FY2002 ANNUAL REPORT

OF THE U.S PUBLIC POLICY COMMITTEE OF THE ACM

(USACM)

 

For the Period

July 1, 2001 – June 30, 2002

 

BACKGROUND

 

Comprised of a diverse group of ACM members with backgrounds or interests in public policy and law, the U.S. Public Policy Committee of ACM (USACM) serves as the focal point for ACM's interaction with the U.S. Congress, government organizations, the computing community and the U.S. public in all matters of U.S. public policy related to information technology.  USACM responds to requests for information and technical expertise from U.S. government agencies and seeks to educate policy-makers about legislative or regulatory matters before them on behalf of the computing community and the public.  USACM also identifies potentially significant technical and public policy issues and brings them to the attention of ACM and the community.  In addition, USACM collaborates where appropriate with the ACM Law Committee, the ACM Internet Governance Project and ACM SIGS that have an interest in policy. 

 

LEADERSHIP

 

During FY2002, the Executive Council of the USACM (USACM-EC) consisted of:

 

Steve Bourne (ACM President)

Barbara Simons (ACM Past-President, USACM Co-Chair)

Gene Spafford (USACM Co-Chair)

Peter Neumann (SIG rep)

David Notkin (SIG rep)

Charles Brownstein

Dave Farber

Andrew Grosso

Ollie Smoot

 

GOVERNANCE

 

USACM operates through a transparent and democratic process to reach consensus on an action item or policy activity.  As time permits, draft policy statements, position papers, letters, etc., are usually posted to USACM at-large for review and comment before being forwarded to the Executive Committee of USACM (USACM-EC) for final review and approval.  Otherwise, the USACM-EC acts based on consensus.  USACM-EC conducts a monthly conference call to update and coordinate activities.  The leadership of USACM communicates regularly with Jeff Grove, Director of the ACM Public Policy Office in Washington, D.C.

 

HIGHLIGHTS OF FY 2002 USACM ACTIONS

 

Testified before the U.S. Congress regarding the importance of developing a long-term view of cyber security that increases our nation’s commitment to information assurance, research, and education.

 

Testified before the U.S. Congress regarding the intricacies of developing national identification systems involving the complex integration of social and technical systems, including humans, hardware, software, networks, and database security.

 

Assisted ACM in efforts to educate policy-makers, the public, and the judiciary to understand the profound chilling effect of the Digital Millennium Copyright Act (DMCA) on analysis, research, and publication.

 

 

Provided the computing community a voice in policy debates regarding the Consumer Broadband and Digital Television Promotion Act (CBDTPA), legislation that would interfere with literally thousands of legal, non-infringing uses of digital computing by requiring certain technological protection measures to be included in most general purpose computers, devices, and software.

 

Educated state legislators regarding the dangers of the Uniform Computer Information Transactions Act (UCITA), controversial software licensing legislation that legalizes shrink-wrap licenses that prohibit reverse engineering and the publication of benchmarking articles. 

 

Provided a variety of recommendations to Congress regarding: the removal of restrictions on the export and use of strong encryption; developing standards and evaluation criteria for new voting technologies; and advancing education through initiatives that address the changing needs of students and professionals in computing and related disciplines.

 

USACM 2002 SUMMARY OF ACTIVITIES

 

USACM’s activities are posted on the recent activities and news section of the USACM web site at: http://www.acm.org/usacm/.  In chronological order, FY 2002 activities included the following actions:

 

July, 2001

 

• USACM sent a letter to the American Association of Publishers (AAP) informing them of ACM’s opposition to the anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA).  As ACM is a member of AAP, the USACM letter also mentioned concerns with AAP’s public statement hailing the U.S. Department of Justice's arrest of a Russian cryptographer for allegedly violating the anti-circumvention provisions of the DMCA.  Finally, the letter urged AAP to reconsider their policy position and inquired if they share the concerns that ACM and other professional societies and research leaders have expressed regarding the DMCA's chilling effect on research and scientific freedom. A copy of the USACM letter to AAP is available at:

<http://www.acm.org/usacm/IP/AAP-letter.html>.

