ACM Washington Update Vol. 8.10 (October 31, 2004)
CONTENTS
[1] USACM and CRA Urge Congress to Support NIST Funding
[2] IT Industry Seeks Elevation of Cybersecurity at DHS
[3] E-voting to be in National Spotlight on Election Day
[4] Domestic and International Update on Privacy Issues
[5] U.S. Congress Set to Reconvene After November Elections
[6] Upcoming Events
[7] About USACM
[1] USACM AND CRA URGE CONGRESS TO SUPPORT NIST FUNDING
The Computing Research Association (CRA) and USACM recently sent a joint letter to Congressional appropriators in support of funding for the National Institute of Standards and Technology (NIST) laboratories. In the letter, USACM and CRA describe the crucial and broadly beneficial nature of NIST's work and voice support for funding levels equal to (or higher) than the levels proposed in legislation under consideration in the Senate. The joint letter concludes that "NIST provides an invaluable setting for industry, academia, and government to work together on crucial technical issues," and that the "underfunding of NIST will adversely affect [its] credibility as well as [its] ability to function, and will have serious long-term consequences." NIST labs are also working to support e-voting security and standards initiatives.
The joint letter is available at http://www.acm.org/usacm/PDF/USACM_CRA_NIST_letter.pdf, while more information about the work of the NIST laboratories is available at http://www.nist.gov/public_affairs/labs2.htm.
[2] IT INDUSTRY SEEKS ELEVATION OF CYBERSECURITY AT DHS
The Director of the Department of Homeland Security's (DHS's) National Cyber Security Division, Amit Yoran, submitted his resignation in October. The abrupt move followed recent calls to incorporate the director's position and the Cyber Security Division into the White House's Office of Management and Budget (OMB). Among other things, Yoran's resignation has intensified calls to elevate the director's position within DHS. Indeed, legislation has been introduced (H.R. 5068) to raise the director's position to the assistant-secretary level within the department's power structure.
An alliance of information technology trade associations, including the Cyber Security Industry Alliance, the Business Software Alliance, TechNet, the IT Association of America, and the Financial Services Roundtable, sent a letter to Congress in support of elevating the director's position to the assistant-secretary level. The alliance's letter is available (PDF) at https://www.csialliance.org/news/press/10-07-04_National_Intelligence_Reform_Act.pdf or http://tinyurl.com/3n7fq.
More information on Amit Yoran's resignation can be found at http://www.gcn.com/vol1_no1/daily-updates/27496-1.html, while information regarding H.R. 5068 is available at http://thomas.loc.gov/cgi-bin/query/z?c108:H.R.5068.IH:.
[3] E-VOTING TO BE IN NATIONAL SPOTLIGHT ON ELECTION DAY
With most polls set to open tomorrow morning to begin the 2004 election, the last few weeks have seen a good deal of activity surrounding e-voting. Most recently, for instance, a Florida judge ruled that state election officials are not legally obliged to provide voter-verifiable paper trails for e-voting machines. In light of the risk and vulnerabilities associated with paperless computer-based voting systems, ACM recently released a statement in support of voter-verifiable audit trails and continued research to improve such systems. For more information on the ACM statement, see http://www.acm.org/usacm/weblog/index.php?p=73; for more on the Florida ruling, see the Wired News article at http://www.wired.com/news/evote/0,2645,65469,00.html.
In international e-voting news, the Council of Europe Committee of Ministers has agreed to the first international legal text on e-voting in elections and referendums. The recommendations set out a blueprint for governments planning to use new e-voting technologies for future elections and referendums. Based on experience gathered through pilot projects in several EU member states, the recommendations indicate how to build, run, and supervise e-voting systems to ensure reliable results. For more information, see http://press.coe.int/cp/2004/462a(2004).htm.
In other e-voting news, the National Research Council's Computer Science and Telecommunications Board (CSTB) has issued a call for input on a project to develop a framework for understanding the issues relevant to decision-making about electronic voting. Specifically, the project is intended to inform policymakers, election officials, and the public about the questions they should be asking about electronic voting systems in order to be better informed consumers of such systems. For more information about the project and how to submit input, visit http://cstb.org/project_evoting_cfp.html.
[4] DOMESTIC AND INTERNATIONAL UPDATE ON PRIVACY ISSUES
In a new move to crack down on the proliferation of spyware, the Federal Trade Commission (FTC) recently filed a complaint in the U.S. District Court of New Hampshire against a major spyware operation. According to the FTC complaint, the spyware operation was involved in hijacking computers, altering computer users' settings, creating a flood of pop-up advertisements, and installing software to track what computer users' activities. For more information on the FTC's complaint, see http://www.ftc.gov/opa/2004/10/spyware.htm. Earlier in October, the U.S. House of Representatives passed two pieces of legislation prohibiting spyware: the "Securely Protect Yourself Against Cyber Trespass Act" or SPY ACT (H.R. 2929) and the "Internet Spyware (I-SPY) Prevention Act of 2004" (H.R. 4661). However, the Senate did not act on the two bills before adjourning, and further action appears unlikely.
