you. The Europeans culturally look at 
privacy differently than Americans do. As a general rule, they 
look at privacy as a fundamental human right. We look at it as 
a consumer right that has to be balanced against a number of 
other issues.
    There's a lot of good scholarly evidence that shows that 
the European privacy directive and the rules that they have 
there actually significantly limit the Internet economy in 
Europe. There's a reason why the Europeans don't have global 
leaders in the Internet space, by and large. The effectiveness 
of their companies is significantly limited because of their 
privacy rules, and there's a very good study by Catherine 
Tucker at MIT who has demonstrated that.
    Having said that, there's also another broad generalization 
that, I think, has some merit to it, which is, that we have 
less stringent rules, but we do a better job through the FTC 
and the State AGs of enforcing them than the Europeans do. They 
have stronger paper rules, but less real enforcement.
    Having said that, I'll just close by saying, I don't think 
that we're miles apart. We generally share the goal of privacy. 
We share the goal of the rule of law, and I do think that we 
can work this out in a cooperative manner as long as the 
Europeans are willing to be reasonable, as we need to be 
reasonable.
    Ms. Chu. So what, then, do you think should be done by 
Congress or by the Administration in these ongoing negotiations 
with the EU to ensure that we're providing adequate privacy 
protections for our citizens, and for those whose data travels 
to our country from across the Atlantic?
    Mr. Atkinson. So I think there's two key points there: One 
is, I believe that we shouldn't sign a trade--a TTIP agreement 
with the Europeans unless it includes strict and enforceable 
rules around the free trade-in of data. I don't see why we 
should have that trade agreement if we don't have that 
component in there.
    At the same time, there are steps that we need to take with 
regard to government access of data in the U.S. that have made 
the Europeans rightly uncomfortable, and I do think we need to 
do a better job there. And the Judicial Redress Act was one 
step in that, but I think there are other steps we can and 
should take.
    Ms. Chu. Can you describe which countries have the most 
stringent regulations when it comes to setting limitations on 
data flowing in and out of their country? And what effect does 
that have an American companies' ability to compete?
    Mr. Atkinson. Sure. So we listed a number of countries in 
the written testimony, and what's troubling about that is if 
you look at that list, say in 2010, it would be significantly 
smaller: Nigeria, Turkey, Greece, Malaysia, Australia, 
Indonesia, Russia, China. China, just within the last year, for 
example, has put in place a set of--a numerous set of policies 
that would--that will significantly limit the ability for 
American companies to process data there.
    So it really is something that's growing. There's a couple 
of Canadian provinces that do this as well. And I think one of 
the challenges really is their--they falsely believe that by 
doing this, that they will enhance security and privacy, 
commercial privacy. And I just simply reject that notion. I 
don't believe that's the case.
    Ms. Chu. Ms. Espinel, you argue that as a result of that 
invalidation of the EU-U.S. Safe Harbor, many routine 
commercial dealings between the U.S. and European countries 
have now been disrupted. Can you give us an example of this?
    Ms. Espinel. An example of the impact that it's having?
    Ms. Chu. The disruptions that are occurring today?
    Ms. Espinel. So, you know, an example of an impact that 
could happen if data stops moving back and forth is the ability 
to process payroll, as an example. Warranty information that 
U.S. consumers rely on would be at risk. So there are a number 
of real-life development--real-life impacts.
    In cybersecurity, one of the maxims is that information is 
to follow the sun. So if you have information about a threat, 
you want to have that in the hands of cybersecurity experts, 
wherever they are in the world while they are awake, and 
restricting the data moving back and forth in the United States 
and Europe could put that at risk.
    So I think there are a number of real world impacts. But, 
you know, even at a more macro level, the promise and the 
efficiencies that are brought about by cloud computing and by 
data analytics simply do not work if information cannot move 
around as efficiently as possible.
    And I think one of the things that the trade barriers in 
the various countries that we see around the world, and the 
situation in Europe is putting at risk, is putting a shadow on 
an industry that has enormous potential, but is still at a 
relatively early stage. And I think putting a shadow on the 
development of where remote computing can go and where data 
analytics can go at this early stage of its development is 
extremely troubling.
    Ms. Chu. Thank you. I yield back.
    Mr. Issa. I thank the gentlelady.
    We now go to the Vice-Chairman of the Subcommittee, the 
gentleman from Georgia, Mr. Collins.
    Mr. Collins. Thank you, Mr. Chairman. I appreciate it.
    Ms. Espinel, I want to go back to something, and then I've 
got others, too. Back in October last year, 2014, many of my 
colleagues, including myself, wrote a letter to the U.S. trade 
representative about the TPP. And just to review, first--we had 
several things: First, we wanted to include provisions that 
specifically keep borders open to free flow of data; second, it 
must prohibit countries from acquiring the use of local data 
servers and computing infrastructure as a condition for 
providing digital service; third, it must ensure 
nondiscriminatory treatment of digital products and services.
    Based just on the reports that have come out so far from 
the Administration and others, where do you think we are in 
that right now?
    Ms. Espinel. So, again, with the caveat that we have not 
seen the final text, our understanding is that the TPP has 
strong commitments on all of those provisions. First, on cross-
border data trade and on pushing back on data localization; 
obviously, we would like that to be as comprehensive as 
possible. But our understanding is that, overall, the 
commitments there are strong. Our understanding is that there 
are prohibitions on imposing Custom duties on digital services, 
which is also important.
    And our understanding is that, I believe for the first time 
ever, there are prohibitions on forcing companies to disclose 
source code in order to compete in a market. Those are all very 
important to us. And, again, based on the reports that we have 
heard, TPP contains strong and enforceable rules in those 
areas.
    Mr. Collins. And granted, I think we will see those, and 
that's part of our whole process. But if that was not there, 
and probably a short answer is, if these protections were not 
there, given the new marketplace of the future that we're 
looking at, that being much more in this round, than it is for 
rounds and others, would that be a serious hindrance to 
enactment of this agreement?
    Ms. Espinel. Well, I hope and expect that they are there. 
If they were not there, I think it would be an enormous missed 
opportunity. We were talking earlier about the fact that this 
is really the future, not just of the U.S. economy, but of the 
global economy as a whole. There are also enormous societal 
benefits that come from data analytics in cloud computing.
    Mr. Collins. I agree.
    Ms. Espinel. And in order for us to see the potential of 
those, it's enormously important that we have a global system 
of trading rules that gives clarity and predictability to the 
system.
    Mr. Collins. Thanks.
    Mr. Atkinson, real quickly, could you please describe for 
the Committee the problem of forced localization, and how this 
impacts member companies and your ability to create American 
jobs? Mr. Atkinson.
    Mr. Atkinson. So one of the real advantages the U.S. has is 
in cloud computing, for example, where we have north--it's in 
my testimony--north of 70 or 80 percent of--maybe even more--of 
the global market, partly because we have scale in our own 
domestic market that's given our companies the ability to scale 
up and get capabilities.
    Other countries look at the cloud computing industry as a 
core strategic industry for their countries. And one of the 
ways that they're trying to gain market share is by simply 
saying that you have to store data out, not just in country, 
but, in some cases, in country with a domestic company. And 
that----
    Mr. Collins. It could present a load of problems on many 
different levels?
    Mr. Atkinson. Pardon me?
    Mr. Collins. It could present a load of problems on many 
different levels?
    Mr. Atkinson. Yeah. Even if it is just simply localization 
to tell an American cloud provider you have to put a server in 
a country, that essentially raises cost. If it was cost 
effective, they would have already done it, by definition.
    Mr. Collins. Right. Okay.
    Mr. Atkinson. Not only does it raise cost, but something 
people haven't talked about, it has environmental impacts. 
Cloud computing, by putting it all in one place, you can save a 
lot of energy by requiring servers all over the world. So 
either way, whether it's forced server localization or domestic 
company preferences, it's going to hurt U.S. companies and the 
U.S. economy.
    Mr. Collins. Mr. Atkinson, I appreciate that.
    Mr. Black, very forceful in this Committee discussing some 
issues, but I've noticed something. We do read through all of 
your printed text before you appear. And on page 8 of your 
written testimony, you seem to want to have it both ways, and I 
think it's a concern.
    The first way is you basically say that U.S. Internet 