 

• USACM sent a letter to Senator Feinstein (D-CA), the chair of the Senate Judiciary Committee’s Subcommittee on Technology, Terrorism, and Government Information.  In the letter, USACM informs Senator Feinstein that ACM has consistently opposed the anti-circumvention provisions of the DMCA.  In particular, USACM pointed out that the overly broad provisions of the law impede the progress of research in cryptography and other computer security areas by criminalizing multi-use technologies rather than narrowly penalizing infringing behavior. USACM recommended that the anti-circumvention provisions of the legislation be revised to restrict only circumvention directly involved in infringement.  The USACM letter to Senator Feinstein may be found at: <http://www.acm.org/usacm/IP/dmca-feinstein-letter.html>.

 

• USACM sent a letter to the Secretary of the U.S. Department of Commerce concerning the agency’s proposal to enter into a contract for the management and coordination of .US top-level domain names (usTLDs).   USACM is concerned the proposal is based on administrative continuity rather than on building a secure policy foundation for the future use of the usTLD.  USACM recommends the proposal be rescinded and revised after more complete consultation with the U.S. Internet community.  The ACM Policy Office, working with the ACM Internet Governance Project, met with Congressional staff to elevate the concerns.  The meetings resulted in five Members of Congress writing to the Department of Congress echoing USACM’s concerns.  A copy of the USACM letter regarding usTLDs may be found at:

<http://www.acm.org/usacm/IG/usTLD-letter.html>.

 

August, 2001

 

• ACM and USACM sent a letter to the United States Trade Representative concerning the draft Free Trade Area of the Americas (FTAA) treaty's intellectual property provisions.  As drafted, the treaty requires nation-signatories to enact local copyright legislation that mandates strict anti-circumvention measures similar to or even expanding similar restrictions imposed in the U.S. by the Digital Millennium Copyright Act (DMCA).  ACM and USACM wrote that the anti-circumvention provisions of the draft FTAA treaty unjustly harm the freedom of computer scientists to engage in research fundamental to the progress of innovation.  A copy of the letter may be found at:

            <http://www.acm.org/usacm/IP/ftaa-rep-letter.html>.

 

• ACM submitted a declaration in federal court regarding the legal challenge to the Digital Millennium Copyright Act (DMCA) in the Felten v. RIAA lawsuit. ACM's declaration seeks to help the court understand the practical effect of the issues at stake in this case.  "It is imperative for the court to understand that the application of any law that may limit the freedom to publish research on computer technology will impose a cost on the academic community, the process of scientific discourse, and society in general," stated Dr. John R. White, ACM's Executive Director, in the declaration. "We believe the threat of litigation under the DMCA will have a profound chilling effect on analysis, research, and publication."   A copy of ACM’s declaration may be found at: <http://www.acm.org/usacm/copyright/felten_declaration.html>.

A copy of ACM’s press statement regarding the declaration may be found at:

<http://www.acm.org/announcements/felten_press_release.pdf>.

 

• The Co-Chairs of the USACM nominated Dr. Susan Landau for appointment to the Computer System Security and Privacy Advisory Board (CSSPAB) of the National Institute of Standards and Technology (NIST).  Dr. Landau has been a valued contributing member of ACM for many years and serves on the ACM Committee on Law and Computing Technology.  USACM believes Dr. Landau offers the CSSPAB an unique combination of communications security experience from her long and distinguished career in industry and academia, coupled with exceptional academic credentials.  In 1994, Dr. Landau served as the first author of a landmark study produced by USACM of the public policy issues related to communications security entitled: “Codes, Keys, and Conflicts: Issues in U.S. Crypto Policy.”  Dr. Landau received the appointment to the CSSPAB beginning in 2002.

