Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
T R A N S AT L A N T I C C O O P E R AT I O N F O R G R O W T HA N D S E C U R I T Y
Sigram SchindlerFoundation
5 TRANSATL ANTIC MARKET CONFERENCE
thTHE 5th
DIN German Institute for Standardization | Am DIN-Platz, Burggrafenstraße 6 | 10787 Berlin | Germany | www.din.de
5TRANSATL ANTIC MARKET CONFERENCE
th
THE 5th
02 43
T H E 4 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
IMPRINT
DIN German Institute for StandardizationAm DIN-PlatzBurggrafenstraße 610787 BerlinGermanyPhone +49 30 2601-1112Fax +49 30 2601-1115E-mail: [email protected]
Editor: Sibylle Gabler
Designed and set by: ERGO Industrie werbung GmbH, Berlin
Photos: Christian Kruppa
Printed by: Rotadruck GmbH & Co. KG, Berlin
94369/2011-11
For presentations, please refer to:www.din.de/sce/tmc
ORGANIZERS
ORGANIZING PARTNERS
SUPPORTING PARTNERS
03
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
DRÄGER FOUNDATION, Lübeck, Germany
DIN GERMAN INSTITUTE FOR STANDARDIZATION, Berlin, Germany
GERMAN AMERICAN BUSINESS COUNCIL (GABC), Washington, D.C., USA
SIGRAM SCHINDLER FOUNDATION, Berlin, Germany
AMERICAN NATIONAL STANDARDS INSTITUTE (ANSI), Washington, D.C., USA
GERMAN AMERICAN CHAMBER OF COMMERCE, INC., New York, NY, USA
U.S. CHAMBER OF COMMERCE, Washington, D.C., USA
AMERICAN INSTITUTE FOR CONTEMPORARY GERMAN STUDIES (AICGS), Washington, D.C., USA
AMERICAN CHAMBER OF COMMERCE IN GERMANY, Frankfurt/Main, Germany
GERMAN EMBASSY TO THE UNITED STATES, Washington, D.C., USA
WASHINGTON, D.C., O CTOBER 16 –18, 2011
T R A N S AT L A N T I C C O O P E R AT I O N F O R G R O W T HA N D S E C U R I T Y
The conference was a joint initiative of:
04
HOSTS
DRÄGER FOUNDATION | Lübeck
The Dräger Foundation, established in 1974, is a non-profit institution com-mitted to the promotion of science and research, especially in the fields ofnational and international economic and social order, international policyand law, and the environment. The Malente Symposia are the Founda -tion’s most comprehensive recurrent events. Young Leaders Study Groupsare designed to foster leadership qualities in young professionals by stim -ulating dialogue across national boundaries and across professional sec-tors and to create a new network of future global leaders. In addition, theFoundation is involved in a range of activities serving the public good inLübeck and the surrounding region. For more information please visitwww.draeger-stiftung.de
DIN GERMAN INSTITUTE FOR STANDARDIZATION | Berlin
DIN, the German Institute for Standardization, is a private organizationregistered as a not-for-profit association. Its members come from industry,associations, public authorities, commerce, the trades and researchorganizations. Based in Berlin since 1917, DIN offers stakeholders a plat-form for the development of standards as a service to industry, the stateand society as a whole. DIN is the acknowledged national standards bodythat represents German interests in European and international standardsorganizations. Apart from coordinating national activities, the permanentstaff at DIN are responsible for organizing German participation in stan-dards work at the European and international level.www.din.de
GA B C | Washington, D.C.
The German American Business Council is a non-profit, non-partisanorganization dedicated to assisting German and American companies.Based in Washington, D.C., the GABC serves its corporate and individualmembers not only in the greater Washington area, but also in other U.S.states and in Germany. Since its founding as an initiative of the Embassy ofthe Federal Republic of Germany in 2004, the organization has increasedits membership steadily. Its members hold senior positions in their respec-tive companies. GABC is one of the prime organizations where membersfrom both countries can meet, exchange their views and get together withkey business and political leaders from both sides of the Atlantic.
SIGRAM SCHINDLER FOUNDATION | Berlin
The Sigram Schindler Foundation was established in Berlin in 2006 byProfessor Sigram Schindler, the founder, CEO and majority shareholder ofTELES AG, a technology leader in the field of cutting-edge telecommunica-tions. The Foundation is a non-profit institution committed to the promo -tion of science and research, education and culture, related in particular tointernational communications. The Foundation may promote, assign andfund innovations, create and develop projects at universities and researchinstitutes, establish university professorships and grant scholarships, forexample, to PhD students or researchers.
05
P R O G R A M
� | SUNDAY, OCTOBER 16, 2011
RECEPTION AND DINNER
09 WELCOME
Professor Dieter FeddersenMember of the Board, Dräger Foundation, Lübeck, GermanyDr. Torsten BahkeDirector, DIN German Institute for Standardization, Berlin, Germany
13 OPENING ADDRESS
How Can We Deal with Risks from the Internet?Why Privacy Legislation Is Hot NowProfessor Peter P. SwireC. William O’Neill Professor of Law, Ohio State University, Columbus, Ohio; Senior Fellow, Center for American Progress, Washington, D.C., USA
� | MONDAY, OCTOBER 17, 2011
PLENARY SESSION Cannon House Office Building
WELCOME ADDRESSES
14 Professor Dieter FeddersenMember of the Board, Dräger Foundation, Lübeck, Germany
15 Dr. Torsten BahkeDirector, DIN German Institute for Standardization, Berlin, Germany
16 Arthur E. Cote,Chairman of the Board, American National Standards Institute (ANSI), Washington, D.C., USA
KEYNOTES
International Harmonization of IPR – The U.S. Invitation18 David Kappos
Under Secretary of Commerce for Intellectual Property, United States Department of Commerce; Director, United States Patent and Trademark Office (USPTO)
Protecting Critical Infrastructures – How to Reduce Public and Private Vulnerabilities
19 Dr. Terry GudaitisDirector, Cyveillance, Inc., Fairfax, VA, USA
DISCUSSION
Moderator: Dr. Ulf GartzkeDirector Washington Office, Hanns Seidel Foundation, Washington, D.C., USA
Conference ReceptionVenue:Hay-Adams Hotel800 Sixteenth Street, NWWashington, D.C.
Conference Venue:Cannon House Office Building & Convention Center, Capitol Hill Washington, D.C.
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
06
PROGRAM
New Technologies and the “Privacy versus Security” Debate
PANEL DISCUSSION
20 PANELISTS:
Jörg Asma Partner, KPMG AG, Cologne, GermanyProfessor Marc RotenbergPresident & Executive Director, Electronic Privacy Information Center (EPIC);Professor, Georgetown University Law Center, Washington, D.C., USAKlaus-Peter StatzPresident & CEO, Deutsche Telekom, Inc., New York, NY, USA
Moderator:Dr. Benno W. Bunse President & CEO, German American Chamber of Commerce, Inc., New York, NY, USA
Transatlantic Cooperation in IT, IP and Supply Chain Security – The Value of Common Standards and Legal Views
PARALLEL BREAKOUT SESSIONS 1–4
22 BREAKOUT SESSION 1
IT and Corporate Security
Chair:Dr. Johannes Bohnen Founder & Partner, Bohnen Kallmorgen & Partner, Public Affairs, Berlin, Germany
Speakers:Larry ClintonPresident & CEO, Internet Security Alliance, Arlington, VA, USADr. Sandro Gaycken Researcher, Institute of Computer Science, Freie Universität Berlin, GermanyHans von SommerfeldGesellschaft für Informatik e.V. (GI), Chair of GI’s Special Interest Group “ Security – Protection and Reliability Evaluation, Certification, Quality and Standards,” Berlin, GermanyJody R. WestbyCEO, Global Cyber Risk LLC, Washington, D.C., USA
23 BREAKOUT SESSION 2
Protecting IPR – Recent Trends in Copyright and Trademark Law
Chair:Peter S. Rashish Vice President, Europe and Eurasia, U.S. Chamber of Commerce, Washington, D.C., USA
Speakers:Dr. Matthias Leonardy CEO, Gesellschaft zur Verfolgung von Urheberrechtsverletzungen e.V. (German Federation against Copyright Theft), Berlin, GermanyGerard J. Lewis, Jr. Vice President, Deputy General Counsel & Chief Privacy Officer, Comcast Cable, Philadelphia, PA, USA
07
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
Anthony V. Lupo Lawyer & Partner, Arent Fox LLP, Washington, D.C., USAAlbert TramposchAdministrator for Policy and External Affairs, United States Patent and Trademark Office, Alexandria, VA, USA
24 BREAKOUT SESSION 3
Recent Trends in Patent Law – Chances for Transatlantic Cooperation
Chair:The Honorable Robert StollCommissioner for Patents, United States Patent and Trademark Office(USPTO), Alexandria, VA, USA
Speakers:Professor John F. Duffy Armistead M. Dobie Professor of Law, University of Virginia School of Law, Charlottesville, USAProf. Dr. Heinz GoddarPartner, Boehmert & Boehmert, Munich, Germany; Honorary Professor for Intellectual Property, University of Bremen, GermanyNicholas P. GodiciExecutive Advisor, Birch, Stewart, Kolasch & Birch, LLP; former Commis-sioner for Patents, USPTO, Falls Church, VA, USADr. Rainer JäkelDeputy Director-General for Innovation and Technology Policy and Strategy, Federal Ministry of Economics and Technology (BMWi), Berlin, Germany
25 BREAKOUT SESSION 4
Supply Chain Security
Chair:Wolfgang PordzikExecutive Vice President for Corporate Public Policy, Deutsche Post DHL, Washington, D.C., USA
Speakers:Edna Conway Chief Security Strategist, Global Value Chain, Cisco Systems Inc, Merrimack,NH, USABill RaischFounding Director, International Center for Enterprise Preparedness (Inter-CEP), New York University, New York, NY, USAAdam W. SalernoDirector, National Security and Emergency Preparedness, U.S. Chamber of Commerce, Washington, D.C., USAArne SchönbohmSchönbohm Consulting; CEO, BSS BuCET Shared Services AG, Munich, Germany
27 RECEPTION AND DINNER
Welcome:H.E. Dr. Peter AmmonGerman Ambassador to the United States
REMARKS:
Steve WilliamsPresident, GABC; Senior Director for Europe/Eurasia and Israel, LockheedMartin Corporation, Arlington, VA, USA
Conference ReceptionVenue:Residence of the German Ambassador to the UnitedStates
08
PROGRAM
32 DINNER ADDRESS:
Civil Security in Transatlantic Relations – Reconciling Differences
in Perceptions, Concepts, and Requirements
Dr. Christian Ehler, MEPMember of the Committee on Industry, Research and Energy, the Subcommit-tee on Security and Defense and Substitute Member of the Committee on For eign Affairs, European Parliament; Chairman of the Board, German European Security Association (GESA e.V.), Berlin
� | TUESDAY, OCTOBER 18, 2011
PLENARY SESSION Cannon House Office Building
REPORTS FROM THE BREAKOUT SESSIONS
Moderator:Gary Kushnier Vice President, International Policy, American National Standards Institute(ANSI), Washington, D.C., USA
34 PANEL DISCUSSION
New Strategies against Cyber Attacks and Room for Transatlantic CooperationPANELISTS:
Andreas EbertHead of Information Security, RWE AG, Essen, GermanyKristen MillerLead Privacy Strategist, MITRE Corporation, McLean, VA, USAGregory T. NojeimDirector of the Project on Freedom, Security and Technology, Center for Democracy & Technology, Washington, D.C., USA
Moderator:Fred B. Irwin President, American Chamber of Commerce in Germany, Frankfurt/Main, Germany
CLOSING KEYNOTES
36 A Cyberspace Policy Review – Challenges, Progress, SetbacksMelissa HathawayPresident, Hathaway Global Strategies, LLC; Former White House Official,Head of Cyberspace Policy Review, Great Falls, VA, USA
37 From the Hacker’s Insider Knowledge: How to Secure Networks from Cyber AttacksJeff MossFounder, Black Hat and DEFCON; Vice President and Chief Security Officer, Internet Corporation for Assigned Names and Numbers (ICANN); Adviser, Department of Homeland Security, Seattle, WA, USA
Moderator:Dr. Jackson Janes Executive Director, AICGS, Washington, D.C., USA
FAREWELL
Professor Dieter FeddersenMember of the Board, Dräger Foundation, Lübeck, Germany
Conference Venue:Cannon House Office Building & Convention Center, Capitol Hill Washington, D.C.