intermediary liability and copyright rules discourage 
investment in growth and domestic startups. Yet, two sentences 
later in the same paragraph, you say U.S. businesses have 
thrived domestically under carefully crafted legal framework of 
U.S. law.
    Now, you're basically contradicting yourself there. I don't 
know why you would do that, but I think one of the things that 
goes back for me is, is something I have said in this Committee 
from the day I came on, strong copyright, strong protective 
laws are not a barrier, but they're a creative incentive. I 
believe that what we--the framework that we have here has 
allowed U.S. Internet businesses to thrive, and they become a 
growth for your association and for many others that grow this 
industry.
    So my question is, why are we presenting what seems to be a 
false narrative here, on one hand, saying that it discourages, 
and on the other hand, two sentences later, saying it 
encourages?
    Mr. Black. Thank you very much for the question. Barriers 
to international trade data flows are a problem that we all 
talked about how important the economy of the future is.
    Mr. Collins. Whoa, whoa, whoa. Your word says ``domestic.''
    Mr. Black. We look at what made our society, what in the 
U.S. law has worked to help build our industry. Part of it is 
the balanced copyright. We have a very important, well-
developed, well-refined system that provides both strong 
copyright protection and significant limitations and 
exceptions. That is a key to the health and vitality of what 
has allowed the Internet to flourish here.
    And we believe it is, likewise, and it is appropriate, for 
the U.S. Government as we try to persuade others in the world 
to have strong copyrights, that they also reflect the 
boundaries and limitations that have proved so important to the 
ability of Internet and Internet companies to flourish.
    Mr. Collins. It's an interesting question because -it's an 
interesting answer, because it frankly doesn't answer my 
question. Why would you contradict yourself? I understand that 
you want to say that--but when you said domestically U.S., it's 
either hindering or it's helping. You can't have it both ways 
in the same four sentences.
    Mr. Black. Maybe I'm not----
    Mr. Collins. You cannot say the U.S. Internet liability and 
copyright rules discourage investment and growth in domestic 
startups, and then two sentences later say, ``U.S. Internet 
businesses have thrived domestically under carefully-crafted 
legal framework in the U.S.'' Either the legal framework we 
have here is bad, or the legal framework we have here is good. 
I believe it to be good. I'm not sure why it would be 
contradictory there.
    Mr. Issa. Would the gentleman yield?
    Mr. Collins. Yes.
    Mr. Issa. If I heard that, Mr. Black, were you saying that 
the international conundrums are causing problems, while the 
domestic well-crafted has allowed us to thrive. Is that what 
your intent was in that paragraph?
    Mr. Black. Yes, that's correct.
    Mr. Collins. Well, the problem is--and that would be fine 
if understood, except that the footnote is to a footnote to a 
domestic--you know, saying which gives you the realization that 
it was for that. And this isn't something that our--you know, 
we've had many meetings on this from different various 
interests.
    So I think the biggest thing is--the safe way to put this 
is, I believe that as we look at this, this is crafted in a 
well way. We continue to craft our copyright laws. It's going 
to help us all in this bigger picture, and not settling for 
what is a weaker system in other parts of the world, and I 
think we can----
    Mr. Black. I would just suggest, weaker is the wrong 
terminology. A strong system is a balanced one. Just the same 
way as a three-legged stool versus a two-legged stool. The fact 
that you have balance and limitations in your system makes it 
stronger, not weaker.
    Mr. Collins. Mr. Chairman, I yield back.
    Mr. Issa. I thank the gentleman.
    And without objection, Mr. Black, if you want to revise and 
extend that portion to clarify it, I'm sure the Committee would 
be happy to have that record be full and complete.
    And with that, we go to the gentlelady from Washington 
State, Ms. DelBene.
    Ms. DelBene. Thank you, Mr. Chair. And thanks for calling 
this important and timely hearing.
    And thanks to all of you for being here with us today.
    First, I want to start with Ms. Espinel. As you state in 
your testimony, quote, ``In striking down the Safe Harbor, the 
Court of Justice focused on issues around national security and 
law enforcement access to data. Troubled by the Snowden leaks, 
the court concluded that countries that permit indiscriminate 
surveillance and interception, and mass and undifferentiated 
accessing of personal data could not be deemed adequate under 
EU law,'' end quote.
    While the national security piece is certainly something 
familiar to members of this Committee, could you elaborate a 
bit on why the EU might be concerned about current U.S. law on 
law enforcement access to data?
    Ms. Espinel. Yes. And I think it's, in part, because the 
rules in that area, as in other areas, are unclear. So, you 
know, one of the things that I think is clear is that we need a 
new global framework. And part of that needs to be addressing 
the fact that the rules right now on how U.S. law enforcement 
and foreign law enforcement can access data in the trading 
partners are unclear.
    You are one of the cosponsors and introducers of the LEADS 
Act. We think that that would be--that approach would be a 
helpful part of the solution. We think it would be helpful, 
both, because it would give our businesses, but also their 
customers, whose data they keep, and law enforcement, a clear 
and predictable framework for how to access information.
    We additionally think it would be helpful because without 
that, we fear our current system in the United States will open 
the door for foreign governments to be able to reach back into 
the United States for the data of our citizens, and that is a 
situation is that we would like to avoid.
    Ms. DelBene. And are there examples right now that you've 
seen in terms of how the lack of certainty has impacted 
businesses today?
    Ms. Espinel. Yes. So there are a number of examples. 
There's a case that is actually being litigated right now in 
the U.S. courts between Microsoft and the Department of Justice 
involving data that is held in an Irish data center. The 
Department of Justice, making a request to get that data, and 
Microsoft's view that the request is inappropriate under U.S. 
law.
    That is a real-life example that is being litigated in the 
courts right now. We will see what the outcome from the courts 
are, but we are concerned that if the outcome of that case is 
inconsistent with the position that Microsoft has taken in 
which the software industry is supportive of, as a whole, that 
this will open the door to other governments being able to 
reach back into the United States.
    And so there is a domestic issue that we need to resolve 
absolutely, but part of the reason that we are so concerned 
about that is because of the international implications of that 
and what that would mean for our system and the privacy of our 
citizens back at home.
    Ms. DelBene. Thank you.
    You know, I had a meeting with a group visiting from the EU 
a few weeks ago, and someone--part of that group from the EU 
said that he felt like Americans don't care about privacy. And 
so are we contributing to that negative narrative about how 
privacy is viewed in the U.S. by failing to address some of 
these questions and policy ourselves?
    Ms. Espinel. I think there are differences in approaches 
between the United States and Europe. But I reject the notion 
actually that United States and Europe are that different on 
privacy. Yes, Europeans care deeply about privacy. Americans 
care deeply about privacy, too. It is enshrined in our 
Constitution. We have a long history of protecting privacy.
    I think there are improvements to our laws that have been 
made, or are in the process of being made. So I think the USA 
Freedom Act was a significant step forward, and I thank all of 
you for that. I think Judicial Redress Act is also a step 
forward, and hopefully, again, the Senate will pass it.
    I think one of the things that will be really helpful in 
the environment that we live in today is for there to be a 
constructive dialogue between the United States and Europe to 
truly understand our different systems. Because as I said, I 
don't think the differences are as far apart as people 
sometimes portray them.
    And if I could respectfully make a request of the members 
of this Subcommittee, I think when you're in discussions with 
your European counterparts, I think one of the things that 
would be very helpful is to explain to European counterparts 
how our privacy system works in the United States, some of the 
recent improvements that have been made in the privacy system, 
and try to lessen the amount of misunderstanding that I think 
exists today.
    Ms. DelBene. Thank you.
    I wanted to get one more quick question in for Dr. 
Atkinson. You spoke earlier about things that you thought we 
could do to bolster our credibility and standing to fight data 
protection, and you talked about kind of some of the other 
steps we could do beyond judicial redress, which we just did. 
And I wonder if you could be more specific and tell us about 
some of those other steps we could take with our own privacy 
laws.
    Mr. Atkinson. Sure. I would second what Ms. Espinel just 
said, and go to the case in the court right now with the 
Microsoft Ireland case. And I think it's a very important case, 
because if the principle in the U.S. is that we can access data 
on a foreign person without going through that country's law, 
just because it's hosted by an American company, there will 
