[House Hearing, 118 Congress]
[From the U.S. Government Publishing Office]


      IP AND STRATEGIC COMPETITION WITH CHINA: PART III--IP THEFT, 
                         CYBERSECURITY, AND AI

=======================================================================

                                HEARING

                               BEFORE THE

    SUBCOMMITTEE ON COURTS, INTELLECTUAL PROPERTY, AND THE INTERNET

                                 OF THE

                       COMMITTEE ON THE JUDICIARY

                     U.S. HOUSE OF REPRESENTATIVES

                    ONE HUNDRED EIGHTEENTH CONGRESS

                             FIRST SESSION
                               __________

                       THURSDAY, OCTOBER 19, 2023
                               __________

                           Serial No. 118-49
                               __________

         Printed for the use of the Committee on the Judiciary
         

                  [GRAPHIC NOT AVAILABLE IN TIFF FORMAT]         


               Available via: http://judiciary.house.gov
                               __________

                    U.S. GOVERNMENT PUBLISHING OFFICE
                    
53-827                    WASHINGTON : 2023               


                       COMMITTEE ON THE JUDICIARY

                        JIM JORDAN, Ohio, Chair

DARRELL ISSA, California             JERROLD NADLER, New York, Ranking 
KEN BUCK, Colorado                       Member
MATT GAETZ, Florida                  ZOE LOFGREN, California
MIKE JOHNSON, Louisiana              SHEILA JACKSON LEE, Texas
ANDY BIGGS, Arizona                  STEVE COHEN, Tennessee
TOM McCLINTOCK, California           HENRY C. ``HANK'' JOHNSON, Jr., 
TOM TIFFANY, Wisconsin                   Georgia
THOMAS MASSIE, Kentucky              ADAM SCHIFF, California
CHIP ROY, Texas                      ERIC SWALWELL, California
DAN BISHOP, North Carolina           TED LIEU, California
VICTORIA SPARTZ, Indiana             PRAMILA JAYAPAL, Washington
SCOTT FITZGERALD, Wisconsin          J. LUIS CORREA, California
CLIFF BENTZ, Oregon                  MARY GAY SCANLON, Pennsylvania
BEN CLINE, Virginia                  JOE NEGUSE, Colorado
LANCE GOODEN, Texas                  LUCY McBATH, Georgia
JEFF VAN DREW, New Jersey            MADELEINE DEAN, Pennsylvania
TROY NEHLS, Texas                    VERONICA ESCOBAR, Texas
BARRY MOORE, Alabama                 DEBORAH ROSS, North Carolina
KEVIN KILEY, California              CORI BUSH, Missouri
HARRIET HAGEMAN, Wyoming             GLENN IVEY, Maryland
NATHANIEL MORAN, Texas               BECCA BALINT, Vermont
LAUREL LEE, Florida
WESLEY HUNT, Texas
RUSSELL FRY, South Carolina

                                 ------                                

           SUBCOMMITTEE ON COURTS, INTELLECTUAL PROPERTY, AND
                              THE INTERNET

                    DARRELL ISSA, California, Chair

THOMAS MASSIE, Kentucky              HENRY C. ``HANK'' JOHNSON, Jr., 
SCOTT FITZGERALD, Wisconsin              Georgia, Ranking Member
CLIFF BENTZ, Oregon                  TED LIEU, California
BEN CLINE, Virginia                  JOE NEGUSE, Colorado
LANCE GOODEN, Texas                  DEBORAH ROSS, North Carolina
KEVIN KILEY, California              ADAM SCHIFF, California
NATHANIEL MORAN, Texas               ZOE LOFGREN, California
LAUREL LEE, Florida                  MADELEINE DEAN, Pennsylvania
RUSSELL FRY, South Carolina          GLENN IVEY, Maryland

               CHRISTOPHER HIXON, Majority Staff Director
          AMY RUTKIN, Minority Staff Director & Chief of Staff

                            C O N T E N T S

                              ----------                              

                       Thursday, October 19, 2023

                                                                   Page

                           OPENING STATEMENTS

The Honorable Darrell Issa, Chair of the Subcommittee on Courts, 
  Intellectual Property, and the Internet from the State of 
  California.....................................................     1
The Honorable Henry C. ``Hank'' Johnson, Ranking Member of the 
  Subcommittee on Courts, Intellectual Property, and the Internet 
  from the State of Georgia......................................     2
The Honorable Jerrold Nadler, Ranking Member of the Committee on 
  the Judiciary from the State of New York.......................     4

                               WITNESSES

Dr. William Hannas, Lead Analyst, Center for Security and 
  Emerging Technology, Georgetown University
  Oral Testimony.................................................     7
  Prepared Testimony.............................................     9
Dr. John Brennan, General Manager, Private Sector, Scale AI
  Oral Testimony.................................................    23
  Prepared Testimony.............................................    25
Dr. Benjamin Jensen, Senior Fellow, International Security 
  Program, Center for Strategic and International Studies
  Oral Testimony.................................................    33
  Prepared Testimony.............................................    36
Robert Sheldon, Senior Director of Public Policy and Strategy, 
  Crowd-Strike
  Oral Testimony.................................................    44
  Prepared Testimony.............................................    46

          LETTERS, STATEMENTS, ETC. SUBMITTED FOR THE HEARING

All materials submitted by the Subcommittee on Courts, 
  Intellectual Property, and the Internet, for the record........    75

                 QUESTIONS AND RESPONSES FOR THE RECORD

Questions submitted by the Honorable Darrell Issa, Chair of the 
  Subcommittee on Courts, Intellectual Property, and the Internet 
  from the State of California, for the record
  Questions to Robert Sheldon, Senior Director of Public Policy 
      and Strategy, Crowd-Strike
  Questions to Dr. John Brennan, General Manager, Private Sector, 
      Scale AI
  Questions to Dr. William Hannas, Lead Analyst, Center for 
      Security and Emerging Technology, Georgetown University
    Response from Dr. William Hannas, Lead Analyst, Center for 
        Security and Emerging Technology, Georgetown University
  Questions to Dr. Benjamin Jensen, Senior Fellow, International 
      Security Program, Center for Strategic and International 
      Studies
    Response from Dr. Benjamin Jensen, Senior Fellow, 
        International Security Program, Center for Strategic and 
        International Studies