09
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
RECEPTION& DINNER
OCTOBER 16, 2011
T H E 5 t h
T R A N S AT L A N T I C
M A R K E T
C O N F E R E N C E
th
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
10
RECEPTION & DINNER
| David W. Detjen, Hon. Rodney E. Hood | Katrin Kreil, Susanne Gellert
| Arne Schönbohm, Dr. Holger Mühlbauer, Dr. Dirk Grabowski | Dr. Stefan Leppelmann, Markus W. Brombacher, Dr. Christa McClure
| Professor Dr. Heinz Goddar, Dr. Torsten Bahke
| Professor Dieter Feddersen, Professor Peter Swire, Dr. Torsten Bahke | Dr. Johannes Bohnen, Cornelius Wendel, Sibylle Gabler
| Fred B. Irwin, Linda Chamness, Prof. Dr. Dieter Feddersen | Jody R. Westby, Michael C. Maibach
11
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURIY
| William G. Raisch
RECEPTION& DINNER
OCTOBER 16, 2011
| Dr. Wolf Brueckmann, Claudia Michalski
| Peter H. Keilbach, Ralf Swierczyna, Rüdiger Lentz | Heiko Werner, Wolfgang Schaefer
| Jody R.Westby, Michael C. Maibach, Dr. Benno W. Bunse
| Erwin Staudt, Peter H. Keilbach, Ralf Swierczyna, Katrin Kreil, Dr. Wolfgang Schultze
| Professor Dr. George Tsatsaronis| Professor Dr. Gisbert Freiherr zu Putlitz, Marion Freifrau von Linsingen
12
RECEPTION & DINNER
| Markus W. Brombacher, Robert W. Ludwig | Susanne Ferch, Barbara Langholf
| Dr. Stefan Leppelmann, Dorothee Berendes, Professor Dr. Sigram Schindler
| Dr. Karlhanns Gindele, Dr. Bastian Kern
PROFESSOR PETER P. SWIRE
� BRIEF HISTORY
� German and other national data protection laws in 1970s and 1980s
� Twin goals of the EU Directive, 1995/1998
– Assure transborder data flows within EU
– Permit only legitimate processing of personal information
– Data to other countries only if “adequate” protection
� U.S. laws
– Sectoral laws since 1970 (Fair Credit Reporting Act)
– HIPAA, GLB, children’s online in late 90s
– FTC enforces for “deceptive” practices online
– But, no framework legislation
� EU/US “Safe Harbor” in 2000
– Many E.U. protections, but with clarity on practical exceptions
� Privacy less prominent after 9/11, but implementation continued
� CONCLUSION
� How get the best results from European scrutiny of industry practices?
– Don’t just say “individual rights” but work toward practical solutions
– Much easier to say “opt in” instead of “opt out” than it is to build the systems that do it, especially for OBA
� How get the best results from U.S. innovation and benefits to users?
– Social networks
– Mobile
– Internet ecosystem that provides free content
� I suggest government-level engagement, together with privacy agency engagement, to seek the best from both approaches
– Keep the current “Safe Harbor” but consider how to update for today’s issues
� Together, imagine how to get a wonderful Internet for individuals, and also for economies on both sides of the Atlantic
13
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
How Can We Deal with Risks from the
Internet?
Why Privacy Legislation Is Hot Now
PROFESSOR PETER P.SWIREC. William O’Neill Professor of Law, Ohio State University, Columbus, Ohio; Senior Fellow, Center forAmerican Progress, Washington, D.C., USA
OPENING ADDRESS
14
WELCOME ADDRESS
� | Ladies and Gentlemen,
Let me – on behalf of the Dräger Foundation –warmly welcome you to the 5th TransatlanticMarket Conference on Growth and Security. Forthe fifth time, this conference has been organizedtogether with the German Institute for Standard -ization – the DIN Group – and I wish to express mysincere gratitude for this long-term trusting co-operation aiming at strengthening and deepeningtransatlantic relations. And I also want to thankour other organizing partners, the SigramSchindler Foundation in Berlin and the GermanAmerican Business Council (GABC) in Washing -ton, D.C., as well as our supporters from Germanyand the United States for all their help and contri-butions to the conference. Only this cooperationand our joint efforts have made it possible that youare all here.
Our topic this year is a sensitive and difficult one.We will discuss the protection of critical technolo-gy and infrastructures, i.e. information technologyand corporate security, cybersecurity, the protec-tion of intellectual property, and supply chainsecurity, as well as civil security. Civil security andthe security of all forms of business processes aregaining importance on both sides of the Atlantic.Losses arising from cyber attacks and cybercrime,and the introduction of new technologies to pro-tect sensitive areas entail constantly rising costs forthe companies and states concerned. At the sametime, maintaining the balance between nationaland international security requirements and socie-ty’s acceptance of security measures is becomingmore and more delicate.
As not only companies but also states are obliged toprotect their critical assets, these should be aware ofthe ever-growing dimensions of IT risks, and theyneed to take risk management seriously. The focusof this conference is on the development of newtechnologies and services, as well as new forms ofinternational cooperation necessitated by growingsecurity requirements of ever greater complexity.Much remains to be done to coordinate Euro pe -an/German and U.S. interests, and the need forfuture-oriented coordination and cooperation atthe legislative and corporate levels – including issu-es relating to standardization – remains high.
We intend to discuss the action that needs to betaken to protect critical infrastructures. We mustimprove transatlantic cooperation in the field ofinformation technology, patent protection andsupply chain security, and we need new strategiesto counter cyber attacks. We wish to learn fromeach other, and are determined to strengthen trans-atlantic cooperation in these sensitive areas.
Ladies and Gentlemen, I am delighted to welcomesuch a distinguished group of experts from bothsides of the Atlantic to our conference and wish usall a very fruitful exchange of ideas, new insights,and exciting discussions.
PROFESSOR DIETER FEDDERSENMember of the Board, Dräger Foundation, Lübeck, Germany
WELCOME ADDRESS
15
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
� | I would like to extend a warm welcome to you in the name of DIN, the German Institute forStandardization. At this year’s conference, we will pay particular attention to the value of inter-national standards.
Let me give you some food for thought to initiatethe discussion:
Standards are of considerable economic impor-tance. They reduce transaction costs, affect the pathof technological development, and boost economicgrowth. Trans atlantic two-way trade in goods totaled over $ 600 billion in 2007. Inter na tio nalstandards are a key element in reducing non-tariffbarriers to trade. However, lo cally differing stan-dards impede trade and investment. In trans atlan-tic trade, enterprises are still confronted with dif- fer ing standards. Why? There are two reasons:
� A lack of harmonization in regulation� Different approaches towards international
standardization
Thanks to the political initiative of the President ofthe Europ ean Commission José Manuel Barroso,President George W. Bush, and Chancellor AngelaMerkel in 2007, politics is committed to ad vancingtransatlantic economic integration. The Trans -atlantic Economic Council has since made progressin a number of issues: accounting standards, green-house gas reduction criteria for biofuels, and motorvehicle regulations, to name but a few.
Now it is time, not only to continue these effortswith full vigor, but also to add new lighthouse prio-rity projects to the TEC agenda, projects that are ofstrategic importance to both our economies and tothe world we live in: energy and climate
protection. The new U.S. administration with itseconomic stimulus package has opened the doorfor a new approach to climate protection. In orderto avoid the problems of the past in these areas, wenow need to talk about harmonized regulations inthe fields of energy efficiency, renewable energies,green technologies, and electro-mobility. A frame-work of harmonized regulation is a prerequisite forassertive international standards.
The international standardization organizationsare ready: stand ardization activities, for example,for “energy efficiency and energy management”and the “carbon footprint” are currently under waywith participation from both European and U.S.industry.
When I talk of harmonized regulation, I have inmind common policy aims for protecting the envi-ronment and the consumer. These common aimsshould be the basis for a national regulatory frame-work whose technical details will be described ininternational standards.
You recognize the model: the European “NewApproach,” in which European stan dards concret-ize the general provisions laid out in Europeandirectives. The New Approach has very successfullylaid the foundation for the Integrated EuropeanMarket. The same principles ought to be used bypolicy makers for an Integrated TransatlanticMarket. In other words:
� Find a common level in consumer and environ-mental protection
� Refer to international standards for the technicaldetails, quality provisions, test methods, etc.
And now to the second problem: the differingapproaches to international standardization.
German industry, in particular the mechanicalengineering and electric and electronics sectors,uses international standards in order to avoid thecostly adaptation of production for differing product versions. The goal is “one standard – one
WELCOME ADDRESSDR. TORSTEN BAHKE Director, DIN German Institute for Standardization
WELCOME ADDRESS
16
� | Thank you and good morning, everyone.My name is Art Cote, and I am Chairman of theAmerican National Standards Institute. ANSI ispleased to act as an organizing partner of this con-ference, and I am happy to add my welcome to thisexciting event.
As many of you know, ANSI is a non-profit organi -zation that coordinates the U.S. standards and conformance system – a system that relies uponclose collaboration and partnership between thepublic and private sectors.