only be one result and that will be American companies will not 
host foreign person data in other countries. That will be the 
result.
    The Europeans, the Irish, they will just simply say, you 
cannot put your data on an American cloud provider, regardless 
of where it's located. That can't be the result we want, and 
that's why the LEADS Act is important. That's why as part of 
the LEADS Act, one of the components in that is strengthening 
the MLAT process.
    If the Justice Department wants access to that data, they 
should go through the MLAT process. The MLAT process could and 
should be better and faster and more streamlined, but that 
really has to be the direction we go, otherwise it just means 
that countries will just say you can't put data with an 
American company anymore.
    Ms. DelBene. Thank you.
    Thank you, Mr. Chair. I yield back.
    Mr. Issa. Thank you.
    We now go to the gentleman from Pennsylvania, Mr. Marino.
    Mr. Marino. Thank you, Mr. Chairman.
    I know my colleague and coauthor, Ms. DelBene, asked direct 
and pointed questions concerning the LEADS Act, so I don't want 
to get into rehashing that. But is there anyone on the panel 
that wants to respond even further because of--given the fact 
that Ms. DelBene ran out of time? Please.
    Mr. MacCarthy. Thank you for that. The LEADS Act is an 
important piece of legislation. If the court case that----
    Mr. Issa. I'm afraid you're going to have to use Mr. 
Black's microphone.
    Mr. MacCarthy. Is that better?
    Mr. Issa. Yeah.
    Mr. Marino. Much.
    Mr. MacCarthy. So the LEADS Act is a very important piece 
of legislation. And if the court case that Microsoft is 
involved in goes the wrong way, there would, indeed, be 
disastrous consequences for U.S. companies.
    But I wonder if a small amendment to the LEADS Act to make 
sure that it doesn't inadvertently encourage data localization 
wouldn't be in order. To the extent that it says to companies 
store the information in this country, and it's safe from the 
U.S., that, I think, would encourage people to store data in 
one location rather than the other.
    Instead, the real stand, or issue, would be the nexus 
between the government and the data subject. If they're 
citizens or residents, then local laws should apply; if they're 
not, then local law should not necessarily apply.
    Mr. Marino. Okay. I'll ask that our staffs review your 
statement and others to see how we can make this more 
effective.
    Anyone else? Ms. Espinel.
    Ms. Espinel. I would just say briefly that I think these 
are clearly new issues, and they are complicated issues. I 
think the introduction of the LEADS Act and the work that's 
done--and I thank both you and Ms. DelBene for your work on 
that--demonstrates that while they are new issues and they are 
complicated issues, we as the United States, can still show 
leadership on these issues and try to move forward with various 
ways to approach them.
    And I think that's extremely important. I do think that we 
need to bring other governments into that. I think having 
international consensus around these issues is going to be very 
important. But the United States, I think, will inevitably need 
to show the way. And I thank members for their leadership that 
has already been shown on this issue.
    Mr. Black. If I could just jump in briefly. I think we are 
all on agreement an MLAT and LEADS. To understand the 
complexity and why we have to be careful, whether it's EU or 
us, trying to come up with the solution, the answer of is data 
owned or located, a conversation among the five of us, if we 
were sitting in different countries and it was a video capture 
of that, it would, in fact, be stored around the globe on 
different servers, be in the cloud. So do each of us own it? To 
what rights do the others have to stop it, block it, 
disseminate it? We get into very complex issues.
    We believe we can find answers, but quick, easy, simple 
answers in this area is very difficult. Ownership of data is a 
very tricky concept, and trying to precisely identify--the 
Microsoft case is very interesting because they've identified 
that the data has a location. A lot of people view the data 
they have on their servers disseminated through multiple 
servers, partly for security purposes.
    So the answers--the questions here are very tricky. The 
answers need collaborative between governments, multiple 
governments and private sector players to come up with 
solutions, which is why we're nervous about imposed solutions, 
kind of rigidly applied in a regionally-limited area.
    Mr. Marino. I'm not sure if my colleague went into this 
area. If she did, perhaps you could expand on it; if not, take 
a shot at it. Give me your impression or what you've heard or 
what you see or think about the LEADS Act potentially having an 
adverse effect on U.S. law enforcement, compared to the 
abilities that they have now to obtain information from other 
countries? Dr. Atkinson.
    Mr. Atkinson. Well, I think it's a question of do they look 
at their access in a short-term or long-term perspective. In 
the short run, at the margin, it makes it slightly harder for 
them to get access to that data. In the long run, it will make 
it impossible to get it, or much more difficult to get access 
to that data.
    Because as I said before, the dynamic will be, if the rule 
is that the U.S. can compel a U.S. company to turn over data 
with the lower standard on a foreign person that's stored in 
their country, countries will just mandate that that data 
cannot be stored with the U.S. company, and that will make it 
harder, not easier, for a law enforcement to get that data.
    Mr. Marino. Ms. Espinel, you have 9 seconds.
    Ms. Espinel. Sorry?
    Mr. Marino. You have 9 seconds.
    Ms. Espinel. I would just say, the Department of Justice 
right now is in a situation where they don't know exactly what 
the rule is. And that lack of clarity, predictability is not 
helpful for law enforcement either. I think the LEADS Act would 
be helpful in making it clear and predictable for everyone 
involved, including law enforcement.
    Mr. Marino. Thank you. I yield back.
    Mr. Issa. Thank you.
    Gentleman from New York is next, I think, or from Rhode 
Island. Which one of you is ready to go first? The gentleman 
will yield to the gentleman from New York.
    Mr. Jeffries. Thank you, Mr. Chair.
    And I want to thank the witnesses for their presence here 
today and for very thought-provoking testimony.
    Let me start with Ms. Espinel. There have been some 
concerns that have been raised by some of the people that I 
represent, and, indeed, many aspects of the American public 
about sort of the downside of development of big data, the 
privacy concerns with respect to this data being 
misappropriated, abused, and misused.
    But I was wondering if you could speak to some of the 
potential upsides, the transformative nature of big data as it 
develops to improve, you know, the quality of life, or address 
social conditions or improve the functioning of the economy as 
we move forward.
    Ms. Espinel. I would be happy to. I will start by saying 
that our company take the privacy issues very seriously, so 
those do need to be addressed.
    But, you know, I think we are living in exciting times. So 
here is a kind of incredible fact: If you look at all the data 
that exists in the world today, 98 percent of it was created in 
the last 2 years alone. That is extraordinary. That is 
obviously without precedent, and that is a rate of change that 
is going to continue to increase.
    That has enormous implications for businesses, but it also 
has enormous implications for human beings who can use that 
data. And already today, even though this is an early stage, I 
think, for data, we're seeing enormous societal impact. So 
we're seeing them, you know, in cities that are using them to 
reduce pollution. Doctors are using data to make diagnoses more 
quickly.
    There's an example that relates to saving lives of 
premature babies that are in NICUs that is, sort of, personally 
very meaningful to me. There is research being done on 
Alzheimer's. Farmers are using them to increase their yields 
while reducing the use of pesticides. So I think the societal 
benefits from data, data used properly, are enormous.
    And beyond that, there are enormous economic benefits. So a 
conservative estimate of the gains from efficiency--so one of 
the things that businesses in the United States and Europe and 
around the world say is that using data helps them to be more 
efficient. And generally speaking, they report sort of a 5- to 
6 percent increase in efficiency.
    If you take a very conservative estimate and assume that 
there will be a 1 percent gain in efficiency, we are talking 
about creating $15 trillion to the world economy by 2030. That 
is equivalent to another U.S. economy. So both from the 
economic point of view, from the ability of small businesses, 
as panelists talked about before, to have access to 
international markets in a way that was never possible before, 
and in terms of some of the societal benefits we've seen, there 
is enormous promise.
    And I will just conclude by saying, while there is enormous 
promise, it is early days. And so one of the reasons that we 
are concerned about some of the trade barriers that we see 
around the world is because we fear it will cast a shadow on 
innovation to come.
    Mr. Jeffries. Now, the international concerns that many on 
the panel have spoken to in the context of trade, and some of 
the court decisions that we've seen come out of Europe, I want 
to turn inward for a moment and ask you, Ms. Espinel, do you 
think that the United States, in the face of this exponential 
growth of data in such a short period of time, as it relates to 
that 98 percent figure, do we have an adequate legal and 
