Today, several ACM groups, including USACM, released a statement on measures that should be taken to increase web accessibility. You can read the press release and statement online.

The statement is a joint statement of USACM; the ACM Special Interest Groups on Accessibility (SIGACCESS), Hypertext, Hypermedia and the Web (SIGWEB), and Computer-Human Interaction (SIGCHI); and the Computer Science Teachers Association (CSTA).

The online statement also has links to resources on web accessibility. Text of the statement follows:
(more…)

CONTENTS

[1] Newsletter Highlights
[2] ACM Launches Education Policy Committee
[3] Research Funding a Casualty of Appropriations Meltdown
[4] NSF Education Directorate Seeking Computer Science Expertise
[5] About USACM

[An archive of all previous editions of Washington Update is available at
http://www.acm.org/usacm/update/]

(more…)

CONTENTS

[1] Newsletter Highlights
[2] USACM Comments on Senate Electronic Voting Legislation
[3] National Science Board Releases STEM Education Report
[4] Online Comment Tool Released For Voting Guidelines; USACM Begins Review
of Standards
[5] Appropriations Bills Still Pending for FY 08
[6] Congress Contemplates Cracking Down on University File Sharing
[7] About USACM

[An archive of all previous editions of Washington Update is available at
http://www.acm.org/usacm/update/]
(more…)

For our readers in Washington, D.C., we wanted to note an event hosted by the D.C. Chapter of ACM.

Note - the time and specific location have changed.

Time: now 7:30-9:30
Location: now Funger Hall, Room 108
2201 G Street NW

Monday, November 12th 2007

The DC Chapter of the Association for Computing Machinery (ACM), in collaboration with the student ACM chapter at George Washington University, proudly presents a technology policy panel discussion.

Who Should Control Internet Bandwith?
Net Neutrality Revisited

In 2006, the political debate over �net neutrality� reached a peak in Washington among legislators and regulators. While the issue is keeping a lower profile these days, it remains inextricably linked with the question of how Americans are using high-speed Internet (broadband).
(more…)

With the House of Representatives e-voting reform legislation stalled, we’ve turned our attention to the Senate. Senator Feinstein (D-CA) is leading the effort to reform e-voting systems. USACM sent the Senator a detailed letter noting that her legislation largely gets the big things correct, but there are some important details that should be addressed. From the letter:

As with most things, the devil is in the details, and that is where USACM’s comments are focused. There is a lot of nuance and detail in USACM’s letter that is too long for a blog post, so I encourage you to read the supporting comments.

Senator Feinstein’s legislation is largely similar to what Representative Rush Holt (D-NJ) proposes in the House, requiring voter-verified paper records that are secret, durable, and accessible. Her legislation also makes the paper record the official record for the election, and it reforms the testing and certification processes. Finally, it requires software review by outside experts, with some differences in the details that are significant. (You can find a side-by-side comparison of the disclosure sections here.)

One of the biggest departures from the House bill is with the deadlines for reform. The Senate legislation bans the purchase of machines that do not produce voter-verified paper records upon enactment of the bill and requires the usage of paper ballots by the 2010 election. Representative Holt, for the most part, stuck with a 2008 deadline. The Senator has indicated some willingness to make that deadline even more flexible.

Policy fights often boil down to a rather fundamental debate – federal vs. local control. Education policy always seems to be on the front lines, particularly when it comes to K-12 education. It isn’t surprising to see familiar battle lines being draw over a new plan for coordinating Science, Technology, Engineering, and Mathematics (STEM) education across the country.

The National Science Board (which is the National Science Foundation’s oversight and advisory board) released a report recommending several actions to strengthen STEM education. ACM, through its newly established Education Policy Committee, commented on a early draft of the plan. Our two main points were that NSB should include computing societies in their proposed STEM Education Council and computer science should an integral part of the plan. We are pleased that the NSB responded to our comments and included ACM along with The Computer Science Teachers Association as potential participants in their effort.

(more…)

CONTENTS

[1] Newsletter Highlights
[2] House Electronic Voting Legislation Stalls
[3] ACM Briefs Hill on Electronic Employment Verification Systems
[4] PCAST Report Calls for Focus on IT Workers and Curriculum
[5] About USACM

[An archive of all previous editions of Washington Update is available at
http://www.acm.org/usacm/update/]
(more…)

CONTENTS

[1] Newsletter Highlights
[2] California Decertifies Voting Systems; Strict Requirements for Reinstatement
[3] TGDC Approves New Version of Voting System Guidelines; Draft Now Under Review at EAC
[4] USACM Releases Annual Report
[5] ACM Submits Comments on STEM Education to National Science Board
[6] About USACM
(more…)

Each July ACM�s Policy Office staff and USACM�s leadership compile USACM�s annual report for the past fiscal year (which ended June 30). In this year�s report you will find descriptions of our work on electronic voting, privacy, and security; the testimony provided by our members; and discussions of our activities to educate Congress about different technology policy issues.