I am here representing thousands of member com-panies, organizations, and individuals who relyupon standards and conformance to increase effi-ciency, improve competitiveness, and foster inter-national commerce.
For more than 90 years, ANSI and its membershave worked to demonstrate the strength of mar-ket-driven, standards-based solutions that are char- acterized by consensus, openness, and balance.Currently, we are tackling such front-page issues ascybersecurity, electric vehicles, anti-counterfeiting,and environment and climate change.
Standards and conformance play a critical role inthe economy, impacting more than 80 % of globalcommodity trade. The jury’s still out on what thatwill mean for 2011 … But in 2010, that 80 %impact came to more than 13 trillion dollars.
Simply put, standards boost business. When usedeffectively, standards and conformance can buildconsumer confidence and restore trust, provideextra cost savings, increase efficiencies, attract andretain customers, foster innovation, and facilitatetrade – enabling companies to survive, grow, andthrive.
ARTHUR E. COTE Chairman of the Board, American National Standards Institute
WELCOME ADDRESStest – accepted everywhere.” The preferred stan-dards are ISO and IEC stand ards because theirdevelopment process allows national consultationin which all stakeholders can participate and talk intheir native tongue.
The European standardization organizations CENand CENELEC have cooperation agreements withtheir international sisters ISO and IEC. The aim isto implement international ISO and IEC standardsin Europe. Today, 25 % of CEN standards are iden-tical with ISO; at CENELEC, even 70 % of Europe -an standards are identical with IEC ones. It worksbecause when ever CEN/CENELEC decide to takeover an international standard, all national stan-dards bodies, including DIN, will implement thestandard nationally and withdraw an existingnational standard.
In Germany and Europe, our experience with har-monizing standards Europe-wide and internation-ally has been positive. Rising economic powerssuch as China and Russia have taken a close look athow we have fared, and have made commitmentsto adopt international standards of ISO/IEC.
The USA would be acting in the interests of its in -dustry were it to implement ISO and IEC standardsnationally and withdraw conflicting standards.
Let me summarize my recommendations:
� Put energy and climate topics on the TEC agenda
� Follow the regulatory model of the EuropeanNew Approach for an integrated transatlanticmarket
� Implement ISO and IEC standards
I am looking forward to our discussions.
Thank you for your attention.
17
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
As you can see, standards do a lot … for industry,for consumers, and for our economy.
Today we are facing some serious challenges … andsome exciting opportunities. Over the next twodays, we’ll touch on many of these – protectingintellectual property rights and critical infrastruc-tures; corporate, civil and supply chain security;and the unique challenges of doing business intoday’s difficult economy. To my eyes, it is clear thatthe transatlantic trade partnership is more impor-tant now than ever as we seek out standards-basedsolutions.
The partnership between the U.S. and Germany isone of the largest bilateral trading relationships inthe world … and we depend on one another toremain competitive in the international landscape.
In 2010 alone, the value of U.S. exports to Germanywas 48 billion dollars. That’s 36 billion euros, and 20 % of our total trade relationship with the entireEuropean Union.
Germany reciprocated with 82 billion dollars inexports to the United States. That’s over 61 billioneuros, and it represents almost 26 % of the EU’stotal exports to the U.S.
These statistics drive home the clear and importantneed for standards – and the related conformanceprograms – that can be accepted at the regional andglobal levels.
For more than twenty years, ANSI has been part ofa partnership and dialogue with the EuropeanStandards Organizations (ESOs) on standards andconformance in support of U.S.-EU trade.
Over the years, this dialogue has evolved into itscurrent four-sided table format, which includes:
� ANSI (both public and private-sector represen-tatives),
� the ESOs – that is, the European Committee forStandardization (CEN), the EuropeanCommittee for Electrotechnical Standardization(CENELEC), and the EuropeanTelecommunications Standards Institute (ETSI),
� the European Commission (EC), and� the European Free Trade Association (EFTA).
This format has proven highly effective in ensuringthat all of the appropriate private and public sectorstandardization experts from the U. S. and EU areat the same table to successfully address intricatetransatlantic standards and conformance issues,such as those identified by the TransatlanticEconomic Council (TEC) and the U.S.-EU HighLevel Regulatory Forum. ANSI is pleased to be anactive participant in this conference as a strongU.S.-German relationship can only enhance ourbroader dialogues with European colleagues andofficials.
In our experience, effective utilization of standardsand conformance promotes the global competi-tiveness of all businesses. And greater transatlanticcooperation and information sharing will improvethe bottom line – clearly a top priority in today’seconomic landscape. When individual businessesdo well there is a corresponding improvement inour national economies.
However, businesses are not the only stakeholdersthat will benefit from an enhanced transatlantictrade partnership. Policy makers and regulators inour respective governments also recognize thesignificant benefit of standards and conformanceprocedures that can be accepted everywhere.
Once again, I am pleased to welcome you all andthank you very much for your participation.
KEYNOTE|
18
KEYNOTES
International Harmonization of IPR – The U.S. Invitation
DAVID KA PPOSUnder Secretary of Commerce for Intellectual Property, UnitedStates Department of Commerce; Director, United States Patent andTrademark Office (USPTO)
� | “From the microphones in this room to the smartphones inyour pockets, products that we interact with and our families use inour daily lives are all built today of patented components for whichprotection has been sought in the USPTO. So no longer is intellec-tual property a topic reserved for highly technical and specializedscientific and legal circles. IP now permeates ever field of technolo-gy, every aspect of our daily lives and every layer of society. This isespecially important to know because all of us stand at an impor-tant crossroads. (…) We are all determined to accelerate recoveryand growth from the recent global recession. In doing so we re -present governments and businesses that are striving to do morewith very limited resources. Germany and the U.S. represent two ofthe world’s strongest and most resilient markets. While we all workto improve the economic outlook in our individual countries, wemust remain grounded on realizing the central truth: that tech-nology and innovation will write the next chapter of global growthand progress for both of our countries. And as we bear witness tothe awe-inspiring progress of technology at a pace we’ve never seenbefore in any previous gener ation, protecting those technologieswith clear and consistent and dependable patent rights has turnedout to be fundamental to disseminating scientific know-how affording society the opportunity to build upon and advance fromone breakthrough to the next.”
“As innovators seek to open markets abroad, it is imperative thatthe international patent system provides a cost-effective way toobtain reliable patent rights in multiple jurisdictions. Moreover, asnew technologies are increasingly becoming a part of everyday lifefrom computers to mobile phones to life-saving drugs, they are alsobecoming more cross-disciplinary. Great new products now haveone foot in nanotechnology and another in software and a third inbiology. These connected qualities demand 21st-century engage-ment and a smarter infrastructure to keep up. The public has tohave confidence that the patent system is sufficiently modernized,fit for purpose, nimble, to strike the right balance between theincentives to innovate and access to those innovations.”
“From the Eurozone to the U.S. to Southeast Asia, patents are thepremier global currency for creating value for products and servicesfor innovators in all of our countries. But if we do not keep up withthe technological and commercial system that moves ideas andproducts across borders with increasing speed in a flatter world, werisk devaluing that currency. To be clear: patent law is stuck well
back in the last century because our systems are so varied and ourlaws so fundamentally different. As a result, patent offices aroundthe world, including ours right here in the U.S., are repeating thesame work done by other countries, ultimately wasting billions ofdollars a year in aggregate, clogging the pipelines and leaving thepatent system ironically as a laggard in the global commercialsystem.”
“Patent law harmonization is not about imposing the will of ourcountry or your country onto one another, nor is it about challeng -ing sovereignty in our IP and business ecosystems. A discussionabout harmonization is an effort aimed at relieving burdens thatare wearing out all of our IP systems and slowing business growth.
And that’s why multilateral agreements like the patent cooperationtreaty and bilateral relationships through a program that we callthe patent prosecution highway are so vital. When an inventor’spatent application is being processed in multiple countries, thesework-sharing systems enable offices to utilize one another’s searchand examination results avoiding duplication of work and expand -ing and expediting the review process while at the same time boosting patent quality as multiple perspectives are brought to bearon the review of a single application.”
“The ground-braking new U.S. patent law has already begunenhancing our patent system by offering greater certainty onpatent rights, faster examination times, discounts for small busi-nesses, and alternatives to expensive litigation when patent rightsare in dispute. In fact, the new law embodies the most sweepingreforms to the U.S. patent system in 175 years – we didn’t rush intothis at all – and offers the world the first and only truly 21st centu-ry patent system. At its core, this legislation transits the U.S. from afocus on what inventors do in secret to focus on what they do tomake their inventions available to the public by disclosure or sale ofa product. That marks a powerful shift, the first in any patentsystem on the planet to transparency and clarity and cooperation,imperatives that have become mandates to 21st-century business.
The lynchpin to this achievement is the first-to-file system, thesame that Germany already enjoys, together with a state-of-the-art grace period that Germany does not yet have, but needs toimplement in its laws.”
“I urge that we begin the process of patent law harmonizationanew and now, and I urge that all of us search for common ground,and I urge that all of us let global best policy and best practices beour guide.”
EXCERPTS FROM RECORDING
19
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
� | The Internet has changed massively in the last 5 to 10 years.Now, employees use multiple platforms such as Facebook,Twitter and other social networks, and PR departments rely heavily on the Internet. In fact, the overall landscape of commu-nication is changing. Although information is processed veryquickly, the situation is different from that of a few years agowhen information had to be put online on websites. Now infor-mation can be published directly from smartphones.
Even if corporations have security perimeters, the mobility ofcurrent Internet usage still poses a threat, for much happens out-side that perimeter, outside of control. The evolution from desk-top computers to iPads has made possible access to the Internetanywhere, anytime, from anybody. Policies such as anti-bloggingor not using social networks are only effective where internalnetworks are used. This “walking intellectual knowledge” letspolicies lose their control and protection. The widespread prolif -eration of data in the Internet is the reason that platforms such asWikileaks and Anonymous exist. To give an example: five yearsago, there were 79 million Top Level Domains; today, 255 millionTLDs exist. Now we can read 25 billion tweets a year or 100 milli-on tweets a day. As another example, five years ago YouTube con-tained 100 million videos, today there are 1 billion videos on thisplatform. Everywhere we see a disclosure of sensitive data. Lastyear, there were 350 million users on Facebook; today this num-ber has nearly doubled to 640 million active users who produce1.5 million postings every 20 minutes.
This disclosure of information allures tricks such as whale phish -ing or spear phishing. The more information is published, themore likely it will become a target of social engineering.Everybody on LinkedIn should be sure with whom they connect,because everybody linked can view a person’s employers andhabits. Additionally, family, staff, and people who can’t be con-trolled – such as people sitting in the bus, listening unintention -ally – can put information on the Internet. Someone may knowwhere and how long someone is on vacation. Maybe this infor-mation is not explicitly published, but is unintentionally leakedby a neighbor. This poses not only a physical threat but also letssomeone know when a house is empty. Another example:through monitoring behavior on social networks, someone maygain internal information about a corporation.
