There are a number of further fixes to 1030, to the Computer Fraud and Abuse Act...

Can you do that through regulation now? Can you make those demands through regulation?

I understand that. But once they are in your app store----

Transparency in what we do in government and outside of government, when it is not fiduciary and when it is not proprietary, is important for the American people, as is the issue of privacy.

There is no comprehensive Federal legal requirement that requires data breach reporting either to customers or law enforcement.

Like writing in plain English instead of lawyerese?

What I find is in Congress a lot of time we talk past each other.

We think that there are--although we do not have a specific proposal, there are undoubtedly--there is a reasonable period of time that Congress can require providers to retain data...

Would you mind submitting to the Committee which are which so that it can guide us in addressing where we think we might need to go?

I think we need to be very careful on this idea of security because the greatest example I know is we spend $64 billion a year on IT in the Federal Government, and then on top of that, we spend tens of billions on security, and we are…

I hope after you all testify that you will hang around and listen to the second panel.