You can read the FY 2007 USACM Annual Report online.

CONTENTS

[1] Newsletter Highlights
[2] House And Senate Pass Landmark Innovation Legislation
[3] Key Senator Signals Slowing of E-voting Reform
[4] California Top-To-Bottom Review Outlines Vulnerabilities and Deficiencies in E-Voting Systems
[5] House Committee Moves to Protect Social Security Numbers
[6] Patent Reform Legislation Advances in Congress
[7] Final Voting Standards Meeting Rescheduled
[8] About USACM
(more…)

CONTENTS

[1] Newsletter Highlights
[2] USACM Members Go to the Hill: Employment Eligibility Verification System
[3] USACM Members Go to the Hill Again: Social Security Numbers
[4] TGDC Final Meeting on Next VVSG Postponed
[5] New York Times Report on Military Overseas Voting
[6] Spyware Bill Would Define Zombies
[7] About USACM
(more…)

On Thursday, June 21, Dr. Annie Antón, Associate Professor of Software Engineering at North Carolina State University, testified in front of the Social Security Subcommittee of the House Ways and Means Committee on protecting the privacy and security of Social Security numbers. While the subcommittee did not have a specific bill to consider at this hearing, the House Energy and Commerce Committee has passed a bill, HR 948, involving Social Security Numbers. One of the Senate identity theft bills, S1178, currently has provisions on the sale and purchase of social security numbers.

Dr. Antón is a member of USACM’s Executive Committee and testified on behalf of USACM. Her testimony is available online. You can also review the ACM press release on her testimony.

(more…)

Update June 21
Dr. Antón’s testimony is now available online.

Original Post - June 20
On Thursday, June 21, at 10:00 a.m., Annie Antón, USACM Executive Committee Member and Associate Professor of Software Engineering at North Carolina State University, will testify to Congress on behalf of USACM regarding the pervasive use of the Social Security number and recommendations for increasing the protection of our personal information.

Seeking input on the technical issues associated with reducing the use and exposure of Social Security numbers, the Committee on Ways and Means Social Security Subcommittee asked USACM to provide expert testimony. Dr. Antón, a member of the Executive Committee of USACM and an expert on privacy and trustworthy systems, will provide her and USACM’s perspectives on this issue. The hearing will be webcast. You can watch it here: http://waysandmeans.house.gov/media/graphics/video.htm We will make her testimony available here after the hearing.

On Thursday, June 7, Dr. Peter G. Neumann, Principal Scientist in the Computer Science Laboratory at SRI International, testified before the Social Security Subcommittee of the House Ways and Means Committee on the proposed Employment Eligibility Verification System, or EEVS. The EEVS is part of the immigration legislation recently debated in the Senate, and apparently removed from consideration for the year. However, there is similar legislation in the House and Senate that may still be considered this year.
(more…)

CONTENTS

[1] Newsletter Highlights
[2] USACM Urges Revisions to REAL ID Rules
[3] USACM Member To Testify on Proposed Employment Eligibility Verification System
[4] E-Voting Reform Legislation Passes Committee; ACM Lauds Move
[5] TGDC Refines Next Set of Voting Standards
[6] Spyware Legislation Passes House
[7] About USACM
(more…)

On Thursday, June 7, at 10:00 AM, Peter Neumann, USACM Member and Principal Scientist at SRI, will testify to Congress on behalf of USACM regarding proposals to expand and make mandatory the Employment Eligibility Verification System (EEVS). The EEVS is a query-based system that allows employers to verify the work-eligibility and identity documentation that employees provide upon being hired. Currently this is voluntary system running as a pilot program with about 16,000 employers participating. As part of overall immigration reform efforts, Congress is considering legislation to expand this system and make it mandatory that all employers use it to verify an employees legal work status.

Seeking input on the technical issues associated with this system, the Committee on Ways and Means Social Security Subcommittee asked USACM to provide expert testimony. Peter Neumann, a long-time member of USACM and expert on security, privacy and trustworthy systems, will provide his and USACM’s perspectives on this issue. The hearing will be webcast. You can watch it here: http://waysandmeans.house.gov/media/graphics/video.htm

Yesterday USACM filed detailed comments on the Department of Homeland Security’s draft rules for implementing the REAL ID Act. (For background, Congress passed the controversial REAL ID Act in 2005 over the objections of many privacy, security and technology experts. See our posts (1,2) about USACM’s comments on the law.)