 
                   IP AND STRATEGIC COMPETITION WITH
            CHINA: PART III--IP THEFT, CYBERSECURITY, AND AI

                              ----------                              


                       Thursday, October 19, 2023

                        House of Representatives

           Subcommittee on Courts, Intellectual Property, and

                              the Internet

                       Committee on the Judiciary

                             Washington, DC

    The Subcommittee met, pursuant to notice, at 10 a.m., in 
Room 2141, Rayburn House Office Building, the Hon. Darrell Issa 
[Chair of the Subcommittee] presiding.
    Present: Representatives Issa, Cline, Gooden, Kiley, Lee, 
Johnson, Lieu, Ross, Dean, and Ivey.
    Also present: Representative Nadler.
    Mr. Issa. The Subcommittee will come to order.
    Without objection, the Chair is authorized to declare a 
recess at any time.
    We want to welcome everyone here to the hearing on China: 
IP Theft, Cybersecurity, and AI. Please have a seat.
    I will now recognize myself for a short opening statement.
    First, for everyone in attendance, especially our 
witnesses, I want to thank you for your indulgence as we have 
had a series of missteps and delays in what I believe is one of 
the most important hearings that this Subcommittee will have 
this year.
    Our panel of experts understand all too well the critical 
threat faced by the communist Chinese Government. I always say 
the ``Communist Chinese Government,'' so as to differentiate it 
from the government in Taiwan, which, at one time, was known 
for disregarding patents, trademarks, and the like but has done 
an about-face over the last several decades, and now is very 
much part of a community that is responsible in its actions 
toward intellectual property.
    With the advent and growth of artificial and regenerative 
artificial intelligence, one of the key activities that we see 
the Chinese Government doing is, in fact, predictive use of AI 
to both steal real intellectual property and also to box off 
and, in fact, deny real inventors their intellectual property.
    The cyber warfare conducted by the Chinese Government is 
not new. In fact, the Chinese military itself has divisions 
that exist both to steal military secrets and commercial 
activities.
    In the coming years, AI will pose a transformative 
relationship to all industries, but it also will particularly 
affect cybersecurity. A supercomputer that can break any code, 
a supercomputer that can anticipate changes and the like, can, 
in fact, completely neuter existing cybersecurity systems. As a 
result, AI will be fighting against AI in cybersecurity.
    We will hear shortly if China wins the cyber-AI arms race. 
Their ability to steal technology and harm, not just our 
country but the free world, will, in fact, be permanent.
    To be sure, American AI development must be done carefully, 
ethically, and with respect for the values that make us 
different than the Chinese adversaries.
    Today's hearing should make clear to everyone how important 
the 21st century arms race is, not only to Republicans and 
Democrats, but to all Americans, and particularly to those who 
want to be the inventors and the innovators of the future.
    I hope all my colleagues on both sides of the aisle will 
join with me in seeing the importance of urging the 
administration--my opening statement says, to shift their 
priorities, and I will modify that by saying, to enhance and 
expand their priorities, to meet the challenge.
    All of us must come together as AI users, creators, 
technology companies, and, yes, the government, to meet this 
challenge. No less than the American way and the free world 
advancements we've had since World War II are at stake.
    I want to thank all our witnesses for being here today.
    With that, I recognize the Ranking Member, Mr. Johnson, for 
his opening statement.
    Mr. Johnson of Georgia. Thank you, Mr. Chair, for holding 
this important hearing. Thank you to our bipartisan slate of 
witnesses for being willing to share your perspectives with the 
Committee today, and thank you for your forbearance in our 
having to postpone this hearing in the past.
    Americans cannot pick up a newspaper without a near daily 
reminder that artificial intelligence, or AI, is transforming 
the world as we know it. With a few keystrokes, a layperson can 
generate an image indistinguishable from a photograph and can 
make a business plan based on AI-driven, supply chain 
predictive analysis, or write code for a new application.
    Langston Hughes may have died over 50 years ago, but 
sitting here today, I can ask ChatGPT to write an original poem 
in his style.
    AI innovations have sparked necessary debate about 
intellectual property protections for both the owners of the 
massive quantities of data used to train AI models and the 
authors of final products of AI-assisted works. The disruptions 
to society don't end there. Looming behind labor disputes lie 
questions about the future of work when AI is used by the 
powers that be to replace writers, technicians, and auto 
workers.
    I'm committed to working with my colleagues across the 
aisle to protect creators, inventors, and intellectual property 
rights overall, while encouraging innovation and invention. We 
are here today to talk about just one of the many ripple 
effects of AI innovation: How AI is being used and can be used 
in the future to augment China's strategy toward the United 
States.
    As a global leader in AI innovation, the People's Republic 
of China, or PRC, is in a unique place to deploy AI before many 
other Nations. If the PRC chooses to use AI to increase its 
authoritarian hold over its own people, to advance its cyber 
espionage strategy, or to interfere in its neighbor's 
elections, such actions will undermine competition and 
innovation, not just in China, but around the world.
    Since the PRC entered the World Trade Organization 20 years 
ago, it has endeavored to gain American data, intellectual 
property, and our Nation's secrets. Cyber intrusions from the 
Chinese Government or affiliated groups have successfully 
infiltrated the United States Department of Justice, our 
military bases, and businesses across the country.
    The adoption of AI only increases China's ability to 
continue these tactics. So far, China has tested swarms of AI-
powered drones, used AI-generated propaganda to target U.S. 
politics, and stolen AI technology from U.S. companies.
    Experts disagree as to how far China has advanced in AI 
development. Indeed, many argue that AI innovations are 
happening so quickly that it is difficult to know what the 
technology can and cannot do at any given time. There is a 
consensus that the United States, with its broad array of 
businesses, strong intellectual property protections, and 
widespread investment in scientific research, is ahead of most 
other Nations.
    Many Americans believe that it is incumbent on the United 
States to lead. I am one of them. Leading in development alone 
is not sufficient.
    The European Union this summer took steps to regulate 
artificial intelligence by passing draft legislation that the 
EU is calling, quote, ``the world's first comprehensive AI 
law.'' Even China has issued interim guidelines to regulate the 
use of generative AI in theory, if not in practice.
    Of the leading Nations on AI, the United States stands out 
for its absence of basic rules of the road. American technology 
companies and industry leaders have called on the U.S. 
Government to regulate AI and curtail the privacy and security 
risks posed by the technology.
    I'm eager to hear from our witnesses whether Congress can 
properly regulate AI, while allowing the innovation to 
flourish. We should not stop there. To succeed, we need 
international collaboration and cooperation in the form of a 
multinational agreement on privacy and security.
    It is only when the leading Nations on AI, including China, 
agree to AI, intellectual property, privacy, and security 
principles, that we can take full advantage of the benefits AI 
promises.
    I look forward to hearing from our witnesses, and I yield 
back the balance of my time.
    Mr. Issa. I thank the gentleman.
    We now recognize the Ranking Member of the Full Committee, 
Mr. Nadler, for his opening statement.
    Mr. Nadler. Thank you, Mr. Chair, for holding this 
important hearing today.
    Like any new technology, AI can be used for good purposes 
or for bad purposes, and it has startling political potential. 
For example, using AI, one could generate political ads, 
convincing political ads, showing Jim Jordan endorsing Joe 
Biden or me endorsing Donald Trump.
    During our first hearing of this series, I noted that the 
Government of the People's Republic of China, or PRC, has both 
manipulated the free-market system and used outright, illegal 
means to acquire other nations' intellectual property. In a 
field that largely relies on players to act in good faith, 
acquisition of new technologies through theft, cyber espionage, 
and other forms of subterfuge is part of China's broader 
national security and economic strategy. In no other field of 
innovation is this truer than in that of artificial 
intelligence.
    The raw material of AI is data. This is why entities backed 
by the PRC are taking steps to acquire massive quantities of 
data from the United States and its allies, and they are using 
all means at their disposal to do so.
    Within the past decade, we have seen well-publicized data 
thefts originating in China, such as the 2015 data breach at 
the U.S. Office of Personnel Management, the SolarWinds hack 
back in 2020, and the Microsoft Exchange hack in 2021. The 
thefts that make headlines are just a small fraction of the 
total. According to a 2022 report by CrowdStrike, which is 
represented here today, China was behind 67 percent of cyber-
attacks between mid-2020 and mid-2021.
    Because the Chinese Government exercises authoritarian 
control over the country's economy, many companies in the PRC 
are state-affiliated, maintain close ties to military and State 
security services, and are susceptible to State coercion, or 
all three.
    This blurs the lines between public and private collection 
of Americans' data. Chinese-affiliated actors are buying data 
from commercial data brokers. They are also collecting data on 
U.S. persons through Chinese-owned software applications such 
as TikTok and medical diagnostic platforms like the DNA-
sequencing company BGI.
    Even as the Chinese Government attempts to gain access to 
as much data as possible from the United States and its allies, 
Chinese officials have taken legal and regulatory steps to 
limit access to data that originates in China. They have 
implemented controls that prevent the export and use of such 
data outside the PRC. Their goal is to gain an unfair advantage 
over other nations, first by obtaining greater quantities of 
information, and then by using that information to create new 
AI capabilities.
    The widespread acquisition and deployment of AI by China 
has implications for the world at large. Using the power of AI, 
a hacker can scour a network for so-called zero-day 
vulnerabilities in seconds. An espionage agent tasked with 
spreading disinformation can create a video that appears to 
show a domestic political dissident or a foreign political 
leader confessing to a crime or endorsing the wrong candidate, 
as I said before.
    A police state can track persecuted groups and quell 
dissent, as the Chinese Government has already done with 
members of its Uyghur minority.
    Until now, the PRC's influence campaigns have mostly 
targeted its own people, focusing on sources of internal 
friction such as the status of Taiwan and COVID-19. For 
example, the DNI found that China did not attempt to influence 
the 2020 Presidential elections. Many experts agree that 
posture is swiftly changing, which means that the threat posed 
by China's development of AI is growing.
    Recently, The New York Times reported that in an attempt to 
sow discord within the United States, China used AI-generated 
images to spread conspiracy theories about the Maui wildfires 
that caused the deaths of nearly a hundred Americans.
    Whether these particular deepfakes were successful remains 
to be seen, but the danger is unmistakable. Addressing that 
danger begins with understanding the full nature of China's 
artificial intelligence strategy and the steps Congress can 
take to help address the threats posed by it.
    For that reason, this series of hearings is absolutely 
crucial. At the same time, I would also like to add that I 
appreciate the tactful manner with which these hearings have 
been conducted.
    Even as we protect our national security and intellectual 
property, we continue to see common ground with China on issues 
that affect both our countries, such as fighting climate 
change. Even when we express deep concern over actions taken by 
the authoritarian Chinese Government, we recognize that those 
actions do not represent the will of the Chinese people.
    The United States, meanwhile, is home to an estimated 17.8 
million Asian Americans, including many residents of the Upper 
West and Upper East sides of Manhattan.
    Like so many lawmakers, I have heard from Asian-American 
constituents who are terrified by the rise in anti-Asian hate 
and anti-Asian violence that we have seen as friction grows 
between the PRC and the United States.
    I am glad that our hearings have called attention to the 
very real national security and economic challenges America 
faces from the policies of the Chinese Government, without 
demonizing the more than one billion people who live in China 
or the millions of Asian Americans who make our communities and 
country stronger every day.
    I am hopeful and confident that our important work will 
continue, not just in this hearing, but in the weeks and months 
to come.
    Thank you, Mr. Chair, and I yield back the balance of my 
time.
    Mr. Issa. I thank the gentleman.
    Without objection, all other opening statements will be 
included in the record.
    It's now my honor to introduce our distinguished panel of 
witnesses.
    Dr. William Hannas is the lead analyst at Georgetown Center 
for Security and Emerging Technology. Prior to joining CSET, or 
C-S-E-T, he was a member of the Senior Intelligence Service at 
the Central Intelligence Agency, where he served as an expert 
on advanced technical projects and was the three-time recipient 
of the McCone Award for technological innovation.
    Dr. Hannas has also served as Assistant Professor of 
Chinese at Georgetown while concurrently serving with the CIA's 
open source enterprise.
    We are also joined by Dr. John Brennan. Dr. Brennan is the 
general manager, public sector, at Scale AI. He has 25 years of 
experience across the public and private sectors, and has 
developed and led programs in cloud computing, data science, in 
support of intelligence collection and analysis, cybersecurity, 
new product innovation, and supply chain.
    He has also served our country in the United States Army 
with the Central Intelligence Agency and the Office of the 
Director of National Intelligence.
    We're also joined by Dr. Benjamin Jensen. Dr. Jensen is a 
Senior Fellow for future war-gaming and strategy in the 
International Security Program at the Center for Strategic and 
International Studies. He is also a Professor of strategic 
studies at the Marine Corps University School of Advanced 
Warfighting.
    Dr. Jensen has worked with the Defense Advanced Research 
Projects Agency of the Marine Corps Warfighting Lab, NATO, and 
the U.S. Army, and a range of other government agencies and 
foundations to develop war games and scenario-driven exercises.
    Mr. Robert Sheldon. Mr. Sheldon is the Senior Director of 
Public Policy and Strategy at CrowdStrike, where he leads 
corporate engagement on a variety of U.S. Federal, State, and 
local government policies, programs, and initiatives. He runs 
CrowdStrike's election security initiatives, serves as its 
company's representative to the Joint Cyber Defense 
Collaborative and IT Sector Coordinating Council, and heads the 
Congressional Affairs practice.
    Mr. Sheldon also serves as an Adjunct Professor/Lecturer on 
international cybersecurity policy at the American University 
School of International Service.
    We seldom have this much--no, let me rephrase this. On this 
side of the dais, we never have this much intellect, and even 
among our distinguished witnesses, all of you stand out.
    Pursuant to Committee Rules, I would ask that you please 
all rise now to take the oath.
    Raise your right hand.
    Do you swear or affirm under the penalty of perjury that 
the testimony you are about to give will be the truth and 
correct to the best of your knowledge, information, and belief, 
so help you God?
    Please be seated.
    Let the record reflect that all witnesses answered in the 
affirmative.
    Please know that as witnesses, all your written statements 
and collateral material you wish to give us will be included in 
the record. So, with that, I would ask that you limit your 
actual oral statements initially to five minutes to allow 
plenty of time for everyone to speak.
    I will mention--and I apologize that there has been 
scheduled a conference for the majority at 11 o'clock. That 
does not mean we'll necessarily adjourn at that moment, but it 
does mean that Members will be a little rushed, and we'll try 
to get as many in as we can before that.
    So, with that, we go to Dr. Hannas first for your five 
minutes. You're recognized.