regulatory framework in place right now, or are there things 
that this Committee, that this Congress should be thinking 
about in this new data era that we exist in?
    Ms. Espinel. I think it's inevitably the case that legal 
systems around the world are going to need to adjust to the 
world that we live in. You know, there's country's individual 
laws, and then there's sort of the global trading system that 
also needs to address.
    And we've talked about some of the pieces of legislation 
that we think could be helpful, like the Judicial Redress Act, 
in trying to repair--be part of the solution to getting us to a 
new Safe Harbor. We've talked about the LEADS Act. You know, I 
think this is a rapidly-evolving landscape, so I think it's 
entirely possible that we will need further legislative change 
in the United States, and I am very confident that we will need 
legislative change in other countries of the world.
    And I will close by saying, I think it is imperative that 
we have a global trading system that sets up strong and 
enforceable rules or data. Without that predictability around 
the world, I think it will be very difficult, not just for U.S. 
companies, but for all companies.
    Mr. Jeffries. And in the limited time that I have, you 
mentioned the importance of American leadership, but you also 
said that it was important to develop international consensus. 
Could you speak to what some of the international challenges 
may be as it relates to how other international actors look at 
big data, which perhaps may differ than our view here in the 
United States?
    Ms. Espinel. So I could talk about this almost 
indefinitely. I will try to be very brief. So I'll just 
highlight a couple of things: One is, I think, you know, other 
countries, sometimes the motivations are about trying to grow 
their domestic industry or trying to keep U.S. industry out of 
their markets. And so that is a reason, or can be a motivation 
for why countries put in place restrictions to keep barriers 
out.
    But I think, you know, as I alluded to before, I think part 
of the issue is that these are new cutting-edge issues. And so 
I think not just the United States, but countries around the 
world are struggling with how do you balance security and 
privacy appropriately?
    And so that is why I think, while I believe the U.S. will 
and needs to show leadership on this, I also think it's 
incredibly important that it's not the U.S. going out and 
saying this is our solution, and we think this should be 
imposed on the rest of the world. I think there does need to be 
international consensus.
    I am fully aware of the fact that not every country in the 
world is going to want to be, or be able to be at that table 
right away, but I do think there are a number of countries 
where the United States could start having discussions about 
what norms of those areas should look like, and that would be 
very productive.
    Mr. Jeffries. Thank you, Mr. Chairman. I yield back.
    Mr. Issa. We now go to the gentleman from Texas, who has 
been patiently at the end of the dais.
    Mr. Poe. Thank you, Mr. Chairman.
    Thank you all for being here.
    I want to talk about a specific issue of privacy: 
Surveillance by government. That's what I'm talking about. Not 
cybersecurity or any of those issues. Let's focus on that one 
issue.
    To me, the United States has always been the world leader 
in privacy. We have a Fourth Amendment that you're all familiar 
with. Many countries, maybe most don't have such a concept as 
the Fourth Amendment, protection against unreasonable searches 
and seizures by government.
    Mr. Atkinson, you talked about the Europeans use privacy as 
an excuse for really protectionism. I want to delve in this a 
little further and, talk about and ask you your opinion. There 
are three issues that we have regarding government surveillance 
on Americans. And if the perception of the Europeans is that 
America doesn't protect the right of privacy, perception, 
whether it's reality or not, is part of the reason we have this 
issue with the Europeans.
    And one of those is the concept of the FISA courts; the 
second is surveillance under 702 warrants; the third is 
backdoor searches, and encryption that government may encourage 
our businesses to have into their systems; and the fourth is 
EPCA, whether it should be reformed or hasn't been reformed.
    Those four issues to me, and I'm a former judge, are issues 
where it seems that government intrusion in those four areas 
and the failure for us, Congress, to redefine or define the 
Fourth Amendment to make sure it applies in those four areas or 
not may be part of the problem we have with dealing with 
foreign countries on the issues that you've all talked about.
    So my question is--and I want all five of you to weigh in 
on this, I just want your opinion--does Congress, in your 
opinion, need to look at each of those four issues, those four 
areas where government surveillance on citizens is allowed, and 
fix that problem, or look at those four issues? What do you 
think about that issue as regarding government surveillance on 
citizens and the effect it has on businesses being able to have 
the free flow of data around the world?
    So that's really the only question I have, and I'd like to 
just start and go down the row and see what you all think about 
that.
    Mr. Atkinson. I would agree with that. I'm less familiar, 
not an expert on the FISA court issue, but on all the other 
issues you brought up, I fully agree with you that we do need 
FISA reform on 702.
    EPCA, we've been a long supporter of it. It really is 
illogical that there is a lower standard of government access 
to data that's stored in the cloud than data that's stored on 
my home computer. It just doesn't reflect technological reality 
that we would treat those differently. If we--so I fully agree 
with you on that.
    And I do think all of that, and including the backdoor 
issue and the intentional weakening of U.S. systems, that all 
of those things have hurt our ability to be a global technology 
leader, and they're going to continue to hurt us until we take 
steps on it.
    I will just say, though, and I think we need to be a little 
bit more vocal about saying that is, there are other countries 
that are doing things like that. If I were the Irish data 
protection authority, I wouldn't let Irish data go to France. 
In other words, there are other countries that do these as 
well, and I think it's important that we make that, that we're 
not the only country that has challenges there.
    Mr. Poe. I know other countries don't observe the concept 
of the Fourth Amendment, but we do in this country.
    Mr. Atkinson. Exactly.
    Mr. Poe. And I just want to know if that is a factor in 
this entire discussion.
    Any others? We've got just about a minute left or less than 
that to weigh in on that.
    Ms. Espinel. Just briefly. Yes, I think those are all areas 
that Congress should consider. I would speak to two of them. We 
are concerned about movements undermining encryption and we've 
made that clear. And we also very much support EPCA and would 
urge its quick passage by Congress. Thank you.
    Mr. Poe. Anybody else?
    Well, I'm going to yield back my 9 seconds.
    Mr. Issa. And I'm going to take the 3 seconds back and 
treasure them always.
    Oh, I'm sorry. I think--the gentleman is recognized for a 
short addition to his now expired time.
    Mr. Black. Thank you. Very good points. Frankly, the world 
looks at what we do, not just what we say. If we're going to be 
a moral leader for an open, free Internet, we need to walk the 
walk as well as talk the talk. And those are all areas where we 
need to do more.
    Without a doubt, I should point out there was a story that 
appeared today about the United Kingdom that just basically--
apparently it was either finally passed, or very close to 
passing, a requirement that companies turn over--or have 
encryption that can be broken. That would be a terrible 
precedent, and the U.K. does it. Other countries are doing----
    Mr. Issa. Ms. Espinel, are you familiar with that?
    Mr. Black. We're the only ones that do some things. 
Governments want to have access to information that's global.
    Ms. Espinel. Yes. I should just say--and I will check on 
this--but we have been concerned about the U.K.'s moves toward 
requiring backdoors to encryption and have raised that with the 
U.K. Government. My understanding is that most recently, the 
U.K. Government has stepped back from that and has said that 
they are not going to be requiring backdoors to encryption in 
the legislation that is moving through the U.K. system.
    So I will check to confirm that and come back to you. But 
we view that as a very positive step, because, not to take too 
much time, but part of the reason that we are concerned about 
encryption here in the United States is not just because of 
here in the United States, but because of the precedent 
overseas.
    And so if my understanding is correct, and the U.K. 
Government yesterday said they would move forward with their 
legislation without those requirements to backdoors, we view 
that as, at least, one positive step in this discussion.
    Mr. Issa. Mr. MacCarthy, if the gentleman would--okay. 
Please.
    Mr. MacCarthy. Very briefly. I agree with----
    Mr. Issa. Again, you've got to use Mr. Black's microphone. 
We've denied you full access, I'm afraid.
    Mr. MacCarthy. Equal access to microphones.
    Mr. Poe, I agree that those are issues that need to be 
addressed. I agree that back doors are a problem. We would 
oppose further movements in that area for the reasons that have 
been articulated. We're strong supporters of EPCA. But my point 
is that none of those things need to be preconditions for a 
successful resolution of the negotiation for a new workable 
Safe Harbor.
    Mr. Poe. Thank you, Mr. Chair.