(more…)

I apologize for overloading the blog today, but this has been a busy week so far.

Late yesterday afternoon the Committee on House Administration passed, on a partyline vote, Representative Rush Holt’s legislation – The Voter Confidence and Increased Accessibility Act of 2007. (Here is the amended version that passed out of committee. For background on the legislation see our posts (1,2.) This legislation may be referred to other House Committee for consideration, or may go straight to the full House for action. We should know more about this in a few days.

Below is our release on the Committee’s action:

(more…)

CONTENTS

[1] Newsletter Highlights
[2] ACM Educates Policymakers About the Threats from Botnets
[3] House of Representatives Honors Turing Award Recipient
[4] USACM Joins Broad Coalition in Urging More Basic Research Funding
[5] Competitiveness Legislation Advances in Congress
[6] House Administration Committee Looks Into Sarasota Undervote
[7] Data Mining and Data Breach Notification Bills Approved in Committee
[8] About USACM
(more…)

Today the U.S. House of Representatives passed a resolution honoring Dr. Fran Allen for winning this year’s A.M. Turing award from ACM. Representative Lynn Woolsey (D-CA) introduced the resolution to bring attention to both Dr. Allen’s accomplishments and that she is the first woman to receive this award. Rep. Woolsey noted the problems that the information technology field has had in recruiting women and the inspiration that Dr. Allen has provided for this underrepresented group.

Three stark statistics tell this story: Women, who earn more than half of all undergraduate degrees in this country and make up more than half of the professional workforce, represent only 25 percent of all information technology workers. The percentage of women graduating with Computer Science bachelors has fallen from 37 percent of total graduates in 1985 to just 15 percent in 2005. In addition, 15 percent of the AP Computer Science test-takers in 2005 were girls, while 56 percent of the overall AP test-takers were girls.

Congrats again to Dr. Allen for winning this award and thanks to Representative Woolsey for raising these issues before Congress.

As mentioned on our blog last week (April 25) we cosponsored a Capitol Hill briefing with Microsoft about the growing threat of botnets. (See the post for more information on what botnets are.) Senators Pryor and Bennett made opening remarks about how the Internet is increasingly integrated into society and how computer security is an ever-increasing arms race with new exploits being found, followed by security upgrades, followed by more exploits, etc. It was clear that they understood both the important role technology is playing in society and the value of good computer security. Senator Bennett made the remark that computer security experts clearly had permanent job security.

The event featured three experts to talk about different perspectives of botnets. Ed Felten from Princeton University and USACM member described how botnets form, how they are used and a few ideas for dealing with them. He noted that reliable statistics on how many computers are infected by ‘bots are difficult to find, but computer security experts speculate 5-15% of all machines are infects. This equates to a whopping world-wide total of 30 million to 100 million machines. It is clear that botmasters have ample computing resources to carry out attacks, spread spam, and engage in other illegal activities.

(more…)

Next Wednesday at 12:00 p.m., ACM and Microsoft are sponsoring a briefing to educate policymakers about the growing threat of botnets. For those not familiar with the issue, ‘bots are malicious software (viruses, worms, etc.) that take over an unsecured computer and place it under the control of a hacker or ‘bot herder’. These computers are then linked into a distributed network that can be used to attack other computers, steal and share personal information, conduct “click fraud”, and send spam, among other illegal activities.

The briefing is open to the press and the public; here are the details:

TITLE: THE ZOMBIES WANT YOUR COMPUTER: HOW BOTNETS GENERATE SPAM AND STEAL YOUR IDENTITY

WHAT: Brown Bag Lunch Briefing

• Presented by ACM and Microsoft
• Hosted by the Senate Science and Technology Caucus
• Hear academic, industry and law enforcement experts
  explore the growing threat of botnets and how they fuel criminal activities

WHEN: Wednesday, April 25, 2007 12:00 noon � 1:15 p.m.

WHERE: U.S. Capitol Senate Chambers
Room SC-4
Constitution Avenue and New Jersey Avenue

WHO:

• Senator Mark Pryor (D-AR)
• Senator Bob Bennett (R-UT)
• Edward Felten, Princeton University, on How Botnets Form and the Scope of the Threat
• Phil Reitinger, Microsoft, on How Industry is Dealing with Botnets
• Scott O�Neal, FBI, on How Law Enforcement is Fighting Botnets

WHY: Robots are alive and well today, but they resemble nothing you�ve seen from science fiction or in a lab. They are hiding on millions of computers around the world.