                STATEMENT OF DR. WILLIAM HANNAS

    Dr. Hannas. Chair Issa, Ranking Member Johnson, 
distinguished the Members of the Subcommittee and staff, I'm 
grateful for the opportunity to join today's hearing on two 
topics that have fascinated and, frankly, terrified me over the 
past decades; namely, China's use of foreign technology to fuel 
its science and technology enterprise and China's drive to 
become the world's leader in artificial intelligence.
    I'm a founding member of Georgetown University's Center for 
Security and Emerging Technology where I work with a small team 
to identify threats posed by Chinese AI. Prior to that, as 
stated, I was with the CIA where I managed open-source 
exploitation of Chinese S&T materials and built a program to 
track China's transfer of U.S. technologies.
    These efforts culminated in two books on ``Chinese 
Industrial Espionage,'' and ``China's Quest for Foreign 
Technology,'' which became de facto handbooks, and the recent 
volume--co-authored volume, ``Chinese Power and Artificial 
Intelligence,'' a comprehensive look at Chinese AI.
    China's technology transfer programs date from 1956 and 
cover every imaginable practice and venue. The link with AI, 
besides China's use of its collection apparatus to tap global 
AI know-how, is the likelihood that China will soon, if it has 
not already, used AI for cyber exploits to further its transfer 
agenda, an unholy marriage in which advances in the one 
promotes progress in the other, multiplying existing threats to 
U.S. and allied security.
    I'll talk about these three in turn. First, to Chinese 
technology transfer practices. It's impossible to condense some 
700 pages of book narrative, terabytes of unclassified data, a 
mile-long list of known cases, and two decades of horror 
stories, into this brief space.
    My testimony accordingly is limited to an overview of how 
the Chinese transfer system operates, with emphasis on so-
called extralegal or gray area transfers, maneuvers, at which 
China excels and which are devilishly hard to track.
    Chinese artificial intelligence. My team does not share the 
perception that China's alleged lag in generative AI--that is, 
large language models--absolves us from concern because (A) 
they're not that far behind; (B) China need not be at the cusp 
to adapt these models wherever it wishes; and (C) it can 
literally beg, borrow, and steal what it needs to be 
competitive; and (D) finally, and I think most importantly, 
China is aggressively pursuing alternative paths to advanced AI 
aimed at artificial general intelligence and a first mover 
advantage.
    China's use of tech transfer to further its AI program. 
This is two-sided. While respecting China's home-grown efforts 
to build advanced AI which we have come to greatly admire--they 
do a lot of the good indigenous work--China has not shied from 
acquiring AI technology from abroad. My team has documented 
China's use of each of its acquisition venues to advance its AI 
program. Legal venues of support provided by U.S. 
multinationals are on a scale that shocks even this jaundiced 
observer.
    A case against China's efforts to relieve the world of 
proprietary technology is easier to make now than years before, 
as evidenced by today's hearing. Myths die hard, such as the 
notion that China can't create in AI or other high-tech 
disciplines--they can--that it will always be behind--that's 
not necessarily true--or that exposure to democracy will lead 
to responsible behavior. We all know how that experiment turned 
out.
    The United States Intelligence Community (USIC), of which I 
was a part, and to that extent responsible, should also be held 
accountable for its failure to seriously pursue so-called 
science and technology, S&T, intelligence; that is, identifying 
and monitoring foreign S&T threats, and for relegating open 
source intelligence to an enabler of classified collection 
rather than regarding open source as an entity worth pursuing 
in its own right.
    In sum, I'm arguing that you can't make good policy if you 
don't have good data. Our efforts to monitor foreign science 
and technology, inherently an open-source exercise, are, 
frankly, pathetic. They're worse than useless because these 
cosmetic efforts are seen as evidence of measures in places 
where there are few or none. China, by contrast, runs a world-
class open-source S&T intelligence network with a staff, by 
their admission, of more than 100,000 professionals that is 
light years ahead of us.
    Accordingly, I recommend establishing an entity within the 
U.S. Government--for lack of a better name--a national science 
and technology analysis center--outside the USIC, or if that 
isn't possible, as a stand-alone unit directly within--under 
the Director of National Intelligence, to collect, analyze, 
forecast, give timely policy support and, as needed, help 
mitigate or interdict foreign S&T threats. Since China's 
ability to appropriate technology is part of its S&T posture, 
the center would also track these transfers using unclassified 
data and tradecraft honed by open-source experts.
    As for the threat to U.S. IP generally, we've appended to 
our written testimony some 18 proposed legislative and 
institutional remedies that address the problem in a nuanced 
fashion.
    That's all I have to say.
    [The prepared statement of Dr. Hannas follows:]

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Issa. Thank you.
    Dr. Brennan.

                 STATEMENT OF DR. JOHN BRENNAN

    Dr. Brennan. Chair Issa, Ranking Member Johnson, and the 
Members of the Subcommittee on the Courts, Intellectual 
Property, and the Internet, thank you for the opportunity to be 
here today.
    My name is John Brennan, and I joined Scale AI in April to 
lead our public sector business. This work puts me at the 
crossroads of AI development, government adoption, and its 
proper governance structure.
    Supporting the Federal Government is deeply personal to me. 
I come from a family with five generations of service to our 
Nation. I have always felt a strong commitment to ensuring the 
U.S. leads the world in adopting next-generation technologies 
that support our democratic values.
    Scale was founded in 2016 with the mission of accelerating 
the development of AI. Scale creates training data, fine-tunes, 
red teams, tests and evaluates the leading frontier large 
language models and computer vision system. This puts us in a 
unique vantage point to best understand the development of 
safe, secure, and trustworthy AI for the public and private 
sectors.
    While AI is more accessible today, this does not mean the 
technology is new. Despite years of global investment in the 
development of these technologies in the U.S., China has a 
clear lead in certain areas of AI technology, such as computer 
vision for facial recognition. This is concerning because 
China's using the technology to suppress the Uyghurs and 
surveil its population.
    The U.S. is ahead when it comes to large language models 
and generative AI, though this leadership is at risk. Since 
2020, China has launched 79 large language models, launched 
tens of national AI labs, and has been heavily investing in 
both the compute necessary to power AI and the engineering 
talent to develop it.
    Additionally, this year alone the Chinese Government's 
investment into AI is at $14.75 billion, which stands in stark 
contrast to the administration's Fiscal Year 2024 proposal for 
$5.5 billion in Federal AI spending.
    It is critical that the AI is developed and trained in 
alignment with democratic values. Currently, the best LLMs are 
developed by some of the leading U.S.-based engineers, and the 
data they are trained on reflects our democratic ideals.
    If the U.S. does not continue to invest in developing 
generative AI, we risk letting the ideals of the Chinese 
Government drive AI development around the world. It is 
imperative that the United States maintains this momentum if we 
want the most transformative technology of this era to reflect 
our leadership.
    The U.S. has always led the world in adoption of new 
technologies, and AI will be no different. When it comes to 
governance, it is better to be right than to be first. To do 
this, we must work and lead the development of AI through 
governance frameworks that enable innovation, while putting in 
place the proper guardrails.
    Globally there's no shortage of proposals being generated 
and passed, and all boil down to a key question: How do we know 
the AI is safe to deploy?
    Scale firmly believes that the best way to ensure AI safety 
is through active and constant data fine-tuning, through 
reinforcement learning with human feedback, red-teaming to 
expose vulnerabilities, and then applying a risk-based approach 
to test and evaluate to ensure that the AI is safe to deploy. 
These evaluation methods can incorporate ideals that are 
critical to protect, like property rights over copyrighted 
materials and other intellectual property.
    For these reasons, the administration has recognized the 
value of red-teaming and test and evaluation, both in the 
voluntary commitments that more than a dozen leading companies, 
including Scale, have agreed to, and through their support for 
the DEF CON 31 AI Village red team event.
    Beyond putting in place the right mechanisms to ensure the 
development of safe and responsible AI, Congress must play a 
role to help enact the right governance structure.
    In the United States, we have also seen actions that are 
helping to establish the right foundation. The 2019 AI 
Executive Order was a key step to help get our Federal agencies 
ready to adopt AI. More recently, the release of the NIST AI 
Risk Management Framework, a blueprint for an AI bill of 
rights, and the Biden-Harris voluntary commitments are 
essential precursors to any comprehensive legislative package.
    Like other emerging technologies, it's also important to 
first understand any deficiencies within the current or 
existing laws. Once these gaps are identified, we can address 
them through rulemaking and new legislation.
    While it might feel urgent to act swiftly to keep up with 
global developments and maintain the United States' strategic 
advantage, one of the most important things we can do now is to 
establish an effective regulatory framework that will 
ultimately be the approach the rest of the world wants to 
adopt.
    Thank you again for the opportunity to be here today, and I 
look forward to your questions.
    [The prepared statement of Dr. Brennan follows:]

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Issa. Thank you.
    Dr. Jensen.

                STATEMENT OF DR. BENJAMIN JENSEN

    Dr. Jensen. Chair Issa, Ranking Member Johnson, and 
distinguished Members of the Subcommittee, I'm going to build 
off some of their points, and I'll be on time because you have 
two Army officers in a row, so you're welcome for that.
    Mr. Issa. Go Army, beat Navy.
    Dr. Jensen. I had to do it to you, sir.
    No, honestly, I'm kind of envious when I look at you as 
legislators. You're sitting at a critical moment in history, 
and just separate all the noise for a second and think about 
the task at hand. If you get this right, if we get this right, 
you set the foundation for economic growth, prosperity, and 
protecting free markets and open societies for the next 
generation.
    So, I'm honestly humbled as a citizen to even be part of 
helping you have that dialog, and I thank you for continuing to 
draw attention to it.
    Although, now I'm going to be a bit of a downer and talk 
about the Chinese Communist Party and economic warfare, because 
it actually--we can't separate your responsibility to us as a 
Nation from someone actively trying to undermine it.
    So, I don't think this competition needs to turn to 
conflict, but it will almost certainly continue to see networks 
of operatives wage systematic cyber espionage campaigns.
    Put simply, China is trying to cheat its way into the top 
of industries in the 21st century. The intellectual property 
they don't subsidize or buy through shell companies, their 
cyber spies will steal. It would be foolish to think their 
quest for dominance in AI would be any different.
    Let's start with the facts on this. According to the Dyadic 
Cyber Incident and Campaign Dataset, an academic dataset that 
studies cyber statecraft, the Chinese Communist Party and 
leading the PRC is the world's most egregious actor in terms of 
cyber espionage targeting private firms and linked to stealing 
intellectual property. Since 2000, China's been associated with 
90 documented cyber espionage campaigns against rival states. 
That's 30 percent more than Russia, to put that into context, 
and I know we all know Moscow is not the good guy there. The 
actual number is likely higher, and each instance sees multiple 
businesses targeted in overlapping priority industries that's 
specified in the Made in China 2025 Plan. They're targeted, 
they're deliberate.
    The scale of the theft is just staggering. A survey of 
chief financial officers estimates that one in five U.S. 
corporations has had their IP stolen. Just think about that for 
a second--one in five--and I'm sure there's another one that's 
just not saying.
    Some of the leading generative AI systems, in fact, come 
out of nonprofit research labs that grew out of tech 
accelerators and not Fortune 500 companies. Why that's 
important is, if you're a small veteran entrepreneur--I know 
Representative Cline's done work on that--if you're a small 
business and you're scraping by to make payroll, are you really 
buying high-end cybersecurity to protect yourself?
    They have to make hard choices and, frankly, our most 
innovative companies are the 44 percent of our economy that's 
in small businesses that are most at risk from the world's 
largest thief.
    I want you to imagine for a second a young startup, using 
generative AI to develop entirely new chemical compounds and 
materials that could support the green economy. Communist 
Party-linked advance persistent threat groups could scan the 
internet for key technologies of interest--you can openly look 
up, as you know, patents, and where VC money and patents kind 
of come together is a good indicator--and then they could just 
go ahead and steal it.
    The case is not far-fetched. In 2014, a U.S. grand jury 
indicted five agents of the People's Liberation Army for 
hacking Solar-
Worlds, a firm that was about to release a revolutionary new 
solar cell.
    Every entrepreneur with a new idea for applying generative 
AI to solve a problem is a target for the largest authoritarian 
regime the world has ever seen.
    Even more disconcerting, APT's link to the Communist Party 
could seek to undermine cloud computing and chip infrastructure 
the new AI economy relies on. Imagine an entirely new form of 
economic warfare in which hackers poison datasets and digitally 
sabotage data centers in rival States.
    Again, this is not as farfetched as it sounds. In 2023, a 
network of still unidentified hackers--I think we have a good 
idea who they might be--gained login credentials from major 
data center operators.
    The strategic logic of corrupting rival States' data will 
only grow as the Communist Party trying to keep data inside 
China. Therefore, the question before you is; what can Congress 
do to protect American businesses in this new era of 
competition? I'll conclude with a few thoughts.
    First, there is no cybersecurity without cloud security. 
Generative AI models require access to large datasets and 
computer power to learn. Helping companies find ways to protect 
their data, without stifling innovation, is a critical national 
security challenge.
    If we thought of national security in terms of 
cybersecurity along these lines, the loss of hundreds of 
billions of dollars in IP theft would be unacceptable. It would 
be the equivalent of every ship in the Navy sinking each year.
    Second, we have to probably get to what you heard my 
colleague talk about, to think about how you would go about 
regulating the gray space used to actually support tech 
transfers.
    This isn't just an AI issue. We have American ships and 
Shahed drones that are hitting Ukraine and hopefully don't hit 
one of our other major partners and allies.
    Third, this is going to get hard--how do you, without 
overstepping, actually give grants to small businesses, what 
CISA does to the dot-gov that actually help them secure their 
own networks so they can focus on being innovative?
    In closing, competition is inevitable. Conflict is not. I 
think that we can make sure we keep this as competition and not 
conflict if we maintain the strength of our economy through 
protecting small businesses and the innovation that drives 
America. I thank this Committee in particular for really taking 
the lead on that.
    [The prepared statement of Dr. Jensen follows:]

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Issa. Thank you.
    Mr. Sheldon.