    Mr. Issa. And with that, I'll take those 3 seconds and pass 
them on to the gentleman from Rhode Island for an additional 3 
seconds.
    Mr. Cicilline. Thank you, Mr. Chairman.
    Thank you to the witnesses for this very useful testimony, 
as we sort of struggle with this question of how do we preserve 
cross-border data flows, and if we're really making the point 
of how important this is to our economy, and how unsustainable 
a system that interrupts those flows would be in the long term.
    And you've all spoken about the need for a narrowly-
crafted, but least-restrictive-of-trade kind of standard. And I 
want to sort of press you a little bit on that, and beginning 
with you, Mr. Ambassador. You make the same argument, of 
course, in your written testimony that we need a workable, and 
commercially-viable and legally-valid alternative to the Safe 
Harbor provision.
    I wonder if you could just expand on this a little bit, and 
describe what you think should be included in such an 
alternative. And also, how do your member companies plan to 
take privacy concerns into account until such a new standard is 
developed?
    Mr. Allgeier. Well, thank you very much.
    Yes, it is very important for all of our companies, because 
they're all dealing with cross-border data flows, that there be 
a successor to the now invalidated Safe Harbor. And I think it 
goes a lot back to what Rob Atkinson was saying, is that 
there's going to have to be a workable way of recognizing some 
of the differences in privacy laws, but also make it viable for 
companies to actually comply with it without making it 
completely chaotic.
    I'm not a lawyer, so I don't have specific suggestions on 
how do we work that, but I think that--as Victoria said, that 
once there is a successor, there needs to be sufficient time 
for companies to come into compliance.
    So I think there should be a recognition that, all right, 
if we've reached agreement, we leave the existing system in 
place for a reasonable period of time. And then these 4,000 
companies--and some of them are small companies, a lot of them 
are--need time to then show that they can meet the new 
requirements of Safe Harbor 2.0, or whatever it's called.
    Mr. Cicilline. Does anyone else have a suggestion? Yes. Dr. 
Atkinson.
    Mr. Atkinson. I would agree with that, although I think 
ultimately, we're going to have to move beyond the Safe Harbor 
to a formal trade agreement. I know people have alluded, for 
example, to the WTO protections--or exemptions around--in the 
services agreement around moving from privacy and security. 
Unfortunately, what we're seeing are countries that are using 
that as a guise for protectionism, China being a case in point.
    I have talked to Chinese Government officials who tell me 
that they're justified in doing what they're doing because of 
national security concerns, which is just simply false. Under 
the way the WTO rules are set up, it's hard to bring that case. 
And I don't see any evidence that we're going to change the WTO 
rules anytime soon.
    That's why it's important to put this in trade and services 
agreement, and a TTIP agreement with a very, very, very narrow 
exception so that countries can't use that to drive the truck 
of mercantilers through----
    Mr. Cicilline. May I just follow up, Dr. Atkinson. One 
thing you said in your written testimony is that the European 
Court of Justice overturned the Safe Harbor agreement, not 
because of privacy concerns, but because of concerns about 
governmental access. Does it then sort of follow that either as 
part of the Safe Harbor, the new agreement, or in conjunction 
with it that we put into place additional surveillance reforms 
to respond to that concern raised by the court? Sort of 
building on Judge----
    Mr. Atkinson. I would argue that it does follow from that. 
I would say two quick things, though: One is, they made that 
decision without any real judicial review. They must have just 
watched some videos from--you know, that was shown, you know, 
what NSA did or something. There was no real collection of 
evidence when they made that decision, and I think that should 
be very troubling.
    Secondly, as I said earlier, they haven't cut off other 
countries who have more problematic access, government access 
rules than we do. But having said that, I do think it's 
incumbent upon us to make some reforms that would go in that 
direction, as you said.
    Mr. Cicilline. And just one final question for the panel. 
Does Congress have a role to play, and if so, what is it, in 
establishing this sort of modernized Safe Harbor framework? Is 
there a useful role that Congress can play in the development 
of that?
    Ms. Espinel. Sure. So I would say, there's a short term and 
a long term. I think short term, we need to encourage the 
United States and Europe to come to an agreement on new Safe 
Harbor. We don't believe--we do not believe we need new U.S. 
legislation to do that, although we do hope the Judicial 
Redress Act passes as soon as possible. And I think Congress 
has a role to play in working with your European counterparts 
to encourage Europe to come to the table and to reach an 
agreement as quickly as possible on a Safe Harbor 2.0.
    But then looking at the long term, I think it is also clear 
that is not our long-term solution. We're going to need a 
global solution. We're going to need something that is flexible 
and principled-base, and I think Congress absolutely should 
play a role in working with the Administration and working with 
industries and working with your counterparts around the world 
and helping to determine what that long-term solution is going 
to look like.
    Mr. Cicilline. Thank you. I yield back, Mr. Chairman.
    Mr. Issa. Thank you.
    We now go to the gentlelady from San Jose.
    Ms. Lofgren. Well, thank you. This has been very 
interesting, and I appreciate the insight shared by all the 
witnesses to the Committee.
    You know, I think that we are in for a very tough time, 
actually long term, in trying to reconcile very different 
approaches to freedom, essentially. If you take a look at what 
the European Court of Justice did, they basically said that the 
2000 Commission had erred by failing to take into account the 
interaction of U.S. domestic law and U.S. international policy 
and the framework; in other words, it didn't take in the whole 
picture, and it's going to allow the data protection agencies 
in each country to investigate violations. Well, where does 
that lead us?
    I mean, you've got a situation in Europe, and I--as Ms. 
DelBene mentioned, many of us meet with the parliamentarians 
from Europe, who feel that their decision on right to be 
forgotten is extremely important to them and very valuable. And 
when you get into it with them, you say--I mean, recently, an 
agency in France ruled that links in content removed under 
their right to be forgotten has to be removed worldwide. And 
when you talk to them about, Hey, we have a First Amendment. 
Even if we agreed with you, we can't agree with you. I mean, we 
can't allow elimination of First Amendment rights.
    So when you talk about data, I think it's--it depends on 
which kind of data you're talking about. I mean, if you have a 
database that is the product of the health study, and it's 
completely owned by, you know, a university, it's possible to 
control the sharing of that data in a very different way than a 
posting on Facebook. You know, I think we're looking--we're 
looking down the road at some very severe--and I'm not sure how 
we get to a situation that's going to be suitable. But getting 
to that, I'm wondering--you know, Mr. Black, you mentioned the 
right to be forgotten and others have talked about it, is a 
major barrier to data flow. How do you see this ending up when 
you've got the First Amendment that protects Americans' right 
to free speech, and a Europe that has no equivalent respect for 
speech, but has an equivalent right to--to sensor? How are we 
going to resolve this?
    Mr. Black. Well, as I tried to indicate, it's a very 
troubling concept. And when you think about it, if it becomes 
an established precedent, and we are seeing other countries in 
other parts of the world are considering similar versions, it 
is an amazing shield for basically hiding data, distorting 
history, limiting the ability to prevent, frankly, honest 
information transfer. We talked about ``data,'' and we all use 
``data,'' and it's important we do, but we're talking about 
information and knowledge, and the ability to block information 
and knowledge, to block people's ability to communicate part of 
communication is getting information. It's a very serious 
precedent.
    And unless it is whittled down, and we find some way to 
back off of its broad reach--I mentioned the editorial aspect 
that's exceptionally troubling, but frankly, even if you don't 
go to that step, the breadth of the concept of the right to be 
forgotten, the ability--and we all want database to be cleaned 
up of erroneous fact, but, again, it is, once again, imposing a 
liability on players, intermediaries, that is fundamentally a 
flaw, and you can do it on--for so many purposes. You can----
    Ms. Lofgren. Right.
    Mr. Black. And we had this discussion earlier, but if you 
have intermediaries liable for what users do, or for what 
information or data that flows over the networks, you will have 
a crippling of the open Internet as we know it today.
    Ms. Lofgren. Well, what I see, I mean, going--I'm sorry Mr. 
Marino had to leave, but we have Safe Harbors in the DMCA, and 
we have section 230 of the Communications Decency Act. We have 
some provisions that is would allow the Internet to flourish. 
They don't have that in Europe. And so I think that's part of 
the reason why they don't have an Internet economy. They have 
crippled their tech sector in that way and maybe a few others.