Another possible threat is the usage of cloud services. Beforemoving data into clouds, one should check who owns the cloud,who else is there and think about what happens when the infor-mation gets disclosed. Being tactically smart isn’t necessarilybeing strategically smart.
The Occupy Wall Street movement linked physical protest to vir-tual protest. In addition to signs and rallies, they used a dual-pronged attack: DDoS (distributed denial of service) attacks andphishing attacks.
With better research engines it is easier to collect personal infor-mation. Background checks and financial and criminal checkupsare standard for recruiting, but no check is made as to how secu-re the data is – there is always a risk.
Therefore, education regarding all of these social platforms isneeded, about their opportunities and their vulnerabilities. Staffhas to be trained and the authorization of staff members has tobe checked. What person is allowed to use social platforms, whois not allowed to use open networks? What can be done to ensuredata isn’t being disclosed? In addition, security policies have tobe monitored and enforced. IT security is only possible if alldepartments cooperate.
KEYNOTE|
Protecting Critical Infrastructures –How to Reduce Public and Private Vulnerabilities
DR. TERRY GUDAITISDirector, Cyveillance, Inc., Fairfax, VA, USA
PANEL DISCUSSION|
20
PANEL DISCUSSION
New Technologies and the “Privacy versus Security” Debate
KLAUS-PETER STATZ“Last week CTIA (International Associationfor the Wireless Telecommunications) released data: There are 90 million smart-phones in the U.S. The wireless penetrationrate in the US has now exceeded 100 %, inGermany 134 %. The highest figure is in Finland with 167 %. 75 % of all the people inthe world have a mobile phone.”
“Near field communication and mobile payments are the newest trends.”
“Security challenges: Consumers are typicallynot conscious about how much informationthey provide. That is a security challenge. It isalso unclear who owns the information andwho is responsible for deleting it.”
JÖRG ASMA“I see four key points:1. People want to decide on their own about their
level of privacy. 2. It is a generation issue.
Generation x, y and c (where ‘c’ stands for connected) use all the social media. Young people who apply at our company ask different questions than when I applied: ‘Can I useTwitter, do I have to stick to company policy, doI get an iPhone?’ When we disclosed in the UK that new employees receive an iPhone, we got an increase of applications of 3o %.
3. Bring your own PC.People want to bring their own devices to do their work. We are therefore moving the controlof devices out of the premises. How can we control intellectual property? At the moment Ido not have an idea.
4. Information security is the topic.Security and privacy should go together. In Germany we have strong regulations regardingprivacy which leads to better security.”
Moderator: Dr. Benno W. BunsePresident & CEO, German American Chamber of Commerce, Inc., New York, NY, USA
Jörg AsmaPartner, KPMG AG, Cologne, Germany
Professor Marc Rotenberg President & Executive Director, Electronic Privacy Information Center (EPIC); Professor,Georgetown University Law Center, Washington,D.C., USA
Klaus-Peter StatzPresident & CEO, Deutsche Telekom, Inc., New York, NY, USA
OCTOBER 17, 2011
21
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
PROFESSOR MARC ROTENBERG“Should we require the users of the Internet toidentify themselves before they gain access? Everytime a person uses a keyboard it could be linked topersonal ‘DNA’ to find out who was responsiblefor what. Some of these techniques enter our life.Today it is about new systems of bio-identifica-tion. Facebook looks at a photograph and suggestswho that person is, before the user does. Face-book takes advantage of the enormous advance intechnology in detecting facial images and thenasks the user to confirm the suggestions. It mightnot be the greatest of privacy concerns but facialrecognition does have wide implications. It wasused for example by the authorities in the UK andCanada. This is a chilling prospect for people whomight want to protest in the streets.”
“There is a clear need for a comprehensive ap-proach, an umbrella agreement transatlanticallyto safeguard the data. We must protect privacy sothat information that is obtained for a purpose isonly used for that prospect.”
“There is a saying in the U.S. that regulation candiscourage business activity. In the field of privacyand security it works the other way round. Itworks in favor of business activity. I would go astep further: We need a comprehensive frameworkfor privacy jurisdiction. Companies will go toareas where a higher level of privacy is provided.Regulation can facilitate business.”
“In the EU you have more structured institutions.On the U.S. side it is less clear because we do nothave a complimentary institution. I do think thereis some urgency, because of a lack of certainty forbusinesses.”
“It is not clear to me that education is an adequatesubstitute to regulation. We do operate in a self-regulatory environment in the U.S. But you needto have terms of service, so the user can relate tothat. Facebook changes business models and thenpresents a different model for the same data. Forself-regulation to make it work, companies have tobe made to adhere to it.”
� | In Breakout Session 1 on cybersecurity, thediversity and severity of today’s cyber threats waselaborated by the panelists, as were the potentialshort-, mid- and long-term impacts on econo-mies and societies. Protection strategies were dis-cussed intensively.
Mr. Clinton pointed out that a significant increasein the sophistication of cyber attacks has been re -cently observed. One has to realize that it is virtu-ally impossible to keep such attackers out, theirmotivation being espionage and sabotage. Mr.Clinton called for the development of a sustain -able response including what he called a new soci -etal contract between state and industry. Not onlyis one’s own security level important, but also thatof business partners and even private contacts.
Ms. Westby added that today a managementboard’s duties to protect the assets of its organiza-tion also extend to digital assets. She quoted arecently conducted study saying that even inmany Fortune 1,000 companies there is a severegap in adequately addressing related risks. Sherecommended that appropriate responsibilitiesbe established at board level, existing organizatio-nal structures be reviewed, cross-functional teamsaddressing privacy and security issues be estab -lished, and last but not least, that top-level poli-cies to create a culture of security and respect forprivacy be reviewed.
Mr. von Sommerfeld highlighted the contribu-tions of standardization to the toolboxes of ITsecurity and privacy, such as standards on cryp -tography and IT security techniques in general,and standards on information security manage-ment systems, on the evaluation of IT security,etc. He also emphasized that data protection anddata security are not contradictory. Rather, data
protection is also a protection of civil rights andthus contributes to the ability of free societies todefend themselves against the new threats.
Dr. Gaycken went deeper into the nature of recentsevere attacks. He identified both organized crimeand certain states as originators. He made it clearthat cybercrime is extremely efficient, consideringthe comparatively modest resources needed toconduct even very substantial attacks of industrialespionage, industrial sabotage or economic war-fare. Dr. Gaycken explained that highly sophisti-cated attacks are often thoroughly planned andexecuted in a series of consecutive steps over alonger period of time. They make use of manydifferent ap proaches and may focus on all phasesof a product life cycle or a supply chain. For him,understanding the new threat and reacting pro-portionally is a must, which involves disconnect -ing and decomplexifying a possible approach tothe current situation both on a technical and anorganizational level.
In conclusion, there was a consensus that all kindsof businesses and critical infrastructures may besubject to essential attacks. Eventually, both thepolitical and the economic strength of societiesmay be severely impaired as a consequence ofcyber attacks. However, there is no single meansof protection. Rather, a whole set of new methods,software and standards will be necessary to estab -lish effective protection against digital threats.Beyond the above-mentioned organizational,managerial and technical measures, new legalapproaches, such as extended liabilities in case ofnegligence regarding cybersecurity, will be need -ed. Moreover, intensified international cooperati-on will be vital, for example, on information shar -ing or early warning.
22
BREAKOUT SESSIONS
Rapporteur: DR. STEFAN WEISGERBER
BREAKOUT SESSION 1:
IT and Corporate Security|
TRANSATLANTIC COOPERATION IN IT, IP AND SUPPLY CHAIN SECURITY –
THE VALUE OF COMMON STANDARDS AND LEGAL VIEWS
Chair: Dr. Johannes BohnenFounder & Partner, Bohnen Kallmorgen &Partner, Public Affairs, Berlin, Germany
� | A temporary monopoly to regain invest-ments in research and development is imperativeto promote inventions and innovations that ulti-mately create growth. However, we see thatcountries have translated this imperative differ-ently into law and thereby created a very diverseinternational intellectual property (IP) infra-structure. But how can innovative companiessecure their IP across borders without being con-sumed by legal fees for filing patents and the likein each country they find economically inter-esting? Practitioners and academics alike see anurgent need for harmonization.
Anthony Lupo demonstrated this when he gaveseveral examples from his practice as an IP law -yer. Lupo presented how different countries treatpost mortem rights of celebrities, how litigationstrategies have to be adapted due to internationaldifferences in the respective legal systems, or howcompanies need to change and monitor theirmarketing on the Web due to legal differenceswhen it comes to comparative advertisement ordue to the trend toward user-generated market -ing content on the Internet. While most coun-tries, for example, still allow companies to payfor favorable reviews, in the U.S. this fact mustnow be mentioned in the review.
Matthias Leonardy then showed where on theInternet one can try to stop downloading con-tent when the user violates someone else’s IP. Theultimate solution is of course to sue him. Butwhy should the judicial system interfere here inthe first place? An additional user does not causeany costs, so why care? The answer for Leonardyis easy when you look at the issue literally.“Intellectual property rights” bears the word“property,” which is protected by law, and the
word “right,” so it is a matter of the state to pro-tect this right. Insufficient protection wouldmake it unprofitable to produce further content.Ultimately, IP is for the twenty-first century econ -omy what oil was in the twentieth century. Buthow can one protect IP on the Internet andwhose responsibility is it? Leonardy sees both thecontent and the Internet providers in one boatand suggests a cooperative solution in which ille-gal content is taken off of the Internet, violatorsof IP receive a decisive notice that their behaviorwill not be further tolerated, and one goes afterthe people who make money out of IP theft.
Such a cooperative approach was offered byGerard Lewis from Comcast who spoke about arecent memorandum of understanding betweenInternet providers and the motion picture indus -
try. In this memorandum both parties agree to aframework for a copyright alert system. Comcastwill translate this framework into a policy thatcan be summarized for the violator not as “threestrikes and you are out” but “six notices and wehave a serious talk.” In this modest approachthere is an escalation with every notice; Lewishopes that the number of people who ignore allnotices will be rather small.
23
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
Rapporteur:DR. TIM STUCHTEY
| BREAKOUT SESSION 2:
Protecting Intellectual Property Rights – Recent Trends in Copyright and Trademark Law
TRANSATLANTIC COOPERATION IN IT, IP AND SUPPLY CHAIN SECURITY –
THE VALUE OF COMMON STANDARDS AND LEGAL VIEWS
Chair: Peter S. RashishVice President, Europe and Eurasia, U.S. Chamber of Commerce, Washington,D.C., USA
� | Robert Stoll introduced the United StatesPatent and Trademark Office (USPTO) which cur-rently employs 7,700 people with a budget of $ 1.6billion. As there are 669,000 unexamined cases, theUSPTO is prepared to hire 2,000 new officers.Unexamined cases are equivalent to uncreated jobs.