                STATEMENT OF MR. ROBERT SHELDON

    Mr. Sheldon. Chair Issa, Ranking Member Johnson, and the 
Members of the Subcommittee, thank you for the opportunity to 
testify.
    The People's Republic of China presents significant threats 
to U.S. national interests today. This Subcommittee, in the 
previous hearings in the series, has done an admirable job of 
highlighting the scope and scale of these threats. From the 
military and diplomatic arenas to all areas of economic and 
trade relations, the U.S. faces a formidable set of challenges.
    CrowdStrike, as a leading U.S. cybersecurity company with 
global visibility, has a useful vantage on Chinese actions in 
this space. As a technology, threat intelligence, and services 
provider for the Federal Government, as well as a commercial 
provider serving major tech companies, 15 of the top 20 largest 
U.S. banks, and thousands of small-and medium-sized businesses, 
we confront all manner of cyber threats.
    As a brief primer, CrowdStrike tracks threat actors 
according to three primary motivations: Nation-State, criminal, 
or hacktivist interests. When we develop sufficient visibility 
on these groups to identify or attribute them, we assign them a 
code name. Under this system, Chinese Government-related threat 
actors are referred to broadly as Pandas. Individual groups 
receive specific names like Judgment Panda or Vanguard Panda, 
which often derive from community-based identifiers.
    These groups are numerous and prolific. Out of over 220 
named actors CrowdStrike tracks at the time of this writing, 
over 50 are Panda groups. For scale, that exceeds the number of 
groups we track from Russia and North Korea combined.
    It's clear that some Panda actors are quite capable. For 
example, in July, Chinese threat actors once again exploited 
authentication flaws in a major software company's office 
productivity and email platform, this time resulting in threat 
actors' unauthorized access to the email of two Cabinet 
Secretaries. Under slightly different geopolitical conditions 
or adversarial objectives, these incidents could've enabled 
scaled, destructive attacks.
    The nexus between cybersecurity and artificial intelligence 
isn't new, but the intersections are increasing and 
diversifying. For most of the history of the cybersecurity 
industry, defenses were primarily reactive. An organization 
would be breached. At some later point, and sometimes much 
later indeed, malicious artifacts from that breach would be 
recovered and disseminated among the security community. 
Vendors would periodically update signatures in their products 
based on those artifacts, which would limit their impact going 
forward. When the artifacts changed even slightly, the process 
would start again.
    Starting approximately a decade ago, CrowdStrike pioneered 
an approach leveraging machine learning and AI to enable a more 
proactive defense. The innovation focused on detecting 
anomalous behavior in a chain of system events. A tiny software 
agent deployed to end points would stream hashes of system 
events back to a secure cloud environment. AI and machine 
learning applied against the data in the cloud, as well as AI 
deployed on the agent itself, would work in concert to detect 
and prevent threats in real time. Crucially, this approach 
would work at a scale even for completely novel threats.
    Today, defenders also leverage AI for vulnerability 
management, robust identity threat detection and response, and 
a host of other use cases. For our part, most recently, we've 
created a capability leveraging large language models, or LLMs, 
to provide a natural language interface to key cybersecurity 
tools. This will radically simplify and speed up work analysts 
do daily and make certain cybersecurity roles more accessible 
to people with different skills or less formal training.
    Of course, adversaries will also leverage AI. Threat actors 
have expressed interest in a number of areas. These include 
crafting more persuasive lures for phishing attacks, 
vulnerability discovery, exploit and malware development, bulk 
data processing, and deepfakes. I've included more detail on 
these threats and others in my written statement.
    As the Committee continues its work on AI, I'd like to 
offer a few recommendations.
    First, support continued AI innovation for fields like 
cybersecurity. Although threat actors will leverage AI, it's 
important to recognize the significant, current benefits AI is 
driving in cybersecurity now. Today's solutions overperform, by 
a wide margin, legacy tools that do not leverage AI. 
Importantly, attackers will continue to leverage AI to innovate 
regardless of the rules of the road for defenders.
    Second, invest in threat intelligence. The security 
community must continue to monitor threat actors engaged in 
intellectual property theft and the use of AI for malicious 
purposes. The more we understand about these groups, their 
targeting practices, their resources, and their constraints, 
the more accurate a threat model we can develop to help us 
defend against them.
    Third, promote U.S. Federal cybersecurity. U.S. Government 
faces among the most severe threat environments of any 
organization globally. To the extent that threat actors are 
able to leverage AI to enhance their capabilities, the U.S. 
Government will be an early target. Moreover, findings from 
successfully defending Federal agencies can support the 
development of best practices of value to other sectors like 
academia, commercial enterprises, and nonprofits.
    Thank you again for the opportunity to testify today, and I 
look forward to your questions.
    [The prepared statement of Mr. Sheldon follows:]