    And to think that you can control the flow of data and have 
an Internet, that's not how the Internet works. So I--I think 
that we have a fundamental misunderstanding with some of our 
colleagues in parliaments across the world. That's not to say 
there aren't countries that are just using this as an excuse. I 
mean, you take a look at countries that want to have localized 
data; Russia, China, Turkey, these are not companies that--
countries that are, you know, wallowing in free speech. They 
have a different agenda.
    I just want to make one final comment on--or maybe even a 
question, on copyright. Because, you know, we've also got a 
problem there, and it's a crossover with free speech. We 
recently had a situation where European book publishers are 
saying that you can't actually index their books, and that if 
you index their books, there would be an index tax. Which is--I 
remember when people wanted to do an email tax. That's not 
going to happen. And so I've been telling the parliamentarians, 
if they look ahead in Europe, they're going to be like China, 
because we're going to have to cut them off, because we're not 
going to lose our freedom because they don't value theirs.
    Do you see it going in that direction?
    Mr. Black. This is an excellent area for action to actually 
be taken by the U.S. Government. Under the Berne Convention, 
okay, it is very clear there is a right in order to basically 
have access to news. We think if the U.S. Government wishes to, 
some of these snippet tax approaches are, in fact, 
challengeable under existing law. We all want--we've all said 
we want to improve the rules governing data flow around the 
world, but there are some rules that are in effect now that are 
not being utilized. And in this area, we think there's room for 
action immediately to go after some of these more egregious 
attempts to, frankly, alter the rules of access to information.
    Ms. Lofgren. Mr. Chairman, could I just have 1 second more 
to make a comment?
    When Spain said you can't link to news articles, and Google 
just withdrew, and then none of the newspapers could find 
readers. So I think to some extent, there's a role for the 
government to play, but I think, also, companies are going to 
have to take actions themselves, because they can't live with 
some of these rules. And I think when the European public can't 
actually access information, there's going to be reaction among 
the public themselves.
    Thank you, Mr. Chairman. I yield back.
    Mr. Issa. Thank you. And I thank you for that salient 
point. I think it is one of those where be careful what you 
wish for. May Spain always have the dark ages back, if that's 
what it wishes for.
    Dr. Atkinson, I'm going to ask you sort of a question that 
I know the answer to, but--but it may be a will question as 
much as it can.
    Would be it helpful and/or appropriate and/or possible to 
sue the EU under the WTO in light of their decision?
    Mr. Atkinson. So, I'm not a trade lawyer, and I know when 
Ira Magaziner made those veiled threats back in the late '90's 
to get the Europeans to come to the table on Safe Harbor, he 
did suggest that we file a suit with the WTO. I think the case 
is stronger now, as I said earlier, because they haven't just 
said they're cutting--they've only cut us off. They haven't cut 
off other countries who have even less governmental protection. 
So I think there is possibility. And I think we shouldn't back 
down from holding up the--as Teddy Roosevelt in--speak softly 
but carry the big WTO stick.
    Mr. Issa. I'm sure WTO was in that.
    Let me ask a broader question. I had the opportunity to be 
in Antarctica last year. Fifty-three Nations--I had to look 
that up to remember--53 Nations are all part of an 
international treaty that says you can go there; you can have 
things there; you can't--you can't mine and take the resources, 
and nothing could be done there that essentially isn't agreed 
to by the party as a whole. It's a noncountry by international 
agreement.
    As this Committee goes forward with the number of pieces of 
legislation, and we're looking at privacy, domestically, and 
then we're looking at a global world, do--I'd like each of your 
comments briefly, just as we have around our Custom systems, if 
you will, sort of free trade zones, they have places where you 
can bring your goods to the United States, but they're not in 
the United States for any practical purpose. And there's no 
tariff, and quite frankly, they are still considered to be not 
in the country. So they can only be seized or looked at as a 
ship might be bordered in international waters.
    Should we use, if you will, a combination of these two 
models, the pretrade zone in the U.S. and the idea just like 
Antarctica, there have been to be places, in this case, the 
cloud, in which all countries have to view it as outside their 
reach, and as such, not so easily taken whether it's in the 
U.S., and Europeans are concerned that their privacy will be 
breached, or vice versa, inside another country where somehow 
the standard would be artificially higher or lower to enforce 
whatever is subject to what I would envision as an 
international trade agreement that mirrors, if you will, the 
best of the protections of, let's say, the Europeans and 
ourselves and other partners.
    Can I have your comments on that?
    Mr. Atkinson. Sure. One of the reasons we're having this 
debate right now over privacy, it's emblematic of a broader set 
of questions a number of the panelist members have brought up. 
And, really, what we lack is we lack a consistent, readily 
understandable and shared global framework for thinking about 
governing the Internet. And by that, I don't mean ICANN 
governance. I mean, all of the policy questions that countries 
face with regard to the Internet. We don't have a shared view 
of what's appropriate, what's not appropriate. And I think we 
have to--we've proposed in that a recent report called the 
``Framework For Resolving Cross-border Internet Policy 
Conflicts.'' And I think we--I think it's incumbent upon----
    Mr. Issa. And I appreciate that, and I'd love you to answer 
further, and I'll read any material you send me. My question 
was more narrow, is should we take away in some hosting 
environments, if you will, a cloud and say it does not reside 
inside the U.S., even though it's in Toledo, but, in fact, it 
doesn't reside in any Nation, and all Nations have to observe 
at the same level of respect as though one might do an 
extradition, rather than a simple subpoena, no greater, no less 
than--than that? And that's one of my questions is, if we're 
going to make the cloud a free trade zone, do we have to begin 
looking at it as not ours, even if it's in the U.S. and not 
theirs, even if it's hosted there. And I'll just go down the 
list. But please stay narrowly focused, because I want to get 
to Mr. Johnson.
    Mr. Atkinson. I disagree. I'm not sure that is exactly the 
right way to go, because there are legitimate things government 
has access to and concerns that are legal. And if it's in the 
cloud, it shouldn't be extraterritorial, in my view, should be 
covered by a trade agreement.
    Mr. Issa. Just so you know, the Chairman of the full 
Committee made it very clear in the last round of legislation 
that this Committee was tired of our country knowing more about 
us than us knowing less about them. So you may--you may find 
the definition of legitimate interest to the government is on 
the wane from this Committee rather than the ebb it had after 
9/11.
    Ambassador.
    Mr. Allgeier. I thought your metaphor was very interesting, 
because the free trade zone, as you say, the products are in 
there and you can do all sorts of things with them. But once 
they leave that zone, they are subject to whatever the duties 
are and the regulations are of the markets they are going into. 
So I don't know if it's perfect, but in a sense, the cloud is 
where it resides, and then only when it leaves the cloud for a 
particular reason does it become subject to, well, whatever the 
jurisdiction is of whatever is being used. It's an interesting 
thought.
    Ms. Espinel. So I would just say, I'll take that to be a 
serious proposal, and I would like to give it serious 
consideration. But I could just make two observations, free 
trade zones work, in part, because they fit inside of a global 
trading system that has rules. And so, I think part of--a 
prerequisite to this would be to have that global trading 
system of rules for data.
    Mr. Issa. By the way, I think it was about 1959 that we 
started trying to get Antarctica. We are only at 53 countries. 
So I have no illusions that this would necessarily be quick and 
easy, but it is--it begins to appear to me that if we do not 
begin to think of the cloud as not America's, then the rest of 
the world will say, if it's going to be yours when it's in 
America, then it's going to be mine if I have the ability to 
mandate it. And that's--that's exactly what this hearing today 
was about, is how do we get that free flow to be not a bias 
toward a country of residence to the detriment of others 
concerned?
    Mr. Black.
    Mr. Black. I think it's an intriguing idea. I agree it 
should get some serious considerations, look at the 
ramifications. I hate to use metaphors I haven't thought out 
ahead of time. But, you know, when we talk about the oceans, we 
have territorial waters, and then we have the open sea. And it 
may well be there's a certain appropriateness here to think of 
things that are not--should not be geographically, and 
therefore, governmentally tied to one Nation. I would like to 
explore that more.
    Mr. Issa. Mr. MacCarthy, as you answer it, I want to tell 
you--yeah, grab the right one--I did not use the high seas, 
because there's too much seizing of things on the high seas, 
but rather, places in which the world has agreed to a common 
