ACM Washington Update Vol. 7.10 October 31, 2003

 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

New Exemptions to DMCA Fail to Address USACM Concerns

USACM to Participate in  NIST E-Voting Symposium

U.S. Revises Limits on Highly Skilled Foreign Workers

U.S. Senate Makes Progress on Legislation to Thwart SPAM

USACM Outlines Concerns with ICANN's WHOIS Policy

Annual Computer Security Day to be Observed

 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

New Exemptions to DMCA Fail to Address USACM Concerns

 

As part of a rulemaking process initiated every three years as mandated by the U.S. Congress, the U.S. Copyright Office recently created four limited exemptions to the anticircumvention provisions of the Digital Millennium Copyright Act of 1998.  Accordingly, the new exemptions allow individuals to circumvent technological measures that control access to lists of sites blocked by commercial Internet filtering software (but not spam-fighting lists); computer programs or video games that use obsolete formats or hardware; computer programs protected by dongles that prevent access due to malfunction or damage and which are obsolete; and e-books that prevent read-aloud or other handicapped access formats from functioning.

 

During the Copyright Office's most recent DMCA rulemaking proceeding, USACM submitted comments and testified at a hearing.  USACM noted that the anticircumvention provisions of the DMCA are having substantial negative impacts on the conduct of basic research in the U.S. by preventing scientists and technologists from pursuing legitimate research related to cryptography and other computer security areas. Circumventing access technologies is a legitimate technique for recognizing shortcomings in security systems, defending patents and copyrights, discovering and fixing dangerous bugs in code, and conducting forms of desired educational activities. USACM recommended that exemptions to the DMCA be provided to ensure that scientists, technologists and other individuals are not penalized for conducting research or for making other non-infringing uses of copyright protected materials.  While welcoming the new DMCA exemptions, they fail to address USACM's primary concerns.

 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

USACM to Participate in  NIST E-Voting Symposium

 

Three USACM members are participating in the National Institute of Science and Technology’s (NIST) Symposium on Voting Technology scheduled for December 10-11, 2003. The symposium will address issues associated with e-voting technology and implementation of the Help America Vote Act (HAVA).  NIST intends for the symposium to facilitate collaboration among voting and elections constituencies.

 

The symposium will contribute to the work of the Technical Guidelines Development Committee created by HAVA.  The purpose of the Committee is to make recommendations regarding the development and implementation of voluntary standards that could be applied to e-voting technology.   The Technical Guidelines Development Committee will be chaired by the Director of NIST, and consist of 14 other individuals.

 

NIST invites individuals to submit papers on topics of e-voting technology issues related to Specification, Test, and Qualification; Security; and Usability and Accessibility.  The deadline is December 9, 2003. Other papers can be sent to the symposium for presentation during the event.  To submit papers at the event provide 100 copies for the convenience of participants and panelists.

 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

U.S. Revises Limits on Highly Skilled Foreign Workers

 

On October 1, 2003, the H-1B visa cap was lowered from 195,000 to 65,000.  U.S. immigration policy grants H1-B visas to "highly skilled" foreigners allowing them to work in the U.S. for up to six years. Defenders of the program view it as a way for IT companies to remain competitive by hiring foreign workers with specialized talents. Opponents have criticized the use of H-1B visas as a threat to U.S. IT workers since foreign counterparts might be willing to work for lower wages.  According to a recent report by the U.S. General Accounting Office (GAO), the H-1B program permitted 163,600 petitions against the 2001 cap of 195,000.  Nearly 80,000 petitions were approved in 2002. A special exemption to the cap is provided for U.S. universities and nonprofit research organizations and are not counted.

 

As an international professional society with members spanning virtually every continent in the world, ACM supports a variety of professional development activities and projects intended to meet the evolving needs of students and professionals in computing.  However, ACM has not engaged in the H-1B visa issue or similar immigration control policies of the U.S.

 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

U.S. Senate Makes Progress on Legislation to Thwart SPAM

 

S. 877, the CAN-SPAM Act, recently passed the Senate by a vote of 97 to 0.  The bill imposes criminal penalties if bulk e-mailers disguise their identities and do not provide valid means of unsubscribing from e-mail lists. In addition, all unsolicited marketing e-mail would be required to have a valid return e-mail address so recipients could unsubscribe from bulk e-mailing lists. The bill prohibits marketers, once notified, from sending any further messages to a consumer who has asked them to stop.  The legislation allows Internet Service Providers (ISPs) to bring action to keep unlawful spam from their networks, and directs the Federal Trade Commission to impose civil fines on those who violate the law.  Finally, although the legislation would pre-empt all state spam laws, it permits State Attorneys General to bring legal action on behalf of citizens who have complaints regarding bulk e-mail marketers.  Amendments added to the bill during debate create a No-Spam Registry and criminalize the use of deceptive source address information.

 

In state Anti-Spam news, the States of Missouri and California have sought legal action based on state Spam laws.  In a first test of a new SPAM law, the State of Missouri filed two lawsuits against suspected violators.  The law requires commercial e-mail to be identified in the subject line with “ADV:” opt-out provisions, and a $5000 penalty for each violation.  In California, a Santa Clara County Superior Court judge ordered two spammers to pay $2 million for sending unsolicited bulk e-mail. 

 

New European Union (EU) digital privacy rules governing SPAM went into effect on October 31, 2003.  The new EU SPAM directive requires companies to get consent before sending e-mail, tracking personal data on Web sites or pinpointing callers' locations via satellite-linked mobile phones.

 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

USACM Outlines Concerns with ICANN's WHOIS Policy

 

USACM recently joined over 50 other organizations from 22 countries around the world to urge the Internet Corporation for Assigned Names and Numbers (ICANN) to limit the use and scope of the WHOIS database.  WHOIS is a database that contains information for every registered Internet domain, including contact information, telephone numbers, and other administrative and technical information.  As ICANN continues to establish accuracy requirements for domain name registrants, USACM and other the signatories of the letter recommend that it establish corresponding protections for personal information that is provided. Privacy protections should be based on internationally accepted privacy standards. The letter concludes that the use and management of the WHOIS database without adequate data protection safeguards raises privacy and freedom of speech risks for domain name holders since personal information is widely accessible to third parties.

 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

Annual Computer Security Day to be Observed

 

November 30, 2003, will mark the fifteenth annual computer security day.  The event is designed to inform and encourage users to follow good computer security practices.  The first Computer Security Day observed in 1988, came as a direct result of the work of the Washington DC Chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit, and Control (SIGSAC). Currently 53 nations through the participation of over a 1000 organizations support the efforts of Computer Security Day.  To become an official participant of Computer Security Day contact:

 

Association for Computer Security Day

Post Office Box 39110

Washington, DC 20016 USA

 

More information on Computer Security Day can be found at: http://groups.yahoo.com/group/computersecurityday

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

For earlier editions of the ACM Washington Update, see: http://www.acm.org/usacm/update/. To subscribe to the ACM WASHINGTON UPDATE send an e-mail to listserv@acm.org with "subscribe WASHINGTON-UPDATE" (no quotes) in the body of the message.  Should you wish to stop receiving ACM Washington Update or have questions, comments, or suggestions regarding public policy issues or USACM activities, please contact the ACM Public Policy Office located in Washington, DC, by e-mail at usacm_dc@acm.org or calling 202-659-9711.