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Issa. Thank you.
    I want to announce to everyone that shortly after 11 
o'clock, we've agreed, on a bipartisan basis, we'll take a 
recess of approximately an hour. So, if our witnesses can 
indulge us by having an early lunch and plan to be back here 
around noon, our intent is to begin coming back and I'll 
reconvene.
    There may be an intervening vote that we'll have to leave 
for, but, if at all possible, I want to get everyone an 
opportunity to ask their questions. This is too important to 
not find a way to get it done today.
    With that, we go to the gentleman from Virginia, Mr. Cline.
    Mr. Cline. Thank you, Mr. Chair. I thank the witnesses for 
being here.
    This is a timely topic and some harrowing scenarios that 
have been painted here, Mr. Sheldon and Dr. Jensen.
    I want to ask Dr. Brennan, you stated that China has also 
started to craft its own AI governance framework that requires 
adherence to Communist Party principles. Can you describe those 
principles?
    Dr. Brennan. Yes. It's very specific, Congressman. Thank 
you for the question. They have language in the draft 
regulation like you cannot use artificial intelligence to 
subvert the government, and you cannot use it to promote any 
principle other than those that the Communist Party agrees to. 
So, it's very oppressive and very counter to the ideals that I 
think we all hold, and it's very transparent.
    Mr. Cline. How does a U.S. company collect and prepare data 
for AI training, and how does this compare to how Chinese-
backed companies collect and prepare AI data?
    Dr. Brennan. Thank you for the question, Congressman. 
First, we start with the rule of law and respect for 
intellectual property. We use contracts to define the 
relationships between our customers, the large language model 
builders, and the services that we're providing, which is 
helping them create exquisite training datasets, whether it's 
for a large language model or for the self-driving car 
industry. The customers are responsible for ensuring that they 
have a legal right to the data that they're sharing with us for 
labeling and annotation that we perform that's part of either 
the training process or the test and evaluation process.
    Mr. Cline. The Chinese-backed companies, how do they 
compare?
    Dr. Brennan. In general, I think from the open-source 
information and from our recent warning by the Five Eyes 
intelligence leaders yesterday, China's engaged in a broad, 
organized espionage effort against intellectual property around 
the world. They take that data and information and give it 
either to their ministries, defense organizations, or to the 
State-owned companies that are acting on their behalf.
    Mr. Cline. Are U.S. companies taking appropriate steps to 
protect their IP and data collection, and if so, can you 
describe how they're doing so?
    Dr. Brennan. I think this is improving. As a victim of the 
OPM hack that took all our security clearance data base several 
years ago, we're all keenly aware of the risk that cyber actors 
play.
    It's important that agencies like CISA and the Department 
of Homeland Security continue to have the education and 
awareness programs that they have, to teach small businesses, 
universities, and schools, how to have proper cyber hygiene.
    A good colleague of mine, even recently, was the victim of 
ransomware in a family business. So, it's happening all the 
time, it's a persistent threat, and we need to think about it 
like changing the batteries in our smoke detector; it always 
has to happen.
    Mr. Cline. You've spoken today about how China acquires 
foreign high tech, including investments or acquisitions of 
companies and PRC-backed venture capital funds. The 
Congressional Research Service recently addressed this topic in 
an article related to Light Detection and Ranging Technology, 
also known as LiDAR. The LiDAR market is developing and 
advancing quickly, and PRC firms are advancing in this area 
through access to the U.S. market and technology.
    Would it be fair to say that LiDAR integration is a risk 
for both computer vision systems as well as generative AI?
    Dr. Brennan. As you know, the United States regulated the 
remote sensing industry for a number of years and has loosened 
that, and we've all benefited from global positioning satellite 
capabilities to drive around. Self-driving cars and other 
industries use full-motion video, LiDAR, and other technologies 
to create the computer vision models that they need to perform 
well.
    I could imagine, if I put on my former hat, that 
information like that would be an attractive target to the 
Chinese Communist Party and the People's Liberation Army. So, 
like all the other data that's used in the self-driving car 
industry, it's a high bar for safety, and those companies are 
keenly aware of the security that they need to apply and 
leverage some of the leading security capabilities as you'll 
hear about today, I would imagine.
    Mr. Cline. So, LiDAR data could be used to train AI or make 
real-time decisions with generative AI, based on the training 
data it's been given?
    Dr. Brennan. So, the generative transformers that Google 
invented in 2017, we've mainly seen applied to language so far, 
but it could be applied to other data. It's a large matrix, and 
I think we'll see more experimentation and other modalities in 
the coming years.
    Mr. Cline. What concerns do you have that China could use 
data compiled by LiDAR systems to acquire sensitive information 
and use this information to conduct military or industrial 
espionage to gain operational advantages?
    Dr. Brennan. In warfare, things like understanding the 
terrain and weather can be classified as secrets. So, any 
sensor, LiDAR or other otherwise, that helps you understand the 
general condition or terrain is an important asset, and we 
would need to protect it in the United States.
    Mr. Cline. Thank you. I yield back.
    Mr. Issa. Thank you.
    We now go to Ms. Ross.
    Ms. Ross. Thank you, Mr. Chair and Ranking Member, for 
holding this very important hearing. I also serve on the 
Science, Space, and Technology Committee, as do a couple of 
other Members of this Subcommittee, and we're exploring this 
very issue.
    I understand the potential of AI to launch our country into 
a new era of innovation. For example, I've heard from 
healthcare organizations in my district--I represent the 
Research Triangle area of North Carolina--about ways that AI 
has revolutionized their processes, from analyzing large swaths 
of medical data to informing research to help doctors more 
quickly log patient data. I also recently read an article about 
how AI has helped with breast cancer detection and been more 
accurate even than human detection.
    Our country has been on the cutting edge of science and 
technology for decades, and I know that to maintain that 
position, especially when facing competition with China and 
other superpowers, we need to harness the power of AI.
    That said, we should not sacrifice individual privacy and 
intellectual property protections purely for the sake of 
outcompeting China. Just because China is willing to forego the 
rights of individuals and creators in the name of competition 
does not mean that we should lower our standards and risk-
driving innovators away from our country.
    Dr. Brennan, access to vast amounts of unique data is 
critical to achieving high-performance AI models. Can you 
describe how disparate policies around data collection and 
access play a role in our competition with China?
    Dr. Brennan. Thank you for the question, Congresswoman. I 
think what's important for us to preserve, as you outline, is 
the checks and balances we have in the public sector on 
government activities. Whether it's the Institutional Review 
Board process for experimentation with human subjects or the 
sort of classification methods that we use for our intelligence 
data, each of those rules was set up in a time and place to 
protect, not only the civil liberties that are related to them 
and the rights, but also the public service or the public good 
that's trying to be articulated.
    Just as our government dealt with the digitization of 
information from paper and memos to the internet and email, we 
have cybersecurity professionals and policies that can help us 
properly protect the information.
    Now, there is still a need for the government to feel more 
open to experiment. Too frequently we meet with customers, and 
they have this fear that somehow if they bring data together, 
it will have a different level of classification or something 
like that, and it just slows down the ability to even 
experiment. We've seen this time and time again in my own 
career. So, the government should also continue to encourage 
proper experimentation with good risk management approaches, 
such as what NIST has outlined, so we can keep innovating and 
get the benefits that you identified such as for medical and 
healthcare.
    Ms. Ross. Thank you, Dr. Brennan and Dr. Jensen, building 
on your testimony, as Congress considers proposals for AI 
regulation, including new agencies dedicated to AI licenses, 
transparency requirements, and compensation for IP holders, and 
much more, what do you believe is the best way to balance 
responsible regulation with maintaining our competitive edge?
    Dr. Jensen. Well, thank you for your question and your 
dedication to this on both Committees. I would just highlight 
for you before I answer that, actually healthcare and public 
health were the second most targeted thing for Chinese IP 
theft.
    So, I tend to take maybe a bit more of a free market 
approach to this, meaning that we have good checks and balances 
and classifications, and we can actually submit licenses. What 
you're hearing my colleagues say about doing the right thing 
and creating overly cumbersome processes really has to be at 
the forefront of your mind.
    The mantra we use in my own work on this are standards are 
strategy. If you set the right standards and the right 
framework, and you let market mechanisms respond to those 
standards, it becomes a public good that allows for the greater 
exchange of ideas.
    Ultimately, as we're seeing, we can't keep having a 
technological revolution if we overregulate or curb it before 
it gets started.
    So, I think the really hard task for all of you is what is 
that balance, what does it look like, what is that licensing 
framework. If I as an entrepreneur have to spend more money on 
lawyers to basically submit it and protect myself than I do to 
hire research scientists, I probably have the wrong balance.
    I think one very simple first step is, is there some 
mechanism to help small entrepreneurs get tax credits or 
incentives to actually protect their own IP. It's their baby. 
They want to protect it. So, help them protect it, so we can 
keep moving forward.
    Ms. Ross. Thank you, Mr. Chair. I yield back.
    Mr. Issa. I thank the gentlelady.
    We now go to the gentlelady from Pennsylvania, Ms. Dean.
    Ms. Dean. I thank you, Chair and Ranking Member, thanks to 
all our testifiers today.
    It gives all of us great pause over where we are going, 
where the globe is going on AI, its regulation.
    I guess I'll start with you, Dr. Brennan. You talked about 
that China has a lead on facial recognition and a little bit of 
a lag on language. Talk about how they are using the facial 
recognition--you talked about the Uyghurs--and what can be done 
in terms of governance, what can be done to interrupt the mal 
use of facial recognition?
    Dr. Brennan. Thank you for the question, Congresswoman. 
It's fairly pervasive, down to the primary school level, where 
facial recognition is used in classrooms to monitor and track 
every moment of a student's day. It extends into public spaces. 
When people are walking around the streets, there's constant 
monitoring and then facial recognition. Obviously, that's not 
the kind of world that we would want to live in, although 
computer vision can help with accident avoidance and in 
disaster response.
    So, I think the key is to continue to go back to the 
principles that we rely on in the Bill of Rights and the 
protections that the House and Senate have afforded us all as 
citizens as we find ways to experiment with computer vision and 
other uses in our lives. I think that's the situation we are in 
compared to China.
    Ms. Ross. You talked about, in your testimony and in your 
written testimony, about governance, coming up with a framework 
of governance, not being first necessarily but being right. Can 
you, for a layman, explain what that governance best looks 
like?
    Dr. Brennan. Absolutely. Some good examples are, if you 
turn to the Department of Defense, 10 years ago, the leaders in 
the Department of Defense wrote their first regulation and rule 
on how to think about autonomy in weapon systems. They continue 
to update it. Part of that regulation mandates that there must 
be senior-level reviewers in the process.
    So, that's a good example of rulemaking that those leaders 
can rely on across the Department to ensure that they're going 
through tests, safety, and other evaluation techniques as they 
consider an application of AI and autonomy.
    If you work your way down through the executive branch, 
we've had a series of Executive Orders, we've had a draft AI 
bill of rights from the administration recently, we've had 
voluntary commitments from large companies. Most of it centers 
around ensuring that humans are in the loop and that there's a 
rigorous test and evaluation process.
    So, if you have at least those three legs of the stool here 
in the beginning, I think we're going to be off to a good start 
in any of the experimentation an agency or a department's 
engaged in.
    Ms. Ross. Thank you. That's very helpful.
    Dr. Hannas, the final thing that you mentioned in your 
testimony was to develop a separate science--I missed your 
working name--for the science center. Could you elaborate on 
that a little bit.
    Dr. Hannas. The National Science and Technology Analysis 
Center, I agree, that's not going to make it.
    Ms. Dean. Around here, big long names like that work. They 
don't work for me, but--
    Dr. Hannas. This has been proposed more than once, and no 
one ever objects to it, that is, outside of the intelligence 
community. People think it's a good idea. The arguments are 
pretty straightforward and compelling.
    If you want to understand what's happening globally in 
science and technology, your best source is open source, by 
far. What 95-98 percent is available, you can get through 
unclassified information.
    I have seen reports written by the intelligence community 
that are based almost a hundred percent on open source, and 
they add a classified snippet here and there to justify their 
budgets and whatnot. The truth is, for S&T, it's all in open 
source by and large, and we're not prosecuting it, we're not 
looking at it.
    I mentioned the number--I'm not exaggerating, this is right 
out of the horse's mouth--100,000 people or more that are 
dedicated professionally in China to pursuing this one 
discipline. Frankly, I could count on, there were times, just 
one hand, the fingers of one hand, how many people in our 
community were looking seriously at Chinese S&T. So, there's a 
big disparity.
    The problem with the intelligence community is that they 
will understand the issue. They acknowledge it, pay lip service 
to the fact that it needs to be done, but at the end of the 
day, they're focused more on current intel. They always have 
been. S&T is, by and large, long-term. So, that's one problem.
    The other problem is, even those within the community that 
recognize the value of open source itself tend to regard it 
more as an enabler of the intelligence--the ends that they are 
budgeted to support, using the open source, for example, to 
support human targeting, or SIGINT, queueing and tipping, that 
kind of thing, and they rarely go beyond that.
    Ms. Dean. I thank you for your answers.
    Thank you, Professor Sheldon, also for your recommendations 