 

September, 2001

 

• USACM sent a letter to President George W. Bush and all 535 Members of the U.S. Congress in reaction to the shocking acts of terror perpetrated against America on September 11, 2001.  While denouncing the attacks, USACM urged policy-makers to exercise caution in formulating legislative and regulatory responses so as to avoid unintended consequences that may actually serve to damage the progress of science, economic growth, and the overall security of our infrastructure.  USACM offered its significant technical expertise and leadership in the areas of computing, networking, security, cryptography, and privacy to assist policy-makers in their efforts to ensure the safety and security of our citizens.   USACM's letter to U.S. policy-makers is posted at: <http://www.acm.org/usacm/congress-letter.html> .

 

• USACM sent a letter to Members of the U.S. Senate advising that weakened encryption would endanger the public and damage the U.S. economy.  USACM cautioned that the imposition of escrow and recovery forms of encryption are difficult to get right, unproven in widespread use, offer new weaknesses that can be exploited, and are prohibitively expensive to retrofit into the infrastructure. Furthermore, USACM warned that enacting controls on encryption will do little to limit its worldwide use except to prevent U.S. companies from selling their products to law-abiding customers - including law enforcement, financial services, and critical infrastructure operators. The USACM encryption letter may be found at:

<http://www.acm.org/usacm/crypto/gregg-crypto-letter.html>.  

A corresponding USACM press release on encryption is available at: http://www.acm.org/usacm/crypto/gregg-crypto-press-release.html.

 

• USACM sent a letter to members of a key Senate committee regarding proposed legislation known as the Security Systems Standards and Certification Act (SSSCA).  The proposal requires computer and electronics manufacturers to include digital watermark technology or other copyright-protection technologies in the production of certain products and multi-use devices.  USACM is concerned that intellectual property laws like the Digital Millennium Copyright Act and the proposed SSSCA might have more far-reaching and damaging effects on computer security research, particularly as our nation attempts to enhance the security of our infrastructure and prevent acts of terrorism.  The USACM letter is posted at: <http://www.acm.org/usacm/SSSCA-letter.html>.

 

October, 2001

 

• The ACM Policy Office expanded by adding Ms. Lillie Coney to a newly created position of public policy coordinator.  Ms. Coney most recently served as the Senior Special Assistant to Congresswoman Sheila Jackson Lee (D-TX), where she worked on a variety of science, technology and education issues and projects.  As a public policy coordinator, Ms. Coney will work with the Director of the ACM Public Policy Office to coordinate and advance the policy efforts of ACM's U.S. Public Policy Committee (USACM).  Ms. Coney can be reached at (202)478-6124.

 

• USACM sent a letter to the Florida State Legislature during their consideration of the Uniform Computer Information Transactions Act (UCITA).  The controversial software licensing legislation has been criticized by several groups - including USACM - because it seeks to legalize shrink-wrap licenses that prohibit reverse engineering and the publication of benchmarking articles that compare the quality of commercially available software products.  Since the legislation was passed in Maryland and Virginia last year, progress has stalled as the legislation has been stopped in all other states where it has been introduced.  The USACM letter to the Florida State Legislature may be found at:

            <http://www.acm.org/usacm/UCITA_Letter.htm>.

 

• USACM sent letters to the Chairs and Ranking Members of the Senate and House Committees on Judiciary and other Congressional leaders that negotiated the provisions of the new Anti-terrorism Law.  In its communications to Congress and meetings with staff, USACM expressed practical concerns regarding the extension of the definition of terrorism to include non-violent computer crimes and other acts seemingly unrelated to terrorism. USACM also suggested that other broad provisions of the Act could unintentionally include legitimate and ordinary behavior by scientists and technicians. Unfortunately, many of USACM's concerns were not addressed.  The USACM letter to Congressional leaders can be found at:  <http://www.acm.org/usacm/Terrorism_Letter.htm>.