Known as �bots,� they are programs installed on computers without the knowledge of their owners. They can turn computers into �zombies� under the control of a hacker or �bot herder� and are used for malicious activities. When linked, they form a botnet - a network of compromised computers.

These networks are a serious and growing risk to consumers� privacy, business operations, e-commerce and the Internet itself. They can be used to spam, cripple websites, steal personal information, and attack other computers.

HOW: This is a public event but space is limited.
RSVP to David Bruggeman by April 24
Tel (202) 659-9711 Fax (202) 667-1066
Email david.bruggeman AT acm.org

CONTENTS

[1] Newsletter Highlights
[2] Electronic Voting Under Extended Scrutiny
[3] A Deeper Look at E-voting Reform
[4] DHS Releases Proposed Rules for REAL ID Act
[5] New Congress Takes Up Competitiveness Legislation
[6] ACM Computing Contest Demonstrates Global Talent
[7] USACM Members Win ACM Awards
[8] About USACM
(more…)

Two USACM members have been recognized by the ACM, and we wish to spread the news and offer our best wishes. Eugene Spafford, Chair of USACM, has been recognized with the President’s Award. The award recognizes individuals who have “demonstrated their exceptional abilities to advance computing technology and enhance its impact for the benefit of society through generosity, creativity and dedication to their respective missions.” Past recipients of the President’s Award include Edward Lazowska and Robert Kahn. Dr. Spafford is a Professor at Purdue University, with appointments in both Computer Science and Electrical and Computer Engineering.

USACM member David Wise has received the 2006 Award for Outstanding Contribution to ACM. Wise chaired the ACM Special Interest Group on Programming Languages (SIGPLAN) and has held the ACM positions of vice president and secretary-treasurer. He led the creation of the Federated Computing Research Conference to facilitate communication among researchers in different computer science and engineering fields. Wise helped advance the usability and content of ACM’s world-renowned Digital Library by creating its subscription and copyright policy, and advocating for early inclusion of newsletters and conference proceedings from ACM’s Special Interest Groups. An ACM Fellow since 2004, he is currently a member of ACM Council as well as several other executive committees. Dr. Wise is a Professor of Computer Science at Indiana University.

(more…)

ACM issued the following release after the conclusion of its 31st annual International Collegiate Programming Contest:

CONTENTS

[1] Newsletter Highlights
[2] Official Sarasota Audit Complete; E-Voting Activity Continues
[3] Chronicle of Higher Education Prints USACM Letter In Response to E-Voting Article
[4] Frances Allen wins ACM’s Turing Award
[5] Offshoring Results in More Offshoring Reports
[6] Commerce Advisory Committee Reviews Innovation Metrics
[7] About USACM
(more…)

Last month the Chronicle of Higher Education ran a story (subscription required) about the unique relationship the State of Georgia has with Kennesaw State University. The State contracts with KSU to assist with all of Georgia’s e-voting machines, including inspection, ballot databases and training of poll workers. The article generated quite a bit of controversy within the computing community (Here is the start of a thread of debate within the community) about how it was written, the relationship between Georgia and KSU, and the topics it covered and missed. USACM felt the article missed several issues and responded with a letter to the editors. The Chronicle printed (subscription required) a condensed version of our letter on Monday. The full letter is below.

(more…)

ACM has named former IBM researcher as the winner of this year’s Turing Award – the “Nobel Prize in Computing.” Dr. Allen, known for her award-winning work in program optimization, is the first woman to receive the award. From today’s LA Times story:

Dr. Allen’s work made fundamental contributions to the field of computing and helped crack Cold War-era code:

The ACM A.M. Turing Award was named for Alan M. Turing, the British mathematician who articulated the mathematical foundation and limits of computing, and who was a key contributor to the Allied cryptanalysis of the German Enigma cipher during World War II. Since its inception, the Turing Award has honored the computer scientists and engineers who created the systems and underlying theoretical foundations that have propelled the information technology industry.

It carries a $100,000 prize, with financial support provided by the Intel Corporation.