and, Dr. Jensen, especially for your optimism. You're right, we 
are here at an important time. I think this Committee knows 
that.
    Thank you. I yield back.
    Mr. Issa. I thank the gentlelady.
    We now go to the gentleman from Maryland, Mr. Ivey.
    Mr. Ivey. Thank you, Mr. Chair. I want to commend you again 
on these hearings. I appreciate the way you've structured them 
and the fact that you've focused on this repeatedly, because 
it's such an important topic, and at least from my perspective, 
taken a bipartisan approach in doing so. Thank you so much for 
that.
    I did have a question. I think this is for Dr. Jensen. You 
mentioned the--I think it was 44 percent of small businesses 
are most at risk in the United States for these sorts of cyber-
attacks. I think there was a suggestion about perhaps we could 
provide some sort of subsidy or some incentives to help these 
companies protect themselves.
    Having come out of a small business, it was a law firm, 
that was victimized in this way and we had to pay ransomware, 
I'm sure there's probably millions of companies who need this 
kind of assistance, but can't afford it or just on the day-to-
day calculation you do in your risk analysis, you just try and 
keep your head low and do your work, but it's going to be a 
problem. So, what sorts of things could we as Congress do to 
help provide, whether it's incentives or subsidies or 
something, to help these small businesses protect themselves?
    Dr. Jensen. Well, thank you, Congressman, for that 
question, and sorry about the Orioles.
    Mr. Ivey. Oh, I'm a Nats fan. So, I'm beyond sorrow, I 
think. Total grief is where we are, but--
    Dr. Jensen. Yes.
    Mr. Issa. Apparently, that's not a bipartisan shared belief 
here.
    Dr. Jensen. Generative AI--
    Mr. Issa. The sympathy is limited.
    Dr. Jensen. Generative AI is not going to make better 
baseball players, so we're going to be hurting for a while.
    This is a critical question for someone who grew up raised 
by, also, a family that thinks about--my parents owned a small 
business, and so exactly what you're talking about I watched 
daily. I know it sounds like kitchen table issues, but it was 
like are we hiring someone, are we firing someone? So, the idea 
of imagining my mom and dad having to think about spending 
money on cybersecurity just blows my mind when I think about 
it.
    I think the path ahead for you in Congress is you actually 
have a great case study in the evolution of CISA. So, I think 
if you actually go back and look at all the fits and false 
starts really from 2000 forward, as we formed DHS, you began to 
pull in different agencies, and kind of really lay that out, 
that'll give an interesting roadmap, because even though CISA 
has taken the lead in defending the dot-gov, that's over 100 
different agencies, each that are very different with all sorts 
of diverse concerns.
    So, I think that is a great case study to start with and 
see what worked, what didn't want. The good news is, not to be 
a shameless self-plug, we're actually launching a big report on 
that history Monday at CSIS. So, we actually detail that 
history and talk about how you actually balance that, right. At 
a minimum, I would think there has to be some type of funding 
provision.
    So, for example, CISA will fund, for those Federal 
agencies, they get the first two years of continuous diagnostic 
and monitoring software paid for. After that initial two years, 
the funding becomes a bit more complicated, but at least you 
can give that jump start in. So, it would be a question of how 
you fund it, what's the right tool, and then we can't pay for 
everything indefinitely, so is there like a sunset period? Is 
there a cost-sharing provision? I think you actually have a 
good news story in how CISA has evolved and how you then could 
apply that to protect the small businesses, sir.
    Mr. Ivey. All right. And would that be--just to followup on 
that a little bit, I mean, sort of a funding source, and I 
would assume we would knock out--for example, law firms that 
are doing litigation, I don't know that we'd have to protect 
those. Those that have certain--qualify perhaps for national 
security providers of some kind or what sort of parameters 
could we set, so we could target whatever the funding is and 
get the most bang for the buck?
    Dr. Jensen. So, I think there's a number of different ways 
you could go about doing this. One would be look at--I'm not 
saying we go full Communist Party, but what is our national 
list of critical technologies, and make the fact if you're in 
some way, shape, or form involved directly or indirectly with 
that list, you qualify.
    The other is to just closely look at universities. So, I 
think the same logist actually applies to universities. The top 
58 universities between 2002-2010 accounted for 37 percent of 
patents granted, right. So, you're going to have to help both 
small businesses who are going fast follower they didn't build, 
barred, or Llama or Llama 2, but they're going to be really 
creative in how they're going to implement it.
    You're also going to have to go upstream and look at those 
university ecosystems because their budgets are getting hit 
every year. We're pulling money back at the State level. 
Private institutions are even seeing lower enrollment. So, I 
think there's going to have to be--the funding source will vary 
by the type of innovation and then even by the type of 
institution. So, it would be both small businesses and 
universities. I do think larger businesses, even though they're 
important, they can make those harder choices, but those are 
the two I'd be most concerned about, sir.
    Mr. Ivey. I'm overtime, but if I could ask just one last 
question. With respect to the larger companies who maybe aren't 
putting the money toward this that we would hope that they 
would, would you propose a certain set of standards that would 
guide them on that front, or should we just be requiring it at 
some level? What and how should we approach them?
    Dr. Jensen. Great question again, Congressman. Honestly, 
that's already been set in motion with some of the requirements 
to report cyber incidents, and the question is less about how 
do you do it as harmonizing who they report to. So, if you're a 
major company and you're publicly traded, are you reporting to 
the SEC first about this or are you reporting absolutely up how 
it should be through CISA to actually make sure there's 
visibility on that compromise.
    So, you've actually done a good job across parties on 
getting that right. It's just going to be harmonizing, because 
the last thing you want, even if you're a large business, is 
you get three phone calls, one from the FBI, one from the SEC, 
and then one from NSA, and then you're wondering which one do I 
return to first. So, I think those are in place for the larger 
companies. It's just a question of harmonizing that they know 
routinely which call they'd take first.
    Mr. Ivey. Thank you, Doctor.
    Thank you to all the witnesses.
    Thank you for your indulgence, Mr. Chair.
    Mr. Issa. You're most welcome. The indulgence came from the 
Ranking Member, who we'll now recognize, Mr. Johnson of 
Georgia.
    Mr. Johnson of Georgia. Thank you, Mr. Chair.
    Mr. Jensen, China has used AI-generated images to sow 
discord related to the Maui wildfires a couple of months ago 
that took 100 American lives. What is America's exposure to 
deepfakes and AI-generated images from China? How can that hurt 
us from a security standpoint?
    Dr. Jensen. I think deepfakes are going to be the defining 
security issue of the next 10 years. As awful as the wars that 
we find our partners in across--globally, unfortunately, this 
is the one that scares me the most, because what happens if you 
destroy trust in a society? You can't have an open polis and a 
republic if there isn't the ability to trust the information.
    Unfortunately, the technology is moving at a pace right now 
where it's very difficult to keep up with how you can help 
both, whether through just convention and practice, people 
identify the fakes, or do clever things like watermarking 
images. You still probably won't be able to do it with text, 
unfortunately.
    So, I think that you're grappling with the core issue. I 
would say that we've seen this too in some of the tabletop 
exercises we've been running. So, as part of that study on 
CISA, we got together 60 Federal and private sector CISOs, so 
from large Federal agencies and large companies, and we then 
had 1,000 Americans, a representative sample of 1,000 different 
Americans play the same game. Both populations were more 
concerned about deepfakes than I originally anticipated.
    So, I think both the general public is afraid and 
anticipated some of what we saw. We did these before the 
Chinese actually amplified the issues in Maui, and business 
leaders are. The question is, what do you do about it? I think 
it's going to have to involve a mix of both technological 
watermarking, so some requirement to mark images, and it 
probably is going to have to come up with something like the 
Motion Picture Association of America.
    Like how do we start to have some independent body that 
certifies well-documented fake things that are circulating? I 
don't know what that looks like, but I don't think it should be 
government necessarily, because that will quickly become 
polarized. If you have some entity that can just allow people 
to know, hey--I think most people are actually good at heart. I 
take a Locke view, not a Hobbs view. So, if you let them know 
they're inadvertently circulating fake stuff, I think a good 
number of them might back down. They don't want to be kind of 
told by a stranger they're circulating fake things. So, I think 
that's where you're going to have to get after it. I don't 
think we're ever going to stop China from doing it though, so 
it's just a question of rapidly identifying, triaging, and 
making sure people understand it's fake.
    Mr. Johnson of Georgia. Thank you.
    Dr. Hannas, what role do you think government should play 
in making sure that deepfakes and AI-generated images do not do 
us harm either national security or economically?
    Dr. Hannas. Probably not the best person to answer that 
question, Congressman. My concern is not so much with deepfakes 
per se, but with the technology that supports deepfakes, and 
that is AI moving onto artificial general intelligence, which 
opens up a whole lot of other scenarios, which we need to pay 
attention to, deepfakes being just one.
    Mr. Johnson of Georgia. Would--
    Dr. Hannas. I'm more concerned with control at--discrete 
control at the neuro level which could actually happen.
    Mr. Johnson of Georgia. OK. Well, let me ask that same 
question of Dr. Brennan. Thank you.
    Dr. Brennan. Thank you, Congressman. I think we've already 
started to see companies highlight this potential risk, and 
indeed Alphabet has got a new rule that says, if you're going 
to do a political advertisement and you're going to use 
generative AI, you need to disclose that to the viewers.
    So, there will be a combination of things that happen in 
the marketplace because people want customers and they don't 
want to harm their customers, but it will be important for the 
intelligence services and law enforcement to carefully monitor 
foreign groups that are perpetrating these activities and 
pursue them through all means necessary. We should expect that 
there will be more of this. China saw what Russia and Iran 
attempted in previous elections, and we should just expect it 
all the time now.
    Mr. Johnson of Georgia. Thank you.
    Mr. Sheldon?
    Mr. Sheldon. Thank you. Yes, I agree with the other 
panelists that this is a problem that likely could get worse 
before it gets better. I'm encouraged to see some 
experimentation both with people who are producing generative 
images, like the utilities that have created to do that, and 
with how some social media networks are promoting the ability 
for users to tag materials that are shared that may be 
generated.
    I think we need to have some more experimentation like 
that, as well as potentially some tools that operate as 
registers where people can identify that they've made and 
associated with a date, time creation, and intentions so that 
people can look at that sort of thing after the fact. They see 
something that looks suspicious and verify whether it exists on 
such a register. So, those are some of the ideas the community 
is playing with now.
    Mr. Johnson of Georgia. If I might, Mr. Chair, just one 
final question.
    Mr. Issa. Go ahead.
    Mr. Johnson of Georgia. Dr. Hannas, earlier this summer, 
the cybersecurity--excuse me, the Cyberspace Administration of 
China released guidelines for the adoption of generative AI 
technology, which included new requirements for how algorithms 
are built and deployed, as well as for what information AI 
developers must disclose to the government and the public. What 
is the significance of those regulations?
    Dr. Hannas. I think they're trying to do two things. Part 
of it is for show. They want to get out in front and 
demonstrate that they are--that the Chinese Government is aware 
of the problems with AI and controlling it, on the one hand. On 
the other hand, I do believe that they are sincerely--Chinese 
Government is aware of its citizens' concerns with privacy and 
are trying to address it, because they recognize this as a 
popular issue, and it's to their advantage to address these 
issues to keep the public happy, is what it comes down to.
    So, part of--it's two sided, like I said. On the one hand 
they're demonstrating to the world that they care; on the other 
hand, they're demonstrating to their own population that, yes, 
we hear your grievance and we're doing something about it.
    Mr. Johnson of Georgia. Thank you. I yield back.
    Mr. Issa. Thank you.
    I'll now recognize myself for a round of questioning.
    Dr. Hannas, this Committee enjoys a number of pieces of 
jurisdiction, and not every question being asked today is 
within our jurisdiction. One that is clearly within our 
jurisdiction is whether we grant any intellectual property 
protection for copyrights, patents, or even trademarks if 
they're produced using generative AI or not produced by human 
being in a substantial portion.
    Do you recommend that we adopt a policy of not granting 
intellectual property protection of that sort, specifically 
patents, trademarks, and copyrights; and if so, how would we 
enforce that?
    Dr. Hannas. I haven't thought about that problem, no. If I 
were asked to think about it, as you're doing now, yes, I think 
we need to accept the inevitable that generative AI--and I 
don't like to just look at that, because we're really dealing 
with artificial general intelligence at this point. That's just 
one manifestation of it. It's happening.
    Many of the scenarios, which were science fiction 20 years 
ago, are being taken seriously. They're talking about instead 
of 30-40 or 100 years from now in a couple of years from now, 
we'll be dealing with sentient artificial intelligence. So, we 
have to accept that this is going to happen and deal with it.
    Should we grant it rights? If it's sentient, we have to. I 
recognize that's not going to satisfy a lot of people, but I'm 
inclined to think that China is right on this score that we're 
heading toward a merger of human intellect and artificial 
intelligence that supersedes both.
    Mr. Issa. Dr. Jensen, I'll ask a similar question of you 
and sort of put your military and CIA hat on. Let's presume for 
a moment that one or more countries intend to collapse our 
intellectual property advantage, much of which is built on the 
back of intellectual property protection, particularly patents.
    Let's presume that this country, we'll just call it China 
for lack of a better name, ran its AI system for hours, weeks, 
and months, producing patent claims of things which are not 
reduced to practice. but reduced to what appears to be reduced 
to practice, puts a name on it coming out of a lab, we'll call 
it Huawei just for a name, and, in fact, boxes in with tens of 