 

• USACM Co-Chair Dr. Eugene H. Spafford represented USACM at the House Committee on Science's hearing entitled, "Cyber Security - How Can We Protect American Computer Networks From Attack?"  Dr. Spafford stressed the importance of our nation developing a long-term view of cyber security.  Five particular areas of importance were listed by Dr. Spafford, including: support for research, development of infrastructure, access to real-world data, personnel shortages, and elimination of legal impediments. Dr. Spafford also advised the 24 Members of Congress in attendance of USACM's concerns with the Digital Millennium Copyright Act's (DMCA) chilling effect on analysis, research, and publication.  Finally, he warned that USACM is concerned that the Security Systems Standards and Certification Act (SSSCA) may further restrict what research is conducted in information security.   He concluded that legislation against technology instead of against infringing behavior could only hurt our progress in securing the infrastructure. Dr. Spafford's USACM testimony is available at: http://www.acm.org/usacm/crypto/spaf.pdf

 

• USACM provided comments and recommendations to the Congressional Internet Caucus and both the House and Senate Judiciary Committees regarding legislative proposals intended to address terrorism.  The first USACM memo addresses the overly-broad definition of "terrorism" in the Administration's proposal that includes many non-violent computer crimes and potentially legitimate computer security research and communication activities.  The second USACM memo raises concerns regarding legislative efforts to revise government controls on strong encryption.  Finally, a third USACM memo makes certain recommendations to help secure the U.S. computing infrastructure against malicious attacks, whether from terrorists or common criminals.   The three USACM memos may be read at: http://www.acm.org/usacm/.

 

• USACM Co-Chairs sent a letter to Dr. John H. Marburger congratulating him on his Presidential appointment and Senate conformation as Director of the White House Office of Science and Technology Policy.  In addition, the letter offered USACM’s assistance as the White House considers computing and information technology policy issues.

 

November, 2001

 

• Dr. Ben Shneiderman testified on behalf of USACM before the House Government Reform Committee's Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations, on issues associated with a national identification system. "Implementing an intricate national identification system is a challenging systems engineering matter. It requires a complex integration of social and technical systems, including humans, hardware, software, networks, and database security. Such socio-technical systems are always vulnerable to error, breakdown, sabotage and destruction by natural events or by people with malicious intentions," noted Dr. Shneiderman in his testimony.  In response to suggestions by vendors and other supporters of a national identification system that cards will effectively authenticate the identity of individuals, Dr. Shneiderman stated, "The positive identification of individuals does not equate to trustworthiness or lack of criminal intent." To view Dr. Shneiderman's USACM testimony, see: <http://www.acm.org/usacm/National.htm>.

 

December, 2001

 

• ACM announced the formation of a new Advisory Committee on Security and Privacy (ACSP). Led by USACM members Peter Neumann and Eugene H. Spafford, the ACSP brings together a dozen leaders and innovators in the field of privacy and information assurance to serve as a powerful resource for the ACM community and the public at large. Comprising experts from research, industry, academia, and government, the diverse group represents a wide range of viewpoints. The ACSP consists of 12 distinguished members with expertise in information security and assurance, privacy, cybercrime, and allied fields. The group will coordinate with other ACM Committees, including USACM and the ACM Law Committee, to provide objective advice to the computing community, the public at large, and to policy-makers. ACSP is expected to provide statements and testimony on information security and privacy issues, as well as undertaking studies of related topics.  For more information, see the ACSP web site at: <http://www.acm.org/usacm/ACSP/homepage.htm>. 

 

• The Co-Chairs of the ACSP wrote to Dr. Arden L. Bement, Jr., to congratulate him on his confirmation as Director of the National Institute of Standards and Technology (NIST).  The ACSP recognized the historic role in computer security NIST has played by conducting security research on emerging technologies, promoting security assessment techniques, providing security management guidance, and facilitating a greater awareness of the need for security.  ACSP also expressed appreciation for the transparent and thoughtful process NIST followed in working in partnership with industry and the cryptographic community to develop an Advanced Encryption Standard (AES).   ACSP concluded that the approval of AES is good for the government, the information technology industry, and the overall security of the Internet.  The ACSP letter may be read at: <http://www.acm.org/usacm/ACSP/Bement.htm>.

 

January, 2002

 

• ACM Policy Director Jeff Grove addressed the Computing Research Association’s Government Affairs Committee to discuss USACM 2001 actions and planned activities for 2002.  Opportunities for USACM/CRA cooperative policy efforts were identified, including support for computing and information technology research and development programs of the National Science Foundation, National Institute of Standards and Technology, and Defense Advanced Research Projects Agency.  Other areas of cooperation might include working to remove certain legal impediments that act as barriers to computing research.