As of September 16, 2011 the U.S. has enacted a verycomprehensive patent law. The America Invents Act(AIA) is practically a “first to publicly disclosesystem” in the words of Professor Duffy, as theinvention date does not matter anymore, but ratherthe publishing date. The law rewards the first filer,with the exception that the second filer can “win” ifhe/she is the first to publicly disclose the invention.No matter where it was publicly disclosed in theworld, it becomes part of the prior art. The AIAadopts a one-year grace period which encouragesearly disclosures of new inventions. In the followingdiscussion, Professor Goddar was of the opinionthat disclosures are subject to interpretation, whilethe concept of “first application” has the advantagethat once a patent is filed, it cannot be changed.
With the change from a “first-to-invent” to a “first-to-file” system, the U.S. shows a willingness to moveforward in the international harmonization ofpatent laws. Robert Stoll explained that patent offic -es are becoming more familiar with each others’mechanisms of handling applications and are pre-pared to use each others’ results.
In an increased international cooperation betweenpatent offices there should be a common under-stand ing on “obviousness,” i.e. what should andshould not be patentable. The U.S. High Court hasdecided that if an innovation is induced, the patentshould be granted. If the innovation is coming any-way, then the patent should not be granted.Professor Duffy
calls for more international dialogue on the underlying theory as to when and why patents aregranted.
Nicholas Godici stated that the most important fac-tor for international harmonization is the cost ofpatenting worldwide. An invention that is to becovered in nine countries can incur up to $ 300,000in expenses. Since efforts to harmonize patent lawhave not been very successful in the past, the focusshould move to transparency and predictability.Duplicate work should be avoided, and there shouldbe a transparent understanding of what is patent -able. In many countries there are specialized courtswith special judges. As technology has evolved, jurytrials held to judge on patent infringements, as is thepractice in the U.S., are critical.
Dr. Rainer Jäkel also asked about common criteriafor patentability. From a German point of view, thegrace period in the AIA increases the pressure todisclose and might lead to wrong conduct amongresearchers. Dr. Jäkel reminded the group that arising number of patents should coincide withspending in R&D. This has not been the case inrecent years, which might indicate that the qualityof patents is declining. Trivial patents and patentthickets are a danger to innovation.
Disputes about intellectual property rights (IPR)regarding standards can be expected to increase dueto the involvement of more players, transfers of IPR,and heterogeneous IPR regimes. IPR in standardsentail the risk of patent ambush, trolling and royaltystacking. Closer cooperation between the patentoffices and standards setting organizations could bea solution. Heterogeneous framework conditionswith royalty-free regimes and FRAND (FairReasonable and Non-Discriminatory) licensingregimes could provide solutions.
Rapporteur: SIBYLLE GABLER
BREAKOUT SESSION 3:
Recent Trends in Patent Law –Chances for Transatlantic Cooperation
|
24
BREAKOUT SESSIONS
TRANSATLANTIC COOPERATION IN IT, IP AND SUPPLY CHAIN SECURITY –
THE VALUE OF COMMON STANDARDS AND LEGAL VIEWS
Chair: The Honorable Robert Stoll Commissioner for Patents, United StatesPatent and TrademarkOffice (USPTO), Alexandria, VA, USA
� | The main questions in the discussion were:
� What do we need to secure the supply chain?� What has been the international setup to
manage and protect the integrity of the supply chain?
� What has been the U.S. regulatory approach?
Edna Conway presented a definition for a com-mon understanding of supply chain security,highlight ing a set of parameters for the end-to-end life cycle. This includes the design and development of initial concepts, planning andordering for production, the allo cation of sour-ces, building and production, logistics and de -livery services, and disposal. The supply chainthus covers all aspects of a product’s life cycle,and therefore supply chain security should takea different approach than traditional riskmanagement.
Bill Raisch presented an all-hazards approach,look ing at possible impacts and vulnerabilities.Existing interdependencies in the supply chainincrease vulnerabilities and we face complexand broad threat categories. Therefore, securityissues should be dealt with in a global risk net-work across all industries, ranging from thepublic to the private sector, estab lishing col-laborative approaches.
Arne Schönbohm stressed the shift from tradi-tional cost-efficiency and organization in thesupply chain to flexibility and outsourcing ofservices. Security is es sen tial at transportationhubs and is also personal training for the partiesinvolved. Security costs money and requires efficiency. Therefore, a balance has to be foundfor business models and standardization.
Adam W. Salerno outlined U.S. measures inplace for securing the supply chain, such as C-TPAT (Customs-Trade Partnership AgainstTerrorism) and AEO (Authorized EconomicOpe rator). There is a need for harmonization,e.g. in air cargo screen ing between the U.S. andthe EU. Private companies need to ensure a resilient, agile, and stick-to-pro mise supply. Onthe international level only a few standards arein place, e.g. at ISO. Common criteria (forInformation Technology Security Evaluation,ISO/IEC 15408) are already part of the mutualrec ognition of conformity assessment activities.It is time to leverage the concepts and providecomprehensive and interoperable solutions,implementing security before regulatory measures will be set up.
Conclusion:� The large number of interdependencies, e.g.
in industry and among governmental andprivate sectors, requires collaboration toensure the integ rity of the supply chain.
� International harmonized collaboration isessential to verify an international securitystructure equipped to deal with supply chainchallenges.
� Discussions in TEC are first steps, but the for-ward move is too slow to reduce the patch-work of incompatible supply chain regimesin the market.
� The private sector (companies) should acti-vely implement security to provide a leadwith best practice examples for future regula-tory measures.
Rapporteur:INGA SCHLÜTER
| BREAKOUT SESSION 4:
Supply Chain Security
25
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
TRANSATLANTIC COOPERATION IN IT, IP AND SUPPLY CHAIN SECURITY –
THE VALUE OF COMMON STANDARDS AND LEGAL VIEWS
Chair: Wolfgang Pordzik Executive Vice President,Deutsche Post DHL, Washington, D.C., USA
| Gesa Bräutigam, Meg Hardon
| Susanne von Türk, Dagmar A. Cassan
26
BREAKOUT SESSIONS
| Dr. Ulrike Bohnsack
Fotos, this page: Gabriella Piazza
RECEPTION& DINNER
at the Residence of the German Ambassador
OCTOBER 17, 2011
27
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
H.E. DR. PETER AMMON
“Today threats are coming outof the cyberspace.
In this world, a purely nationalanswer is not possible.”
| H.E. Dr. Peter Ammon
| Linda Chamness, Fred B. Irwin
| Professor Dieter Feddersen, H.E. Dr. Peter Ammon, Dr. Torsten Bahke
| H.E. Dr. Peter Ammon, Petra Pissulla, Dr. Wolfgang Schultze
28
RECEPTION & DINNER
| H.E. Dr. Peter Ammon, Hon. Edward O’Donnell
| Steve Williams
| Matthias Spott, Dr. Torsten Bahke
29
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
| Arne Schönbohm, MEP Dr. Christian Ehler, Dr. Ulrike Bohnsack, Professor Dieter Feddersen
| James D. Bindenagel, Steve Williams, Ulrich Gamerdinger
| Kristen Miller, Dan Bart | Ulrich Gamerdinger, Petra Pissulla, Dr. Jackson Janes
OCTOBER 17, 2011
RECEPTION& DINNER
at the Residence of the German Ambassador
| Professor h.c. Dr. Ralf Wilde, MEP Dr. Christian Ehler, Dr. Torsten Bahke
| Rüdiger Marquardt, Susanne Gellert| Jody R. Westby
30
RECEPTION & DINNER
| Sibylle Gabler, John Pace
RECEPTION& DINNER
at the Residence of the German Ambassador
OCTOBER 17, 2011
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
| Michael Langer, Michael C. Maibach
| H.E. Dr. Peter Ammon, Prof. Dieter Feddersen
31
� | Thank you very much for inviting me to address youtonight at the end of the first day of the 5th Transatlantic MarketConference. Today’s sessions and speakers have proven the organizers’ very good sense for urgent and important politicaland security issues demanding common attention to reach com-mon solutions.
Nowadays, the United States and Europe understand themselvesas partners in security affairs. Militarily, we are allied in NATO,and we have long-term cooperative relations in the field of civilsecurity as well. We share many perceptions on security risks andthe need to prepare for future demands.
Risks are always there and they are always changing. Dynamicrisks require dynamic security concepts, solutions, technology,and standards. If they involve heterogeneous participants theinteroperability of their forces, strategies, communication, andequipment is a conditio sine qua non. This is our “lesson learned,but also permanent challenge” from efforts within the federative-
structured nation of Germany as well as the European Unionwith its 27 member states. Common risks require commoncountermeasures and they consequently require interoperability.This applies to missions with fire departments of three countiesas well as to multi-national humanitarian missions. To supportthese demands, EU security research has proven to be quite suc-cessful. Its strategic efficiency results from a winning margin inknowledge, capabilities, and methods that ought to be as future-oriented as possible to counter known, expectable, andeven unthinkable risks.
Having realized this, the Seventh Framework Programm of the EU
has a budget of 2 billion U.S. dollars for civil security research.
DR. CHRISTIAN EHLER, MEPMember of the Committee on Industry, Research and Energy, the Subcommitteeon Security and Defense and SubstituteMember of the Committee on Foreign Affairs, European Parliament; Chairman ofthe Board, German European Security Association (GESA e.V.), Berlin
DINNERADDRESS
32
DINNER ADDRESS
Civil Security in Transatlantic Relations –Reconciling Differences in Perceptions, Concepts,and Requirements
33
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
This is pretty much the equivalent of what is spent by allEuropean member states together. For the upcoming program“Horizon 2020,” I as the acting rapporteur and the majority inthe European Parliament favor an essential increase of the se -curity budget. One of the most important aspects of that pro-gram currently discussed in Brussels is the international dimen-sion. With the increase of global challenges, the expansion ofinternational cooperation is inevitable. So the discussion on“interoperability” consequently includes “transatlantic-bility.”
In November 2010, Secretary for Homeland Security JanetNapolitano and Antonio Tajani, Vice-President of the EuropeanCommission, signed an “Implementing Arrangement forCooperative Activities in the Field of Civil Security Research.”With this they constituted a formal basis for cooperation inscientific and technological research. An outstandingly positiveexample is civil aviation security research. In June last year, theEuropean Commission and the U.S. Federal Aviation Admin -istration officially concluded negotiations for the establishmentof a memorandum of cooperation in civil aviation research anddevelopment. Cargo as well as passenger aviation are growingmarkets and vital for the functioning of our globalized economy.They need to secure supply chains and call today’s passengerscreening procedures for urgent improvements.