CONTENTS

[1] Newsletter Highlights
[2] 110th Congress: Congress Boosts Research Funding; ACM Joins Computing Community in Urging Action on Funding
[3] 110th Congress: Science Committee Gets a New Look; Technology Policy a Priority
[4] USACM Advises Feds to Adopt Comprehensive ID Theft Prevention Measures
[5] Q&A with USACM Chair Spafford on E-voting
[6] Electronic Voting Continues to Attract Attention
[7] Data Mining Attracts Congressional Attention
[8] About USACM
(more…)

In response to a request for public comment from the Federal Identity Theft Task Force, USACM submitted comments on Friday on the technical implications of several different proposals under consideration. The full text of the request for comment, which includes discussion of the use of Social Security numbers, the effectiveness of a possible nationwide policy on data security and data breach notification, and the idea of identity files for victims of identity theft is available online (PDF). The Task Force is a joint effort of the Justice Department and the Federal Trade Commission.
(more…)

ACM joined with several groups other leaders in the computing community expressing concern over the state of the 2007 budget (which is currently in limbo) for information technology research and development and calling on Congress to complete proposed funding increases for several key science agencies. We’ve mentioned this issue a couple of times (1,2) over the past several weeks. Last year, Congress left town without passing most of the annual appropriations bills required to fund most federal agencies. Instead it passed a stopgap measure, called a “continuing resolution” (CR) to keep federal agencies funded at 2006 levels. This meant that proposed increases for the National Science Foundation (NSF), the Department of Energy Office or Science, and the National Institute of Standards and Technology (NIST), were shelved until the final budget was determined for 2007.
(more…)

Happy New Year! We usher in 2007 with a continuing story from last year – security and e-voting machines.

Computerworld has a good interview with Eugene Spafford, USACM’s Chair and Director of Purdue’s Center for Education and Research in Information Assurance and Security (CERIAS) on the security of e-voting issues. The focus of the interview is on the recent federal action to create new “software independence” standards by the Technical Guidelines Development Committee, which is charged with drafting the federal technical standards for voting machines. We covered these actions in detail (1, 2, 3) and in our last newsletter.

Here is an excerpt from the interview:

Look for more e-voting issues throughout the year on this blog!

CONTENTS

[1] Newsletter Highlights
[2] USACM Encourages Adoption of “Software Independence” Standard for Voting Systems
[3] Key Federal Advisory Committee Recommends Software Independent Voting Systems
[4] Lame Duck Congressional Session Lives Up to the Name
[5] Election Assistance Commission Considers 2006 Elections a Success
[6] Radical Education Reforms Required to Handle the Challenges of Globalization
[7] Commerce Department Names Measuring Innovation Committee
[8] About USACM
(more…)

CONTENTS

[1] Newsletter Highlights
[2] Election Day E-Voting Problems Largely Isolated
[3] Technology Policy in the 110th Congress - Meet the New Boss
[4] Innovation Benchmarks Report Released
[5] E-Voting Troubles in Florida?
[6] Copyright Office Grants Malware Research Exemption to DMCA
[7] About USACM
(more…)

Update: The TDGC rejected NIST’s and the security subcommittee’s recommendations for software independent systems on a 6-6 tie vote. We’ve got a story about the meeting posted here.

Update 2: The TDGC reversed course and adopted a compromise resolution that embraces the software indepence concept. David posted a story about it here.

Last Thursday we posted a story that the National Institute of Standards and Technology (NIST) released a paper recommending that federal standards allow certification only for “software independent” (i.e. ones that create a paper trail) e-voting systems. A key technical panel will consider and vote upon the recommendations this Monday or Tuesday. Calling these recommendations an important step forward for improving e-voting machine security, USACM issued a letter urging the panel to adopt the recommendations. These events are significant developments in the ongoing debate over e-voting and warrant a closer look.
(more…)

Update: Here is a link to the final report.

Tomorrow at 11:00AM, The Task Force for the Future of American Innovation, of which ACM is a member, will be releasing a report outlining many different measures of U.S. competitiveness and making the case for increased investment in basic research in the physical sciences. USACM has endorsed the report. Below are the details of the press conference:

WHO:

• Newt Gingrich, former Speaker of the House,
• David Abshire, President, Center for the Study of the Presidency, former Special Counsel to President Reagan and former Ambassador to NATO
• Larry Wortzel, Chairman, U.S.-China Economic and Security Review Commission and Vice President for Foreign Policy, Heritage Foundation
• Rep. Jim Cooper (D-TN), House Armed Services Committee

WHAT:

• Participants will challenge the Administration and Congress to provide greater Defense Department funding of basic research.
• Participants will support full funding of President Bush�s American Competitiveness Initiative.
• Release of the 2006 Benchmarks Report of the Task Force on the Future of American Innovation. To read 2005 report, go to http://futureofinnovation.org/PDF/Benchmarks.pdf.

