+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ ACM WASHINGTON UPDATE U.S. Office of Public Policy of the Association for Computing Machinery +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ August 3, 1999 Volume 3.1 +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= CONTENTS =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ INTRODUCTION ACM/USACM ACTIVITIES: ACM Releases Letter On UCITA ACM Policy On Licensing Of Software Engineers Annouced POLICY BRIEFS: House Commerce Oversight Subcommittee Hearing: "Is ICANN Out Of Control?" Non-commercial Domain Name Holders Constituency Group Accepting Nominations for Domain Names Council Topical Legislation Judge Blocks Michigan Net Content Law Group Approves Controversial Software Law Senators Quiz Witnesses On Computer Monitoring Plans +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= INTRODUCTION =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ The Association for Computing Machinery is an international professional society whose 80,000 members (60,000 in the U.S.) represent a critical mass of computer scientists in education, industry, and government. The USACM provides a means for promoting dialogue on technology policy issues with United States policy makers and the general public. The WASHINGTON UPDATE will report on activities in Washington which may be of interest to those in the computing and information policy communities and will highlight USACM's involvement in many of these issues. To subscribe to the ACM WASHINGTON UPDATE send an e-mail to listserv@acm.org with "subscribe WASHINGTON-UPDATE" (no quotes) in the body of the message. Back issues are available at: http://www.acm.org/usacm For information about joining the Association for Computing Machinery, see: http://www.acm.org/membership/join.html =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ ACM/USACM ACTIVITIES =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ USACM RELEASES LETTER ON UCITA The Uniform Computer Information Transactions Act is a 350-page proposed new law. It will govern all contracts for the development, sale, licensing, maintenance, and support of computer software, plus most contracts for information (such as books) in digital form. Vendors of other products that contain software, such as computers, can also bring their products within the scope of UCITA, rather than Article 2 of the Uniform Commercial Code, a law that is much friendlier to consumers and small businesses. The National Conference of Commissioners on Uniform State Laws (NCCUSL) met in Denver last week and passed UCITA July 29. NCCUSL is funded by the state governments to draft model legislation and is very inþuential with most of those governments. Several states will probably pass UCITA within months. The law deregulates product licensing and addresses software, multimedia interactive products, data and databases, and the Internet and online information. It also contains provisions to allow vendors to shut down software remotely if they suspect a violation of the licensing terms, make shrink-wrapped licensing terms enforceable even though the buyer will not see the license until after the software is purchased, ban reverse engineering, and allow vendor to disclaim warranties. Because of these problems with this new law, the ACM had written a letter to the NCCUSL opposing UCITA. The letter points out that UCITA dramatically impedes the advancement of robust software: Even if software publishers should be shielded from liability for software defects that they did not know about, the UCITA protects negligent software publishers from being sued. Consumers cannot be expected to discover minute defects with minimal opportunities to inspect the software. By removing the responsibility of software publishers to insure their product is free from defects, the UCITA will result in lowered standards in and diminished reputation of our profession. The UCITA also allows software publishers to ban reverse-engineering through contractual use restrictions. Under current law, software engineers can freely reverse engineer software products.Reverse engineering allows computer professionals to investigate and correct security errors, bugs and vulnerability to viruses. As the world becomes more dependent on computers and software, in particular, the relability of the software assumes the importance of public safety. Under the UCITA, litigation would be required for every instance of reverse engineering, even for these purposes. The UCITA's deÞnition of "published informational content" would hold software users' interfaces to the same standard as newspapers or books. Classifying errors in the user interface the same as errors in newspapers would have deleterious effects on user interface design. The most recent news on the Commissioners' actions is available at: http://www.law.upenn.edu/bll/ulc/ulc.htm#ucita The NCCUSL's website is at: http://www.nccusl.org/ More information is available from USACM at: http://www.acm.org/usacm/copyright/ =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ ACM POLICY ON LICENSING OF SOFTWARE ENGINEERS ANNOUCED The ACM Council outlined the ACM's position on the licensing of software engineers on July 8, 1999. ACM is opposed to the licensing of software engineers at this time because ACM believes that it is premature and would not be effective at addressing the problems of software quality and reliability. ACM is, however, committed to solving the software quality problem by promoting R&D, by developing a core body of knowledge for software engineering, and by identifying standards of practice. When requested ACM may advise boards and other agencies interested in the licensing of software engineers on the state of the body of knowledge and best practices for software engineering. Such interaction will not imply ACM's endorsement of licensing or involve preparation of associated materials such as tests. ACM website on software engineer licensing: http://www.acm.org/serving/se_policy/> http://www.acm.org/serving/se_policy/ =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ HOUSE COMMERCE OVERSIGHT SUBCOMMITTEE HEARING: "IS ICANN OUT OF CONTROL?" HELD JULY 23, 1999. July 23, 1999. The major contenders at the hearing were the Internet Corporation for Assigned Names and Numbers (ICANN), the nonprofit corporation designated to administer the assignment of domain names, and Network Solutions Inc., a for-profit enterprise and the sole registrar since 1993, which has registered nearly 5 million names, most of those in the last two years. Last year, the Clinton administration decided that with the explosive growth of the Internet, NSI should not have a government-sanctioned monopoly. The Commerce Department chose the nonprofit ICANN to oversee the transition to a free-market system last November. The current plan includes other for-profit registrars. There are five such registrars, three of whom are in direct competition with NSI. NSI argued that ICANN is trying to become a regulatory agency for the traditionally free-þowing Internet. ICANN denies that and contends that Network Solutions refuses to cooperate with ICANN in order to prolong its monopoly. Critics of ICANN have criticized the registry as secretive and heavy-handed. Other critics have voiced concerns over the group's meeting structure and a for allocating scarce budget resources to holding meeting in international locations. ICANN also decided to open its meetings July 25. Much criticism of a recent plan to collect one dollar for every domain name registered by NSI and the new registrars was deþected by the recent scrapping of that plan Monday. NSI itself has been criticized for arbitrary administeration of domain names, charging unnecessary fees and lacking servic. Democrats seized the opportunity to attack NSI's monoploy status, calling the antagonism expressed towards ICANN in the hearing a "delay tactic" designed to preserve NCI's monopoly status. ICANN is based in California, while NSI is based in Virginia, Congressman Bliley's home state. Websites: http://abcnews.go.com/sections/tech/DailyNews/icann990722.html http://www.techserver.com/noframes/story/0,2294,72841-115170-818677-0,00.html http://www.washingtonpost.com/wp-srv/WPlate/1999-07/23/060l-072399-idx.html http://www.wired.com/news/news/politics/story/20887.html For the hearing testimonies please refer to the House Commerce Committee website: http://www.house.gov/commerce/ For ICANN's response to Rep. Bliley and the Department of Commerce letters please refer to ICANN's website: http://www.icann.org/ =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ NON-COMMERCIAL DOMAIN NAME HOLDERS CONTITUENCY GROUP ACCEPTING NOMINATIONS FOR DOMAIN NAMES COUNCIL ICANN's proposed Domain Names Council "will be responsible for the management of the Domain Name Supporting Organization's (DNSO) consensus building process and for communicating DNSO recommendations about Domain Name System policy to the ICANN Board of Directors." The Non-Commercial Domain Name Holders Constituency Group will begin accepting nominations for representatives to the Domain Names Council beginning in early August. The three supporting organiations - address, domain nmae, and protocol - may elect three directors to the ICANN board. For more information on the Non-Commercial Domain Name Holders Constituency Group: http://www.ncdnhc.isoc.org/home.html The Domain Name Supporting Organizations website: http://www.dnso.org/ ICANN's website: http://www.icann.org/ =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Topical Legislation FIRST CRACK IN THE DAM? Senate Appropriations Chair Ted Stevens (R-AK) told his Republican colleagues this week that he will seek to "adjust" (raise) the Congressionally imposed budget caps by $10-15 billion, in order to get the Labor-Health- Department Ed impasse unstuck; he said the reason