 

February, 2002

 

• Members of the USACM Executive Committee met in Washington, D.C., with ACM leadership, staff and other participants to review 2001 activities and discuss policy objectives for 2002 and beyond.  A Department of Commerce official highlighted the Bush Administration’s technology policy initiatives.  Action items for future USACM policy activities included the continued engagement in policy matters to advance the state of computing and information technologies, the formulation of a USACM public policy agenda, and the overhaul of the USACM web site to be a portal for policy information. 

 

• USACM Co-chairs met in Washington, DC, with leaders of other Computing Research Association affiliated societies to discuss a variety of issues of concern to the computing community.  USACM focused remarks on the DMCA and other intellectual property protection initiatives that interfere with research and non-infringing uses of digital computing.

 

• USACM Co-chair Barbara Simons and ACM Law Committee Chair Andrew Grosso met with staff of the Senate Commerce Committee (Senator Hollings), Senate Judiciary Committee (Senator Feinstein), Senator Barbara Boxer, Congressman Rick Boucher, and Congresswoman Anna Eshoo to discuss USACM policy concerns including the "chilling effect" of the DMCA on research and education, as well as the damaging effects of legislation which seeks to mandate technology standards to manage digital rights as a means of safeguarding copyrights.

 

March, 2002

 

• USACM Co-chair Eugene Spafford met separately with the Computer Crimes and Intellectual Property Division of the U.S. Department of Justice, House Judiciary Committee staff, Senate Commerce Committee staff, and the staff of Congresswoman Shelia Jackson Lee (D-TX) to discuss implementation of the PATRIOT Act and other cyber crime legislation that would impact computing research and education.  In addition, Dr. Spafford also met with staff of the American Libraries Association to discuss concerns with the DMCA and the widespread use of digital rights management technologies to protect copyright.

 

• USACM sent a letter to Senate Commerce Committee Chairman Hollings to express the profound concerns of the computing community regarding the recent introduction of S.2048, the Consumer Broadband and Digital Television Promotion Act (CBDTPA).  The CBDTPA mandates the use of copyright-protection technologies in general purpose computers, devices, and software. USACM noted that CBDTPA-restrictions will threaten the ability of individuals to engage in critical research, will interfere in the otherwise legal exchange of ideas and information fundamental to innovation, will seriously restrict the quality of computing education, and will threaten national security. Finally, USACM noted that legislating constraints on technology to aid any minority interest (entertainment industry) has the potential to cause widespread and severe damage to society at large. The USACM letter is available at: http://www.acm.org/usacm/Legislation/Holllings_S2048.htm

 

• USACM sent a similar letter to the Senate Judiciary Committee commenting on their hearing entitled, "Competition, Innovation, and Public Policy in the Digital Age: Is the Marketplace Working to Protect Digital Creative Works?”  The letter is available at: http://www.acm.org/usacm/Leahy_Letter_SSSCA.htm

 

• USACM wrote the leadership of the Internet Corporation for Assigning Names and Numbers (ICANN) to express concerns with the current state of Internet governance and the status of ICANN reform. In the letter, USACM associated itself with others calling for a "return to ICANN's core tasks, namely the coordination of Internet resources on a technical level." USACM suggested that  ICANN should scale down its operations and focus on its core technical mission. The USACM letter also urged ICANN to work more closely with the technical community. Finally, the USACM letter stated that at least half of the ICANN Board members should be elected representatives of the public, especially if it continues its current course of making policy as well as technical decisions.  The letter is available at: http://www.acm.org/usacm/IG/ICANN_Letter.htm

 