WHERE:

Reserve Officers Association
One Constitution Avenue, NE
5th Floor Conference Room

WHEN:

Thursday, November 16, 11:00 AM to Noon

- # # # -

The Task Force on the Future of American Innovation (www.futureofinnovation.org), comprised of organizations from industry and academia, advocates increased federal support for research in the physical sciences and engineering. Formed in 2004, the Task Force urges strong, sustained increases for research budgets at the National Science Foundation, Department of Energy Office of Science, National Institute of Standards and Technology, and Department of Defense. For more information, to RSVP, or if you are press and wish to request an embargoed copy of the report, please contact:

Anne Caliguiri
202.682.4443

Barry Toiv
202.408.7500

CONTENTS

[1] Newsletter Highlights
[2] Election Day to Test Electronic Voting Systems
[3] National Academies Look to the Future of Computing
[4] Engineering Offshoring Examined by National Academy of Engineering
[5] Data Security Problems Continue to Plague the Government
[6] About USACM
(more…)

CONTENTS

[1] Newsletter Highlights
[2] Computing Experts Tell Congress Paper Trails are Needed for E-voting
[3] USACM Member to Advise Government on Privacy Issues
[4] Competitiveness Legislation Stalls Before Congress Heads Home
[5] New Heath IT Legislation Moves Forward
[6] Additional Offshoring Research Mirrors ACM Globalization Report
[7] About USACM
(more…)

Last week the Department of Homeland Security appointed Annie Anton (Professor of Software Engineering at North Carolina State University and USACM-EC member) to serve on the Data Privacy and Integrity Advisory Committee. She is the second USACM member to join the panel. Dr. Lance Hoffman (George Washington University) was appointed to serve last year.

The Department created the panel two years ago to advise the Secretary of Homeland Security and the Chief Privacy officer on the numerous privacy issues the department faces. Given the scope of DHS�s activities � dealing with customs, Citizenship and Immigration Services, and TSA data just to name three data-intensive bureaucracies � the Committee has a pretty broad mandate. Since it was commissioned, the Committee has produced several reports for government managers and policy makers:

• Framework for Privacy Analysis of Programs, Technologies and Application
• Recommendations on the Security Flight Program
• The Use of Commercial Data to Reduce False Positives in Screening Programs

Congrats to our USACMers!

Today the Committee on House Administration held a hearing titled “Electronic Voting Machines: Verification, Security, and Paper Trails.” Two USACM members testified. Barbara Simons and Ed Felten. Their testimony can be found here and here, respectively. Below is a press release on the hearing.

This Thursday at 10:00 the Committee on House Administration will hold a hearing on security, verification and paper trail issues related to e-voting machines. Two USACM-EC members have been invited to testify – Barbara Simons, past president of ACM, and Ed Felten, professor of Computer Science at Princeton University. The hearing will be webcast.
(more…)

CONTENTS

[1] Newsletter Highlights
[2] USACM Warns Against Technology Mandates
[3] USACM Looks Back at FY 2006
[4] Technology Administration Report on Offshoring
[5] About USACM

(more…)

Each July ACM’s Policy Office staff and USACM’s leadership compile USACM’s annual report for the past fiscal year (which closes on July 31). In this year’s report you will find descriptions of our work on the two major policy-related studies we put out this year: the first on voter registration databases, the second on ACM’s report on the globalization and offshoring of the IT software industry. We also detail our two new policy statements on digital rights management and privacy, and discuss some of our activities to educate Congress about different technology policy issues.

August will be a slow month both in Washington and on the blog, so I encourage you to review the report when you get a chance.

Last year, a Federal Court struck down the Federal Communication Commission’s attempt to mandate a copy protection regime for digital television signals, called the “Broadcast Flag.” In the decision’s wake, the battle moved from the courts to Congress with several different proposals to enact the FCC’s flag proposal into law. At the same time, momentum has gathered behind a related concept, called the “audio flag.” USACM, drawing from the policy statement it adopted earlier this year on digital rights management (DRM), released a letter to Congress warning that DRM mandates can chill technology development and harm consumers. From the letter:

The FCC’s Broadcast Flag, would outlaw any receiver or downstream technology that does not comply with certain technical content protection measures spelled out in the order. Television sets, computers, Tivos, etc. would all have to be able to recognize a “flag” in a digital broadcast stream and abide by its redistribution and storage rules. The audio flag proposals are still being developed, but are similar in concept. The entertainment industry has stated their goal for the audio flag is to prevent users from creating permanent libraries of songs from over-the-air broadcasts and limiting redistribution of recorded songs. The electronics industry and consumers groups have argued that such actions are already protected under the Audio Home Recording Act.