thousands or even millions of claims, obviously costing a lot 
of money, but boxes in anyone who chooses to actually invent 
something, and then let's particularly assume that they license 
some and restrict many, is that a scenario that if any of you 
were running war games would effectively cripple other 
countries if you're first to strike?
    Dr. Jensen. Well, thank you for that question, Chair. I 
volunteer openly before all of you to come run that exact war 
game on high-end economic competition with your Committees, 
because I'm a big believer in the importance of that, and I've 
already done it with conference at offsite. This is part of--
    Mr. Issa. We'll take you up on it.
    Dr. Jensen. Deal. Done. I testified, so I have to. So, this 
is--I would actually take your scenario and take it one step 
further. I think a lot of--
    Mr. Issa. That was already bad enough.
    Dr. Jensen. Yes, well, we're going to make it worse, sir. 
Sometimes, we like to think about the history of military 
confrontation in terms of great men on horseback and decisive 
battle, but the more insidious side has always been political 
and economic warfare, and how States and loose networks of 
organizations can strict strategic choice and undermine 
economic productivity or even fundamental rights.
    So, you've laid out a really compelling move where you use 
a combination of technology and our own respect for the rule of 
law to crowd out the space of any one entrepreneur, that even 
if--with 10 years later in court we realize that was just a 
phony patent generated by a bot, heck, even the lawyer claim 
process turned out to be a fake AI person filing it online, 
it's already too late, right.
    I would compound that further with what really keeps me up 
is financial market manipulation as well, because there can be 
no innovation ecosystem if you don't have access to reliable 
capital. So, I would put those two together and start to ask 
really hard questions about how do we actually create an 
environment that makes that difficult, and then probably in 
other title 50 communities, what is that war in the shadows 
that denies the adversary the ability to make those moves, 
which I've talked about it in the written testimony.
    I think we did that in the early 1980s with some of the 
software sabotage that helped the Soviets think twice about 
stealing American code. We may get back to that world, and I 
think that's not a bad idea. It's better than open 
confrontation. It's going to have to be a multifaceted look at 
economic and political competition going forward, exactly along 
the lines you lay out, sir.
    Mr. Issa. Thank you.
    I'm going to ask one final question, and this one is 
clearly outside of the jurisdiction of any one Committee, but 
it's a step that might happen in the foreseeable future. 
Government has the ability to create regulations or standards. 
Usually, we do those in concert with industry. When we do them 
best, we do them in close concerts and collaboration with 
industry.
    We also have the ability within that to require fitness or 
testing. We'll use the post-2009 stress testing of banks and so 
on. We haven't done that in cybersecurity. We've allowed it to 
grow with the idea that the FTC will absolutely cripple you 
after it happens, unless you're the government and all our 
clearances are now in hands of nefarious people.
    Should we do it, and if so, would a combination of, if you 
will, a U.S. or even a U.S. and ally global umbrella of basic 
security layer that is there, and obviously this would be 
primarily implemented at the cloud level of each of the major 
cloud participants, many of whom have already on their own 
initiative done some of this, and then within the cloud 
community, currently we do not require, and essentially, we'll 
use Oracle or Microsoft or Amazon, any of them, we don't 
require them to look into the data bases of their clients for 
fitness.
    Yet, because they're in the cloud and because that 
technology certainly could be implemented, these companies 
could have a basic standard of fitness that they would be able 
to do. The question is, should this be something that Congress 
looks specifically at and works in concert--Energy and Commerce 
and other Committees works in concert so that we develop those 
two tools, the umbrella of protection and the system of 
fitness?
    Dr. Jensen. So, the good news is, after I answer this, I 
actually know someone who might be sitting at this table who is 
an expert on the cloud. So, I'll defer to the cloud part. I 
think the stress testing, the key would be to do this before 
something like the 2008 financial crisis, and that's going to 
be a hard sell, but it's something we thought a lot about on 
the Cyberspace Solarium Commission.
    So, I served as the Senior Research Director on that, and 
one of the things that kind of lingered over a lot of those 
recommendations was always this idea of how do you actually 
work across multiple jurisdictions even within our own elective 
institutions, but then also with your partners, and I think 
some of those are starting to bear fruit.
    So, the first step was you had to put the ONCD in place to 
try to, as like Engles said, ``be the quarterback,'' that's 
still playing itself out but working across to kind of do that. 
The second level that they're just starting is really this idea 
of maybe not security cooperation but cyberspace security 
cooperation, and not obviously the Cyber National Mission Force 
but teams from DHS and FBI who work with partners.
    In all of this, whether it's stress testing or red teaming, 
the key is--which is actually how Threat Hunt really got 
started--is to let smart people try to break your system so 
that you can learn from it. So, whatever the form it takes, if 
you can just hold onto that and make people play in a way 
they're open. The benefit of this is the stress testing because 
you mandate it, banks have to play, they probably pull their 
punches once in a while, but you know it, it's built up over 
time, you can monitor it. You would have to do something 
similar.
    The hard question on the stress test would be how many 
players. There's a massive cyber exercise that takes place 
every two years, the Cyber Storm that's run there, you'd need 
something like that or even just to augment some of the 
requirements of Cyber Storm to get after it. I think the stress 
test is a phenomenal idea, and I defer on the fitness of the 
data in the cloud, sir.
    Dr. Brennan. Thank you, Chair, for the question. If you 
remember, back in your days in the Army, we had a lot of 
readiness exercises we would do to be ready and prepared for 
these sorts of days when they eventually come. I think the 
cloud service providers have inherent incentives to make sure 
that their customers are protected. They have programs to 
constantly remind them of times and ways in which they maybe 
are not using all the security features of the cloud, and after 
spending more than seven years working with governments to 
implement cloud computing technology, I think the leading CIOs 
and CISOs, even in the Federal Government, believe that they're 
safer in the cloud.
    Now, that said, if Nation States are going to attack us 
constantly and attack private citizens and private 
infrastructure, then I think we should also expect our 
government to protect us.
    Mr. Issa. OK. With that, because we do have conferences of 
both Republicans and Democrats going, and because there's an 
unknown question of the vote, I'm going to recess until a time 
certain, which will be 12:30, unless we are voting on the 
floor, in which case, extend your lunch.
    So, with that, we stand in recess.
    [Recess.]
    Mr. Issa. The Committee will come to order.
    We'll now go into the--we don't know if anyone else is 
going to come back, but what you have to say is too important 
for us not to make the record complete. So, in spite of the 
fact that we neither have a Speaker nor are we well organized 
and with adult leaders, this Committee will attempt to do that.
    So, I'm going to followup with a couple of questions, but 
if there are things you want to get out that come up from 
previous questions and so on, we're going to deal with this 
like an open forum to a great extent, and if other Members come 
in, we'll recognize them as they come in.
    I want to ask you a broad question, and that is, if China 
goes unchecked on its current trajectory, what do you believe 
will be the result to American enterprise? Then the flip side 
of it is, if we are to act with legislation, regulations, and 
procedures, what are the most important among them, other than 
money, which is usually the answer that we get first? So, we'll 
go and--starting with Mr. Sheldon.
    Mr. Sheldon. Thank you, Mr. Chair. I'll constrain my answer 
to just a couple topics that already came up this morning. 
First, I wanted to talk about promoting better defenses for 
people in small business. I think that was a really productive 
exchange. I just wanted to add a couple points. One is that it 
is the case that sometimes cybersecurity technologies just 
operate better at scale, and in addition to being costly, it 
just helps to be able to build a big, mature security program 
that can operate 24/7 by 365.
    So, one thing that we encourage for policymakers to do is 
think about how to make accessible things like managed security 
services, which can kind of bring down that level of maturity 
that you only usually find in large companies down to very 
small companies. So, that's a thing that I would encourage for 
us. It's worth exploring how we can use tax incentives or other 
tax mechanisms to be able to promote the adoption of those 
types of technologies in small businesses.
    Then the second thing, you asked a great question earlier 
this morning, from my point of view, on stress testing and 
thinking about how to get platforms to be able to govern the 
sort of areas of risk under their control. I think that over 
the past 15 years, there's been an interesting change in terms 
of how we've thought about trying to do that.
    If you go back to a long time ago, there was some 
discussion around using internet service providers as the sort 
of enforcement point to try and protect individual companies or 
individuals. Then more recently, we've seen some interest in 
getting cloud service providers to do the same sort of thing. 
Of course, in both those cases, there's a countervailing 
interest in protecting individuals' privacy and company 
interests as well, and that's why the system that we have now 
is largely predicated on people trying to defend themselves.
    There's a thing that's happening within the U.S. Government 
right now, and it's being driven by CISA, which I think is a 
really interesting and important way to square the circle, and 
that is to try and get more concepts like secure by design and 
secure by default adopted by major platform providers.
    The idea behind that is to ensure that you have a situation 
where companies are accountable for delivering secure services 
to different users, and that so that vulnerable users aren't 
the ones bearing the responsibility solely for their own 
defense. That's a really important concept that we can help 
promote over time. Thanks.
    Mr. Issa. Dr. Jensen.
    Dr. Jensen. I'm excited to answer this question. Actually, 
at lunch we were talking about how he wished he could've 
answered the small business one, sir, so that was great.
    I want to start with the first one about unchecked. I 
wonder what will break first, the Chinese Communist Party or 
the American economy. I am not an optimist for China's future 
at all. When you have a nation of 1.4 billion that suppresses 
basic human freedoms and women's right to even have a 
productive dialog in their society, that shows you things 
aren't going well.
    Usually, authoritarian regimes are their most dangerous 
when they're at their death's door, and that means that they 
will use the competition with the United States as a way to 
possibly rally around the party, right, to basically come at us 
at every means possible. I think you've laid out a number of 
those scenarios, both very creative ways of tying us up 
legally, accelerating economic warfare, accelerating political 
warfare, getting us stuck in arms races that are important but 
ultimately self-defeating from a net assessment standpoint.
    Now, how do we compete in that, and what can Congress, in 
particular, do to compete in that? Because I do think our 
service-
members are ready for that challenge, have been planning for 
some time. I think it gets back to what we're talking about, 
how do you promote innovative new companies without 
overregulating them? I 100 percent agree, this is not a money 
question. This is a smart governance question and creating that 
kind of playing field, so whether it's--whatever the mechanism, 
credits, subsidies, there's better experts on that to figure 
out the right calibration for small businesses and 
universities, so that you make it harder for the Chinese 
Communist Party to get in, you alter the cost-benefit 
calculation.
    I think tech standards are more than just secure by design. 
We need to start sending our top diplomats to the International 
Technical Union to negotiate new standards and as technology 
comes online. I do also think the stress testing--I don't know 
if Congress can mandate that, but whatever instrument you could 
use to push for more than just Cyber Storm large-scale games.
    Mr. Issa. Just in case you thought it was a made-up 
question, the concept of how we would do it is to reign in the 
Federal Trade Commission by creating a safe harbor. Almost 
every company of any size, their greatest fear is somebody will 
hack in, some employee will misuse their own authority, and 
then they will be under a consent decree for years at a very 
expensive oversight, even happens to very small companies, 
sometimes putting them out of business.
    So, one of the questions we've had in the past--and, again, 
not completely within our jurisdiction, was the Federal Trade 
Commission has a great ability, except if you're in government, 
to beat the living hell out of you after you've already been 
hurt--
    Dr. Jensen. Yes.
    Mr. Issa. --by some sort of an event, but they do nothing 
or virtually nothing to tell you what to do to prevent it. They 
tell you, well, use the best standards. It's like, well, if it 
fails, by definition they're going to say you didn't meet 
whatever the best standards were.
    Safe haven of a quote, ``recognized stress test'' and if 
you will, cloud compliant would seem to be where the government 
can say, if you do this, we will give you--even if something 
bad happens, and eventually it will, because nothing is 
perfect, we give you the safe haven, safe haven from 
litigation, safe haven from your own government. It doesn't 
mean you don't have to fix it, it doesn't mean you don't have 
to make people whole. That was where we saw the soft hand.
    Dr. Jensen. Yes.
    Mr. Issa. The late Colin Powell always said that the way he 
got problems solved, including in Haiti, was he went down 
there, and he explained to the dictator that the carrot he was 
offering is if he left, he wouldn't use the stick. That is sort 
of what we're saying, is we already have a stick.
    Dr. Jensen. Yes.
    Mr. Issa. Let's find a way to tell people that if they meet 
standards, we won't use--we won't be allowed to use the stick.
    Dr. Jensen. So, final point to build off that, I think 
there's something also then, too, to pooling cyber statistics 
and having transparent data. So, we for years have had the 
ability to have near misses reported anonymously to the FAA 
that lets make aviation safer. If we don't start pooling cyber 
statistics and anonymizing them, we're not going to have a 
sound set of data to actually be able to price risk. It would 
be like trying to run the American economy without accurate 
inflation data, accurate GDP data, accurate unemployment data.
    Then, the last would be visibility in supply chains. I'd 
defer to other folks on that, but how do I make sure that what 
we produce and is patent protected isn't being bought by front 