The European approach to security research is mainly character -ized by intensifying collaboration between science, industry andend users, i.e. government authorities, but also the private sector.This is actually one of its major achievements, and looking at thisconference’s participants you will agree that this is the rightapproach.
On account of this I have not just been invited in my capacity asMember of the European Parliament but also as founder andchairman of the German European Security Association. We area pluri-potential association: aboard the GESA are parliamentar -ians, government authorities, the industry as well as institutionsof research & development and end users. Civil security needs anew approach different from the defense area of the past. Thenew agenda will be much more driven by the civil society, byconsumers, and by the private sector. A form of collaborationwhich has yet to be developed and will be a major challenge forlegislators and governments.
Protection from cybercrime is not granted just by the leviathan.It reflects the hidden agenda of privatization and internationali-zation of public infrastructures, as well as the fact that a techno-logical innovation like the Internet has neither an owner nor anationality. Cybersecurity has to be conducted by the individual
citizen, by the civil society, by private business and the state col-lectively or it will fail – politically and practically. That is in prac-tical terms why we advocate an intensified transatlantic dialoguebetween the industries. Transatlantic legislators agree that, forexample, on standardization issues we urgently need anANSI/CENELEC collaboration to structure the discussion. Suchtalk is indispensable for establishing interoperability on all levelsand for all parties involved.
In November, the European Network and Information SecurityAgency, ENISA, will conduct a large-scale common exercise withsecurity authorities of the United States. Its aim is to identifyweaknesses, risks, and real threats originating from cyber tech-nologies. Both sides have already agreed on a follow-up exercisein 2012.
We share the assumption that the risks are common. So weshould agree on common requirements and therefore aim atcommon concepts and solutions. The road is sometimes bumpy,as we all had to learn with the SWIFT agreement, which showedthe limited future for MILO (“much in, little out”) procedures.There is a certain resistance in Europe about the polycentric datacollection approach in the U.S., although we understand the need
of tools like the Information Sharing Environment (ISE) and itstransatlantic dimension. The interconnectivity with Europeanprograms like INDECT (intelligent information syst em support -ing observation and detection for security of citizens in urbanenvironment) will become a challenging issue for both sides. Itwill by the way show whether European member states, but alsothe U.S. will choose a more bilateral or a European approach tocivil security issues. Not to mention the totally unsolved quest -ion of how to structure a needed multilateral approach.
One of Europe’s key issues will be not only the “protection” by afirst line of defense but also the “resilience” of critical public andprivate infrastructures with a transnational or internationaldimension. This topic is politically delicate to touch in present-day Washington. From a security point of view, we clearly identi-fied the need to substantial investments in public infrastructuresin the U.S. and Europe, which seems to be a “no-go area” for amajority in Congress.
A Chinese saying is: A path of 1,000 miles begins with a first step.Opportunities like this Transatlantic Market Conference aresuch steps. But since especially the first steps are most importantto move in the right direction, they need be well considered.
PANEL DISCUSSION|
New Strategies against Cyber Attacks and Room for Transatlantic Cooperation
34
PANEL DISCUSSION
ANDREAS EBERT“In the near future we will see some additional security issues as a result of the increasing convergence of digital technologies and the increasing ubiquity of digital use.”
“We are on the way to expanding the criticalinfrastructure out to everyone.
– By increasing use of mobile devices. For 200 dollars you get a fully functioning mobile device. The use extends critical infrastructure out in the cloud.– ‘bring your own device’ – this raises questions about information security and privacy issues.– Careless users. Users do not like pass-words and they do not like encryption systems. They do not like two or more smart-phones. End user awareness will be abso-lutely key and must be on the agenda of every Information Security Officer.”
“Privacy and security are directly linked. Adddata privacy as an additional security goal inaddition to confidentiality, availability and in-tegrity.”
“I do not worry so much about cyber terrorismbut rather about commercially motivated at-tacks and Hacktivism.”
“I think most of the threats are the smallerones like data leakage or lost end user equip-ment with valuable data on it. It is a good wayto focus on realistic attacks and keep in mindthe more un-realistic attacks.”
Moderator:Fred B. IrwinPresident, American Chamber of Commerce inGermany, Frankfurt/Main, Germany
Andreas EbertHead of Information Security, RWE AG, Essen,Germany
Kristen Miller Lead Privacy Strategist,MITRE Corporation, McLean, VA, USA
Gregory T. NojeimDirector of the Project onFreedom, Security and Technology, Center for Democracy & Technology,Washington, D.C., USA
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
OCTOBER 18, 2011
GREGORY T. NOJEIM“What is government’s role in securing criticalinfrastructure and private networks? That isthe big question. Private network operatorsknow their systems best and know best how tosecure them. They would hesitate to let the gov ernment in to do this work. Moreover, measures mandated by the government couldactually hinder security innovations. On theother hand, government has knowledge andexpertise that could help protect private networks.”
KRISTEN MILLER“It is our common goal that the cyberspace re-mains open, interoperable, secure and reliable.”
“Current cyber challenges include the follow -ing: the overlap of military and civilian effortsin the U.S., attacker attribution, privacy SafeHarbor enforcement, cultural approaches(trust in government versus private industry),the right to be forgotten, and multijurisdic -tional tenancy and ownership of data in publiccloud environments.”
“In the United States, people are more likely toentrust their personal data to private busi -nesses rather than the government. In Europe,it tends to be the other way around.”
“Current business practices are quite dispa-rate; everyone does privacy risk managementdifferently. More standardization would streamline efficiency and lower IT costs.”
CLOSING KEYNOTE|
A Cyberspace Policy Review – Challenges, Progress, Setbacks
36
CLOSING KEYNOTES
� | Targeted attacks are increasing and our defen-sive posture remains weak. A sense of urgency isrising because the media reports how our insecurecomputers are being infected every day. Our oppo-nents harness precision-guided bits and bytes todeliver spam, cast phishing attacks, facilitate click-fraud and launch a distributed denial of service(DDoS). The frequency of events and affectedpeople and enterprises are alarming. Recent head-lines expose that our money, personal privacy,infrastructure and even our children are at risk.And the problem appears to be growing faster thanthe solution.
It can be determined that it costs less to break into asystem or enterprise than it does to defend it. Aninfected thumb drive (USB key) that costs less than$ 10 can undermine an enterprise’s security inminutes and nullify years worth of informationtechnology (IT) investments. Organizationseverywhere are being penetrated – from small busi-nesses to the world’s largest institutions. Policymakers, legislators, and businessmen are assessingthe gap between their current defensive posture(the floor) and their needed front line defense (ceil -ing) in the face of a growing sophisticated range ofactors. The Comprehensive National CybersecurityInitiative (CNCI), which began under PresidentGeorge W. Bush, outlined these multi-dimensionalthreats along four attack vectors:
MELISSA HATHAWAYPresident, Hathaway Global Strategies,LLC; Former White House Official, Head ofCyber space Policy Review, Great Falls, VA, USA
ABSTRACT BY THE AUTHOR:
� insider access: unauthorized use or access toinformation, systems, and networks by otherwisetrusted agents (employees);
� proximity access: gaining access to informationor systems via deployment of technology in proximity to the target;
� remote access: accessing target informationand/or systems through network-based technicalmeans (Internet); and
� supply chain access: gaining advantage, control,and/or access to systems and the informationthey contain through manipulation by coopera-tive/witting vendors or unilaterally at any pointin the supply chain between the manufacturerand end user.
This framework unified the United States invest-ment strategy initiating the shoring up of thegovernment’s defensive posture. President Obama’sCyberspace Policy Review re-stated that the nationmust become more resilient to all types of cyber-based attacks. President Obama’s CyberspacePolicy Review provides a national blue-printtoward securing America and ensuring that cyber-space is sufficiently resilient and trustworthy tosupport U.S. goals of economic growth and natio-nal security. The report consisted of five chaptersand three annexes and it articulated 25 Near andMid-Term Recommendations in the followingareas:
� anchoring an all-of-government approach andleading it from the White House;
� building capacity for a digital nation whichincludes expanding the education system andenabling broader training for the workforce;
� sharing responsibility for cybersecurity with theprivate sector and international allies;
� creating effective information sharing and incident response; and
� encouraging innovation to enable the privatesector to meet the near-term and long-terminfrastructure needs of the nation.
There has been activity against many of the recom-mendations in the Cyberspace Policy Review.Additionally, the 112th Congress has introduced
37
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
� | Mankind has developed from the Stone Age tothe Industrial Age and from the Industrial Age tothe Information Age; the reason for this evolutionis automation. However, our problem now is abun-dance – we have too much data! Specialization isthe key to human progress. The increasing com -plexity of systems poses a challenge. With speciali-zation one faces greater risks yet greater returns; onthe other hand, one can diversify and have fewerrisks but with fewer returns.
Nowadays we are surrounded by “clouds” of com-plexity: people are putting everything in cloudsand are virtualizing the clouds of complexity.However, the outcome of this is not appreciable.
We can use the “community (or ‘herd’) immunitytheory” to explain possible changes in society.Although this theory is usually applied to conta-gious diseases, by focusing on IT security we canalso use it to explain the protection of externalseven when they are not part of a community. It isnot known whether making the greater part of theInternet secure will ensure that the unprotectedpart is also secure; this depends on the communityinvolved. There are three “communities” in theInternet: companies, governments and private individuals. Companies deal with cybersecurity intheir own way.
JEFF MOSSFounder, Black Hat and DEFCON; Vice President and Chief Security Officer, Internet Corporation for Assigned Names and Numbers (ICANN); Adviser, Department of Homeland Security, Seattle, WA, USA
more than 30 pieces of cybersecurity legislation.The wide range of topics addressed in these billspropose: changes to organizational responsibilities;instituting compliance and accountability mecha-nisms; implementing data accountability standardsand reporting requirements for personal data pri-vacy, data breach handling and identity theft;enhancing cybersecurity education; advancingresearch and development grants; evaluating criti-cal electric infrastructure protection and conduct -ing vulnerability analysis of other critical infra-structures; expanding international cooperationon cybercrime; and addressing procurement,acquisition and supply chain integrity.
Other countries are also developing cybersecuritystrategies and programs. Germany published itscybersecurity strategy in February 2011 high-lighting the need for preventative tools andapproaches for the private and public sectors. Eachcountry has its own approach. Some governmentsare increasing censorship and surveillance prac -tices, while others are using legislation and regula-tion to manage risk and build security back into theinfrastructure. Most countries are missing anopportunity to align the interests of the private sec-tor with national security needs. The private sectorserves as the centerpiece for the solution as it devel -ops and operates our critical infrastructures. Forthis reason, nations must begin a dialogue on howto conceive and execute a strategy that embodiesmultilateral security values and protects the inter -ests of all parties.