• USACM wrote to the Georgia State Legislature to express concerns with the Georgia Database Protection and Economic Development Act of 2002, a proposal to allow a producer or publisher of a database unprecedented control over uses of information, including the downstream use of facts.  USACM commented that the continued vibrancy of nonprofit publishers, students, researchers, and the general public should not be threatened by new intellectual property protection efforts. USACM concluded that by creating additional restrictions on the use of facts, SB214 would have a "chilling effect" on the U.S. scientific research enterprise since facts are the building blocks of knowledge and support innovation and the advancement of learning. On March 27, the Judiciary panel of the Georgia State legislature voted to reject the proposal.  The letter is available at: http://www.acm.org/usacm/Georgia_Database_Bill.htm

 

April, 2002

 

• USACM co-chairs and ACM policy staff assisted in writing Congressional testimony for Red Hat Software regarding the effects of the CBDTPA on the computing community.  Unfortunately, Red Hat did not participate in Congressional hearings on the legislation.

 

• USACM Co-chair Dr. Barbara Simons, was awarded the 2001 Outstanding Contribution to ACM Award. Among her many contributions to ACM, Dr. Simons lead the effort to create ACM's public policy committee in 1993 by recruiting scientists, technologists as well as lawyers, law professors and others in the academic world who sought to make a contribution to technology policy.  To read the ACM media release announcing the award, see the web site: http://www.acm.org/announcements/oca_2001.html

 

• ACM Fellow Lance Hoffman delivered Congressional testimony approved by USACM and the ACM Committee on Security and Privacy (ACSP) at a Senate Commerce Committee subcommittee hearing.  The testimony applauded congressional efforts to fund new research and education programs at the National Science Foundations (NSF) and the National Institute of Standards and Technology (NIST), but cautioned that the anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA) “have the potential to cripple the very security advancements that S. 2037 and S. 2182 are intended to generate.” Professor Hoffman’s USACM/ACSP Congressional testimony is available at: http://www.acm.org/usacm/Testimony/hoffman.htm

 

• USACM Co-chair Dr. Barbara Simons met with Congressional staff to discuss a variety of digital rights management and intellectual property issues. During her visit to Capitol Hill, Dr. Simons met with staff of the House Committees on Commerce, Judiciary, and Science, as well as the staff of Congresswoman Zoe Lofgren (D-CA). In particular, Dr. Simons shared USACM concerns on the recently introduced Consumer Broadband and Digital Television Promotion Act (CBDTPA) and the broad concerns of ACM and the computing community with the anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA).

 

• ACM Fellows James Horning (USACM) and Ronald Rivest, USACM member Gary T. Marx, and ACM member James Waldo, were named to the committee of Computer Science and Telecommunications Board (CTSB) of National Academy of Sciences that will be conducting a study titled “Privacy in the Information Age".  In exploring a number of emerging privacy issues, the study will include a risk assessment regarding the vulnerability of personal information associated with information technology. The study will also cover key causes of concern such as why personal information is at risk; how and why that information is shared; and trends in its storage, communication, and combination with other information.  For additional information regarding the CTSB’s “Privacy in the Information Age” study, see the web site: http://www7.nationalacademies.org/cstb/project_privacy.html#committee

 

• USACM co-chair Dr. Barbara Simons was a panelist at the 12th Conference on Computers, Freedom and Privacy 2002 (CFP2002), a leading Internet policy conference.  In her remarks, Dr. Simon discussed the activities of USACM and ACM in helping to educate policy-makers, the Courts, and the public regarding the DMCA’s “chilling effect” on scientific research  and communication.  Also at CFP2002, USACM Member Myles Losch led a review of current barriers to broadband Internet deployment.

 

• ACM Fellow Dorothy Denning, a member of the ACM Advisory Committee on Security and Privacy, received the Augusta Ada Lovelace Award in April.  The distinguished award honors individuals who have excelled in the areas of outstanding scientific and technical achievement and extraordinary service to the computing community through their accomplishments and contributions on behalf of women in computing. For more information, see the Association for Women in Computing web site at:  http://www.awc-hq.org/lovelace/index.html

 

May, 2002

 

