ACM WASHINGTON UPDATE
Congress Give Federal Government a Failing Grade for Computer Security
USACM Testifies at Congressional Hearing on Proposed National ID Cards
NSF to Receive an Increase in Funding
Congress Takes Another Step Toward Voting Reform
Legislation Introduced to Enhance Computer Security
ICANN Seeks New Governance Arrangement
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
November 21, 2001
Volume 5.8
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
INTRODUCTION
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
The Association for Computing Machinery is an international professional
society whose 80,000 members (60,000 in the U.S.) represent a critical mass
of computer professionals in education, industry, and government. The USACM
provides a means for promoting dialogue on technology policy issues with
United States policy makers and the general public. The WASHINGTON UPDATE
reports on activities which may be of interest to those in the computing
and information policy communities and will highlight USACM's involvement
in many of these issues.
To subscribe to the ACM WASHINGTON UPDATE send an e-mail to
listserv@acm.org with "subscribe WASHINGTON-UPDATE" (no quotes) in the
body of the message. Back issues are available at: <http://www.acm.org/usacm>
For information about joining the Association for Computing Machinery,
see:
<http://www.acm.org/membership/join.html>
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
POLICY BRIEFS
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
USACM Testifies at Congressional Hearing on National ID Card Proposals
On November 16, 2001, Dr. Ben Shneiderman testified on behalf of the U.S.
Public Policy Committee of the Association for Computing Machinery (USACM),
before the House Government Reform Committee's Subcommittee on Government
Efficiency, Financial Management and Intergovernmental Relations, on issues
associated with a national identification system. The Committee is led by
Chairman Horn and Ranking Member Schakowsky.
"Implementing an intricate national identification system is a challenging
systems engineering matter. It requires a complex integration of social and
technical systems, including humans, hardware, software, networks, and
database security. Such socio-technical systems are always vulnerable to
error, breakdown, sabotage and destruction by natural events or by people
with malicious intentions," noted Dr. Shneiderman in his testimony. In
response to suggestions by vendors and other supporters of a national
identification system that cards will effectively authenticate the identity
of individuals, Dr. Shneiderman stated, "The positive identification of
individuals does not equate to trustworthiness or lack of criminal intent."
To view Dr. Shneiderman's USACM testimony, see: Testimony
To view a Security Focus article on the hearing, see: Security Focus Article
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Congress Gives Federal Government a Failing Grade for Computer Security
On November 9, 2001, the House Committee on Government Reform's
Subcommittee on Government Efficiency, Financial Management and
Intergovernmental Relations publicly graded 24 federal government agencies
for their computer security efforts. The grades are based on information
found in agency reports to the Office of Management and Budget, the General
Accounting Office, and audit work performed by each agency's Inspector
General. Provisions of the Government Information Security Reform Act of
2000 require the Chief Information Officers and Inspector General of each
agency to conduct an internal and external evaluation of computer security
preparedness.
The Congressional committee awarded the National Science Foundation the
highest grade, a B+, while the Social Security Administration and NASA
received a C+ and C-, respectively. The Environmental Protection Agency,
State Department, Federal Emergency Management Agency, General Services
Administration and Department of Housing and Urban Development received
grades of D+ and D. All other agencies -- including Commerce, Defense,
Energy, Justice, Labor and Treasury -- received an F.
To view the complete grades of the federal agencies, see: Government Reform Subcommittee
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
NSF to Receive an Increase in Funding for Fiscal Year 2002
Congress has approved an 8.4 percent increase in National Science
Foundation (NSF) funding for Fiscal Year 2002 (FY02). H.R. 2620, making
FY02 appropriations for the Departments of Veterans Affairs and Housing and
Urban Development, and Independent Agencies Appropriations Act marks the
largest NSF budget ever.
The FY02 funding level includes, $3.6 billion for research and related
activities, $138.8 million for major research equipment and construction,
and $875 million for education and human resources, and $515.8 million for
computer and information science and engineering (CISE). The CISE funding
is to be used for research in information technology, nanoscience and
engineering. The legislation also provides $922.2 million for math and
physical sciences research and development and $160 million for new math
and science partnerships that would be partially funded by fees from H-1B
visas for high-skilled foreign workers. Finally, the legislation provides
$5 million towards an undergraduate workforce initiative, $10 million for
graduate-student stipends, and $2.6 million for doctoral research in
science and engineering. Provisions of the legislation enhance the role of
the President's Information Technology Advisory Committee in providing
guidance to the NSF.
To view a breakdown on funding for all programs under this appropriation, see:
Appropriation
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Congress Takes Another Step Toward Voting Reform
The Committee on House Administration, a House panel with jurisdiction over
election reform, recently approved H.R. 3295, the Help America Vote Act of
2001.
The legislation authorizes $2.65 billion to overhaul the nation's electoral
system by improving voter education, poll-worker training and other
programs. The bill also provides $400 million to replace punch-card voting
systems. The legislation includes a bill reported by the House Science
Committee, H.R. 2275, to develop technical standards to improve voting
systems and test voting equipment. The National Institute of Standards and
Technology would be charged with bringing state and local election
officials together with experts in engineering and computer security to
develop the standards. Finally, the legislation directs NIST to coordinate
research to improve the accuracy, integrity, usability and security of new
voting equipment. The legislation is expected to be considered by the House
of Representatives in the coming weeks. The Senate is considering separate
legislation.
To view more information about the legislation, see: Legislation
To view USACM recommendations regarding voting technology and standards,
see: Voting Technology
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Legislation Introduced to Enhance Computer Security
Congressman Brian Baird (D-WA) has introduced legislation that establishes
a new research and development program at the National Institute of
Standards and Technology (NIST) to enhance computer and network security.
The bill, H.R. 3361, the Computer Security Enhancement and Research Act of
2001, would award grants to fund research conducted at colleges and
universities for the development of better security for networked
information systems. Collaboration with for-profit companies that develop
information security projects is permitted. Funding for the program is
authorized for a ten-year period, starting at $25 million the first year
and growing to $85 million. The new legislation would also provide
training for new graduate students and postdoctoral research assistants in
the computer-security field, with a goal of encouraging more professionals
in computer security. The legislation has been referred to the House
Science Committee.
To view more information about the legislation, see:Congressman Baird
To view USACM testimony to Congress regarding information security, see:
Information Security
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
ICANN Meeting Sparks More Discussion of Reorganization
Last week the Internet Corporation of the Assigned Names and Numbers
(ICANN) concluded its annual meeting in Marina Del Rey, California. ICANN
is the non-profit corporation that is responsible for the IP address space
allocation, protocol parameter assignment, domain name system management,
and root server system management functions previously the responsibility
of the U.S. Government. Participants in the meeting continued to question
ICANN's composition, size, and mandate.
Reacting to public criticisms, ICANN formed an At-Large Study Committee
(ALSC) in January of this year to investigate ways to expand greater
participation in the organization's policy development, deliberations, and
actions. The ALSC issued a report with recommendations to address these
concerns, which was accepted by the ICANN governance body for further
discussion. The ALSC report recommends that the Board affirm the role of
Internet users, gage the interest in the creation of an At-Large Supporting
Organization supported by a regional structure, and approve the extension
of ALSC until March 31, 2002.
To view more information about ICANN, see: ICANN
To view certain on-line discussions of ICANN activities, see: ICANN Watch
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
Contacting the ACM Public Policy Office
Should you have questions or comments regarding public policy issues or
USACM activities, please contact the ACM Public Policy Office located in
Washington, DC, by e-mailing
659-9711. The ACM Public Policy Office is pleased to assist ACM members in
contacting or meeting with their elected officials in Washington, DC.