Collectively we are making progress, yet we strug-gle to stay on top of the problem. Given the debtcrisis and other fiscal pressures, the transatlanticalliances would benefit from a strategic agenda ofintellectual “federalization” where countries workto ensure a seamless and effective research partner-ship informed by common security priorities andjointly pursued by academic institutions, smallbusinesses, and multi-national companies. Wecan’t afford to pay for things twice. Additionally, weneed to maintain digital interoperability. We can’tafford to have “insecurity” destabilize our Internetparticipation. Finally, we need better transparencyamong nations and to share the responsibility forsolving the problem.
CLOSING KEYNOTE|
From the Hacker’s Insider Knowledge: How to Secure Networks from Cyber Attacks
CLOSING KEYNOTES
Through developing better products, they force com-petitors to develop even better, more secure products.One way of creating better products is the “BugBounty” program. For about $ 1,000, companies canpay someone to find bugs in their software. This is much cheaper than paying a regular employee.Microsoft takes a different approach, buying defensivetechnologies and implementing them into its ownsoftware. Facebook has begun suing networks whichsend spam mails, and judgments have been awardedagainst the operators of botnets in court cases filed byMicrosoft. This is forcing legal systems to evolve andadapt to the new situation. Therefore, legal systemshave to reach out to other governments to cooperate.
Because civil societies are heavily dependent ongovernments and corporations, they need to be moreproactive. This has led to the following idea: the crea-tion of a non-profit organization by lawyers who haveexpertise in the field of cybercrime. This organizationcould be founded with private donations, corporatesponsorship and government grants, and could sueanyone involved in spamming, operating botnets andother issues of cybercrime. This organization couldform the “antibodies” – the white blood cells – of socie-ty.
The Internet “community” of governments could actin a similar way as the United States, which has sent asignal with its “cybersecurity strategy” that is consid-ered to be more resilient and which minimizes thethreat of cybercrime. The United Kingdom has follow -ed this example. Russia and China have proposed tothe United Nations an international code of conductfor information security. The main concern here is ifonly governments are allowed to participate in suchinternational bodies, in that case the people whoinvented and built the Internet are excluded. China hastaken even another step, for it wants to control the con-tent of the Internet. India, Brazil and South Africa de -mand the creation of an international body to regulatethe Internet. Without further regarding the specificsteps, the actions focusing on this cooperation willlower the “noise” – the existence of spam, botnets andpornography.
The biggest player in these plans is the state. But theU.S. only owns 5 % of the Internet infrastructure, with95 % belonging to the private sector. It is essential thatcorporations are not excluded; this must be preventedthrough social control!
The final “community” – private individuals – hasthe least influence on governments. They can,however, influence corporations by buying or notbuying products. Additionally, they can formgroups, donate resources such as CPU power, andcontribute to various projects. One possible dangeris if corporations, which have greater resources,force private individuals out of projects, especiallylong-term projects.
The Internet will be rebuilt over the next few years.Using DNSSEC (DNS security extensions) insteadof the regular Domain Name System, the InternetProtocol IPv6 instead of IPv4, and securing theBGP (Border Gateway Protocol) will all increasetrust in the Internet.
At first, money was at risk, then secrets, and nowour civil liberty. Now it is society’s task to securethese rights.
38
39
Kenesa Ahmad
FellowFuture of Privacy ForumWashington, D.C., USA
Jörg Asma
PartnerKPMGCologne, Germany
Dr. Torsten Bahke
Director & CEODIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
Meredith Baker
Senior Vice PresidentGovernment RelationsNBC UniversalWashington, D.C., USA
Tyson Barker
Director, Transatlantic RelationsBertelsmann FoundationWashington, D.C., USA
Dan Bart
President and CEOValley View Corporation;ChairmanANSI’s Intellectual Property RightsPolicy CommitteeRockville, MA, USA
Ryan Bendinelli
Legislative AssistantOffice of Rep. Jim GerlachWashington, D.C, USA
Dorothee Berendes
President and CEODB Media Productions LLCWashington, D.C., USA
James D. Bindenagel
Vice PresidentCommunity, Government and International AffairsDePaul UniversityChicago, IL, USA
Dr. Johannes Bohnen
Founder and PartnerBohnen Kallmorgen & PartnerPublic Affairs Berlin, Germany
Dr. Ulrike Bohnsack
Director, StandardizationDIN Deutsches Institut für Normung e.V.(The German Institute for Standardization)Berlin, Germany
The Honorable Don Bonker
PresidentInternational Management and Development Institute – IMDIWashington, D.C., USA
Gesa Bräutigam
Minister CounselorEmbassy of the Federal Republic of GermanyWashington, D.C., USA
Markus W. Brombacher
PresidentINREX, LLCVienna, VA, USA
Dr. Wolf Brueckmann
Senior AdviserAmerican Chamber of Commerce in GermanyAlexandria, VA, USA
Dr. Benno W. Bunse
President and CEOGerman American Chamber of Commerce, Inc.New York, NY, USA
Dagmar A. Cassan
Executive Directorbayme vbm vbwU.S. Liaison OfficeBavarian Industry AssociationNew York, NY, USA
Larry Clinton
President and CEOInternet Security AllianceArlington, VA, USA
Dr. Sarah H. Comley
ResearcherInternational ObserverWashington, D.C., USA
Edna M. Conway
Chief Security StrategistGlobal Value ChainCisco Systems Inc.Merrimack, NH, USA
Arthur E. Cote
Chairman of the BoardAmerican National Standards Institute (ANSI)Washington, D.C., USA
Carlos A. Cristi
Manager, Business DevelopmentGlobal Partnering & Trade DevelopmentRaytheon CompanyArlington, VA, USA
Professor Dr. Kenneth W. Dam
Max Pam Professor Emeritus ofAmerican & Foreign Law and Senior LecturerThe University of Chicago Law SchoolChicago, IL, USA
David W. Detjen
PartnerAlston & Bird LLPNew York, NY, USA
Ulrich Dünnes
Managing DirectorSTI Security Training International GmbHWiesbaden, Germany
Professor John F. Duffy
Armistead M. Dobie Professor of Law, University of Virginia School of Law, Charlottesville, USA
Andreas Ebert
Head of Information SecurityRWE AGEssen, Germany
| LIST OF PARTICIPANTS
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C EPARTICIPANTS
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
40
PARTICIPANTS
Dr. Christian Ehler, MEP
Member of the European Parliament, Brussels, Belgium;Chairman of the Board German EuropeanSecurity Association (GESA e.V.)Potsdam, Germany
Professor Dr. Michael Eilfort
Member of the BoardMarket Economy FoundationBerlin, Germany
Peter J. Esser
General CounselRepresentative of German Industry and TradeWashington, D.C., USA
Julie Eubank
Program ManagerKonrad Adenauer FoundationWashington, D.C., USA
Professor Dr. Dieter Feddersen
Member of the BoardDräger FoundationLübeck, Germany
Sibylle Gabler
Communications ManagementDIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
Stephen J. Gallogly
DirectorOffice of International Energy U.S. Department of StateWashington, D.C., USA
Ulrich Gamerdinger
Executive DirectorGerman American Business Council (GABC);Director Washington and RepresentativeNorth America; State of North Rhine-WestphaliaWashington, D.C., USA
Dr. Ulf Gartzke
DirectorHanns Seidel FoundationWashington, D.C., USA
Dr. Sandro Gaycken
ResearcherInstitute of Computer ScienceFreie Universität BerlinBerlin, Germany
Susanne Gellert
Attorney at Law;Head of Legal DepartmentGerman American Chamber of Commerce, Inc.New York, NY, USA
Dr. Karlhanns Gindele
Director, InnovationDIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
Professor Dr. Heinz Goddar
PartnerBoehmert & BoehmertMunich, Germany;Honorary Professor for Intellectual PropertyUniversity of BremenBremen, Germany
Nicholas P. Godici
Executive AdvisorBirch, Stewart, Kolasch & Birch, LLP; Former Commissioner for PatentsUSPTOFalls Church, VA, USA
Andreas Gorholt
HeadBusiness Development & InnovationPricewaterhouseCoopers AG WPGFrankfurt am Main, Germany
Dr. Dirk Grabowski
Head of DivisionFederal Ministry of Economics andTechnology – BMWiBerlin, Germany
Steven Griffin
Chief of StaffOffice of the Commissioner for PatentsU.S. Patent and Trademark Office (USPTO)Alexandria, VA, USA
David Edward Green
Vice President Public PolicyNBC UniversalWashington, D.C., USA
Dr. Terry Gudaitis
Cyber Intelligence DirectorCyveillance, Inc.Fairfax, VA, USA
Melissa E. Hathaway
PresidentHathaway Global Strategies, LLC;Former White House OfficialHead of Cyberspace Policy ReviewGreat Falls, VA, USA
Meg Hardon
Government Relations AdvisorInfineonWashington, D.C., USA
Dr. Werner J. Hein
Senior CounselMayer Brown LLPWashington, D.C., USA
Clark S. Herman
PresidentClark S. Herman Associates, Inc.Fair Haven, NJ, USA
The Honorable Rodney E. Hood
Vice ChairmanNational Credit Union AdministrationWashington, D.C., USA
Fred B. Irwin
PresidentAmerican Chamber of Commerce in Germany e.V.;Vice ChairmanCitigroup Global Markets Deutschland AGFrankfurt am Main, Germany
Dr. Rainer Jäkel
Deputy Director-General for Innovation and Technology Policy and StrategyFederal Ministry of Economics andTechnology – BMWiBerlin, Germany
Dr. Jackson Janes
Executive DirectorAmerican Institute for Contemporary German Studies (AICGS)Washington, D.C., USA
David Kappos
Under Secretary of Commerce for Intellectual PropertyU.S. Department of Commerce;DirectorU.S. Patent and Trademark Office (USPTO)Alexandria, VA, USA
Peter H. Keilbach
PresidentKeilbach International ConsultingNiceville, FL, USA
Dr. Bastian Kern
Policy Expert Federal Ministry of Economics and Technology Berlin, Germany
Gerhard Kiewel
Vice PresidentFinance & Corporate ControllingVolkswagen Group of AmericaHerndon, VA, USA
Dr. Wolfgang Klasen
Program ManagerGlobal Technology FieldIT SecuritySiemens AGMunich, Germany
Ronald H. Kosmahl
Vice President – SalesOmega Travel ManagementFairfax, VA, USA
Katrin Kreil
Press & Public RelationsNiedersachsen Global GmbHHanover, Germany
Herbert Kurek
Head of Section Federal Office for the Protection of the ConstitutionCologne, Germany
Gary W. Kushnier
Vice PresidentInternational PolicyAmerican National Standards Institute (ANSI)Washington, D.C., USA
Jeanene Lairo
Project ManagerKonrad-Adenauer-StiftungWashington, D.C., USA
Michael Langer
Senior Vice President External AffairsEU/NATO;Head of the Diehl Representation BrusselsDiehl Stiftung & Co. KGBrussels, Belgium
Lewis Leibowitz
PartnerHogan Lovells US LLPWashington, D.C., USA
41
T H E 5 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
Reinhard H. Lemke
Attorney and Counselor at LawLEMKE & ASSOCIATES PLLC;Senior Advisor USA MidwestAmerican Chamber of Commerce in GermanyTroy, MI, USA
Rüdiger Lentz
Executive DirectorGerman-American Heritage MuseumWashington, D.C., USA
Dr. Matthias Leonardy
CEOGesellschaft zur Verfolgung von Urheberrechtsverletzungen e.V. (GermanFederation against Copyright Theft)Berlin, Germany
Dr. Stefan Leppelmann
Managing DirectorTELES PRI GmbH;Member of the Board of TrusteesSigram Schindler StiftungBerlin, Germany
Karsten Lepper
Deputy DirectorFederal Association of the German Security and Defense Industries (BDSV)Berlin, Germany
Gerard J. Lewis, Jr.