set of protection, a common set of respect for other countries. 
Nobody can go into Antarctica and do something where other 
countries are not essentially consulted in the process. So it 
is a little more like extradition and a little less like the 
high seas.
    Mr. MacCarthy.
    Mr. MacCarthy. So I think the idea is worth exploring in 
great detail. I'm worried that even our own regulators who have 
a responsibility to protect the privacy and the anti-fraud 
interests of our own consumers would want to gain access to 
information in order to enforce local law. And so the idea that 
there could be a place of the cloud, the Internet, that is 
literally a place without law, that probably is the right way 
to go.
    But the next step of trying to harmonize the rules probably 
is difficult. We've heard the difficulties in the First 
Amendment. We've--privacy is also a very, very difficult issue 
to get harmonized laws. We have got a sectorial approach. The 
Europeans have a different approach. But you can make those 
rules interoperate. That's what the Safe Harbor was supposed to 
be all about, and that's why we have to get it back into place 
as soon as possible.
    Mr. Issa. Okay. I'm going to go to Mr. Johnson. But I will 
leave you with this, because we can certainly, many of you we 
regularly have a dialogue with. If the United States is to 
lead, we certainly have exclusively, within our jurisdiction, 
the ability to create these zones. We have the ability to 
lessen our own authority over a site hosted under this concept 
that it is not America without specific protections. In other 
words, a foreign hosting site, to use a term that may not exist 
yet.
    But, you know, the United States could, tomorrow, decide 
that we're going to have foreign hosting sites, and that a 
foreign hosting site is, by definition, one of which the 
Department of Justice and others must treat it as a non-U.S. 
and use an open and transparent process in order to go after 
it, and not treat it quite the same as we would a U.S. In other 
words, give it all the protections of being in the U.S. from a 
standpoint of the NSA not being able to hack it, and yet, give 
it additional protections.
    This is not a new concept to think about, can we do better? 
The question is, will America lead? And that's what I'd like to 
have in the days and months to come.
    Your comments on can America lead by creating something 
which the rest of the world could have a higher belief on, and 
if we do this, the same as we created the Internet, and we set 
the standards and then we gave it as a gift to the world, at 
least as to entities which are hosted within our borders, but 
are hosted under some enhanced protection and assurances for 
the rest of the world, we could lead a standard that I doubt 
that Russia and China would follow, but I certainly would like 
to reach a standard that the EU would admire and emulate.
    Mr. Johnson, I apologize for going a little long, but the 
gentleman is recognized.
    Mr. Johnson. Well, no. In fact, I'm--I'm prompted to yield 
whatever time that the gentleman would extend to me, the 5 
minutes. I tend to think that I might be better off by just 
simply yielding to you and listening to your questions. There's 
a lot that I missed having been absent at an Armed Services 
Committee meeting, and I don't want to go over plowed ground. 
I'm just kind of here to learn. And so with that, I will yield 
back to the Chair.
    Mr. Issa. I thank the gentleman.
    Is there anyone who wants to make any closing remarks that, 
from the whole host of questions that you would like to have 
briefly in the record, and then we can--you can extend, and 
I'll say in that my closing remarks.
    Mr. MacCarthy.
    Mr. MacCarthy. So very briefly. It's very good news that 
the European Commission has suggested that there's an agreement 
in principle on the Safe Harbor. We have every reason to expect 
it will see a rapid conclusion of that. Commissioner Jourova is 
coming over here in a couple of weeks, maybe he will do 
something there.
    They have every incentive to get this right. Digital trade 
between the United States and Europe is huge. We have a global 
trade surplus of $150 billion in digital trade. They have a 
global surplus of 163. They know that their fundamental 
interests are at stake here, and I think they are going to try 
to act to try to put in place a Safe Harbor to make 
transatlantic data flows work again.
    Mr. Issa. Mr. Black.
    Mr. Black. Very short.
    Mr. Issa. Reclaiming your mike.
    Mr. Black. Very short. A lot of consensus I think you heard 
today. The reality is that we're going to have a lot of these 
problems linger for a while. There are no easy solutions. The 
Internet is a tremendous part of our future. I would--I guess I 
would urge, as a U.S. citizen, that we had a huge role in 
creating the Internet. We have a tremendous history and 
essential one to the First Amendment, freedom of speech, as we 
go forth and set rules domestically or internationally, that we 
keep it to a forefront of our principles, that commitment to 
openness, the freedom to access information, and that has, 
frankly, created a climate that has allowed the Internet to 
flourish.
    If we do that, we're gonna still have a lot of problems to 
wade through, but keeping our eyes on that fundamental set of 
principles will lead the way. Thank you.
    Mr. Issa. Ms. Espinel.
    Ms. Espinel. Thank you. Well, I would start off by thanking 
you for holding this hearing and focusing on attention on this 
issue. Having been given the extra time, I would just reiterate 
two things I said before.
    Mr. Issa. You can just tell us, what was it like being at 
E&C versus here? Which Committee did you think better of? You 
can be impartial here.
    Ms. Espinel. Clearly, this one.
    Mr. Issa. Of course.
    Ms. Espinel. I think in terms of the trade barriers that we 
have talked about, we have been playing policy Whac-a-Mole for 
over 5 years. There are countries around the world that have 
been considering trade barriers, putting trade barriers 
forward, and our hope and expectation is that TPP will be, at 
least, a start of a mechanism to push back on those. And so if 
it does what we believe that it does, it is a truly historic 
opportunity.
    The second thing is just, if I could go back to the U.S. 
EU's Safe Harbor, because it is sort of an issue of immediate 
concern. I agree with Mr. MacCarthy. All indications are that 
that we will--the United States and Europe will be able to come 
to a quick conclusion on the Safe Harbor 2.0, but anything that 
Congress can do to encourage U.S. and Europe to come together 
on that would be--would be great, but we need to bear in mind 
that if the Safe Harbor is concluded, and if there's an 
appropriate period of time for U.S. companies to come into 
compliance, that--that will only get us so far, and then we are 
going to immediately need to turn to working out what our long-
term solution will be. Because I do not believe that the next 
Safe Harbor will be that long-term solution.
    Mr. Issa. Anyone else? Doctor.
    Mr. Atkinson. I think one of the things that's been 
happening in the last few years is that the policy realities 
have finally caught up to the nature of the global Internet and 
not in a good way. And I think the challenge that we face, both 
here and around the globe, is we have to figure out a way to 
balance the differences that we have between countries, 
legitimate differences in values and cultures. We're not all 
going to agree. We can never do that. And so we have to figure 
out a way to allow the Internet to thrive and flourish in a 
system where people are going to have different rules and 
different policies.
    At the same time, we have to be able to have a way that 
global free trade and data goes on, and goes on in a robust 
way. And I think we can square that circle, but it's really 
gonna require not just all the specific actions that we've 
talked about, which are important; it's going to require a 
larger conversation along the lines of what you've proposed. A 
much bigger way to think about this and the way to bring in 
countries, like the Antarctica problems that we tried to solve. 
We need something like that at the global level now.
    Mr. Issa. Ambassador, you get to close.
    Mr. Allgeier. Thank you very much. Well, these issues that 
we've been talking about, cross-border data flows, 
localization, open Internet, and so forth, should be subject to 
rules that are multi-lateral, and the place normally to do that 
would be the World Trade Organization.
    The World Trade Organization is not operating at this point 
in a way that we can do that. And so our second best 
alternative is to get these issues right in each of the 
negotiations that we're undertaking, whether it's the TPP, the 
one with Europe, the one on services, bilateral investment 
treaties with China. At least try to get a cohesive and right 
approach in all of those to create de facto the template. The 
advantage of the WTO, if we can get it there, is that there is 
dispute settlement. It's legally binding, and so, for example, 
if there's a dispute about whether somebody is using a--a 
health reason or a prudential reason for protectionism, you can 
at least battle it out within a legal framework there.
    So I think that's what we should ultimately be looking for, 
but in the meantime, we need to get it right in the other 
negotiations.
    Mr. Issa. Well, I want to thank you all of you for a 
delightful conversation back and forth. I think to all of us 
who attended, this was very useful.
    As promised, I will leave 5 legislative days to submit 
additional written materials on any subject, but particularly 
the ones that I brought up. And if you have any additional 
extraneous material, we also would accept that.
    And with that, we stand adjourned.
    [Whereupon, at 3:54p.m., the Subcommittee was adjourned.]