he will move is to ensure at least medical research is sufficiently funded. The three areas compete for a fixed budget limit within one spending committee. His proposal needs approval by both Sen. Domenici (R-NM) and Sen Lott (R-MS). It is thus likely that this bill will come up last after the other 12 spending bill have all been sent to the Senate. RESEARCH FUNDING RESOLUTION S. 296: Federal Research Investment Act, to double federal investment in basic non-military research over 12 years was reported to the full Senate for consideration. ONLINE PRIVACY S. 809: Online Privacy Protection Act of 1999 (also HR 313) Requires the Federal Trade Commission to prescribe regulations to protect the privacy of personal information collected from and about private individuals and provide greater individual control over the collection and use of that information. This bill is in the House and Senate Commerce Committees. DATABASE RIGHTS H.R.1858: The Consumer and Investor Access to Information Act of 1999, introduced by House Commerce Chairman Rep. Thomas Bliley (R-VA), protects the rights of database owners from individuals duplicating and selling that information for commercial gain. The ACM had opposed the previous version of this bill; this version contains narrowly tailored exemptions for scientific, educational and research uses of the database. This bill has been approved by the House Subcommittee on Telecommunications, Trade & Consumer Protection and will move on to the Commerce Committee. ELECTRONIC SIGNATURES H.R.1714 : Electronic Signatures In Global and National Commerce Act ensures that federal and state laws recognize the validity of electronic signatures in commercial transactions. This bill has been approved by the House Subcommittee on Telecommunications, Trade & Consumer Protection and will move on to the Commerce Committee. ENCRYPTION H.R. 850: A bill to ensure the rights to use and and sell encryption and to relax export controls on encryption. Several House Comtes will have sent their own versions of this bill to the House by the end of July and the differing S. 798: Promote On-Line Transactions to Encourage Commerce & Trade Act (PROTECT) is in the Senate as a bill to promote electronic commerce by encouraging and facilitating the use of encryption in interstate commerce consistent with the protection of national security. This Senate version has been reported to the full Senate. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ JUDGE BLOCKS MICHIGAN NET CONTENT LAW U.S. District Court Judge Arthur Tarnow handed the ACLU and other free speech groups a victory yesterday when he prevented from going into effect a new Michigan law that protects children on the Internet. The law was scheduled to take effect August 1 and was aimed at people who disseminate obscene material to children online, with penalties of up to two years in prison and a $10,000 fine. The ACLU argued that the law was too broad, and the judge agreed, noting that it would have violated First Amendment rights and the U.S. Commerce Clause. Tarnow wrote in his decision that the government should not undermine free speech to protect children on the Internet, as parents have less-restrictive means at their disposal to accomplish the task. (Reuters 07/29/99) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ SENATORS QUIZ WITNESSES ON COMPUTER MONITORING PLANS The Federal Intrusion Detection Network (FIDNet) announced last Wednesday by the White House will not compromise consumer privacy, according to John Tritak, director of the Critical Infrastructure Assurance Office. Tritak said that the system's implementation will be inþuenced by reviews conducted by the Justice Department and White House chief privacy counsel Peter Swire. Michael Vatis, director of the FBI's National Infrastructure Protection Center, said FIDNet will monitor only illegal hacks into federal government computer systems-not privately owned computers, as privacy groups have speculated. Vatis warned that more threats could occur as the century comes to a close. Vatis also acknowledged that the FBI is concerned that foreign programmers working on the Y2K computer problem may have purposely jeopardized the security of U.S. computer systems. The proposed FIDNet would be a large-scale computer monitoring would seek to track "patterns of patterns" of information exchange to detect signs of illicit activity. The General Services Administration will run the program, reporting security breaches to the FBI. The Clinton administration has requested $1.4 billion for computer security in the next fiscal year, some of which would end up funding FIDNet research. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= Washington Update is a biweekly publication of the U.S. Public Policy Office of the Association for Computing http://www.acm.org/usacm 666 Pennsylvania Ave., SE, Suite 302B, Washington, DC 20003. 202/544-4859 (tel), 202/547-5482 (fax).