In an effort to educate Congress about some of the technical issues associated with DRM, USACM’s letter discusses several issues: DRM Mandates and Innovation, Compatibility, Fair Use and Technology, and Intentional Infringement. Earlier this year, USACM released principles for policymakers to consider when setting DRM policy. Setting a video or audio flag into law could run contrary to the principles it adopted.

Chairman of the Senate Commerce Committee, Ted Steven’s (R-AK), is championing Senate legislation to reform the Telecommunications Act of 1996, which also contains proposals to enact the Broadcast Flag and an audio flag. The Senate Commerce Committee passed this legislation in June, but it immediately became mired down by numerous controversial provisions it contains. It isn’t clear when the full Senate might consider the legislation, but Chairman Stevens is targeting early fall. The House of Representatives has already passed their proposal to reform the Telecommunications Act, which did not contain either the video or audio flag.

Update: Thanks to the Chronical of Higher Ed. for noticing this; the final letter I linked to didn’t have a date on it. It went out on July 25. Sorry for missing that and for the delay in posting it to the blog, but vactions and voting hearings/posts got the way of getting this on the blog. The corrected letter is now posted to the website.

CONTENTS

[1] Newsletter Highlights
[2] Electronic Voting Receives Attention on Numerous Fronts
[3] Administration and Congress Take Actions to Protect Privacy
[4] ACM President Interviewed for CNET
[5] Pieces of American Competitiveness Initiative Slowly Move Forward
[6] Scientists Find Congress’ Access to Scientific Advice Lacking
[7] About USACM
(more…)

Voice of America ran an article today looking at issues of education and globalization and impacts on the U.S. computer science pipeline. The article starts by pointing out America’s poor showing in ACM’s international programing contest:

On the education front, there are two significant issues. First, the number of science graduates in the US is low compared competitors such as India and China. Second, high school curriculum puts U.S. students at a disadvantage:

The article also focused on the impact of globalization and outsourcing on the field:

But also pointed out that this perception can hurt the field in the long run:

ACM released a report on the globalization and offshoring of software eariler this year that also discussed these topics.

Facing a steady stream of reports about e-voting machine failures and security vulnerabilities, yesterday Congress tackled the question of whether new federal standards will improve this technology. The short answer from the witness and the Members of Congress seemed to be that the standards, while a good first step, were far short of what we need to ensure accurate, secure, reliable and usable e-voting machines. We will have to wait until the next update of the standards (likely effective in 2010) to see anything more than marginal improvements.

USACM mirrored these concerns in a letter it released to Congress in advance of the hearing; noting that even with improved standards, there are still gaps in the current testing and certification system. USACM made five recommendations to close these gaps:

• Create a formal feedback process that will ensure that lessons learned from independent testing and Election Day incidents are translated into best practices and future standards.
• Make the testing process more transparent by making the testing scope, methodologies and results available to the public.
• Ensure that the guidance for usability and security standards provides performance-based requirements and is clear so as to minimize the variance of human interface designs from jurisdiction to jurisdiction.
• Create a mechanism for interim updates to the standards to reflect emerging threats, such as newly discovered security defects or attacks.
• Require voter verified paper trails and audits to mitigate the risk associated with software and hardware flaws.

USACM also issued a press release on the hearing, which can be found here.

(more…)

CNET news has an interview with ACM’s new President, Stuart Feldman on topics ranging from IT education and jobs to the globalization of the IT software industry. He specifically mentions ACM’s recent globalization report and that it shows there is strong demand in the IT industry for skilled employees. Here is an excerpt from the interview:

Dr. Feldman was recently elected President of ACM and started his two year term on July 1, 2006. The President of ACM is a standing member of the Executive Committee of USACM. He is also vice president of computer science research at IBM.

CONTENTS

[1] Newsletter Highlights
[2] USACM Releases Privacy Policy Recommendations
[3] David Bruggeman Joins ACM’s Policy Office
[4] Computing Community Praises Proposed Increases in Science Funding
[5] USACM’s Chair Testifies before House Veteran’s Affairs Committee
[6] Congress Focuses on Legislating Digital Rights Management
[7] Snowbird Conference: The Image of Computing
[8] About USACM
(more…)

Testifying before Congress about the recent databreach at the Veterans Affairs (VA) Department, Eugene Spafford (Spaf) argued that this breach was a policy problem rather than technology one. (His full testimony can be found here.) Noting that government, industry and academia all have systemic problems with how accountability is built into information security policies, two problems commonly emerge:

This point was clearly heard by the members of the committee. Several members, including the Chairman, expressed support for a “comprehensive” fix to the security policies, not just reactive solutions, such as credit monitoring.