                            A P P E N D I X

                              ----------                              


               Material Submitted for the Hearing Record

 Prepared Statement of Edward M. Dean, Deputy Assistant Secretary for 
   Services, International Trade Administration, U.S. Department of 
                                Commerce

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]


  Prepared Statement of Nuala O'Connor, President and CEO, Center for 
   Democracy & Technology; and Gregory T. Jojeim, Director, Freedom, 
    Security & Technology Project, Center for Democracy & Technology

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



            Letter from Michael Beckerman, President & CEO, 
                        The Internet Association

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



    Letter from Daphne Keller, Director of Intermediary Liability, 
          Center for Internet and Society, Stanford Law School

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



 Response to Questions for the Record from Ambassador Peter Allgeier, 
            President, Coalition of Service Industries (CSI)

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]


 Response to Questions for the Record from Robert D. Atkinson, Ph.D., 
   Founder and President, The Information Technology and Innovation 
                               Foundation


[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



      Response to Questions for the Record from Victoria Espinel, 
             President and CEO, BSA | The Software Alliance



[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



 Response to Questions for the Record from Ed Black, President & CEO, 
           The Computer & Communications Industry Association


[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



 Response to Questions for the Record from Mark MacCarthy, Senior Vice 
 President, Public Policy, Software & Information Industry Association

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]


                                 [all]