companies and given to our competitors.
    Dr. Brennan. Chair Issa, back to your first question about 
if China goes unchecked, I think as we look back on the end of 
the cold war, there's one story line that says the American 
economy bankrupted the USSR. So, you can analogize to a world 
where China tries to fight a war of economic attrition with all 
the waste and abuse they can try to get into our system through 
cyber-attacks, theft of intellectual property, et cetera. So, 
that's a very bleak side of the story, and we definitely have 
to keep investing in the institutions and government that 
protect us from that.
    On the more positive front, I think our public sector 
employees need more help. There are now advanced persistent 
threats that they face every day. The volume of information 
that they're trying to process on behalf of us all is orders of 
magnitude larger than what we imagined or had to deal with as 
young people. They don't have AI-ready data. They just have 
data.
    So, we really need to start working on the more than 700 
AI-
related initiatives that agencies and departments have 
identified already. They need to start getting experience 
around it, and especially how to apply modern security 
practices to this AI-ready data that are going to create in the 
new applications that they're going to build to deliver better 
services to us all.
    Mr. Issa. Thank you.
    Dr. Hannas.
    Dr. Hannas. In terms of reigning in China, let me speak to 
what I know--I think I know best. You're not going to stop the 
informal technology transfer that's happening. It's been going 
on since the 1800s by some measure. It's become part of the 
national psyche, and it's not going to go away, unlike Japan 
and South Korea and even United States, which once they became 
developed nations, technologically proficient, they stopped 
borrowing from abroad.
    Mr. Issa. You're saying informal, so you're saying more 
universities who publish what they've done and that are shocked 
that it suddenly disappears into Chinese hues?
    Dr. Hannas. It's a term of art. Informal, extralegal 
transfer, the kinds of--anything that we don't want to happen 
that's being transferred is--
    Mr. Issa. So, you're talking about theft?
    Dr. Hannas. Yes, I guess so.
    Mr. Issa. OK. I just want to make sure that--because 
obviously one of the things that we'd really do, we'd publish 
in New England Journal of Medicine all kinds of things that are 
very valuable. It costs a lot, and we do, in fact, create a 
take-it-if-you-want-it environment, but you're talking about 
over and above that, there's always been somebody sneaking in, 
getting you to hire one of their people for six months to get 
to know and then run back.
    Dr. Hannas. We identify three major categories of 
informal--of technology transfer, legal, illegal, and 
extralegal, which splits the difference. Extralegal, we don't 
know whether it's legal or not because we're not observing it. 
We can, but we don't. We're not equipped to do it, which gets 
to my point, you won't stop the informal tech transfer, but you 
can get out in front of it with the right amounts of data.
    Chinese scientists, administrators, particularly when 
they're speaking in Chinese, although they know darn well 
they're being monitored, they don't feel it in their gut. I'm 
sure they're listening to me saying this right now and shaking 
their heads. That's the truth. They say the darnedest things in 
their open-source materials, and it can all be captured. We've 
run pilot programs to do that.
    So, you can understand what's going to happen in the areas 
of technology transfer by identifying their needs, first, what 
do they need--what do they need to acquire that they can't 
develop on their own, and then also identifying beforehand and 
monitoring the venues through which they fill these needs, and 
it's all doable.
    As far as the AI development effort, ditto for that. I 
can't say that I can recommend any policies for how to mitigate 
it. I'd be speculating. What I can do is say emphatically that 
if you want to understand where they're going, you can't do it 
without data. We don't have that data at present. We have 
snippets here and there from which we could extrapolate. We 
don't have a whole picture.
    Mr. Issa. I've got a followup question. Currently, what 
they call a BIS controls the Department of Commerce. It's a 
major undersecretary position. It controls exports. It's your 
export control, if you will. It's an export control for 
hardware effectively. When you look at software, things 
available on the internet, there isn't, in fact, a specific 
agency, and that agency is not charged with, for example, 
saying that this technology or time on this computer is, in 
fact, a national asset.
    So, currently, if I'm sitting in China and I simply rent 
time on a generative AI computer, if you will, I can actually 
take what somebody else has developed, and it's fine. I'm just 
buying it. Yet, that could allow me to develop some of the most 
sinister items, even if I didn't have the capability in my home 
country. I'm speaking of China, but I'm also speaking of non-
State players anywhere in the world who simply have somebody 
that's willing to give them the dollars.
    What concern do you think we have, and how should we thwart 
it with--and I'm including non-State actors, because I think 
we've concentrated on China, that's the primary, but I think 
this is a broader question of export controls on our AI 
capability. We'll go the other direction this time.
    Dr. Hannas. I'll take a first crack at that. I've seen so-
called military technology control lists come and go. I don't 
personally think that there is much to be gained by putting 
together a list of technologies, hardware or software, that 
are, quote, ``at risk, because they're almost always obsolete 
at the time that they're published,'' on the one hand. On the 
other hand, you have to do something. You have to identify what 
you care about and what you don't care about, so you know what 
to emphasize.
    The bigger issue here is, and you put your finger on it, is 
this whole notion of, basic science, where that stuff is 
already patented, not hardware, not machinery, not weapons, but 
the technologies that are underlying that as they're in the 
developmental stage. We for a long time, as a country, have 
drawn like a line there.
    Correct me if I'm wrong, colleagues, but my understanding 
is that we have pretty much let that be open market free reign. 
It's not something we want to restrict. Now, the National 
Science Foundation, for example, for the first time is starting 
to take into account that maybe we need not to be so open in 
this area.
    That's the U.S. side. I can tell you, again, that China 
understands this perfectly well, and they identify in their 
open pronouncements the need for them to access technology 
while it's still in the early stages and while it's still basic 
science. The one thing they don't really do well is basic 
science, and for that reason they're eager to acquire it.
    Dr. Brennan. If I could add to that, I would say, it's 
important to have this security mindset and overlay exist 
within each of our agencies and departments, especially as they 
think about the types of data and types of applications we'll 
need, each agency and departments continuing to go through a 
digital transformation in many respects, and they ultimately 
are closest to how to properly protect and control this data.
    I agree with my co-panelists that we want to preserve an 
open society where people can study what they need to study, 
learn what they want to, and then create the inventions that we 
need next, but we should now be mindful of the fact that there 
is an active, persistent effort to try to steal all that from 
us.
    So, organizations like the Department of Commerce, 
organizations like CFIUS and others, really need to be close to 
this problem, and we need to rely on them to come up with the 
right regulations and rulemaking, because they're so close to 
the right disciplines and domains that they manage.
    Dr. Jensen. Chair, I think in two extremes you've kind of 
heard it. You either can lock it all down, in which case, the 
cost is you will be less innovative just because there's fewer 
people exchanging information; or you can completely open it 
up, right, and then you buy innovation through letting people 
exchange ideas, but with the clear risk of slippage into other 
nefarious actors.
    Obviously, those are extremes, and the challenge of 
legislation is how to find something in the middle. I think the 
key to something in the middle should always be an eye on 
trusting our ability to out innovate our adversaries. The fact 
that they aren't good at basic research should mean we double 
down in basic research. Then separately, probably find a way, 
which would be outside of this Committee, to basically go after 
it through title 50 means where give them indirect costs for 
stealing certain things. I just don't think export controls 
will work in a global supply chain as well as they have maybe 
historically.
    Mr. Issa. With that, I'm pleased to introduce our acting 
Ranking Member for his round of questions, the gentleman from 
California, Mr. Lieu.
    Mr. Lieu. Thank you, Chair Issa.
    Thank all of you, to the witnesses, for being here.
    So, there is this issue I was briefed on earlier where 
countries like China or Germany and so on will say come to our 
courts and we'll enforce IP, and then the court will basically 
set or essentially agree to a worldwide rate for that IP. So, 
you have a Chinese court educating disputes between a U.S. 
company and, let's say, a Scandinavian company. It seems sort 
of absurd to me that this happens, and I don't know why 
companies here have to listen in Chinese courts, but it ends up 
there's an agreement that they have to follow. What do you say 
to sort of try to solve that problem?
    Dr. Jensen. I guess, Congressman, I'll listen to a Chinese 
court when they listen to their own citizens. I guess, the 
starting point would be--I think triadic patents are still an 
important vehicle, because otherwise, if we let any one country 
just recognize the patent, we see what's happened in the past 
with those ridiculous curves where it's the number of patents 
granted by any one country. So, I think finding ways to make 
sure that you have multiple country recognized versus any one 
country recognized and then held over the U.S. corporation or 
any U.S. entity that's being taken to task.
    Mr. Lieu. Let me ask you this, are you generally aware of 
this problem that has started to occur now in countries like 
China or Germany or other places where they say come to our 
courts and we're going to set this worldwide rate?
    Dr. Brennan. It's not an area that we've dealt with on a 
scale. In general, the idea of people shopping for a venue and 
then trying to get a consent decree that conforms to the policy 
they're trying to establish is a tactic that we'll see more of. 
I think it's important that we continue to push in the World 
Trade Organization and other international venues the 
protection of intellectual property and national rights.
    There is an effort to have a separate world order that 
China is trying to organize with Russia, the Taliban, the other 
organizations they've invited to the Belt and Road Initiative 
recently. That's not a part of the world order that we want to 
be part of, so we need to continue to push back with our ideals 
and values.
    Mr. Lieu. OK. Thank you.
    So, another question I have is that American businesses are 
often targeted by China for their intellectual property, either 
as a cost of doing business in country or through cyber 
intrusion. Is China targeting artificial intelligence 
technologies in this way, and have they been successful, if any 
of you know?
    Mr. Sheldon. I can speak to that. Thank you, Congressman. 
We have seen interest from Chinese threat actors that we 
associate with a nation State in targeting industries like 
semiconductors, cloud service providers, and even companies 
have been doing applied R&D or productization of AI 
technologies for the purposes of intellectual property theft.
    Mr. Lieu. OK. Thank you.
    So, the National Institute for Standards and Technology, 
otherwise known as NIST, describes trustworthy AI as 
incorporating validity and reliability, accountability, and 
privacy, among other essential building blocks. In its 2019 AI 
guidelines, the EU included ethics principles for trustworthy 
AI. Do you believe Congress should incorporate trustworthy AI 
into its legislative proposals? What's your view on that?
    Dr. Brennan. Congressman, thank you for that question. We 
definitely support the administration and the leading companies 
around the world who are developing these models in embedding 
ethical and responsible AI principles in what we're doing. The 
NIST's AI risk management framework is a great articulation of 
that, and we also see it being implemented through model 
regulations and organizations like the U.S. Department of 
Defense.
    In order to really achieve ethical responsible AI, it's 
important to have humans in the loop at every step and to have 
test and evaluation methods that rely on benchmark tests that 
are often created by academic organizations or Federally funded 
research and development corporations to ensure objectivity.
    Mr. Lieu. Even if other countries like China, if they were 
to not adopt any sorts of guardrails or frameworks like what 
NIST has put out, do you believe the United States and 
specifically Congress should still do so?
    Dr. Brennan. Congressman, I think it's very important for 
the United States to continue to lead in this regard. In my 
testimony, I talked about it being more important to get it 
right than to be first and to create the kind of governance 
framework that other countries around the world will respect 
and want to implement.
    The alternative is, if we do not continue to lead, China 
will continue to promote the kinds of regulations that they've 
been drafting, which include language like you cannot use 
artificial intelligence to subvert the People's Republic of 
China, Chinese Communist Party, and the other values that the 
Chinese Communist Party upholds.
    Mr. Lieu. Thank you.
    Then my final question to Mr. Sheldon: How has China's 
acquisition of data through Chinese-based applications, 
purchases from data brokers, and cyber intrusions assisted the 
PRC in the development of artificial intelligence, and can you 
explain this strategy of mass data acquisition?
    Mr. Sheldon. Thank you, Congressman. I think we should have 
an expectation that China will continue to aggregate large data 
sets for a variety of different purposes. In some instances, it 
could be the case that there are future-use cases that they 
haven't even resolved yet that they want to have data stores on 
hand, and obviously the advent of AI makes data that they have 
been able to aggregate much more valuable.
    So, it seems clear that some of the data stores that they 
have targeted over the last number of years have informed 
counterintelligence-use cases, R&D-use cases, and other 
technological development, and then there could be future ones 
as well, and we should be alert for that.
    Mr. Lieu. Thank you. I yield back.
    Mr. Issa. Well, a time often comes, even in our hearings, 
when they have to come to an end. I want to thank our witnesses 
for their testimony.
    As is the practice of the Committee, we're going to hold 
open for five days for additional questions, if you'll agree to 
take them and respond, additionally any additional thoughts 
including publications that you think would be helpful. If you 
submit them, we'll place them in the record.
    With that, I thank you again, and we stand adjourned.
    [Whereupon, at 1:01 p.m., the Subcommittee was adjourned.]

    All materials submitted for the record by Members of the 
Subcommittee on Courts, Intellectual Property, and the Internet 
can
be found at: https://docs.house.gov/Committee/Calendar/ByEvent 
.aspx?EventID=116383.

                                 [all]