Vice President, Deputy General Counsel &Chief Privacy OfficerComcast CablePhiladelphia, PA, USA
Jakob Liermann
Johns Hopkins UniversitySchool of Advanced International Studies(SAIS)Washington, D.C., USA
Nicola Lightner
Deputy DirectorEconomic Policy ProgramGerman Marshall Fund of the U.S.Washington, D.C., USA
Marion Freifrau von Linsingen
Königstein, Germany
Volkmar Lotz
HeadSAP Research Security & TrustSAP Labs FranceMougins, France
Robert W. Ludwig, Jr.
PartnerLudwig & Robinson, PLLCWashington, D.C., USA
Anthony V. Lupo
Lawyer & PartnerArent Fox LLPWashington, D.C., USA
Michael C. Maibach
President and CEOEuropean-American Business Council(EABC)Washington, D.C., USA
Rüdiger Marquardt
Vice DirectorDIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
Dr. Christoph von Marschall
U.S. KorrespondentWashington Bureau ChiefDer TagesspiegelWashington, D.C., USA
Khaled Masri
President & CEOStandards Associates, LLCVienna, VA, USA
Dr. Christa McClure
PresidentThe McClure Law Firm LLCWashington, D.C., USA
Sascha Meinrath
DirectorOpen Technology InitiativeThe New America FoundationWashington, DC, USA
Thomas Meuser
General ManagerFleet Sales and RemarketingVolkswagen of America, Inc.Herndon, VA, USA
Claudia Michalski
Managing DirectorBeuth Verlag GmbHBerlin, Germany
Kristen Miller
Lead Privacy StrategistMITRE CorporationMcLean, VA, USA
Jeffrey Moss
FounderBlack Hat and DEFCON; Vice President & Chief Security OfficerICANN;AdviserDepartment of Homeland SecuritySeattle, WA, USA
Dr. Holger Mühlbauer
Managing DirectorTeleTrusT – IT Security Association GermanyBerlin, Germany
Hans Joerg Niebergall
President & CEOSAARPSCO – South Asia and AfricaRegional Port Stability CooperativeBedford Hills, NY, USA
Gregory T. Nojeim
DirectorProject on Freedom, Security & TechnologyCenter for Democracy & TechnologyWashington, D.C., USA
The Honorable Edward O’Donnell
Former AmbassadorU.S. Department of StateSterling, VA, USA
Sven C. Oehme
President & CEOEuropean-American Business Organization,Inc.New York, NY, USA
Kristen Overturf
Office of the Commissioner for PatentsU.S. Patent and Trademark Office (USPTO)Alexandria, VA, USA
Nicole Ozer
Technology and Civil Liberties Policy DirectorACLU of Northern CaliforniaSan Francisco, CA, USA
John Pace
Vice President, Publications & MarketingASTM InternationalWest Conshohocken, PA, USA
Petra Pissulla
DirectorDräger FoundationLübeck, Germany
Julia Pollok
ManagerGovernment RelationsAmerican Chamber of Commerce in GermanyBerlin, Germany
Wolfgang Pordzik
Executive Vice PresidentCorporate Public PolicyDeutsche Post DHLWashington, D.C., USA
Professor Dr. Gisbert Freiherr zu Putlitz
Heidelberg, Germany
William G. Raisch
Founding DirectorInternational Center for Enterprise Preparedness (InterCEP)New York UniversityNew York, NY, USA
Peter S. Rashish
Vice PresidentEurope & EurasiaU.S. Chamber of CommerceWashington, D.C., USA
Stephen Richter
PresidentThe Globalist Research CenterWashington, D.C., USA
Oliver Joachim Rolofs
Press Spokesperson Munich Security ConferenceMunich, Germany
Dr. Ulrich Romer
Head of Unit Federal Ministry of Economics and Technology Berlin, Germany
Professor Marc Rotenberg
President & Executive DirectorElectronic Privacy Information Center (EPIC);Georgetown University Law CenterWashington, D.C., USA
42
PARTICIPANTS
Andreas Ruepp
Research AssociateHanns Seidel FoundationWashington, D.C., USA
Dr. Rainer Rumpel
Professor for Business Information SystemsBerlin School of Economics and LawBerlin, Germany
Adam W. Salerno
DirectorNational Security and Emergency PreparednessU.S. Chamber of CommerceWashington, D.C., USA
Joshua D. Sarnoff
Professor & Associate DirectorWashington College of LawAmerican UniversityWashington, D.C., USA
Wolfgang Schaefer
PresidentGeorgetown InternationalInvestment Banking Services, Inc.Washington, D.C., USA
Professor Dr. Sigram Schindler
CEOTELES AG Informationstechnologien;ChairmanSigram Schindler StiftungBerlin, Germany
Inga Schlüter
Project ManagerDIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
John P. Schmitz
Schmitz PartnersWashington, D.C., USA
Arne Schönbohm
Schönbohm Consulting;CEOBSS BuCET Shared Services AGMunich, Germany
Dr. h.c. Wolfgang Schultze
Member of the Presidial BoardDIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Pattensen, Germany
Andreas Seeringer
Visiting FellowAICGSWashington, D.C., USA
David Short
Senior Counsel, Trade & International AffairsFedEx ExpressWashington, D.C., USA
Teri A. Simmons
DirectorInternational & Immigration Practice GroupArnall Golden Gregory LLPAtlanta, GA, USA
Martina Simpkins
PartnerSchmitz PartnersWashington, D.C., USA
Terry Skelton
ManagerStandards & Parts ServicesEnterprise Engineering StandardsDeere & CompanyMoline, IL, USA
Hans von Sommerfeld
Senior Project ManagerSociety for Computer Science (Gesellschaft für Informatik e.V.); Chair of GI’s Special Interest Group “Security – Protection and Reliability; Evaluation, Certification, Quality, and Standards”Berlin, Germany
Solveig B. Spielmann
Chairman and CEOInternational Business-Government Counsellors, Inc.Washington, D.C., USA
Dr. Axel Spies
AttorneyBingham McCutchen LLPWashington, D.C., USA
Matthias Spott
Managing DirectorIABG mbHOttobrunn, Germany
Klaus-Peter Statz
President & CEODeutsche Telekom, Inc.New York, NY, USA
Erwin Staudt
Chairman of the Finance CommitteeDIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
The Honorable Robert Stoll
Commissioner for PatentsUnited States Patent and Trademark Office(USPTO)Alexandria, VA, USA
Dr. Tim Stuchtey
Managing DirectorBIGS – Brandenburgisches Institut für Gesellschaft und Sicherheit (BrandenburgInstitute for Society and Security)Potsdam, Germany
Ralf Swierczyna
CFODIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
Peter Swire
C. William O’Neill Professor of LawMoritz College of LawOhio State UniversityColumbus, OH, USA;Senior FellowCenter for American ProgressWashington, D.C., USA
Albert Tramposch
Administrator for Policy and External AffairsU.S. Patent and Trademark Office (USPTO)Alexandria, VA, USA
Susanne von Türk
PartnerWormser, Kiely, Galef & Jacobs LLPNew York, NY, USA
Christian Ulrich
Attorney at LawHogan Lovells US LLPWashington, D.C., USA
Veit Voges
Research EngineerEuropean Aviation Security Center e.V.Technische Universität BerlinSchönhagen, Germany
Dr. Stefan Weisgerber
Head of Technical Department 3DIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
Dr. Oliver Weissmann
Vice President Information SecurityTÜV Rheinland AGCologne, Germany
Cornelius Wendel
Associate PartnerBohnen Kallmorgen & PartnerPublic Affairs Berlin, Germany
Heiko Werner
Head of General Affairs DivisionFederal Agency for Technical Relief (THW)Bonn, Germany
Jody R. Westby, Esq.
CEOGlobal Cyber Risk LLCWashington, D.C., USA
Professor h.c. Dr. Ralf Wilde
Executive Vice PresidentTÜV Rheinland AGCologne, Germany
Steve Williams
PresidentGABC;Senior Director for Europe/Eurasia and IsraelLockheed Martin CorporationArlington, VA, USA
Cord Wischhöfer
Coordination Office for IT SecurityHead of Technical Group 3.3DIN Deutsches Institut für Normung e.V.(German Institute for Standardization)Berlin, Germany
Dr. Thomas Zielke
PresidentThe Representative of German Industry and Trade Washington, D.C., USA
5TRANSATL ANTIC MARKET CONFERENCE
th
THE 5th
02 43
T H E 4 t h T R A N S A T L A N T I C M A R K E T C O N F E R E N C E
TRANSATLANTIC COOPERATION FOR GROWTH AND SECURITY
IMPRINT
DIN German Institute for StandardizationAm DIN-PlatzBurggrafenstraße 610787 BerlinGermanyPhone +49 30 2601-1112Fax +49 30 2601-1115E-mail: [email protected]
Editor: Sibylle Gabler
Designed and set by: ERGO Industrie werbung GmbH, Berlin
Photos: Christian Kruppa
Printed by: Rotadruck GmbH & Co. KG, Berlin
94369/2011-11
For presentations, please refer to:www.din.de/sce/tmc
T R A N S AT L A N T I C C O O P E R AT I O N F O R G R O W T HA N D S E C U R I T Y
Sigram SchindlerFoundation
5 TRANSATL ANTIC MARKET CONFERENCE
thTHE 5th
DIN German Institute for Standardization | Am DIN-Platz | Burggrafenstraße 6 | 10787 Berlin | Germany | www.din.de