• USACM added its support to a legal challenge to extending duration of copyrights by signing an Amici Curiae brief in support of the petitioners in the
  U.S. Supreme Court's consideration of the Eldred v. Ashcroft challenge to the Copyright Term Extension Act (CTEA), a U.S. law enacted in 1998. CTEA extends the duration of copyright for material owned by individuals to 70 years after the creator’s death, and to 95 years for material owned by corporations. The brief signed by USACM argues that the CTEA extends the term of copyright protection in a manner that harms the public domain. USACM’s contribution to the brief including a description of the evolution of computer software development and the potential damaging affects of CTEA on continued innovation of software and digital computing. The Supreme Court is expected to consider the case later this year.  To review the brief signed by USACM, see the web site: http://www.acm.org/usacm/LegalAction/eldredv.ashcroftambrief.pdf

 

• Recognizing the work of USACM to educate policymakers about the need to include independent technical experts in the development of new voting technology systems and standards, four Members of the U.S. Congress sent a letter in May to the Supervisor of Elections for Palm Beach County, Florida, expressing concern that more attention has not been given to the computer-human interaction factors in developing new technical standards for voting machines. The Congressional letter specifically suggests that election officials work with ACM’s Special Interest Group on Computer-Human Interaction (SIGCHI) to improve Florida’s Voting System Standards. To review the letter from Members of Congress that recommends a role for ACM SIGCHI, see: the web site: http://www.acm.org/usacm/Congressional_Florida_Letter_ElectionReform.pdf

 

June, 2002

 

• In response to the Administration’s proposal to transfer the Computer Security Division of the National Institute of Standards and Technology (NIST) to the new Department of Homeland Security, USACM and ACSP leadership directed ACM policy staff to work with Congress to make them aware that many in the computing community that work in cryptography and/or computer security are troubled by the move.  In particular, many are concerned that the transfer of NIST’s computer security research group from a non-regulatory agency of the Department of Commerce to an organization with a law-enforcement or intelligence operational function may limit opportunities for researchers from industry and academia to work on the development of new technologies and standards to enhance the security of our nation’s infrastructure.  Citing concerns raised by the computing community and industry, Congress has tabled the proposed transfer for the time being.  

 

• USACM recently signed an amicus brief to the California Supreme Court in the DVD-Copy Control Association (DVDCCA) v. Bunner case.  The brief seeks that the Court reaffirm the longstanding principle of trade secret law that reverse engineering of mass-marketed products is a lawful way to acquire a trade secret.  In addition, the brief argues that the Court should repudiate the notion that an anti-reverse engineering clause in a mass-market license can override the right to reverse engineer.  In its interest statement attached to the brief, USACM states that reverse engineering is critical for systems interoperability and facilitates the research and testing of information processing systems and the development of programs that impede the spread of viruses and other kinds of malicious software.  Finally, the USACM interest statement concludes that restrictions on reverse engineering would have serious stifling consequences for software engineers, the computing community, and the overall security of the information infrastructure and electronic commerce.

 

• Earlier in 2002, the Department of Defense(DoD) was considering a policy through the "Mandatory Procedures for Research and Technology Protection within the DoD“ that would extend current controls over classified research to exclude researchers from  discussing and publishing fundamental research results of unclassified studies involving basic research.  The

USACM-EC concluded that the directive would impede defense research conducted by the nation's universities, industrial centers,  and military laboratories.  ACM policy staff worked with CRA and

the Coalition for National Security Research to point out that the proposal imposes unmanageable barriers on scientific research. Faced with mounting criticism, DoD has recently confirmed that basic research (6.1) and applied research (6.2) would likely be excluded from the purview of the new regulations.

 

 

CONCLUSION

 

USACM continues to provide a valuable service to policy-makers, the ACM membership, and the computing community at large.  During the FY 2002 period, USACM engaged in policy issues on a broader scale and in a more consistent manner than ever before. Through the efforts of USACM and the ACM policy office, the visibility of USACM and the reputation of ACM took a step forward in the Washington public policy arena.  Our efforts are having an impact as Congressional and agency staff have begun to turn to USACM for assistance in certain policy matters.  Finally, by working within the science and technology policy community, USACM is helping the computing community to have a proactive voice in policy and legislative considerations.