October also saw USACM member Dave Farber, Esther Dyson, and Tara Lemmey issue an open letter regarding the work of the Markle Foundation's Task Force on National Security in the Information Age. The authors, all members of the Markle Task Force, describe, among other things, how technology can help the U.S. government fight the war on terror more efficiently, ways to limit the dissemination of information that is not relevant to an investigation, and monitoring and accountability in the use of data by government agents. The letter is available (PDF) from http://www.markle.org/downloadable_assets/letter_tf_members_100604.pdf, while more information about the work of the Markle Foundation task force can be found at http://www.markletaskforce.org/.
In international developments, the European Commission has released a Staff Working Document that reports on the implementation of the EU Data Privacy Directive's Safe Harbor Agreement with the United States. The report was based on a comprehensive study conducted by an international team of researchers, including Yves Poullet, Jan Dhont, Maria Veronica Perez Asinary, Lee Bygrave, and Joel Reidenberg. Both the study and the Commission's staff paper find significant levels of non-compliance with the Safe Harbor Agreement by self-certified companies. The staff working document is available (PDF) at http://europa.eu.int/comm/internal_market/privacy/docs/adequacy/sec-2004-1323_en.pdf or http://tinyurl.com/5bkeo, while the longer report is available (PDF) at http://europa.eu.int/comm/internal_market/privacy/docs/studies/safe-harbour-2004_en.pdf or http://tinyurl.com/5hzjf.
[5] U.S. CONGRESS SET TO RECONVENE AFTER NOVEMBER ELECTIONS
On September 29th, Congress passed a Continuing Resolution funding federal departments and agencies at current levels until November 20, 2004. The resolution was necessary since Congress has only passed four of the thirteen annual appropriations bills necessary to operate the federal government during the current fiscal year that began on October 1, 2004. Both the House of Representatives and the Senate are scheduled to reconvene during the week of November 15th for a so-called "lame duck" session.
[6] UPCOMING EVENTS
* November 9-10, The Federal Trade Commission (FTC) and the National Institute of Standards and Technology (NIST) will hold an Email Authentication Summit on November 9-10, from 8:30 a.m. to 5:30 p.m. at the FTC's satellite building at 601 New Jersey Ave., NW., Washington, D.C. For additional information, see the FTC's summit announcement and request for comments at http://www.ftc.gov/opa/2004/09/emailauth.htm.
* November 17-19 the Council of Europe will hold its "Future of Democracy in Europe" conference. The conference will accommodate the needs and expectations of both scholars and practitioners of politics and will be attended by high-level politicians at Parliamentary and local levels, senior civil servants, prominent academics, civil society representatives, and the public. More information about the conference may be found at http://www.coe.int/t/e/integrated_projects/democracy/02_Activities/16_Final_conference/01_Conference_Outline_web.asp#TopOfPage or http://tinyurl.com/3olld.
* November 30th is the 13th Annual Computer Security Day. Join participants from more than 50 countries to raise computer security awareness at home and at work. Started in 1988 to help raise awareness of computer related security issues, the goal of Computer Security Day is to remind people to protect their computers and information. Sponsors include IBM, ISSA, SAI, ITAA, and ACM's own SIGSAC. For more information, visit http://www.computersecurityday.org.
* December 15-16 the FTC will hold a workshop to examine peer-to-peer (P2P) technology. The workshop will address how P2P file-sharing works, the current and future applications of the technology, risks posed to consumers using file-sharing software programs and how to avoid and reduce them, and competition issues raised by P2P file-sharing technology (e.g., its effect on the economy and copyright holders). For more information, visit http://www.ftc.gov/bcp/workshops/filesharing/index.htm.
[7] ABOUT USACM
USACM is the U.S. Public Policy Committee of the Association for Computing Machinery (ACM). ACM is the premier organization for computing professionals, delivering resources that advance the computing and IT disciplines, enable professional development, and promote policies and research that benefit society. USACM serves as the focal point for ACM's interactions with U.S. government organizations and the science and technology policy community. For more information about USACM, see http://www.acm.org/usacm/about.html.
BACK ISSUES
For earlier editions of the ACM Washington Update, see: http://www.acm.org/usacm/update/.
SUBSCRIBE/UNSUBSCRIBE
To subscribe to ACM's Washington Update newsletter, send an e-mail to listserv [AT] acm.org with "subscribe WASHINGTON-UPDATE [First Name] [Last Name]" (no quotes) in the body of the message. To unsubcribe, simply include the "SIGNOFF WASHINGTON-UPDATE" command in an email to listserv [AT] acm.org.
QUESTIONS/COMMENTS
Should you have questions, comments, or suggestions regarding this newsletter, public policy issues, or USACM activities, please contact the ACM's Washington, D.C., Office of Public Policy by email at usacm_dc [AT] acm.org or by calling 202-659-9711.