As an aside, Spaf gave all the members of the committee PITAC report’s Cyber Security: A Crisis of Prioritization as part of his testimony. The report made quite a splash, especially with the Chairman. At the beginning of the hearing, he was waving it around, calling it insightful, and encouraging all the members to read it.

With security breaches revealing millions of personal records, new surveillance programs being adopted by law enforcement, calls for data to be retained longer by Internet Service Providers, the role of privacy and technology is very much on the minds of policymakers. The most common refrain from advocates is for Congress to enact a comprehensive privacy framework instead of addressing privacy issues on an ad hoc basis as it typically does. Below are USACM’s recommendations a comprehensive framework addressing the collection, storage and use of personal information.

USACM and the Computing Research Association released the following joint statement regarding Congress’ support of increased research funding:

Please join me in welcoming David Bruggeman to the ACM policy staff. David joins ACM as our Public Policy Analyst, where he will be working on a wide range of technology policy issues. He is currently working on his Ph.D in Science and Technology Studies (with a concentration in Politics and Policy) at Virginia Tech. He has previously worked for the National Academies (in the Committee on Science, Engineering and Public Policy and the Forum on Information Technology and Research Universities). He also interned in the satellite division of the National Oceanic and Atmospheric Administration.

David takes over for David Padgham who left the office for a position at the Computer Science and Telecommunications Board of the National Academies.

David Bruggeman or I can be reached via e-mail at david.bruggeman AT acm.org or cameron.wilson AT acm.org

CONTENTS

[1] Newsletter Highlights
[2] Commerce Department Shelves “Deemed Export” Proposal
[3] Computer Scientists Find Significant New Security Vulnerabilities In E-voting Machines
[4] VA Department Loses Personal Information On 26.5 Million Vets
[5] NSA Building Massive Database Of Domestic Calls
[6] Innovation Bills on the Move in the Senate, House Not Far Behind
[7] About USACM
(more…)

CONTENTS

[1] Newsletter Highlights
[2] Computing Community Express Concern Over Budget
[3] USACM Calls on Congress to Protect Patients Privacy Rights
[4] “Net Neutrality” Amendment Defeated
[5] Key Lawmaker Floats DMCA Expansion
[6] Conference Highlights DMCA Divisions
[7] California Voter Registration Database Rejecting Voters
[8] Upcoming Events
[9] About USACM
(more…)

With the House of Representatives poised to pass its version of the budget for next fiscal year, USACM joined the computing research community and several IT companies expressing our concern that it does not reflect full funding for the President’s American Competitiveness Initiative (ACI). As readers may remember the ACI provides about a nine percent increase in funding for basic research at the National Science Foundation, the Department of Energy Office of Science, and the core labs at the National Institute of Standards and Technology. The President’s goal is to double funding for those agencies over the next ten years.

(more…)

Last week, USACM joined a diverse collection of consumer, privacy, technology, and other groups calling on Congress to ensure that patient privacy rights are part of any federal health information technology legislation. Policy issues associated with health information technology usage are clearly a growing area of interest for policy makers with initatives from both President Bush and Congress.

(more…)

April’s newsletter didn’t get posted to the web, sorry for the delay.

CONTENTS

[1] Newsletter Highlights
[2] USACM Adds a Balanced Voice to the Copyright Wars
[3] Mixed Bag Data Security Legislation Inches Forward, USACM Comments on Proposal
[4] Proponents of “Net Neutrality” Express Concern Over New Legislation
[5] Senate Increases Funding for Basic Research, House Less Receptive
[6] Maryland House Passes Legislation Mandating Paper Trails for E-Voting Systems
[7] Upcoming Events
[8] About USACM
(more…)

Today Congress took another step forward in trying to deal with the numerous data breaches that continue to make news as the House Energy and Commerce Committee unanimously passed legislation (H.R. 4127) that would force companies to shore up their security practices.

We’ve covered this issue in other posts (1,2), but for background the legislation has four main components:

• A requirement that all businesses have data security plans in place,
• Special regulations for so-called “databrokers,”
• A nationwide notification requirement, and
• Preemption of state law.

As the bill was moving through the committee process USACM issued a new letter finding that the draft legislation embraced several of the Fair Information Practices (FIP) principles recommended in a previous letter to Congress. The bill requires information brokers to verify the accuracy of personal information, allows consumers access to personal information held by brokers, and introduces additional accountability through mandatory audit logs – all welcome steps forward. However, USACM expressed concern about the legislation’s notification provisions if there is a breach of a company’s security.

The bill would require companies to notify consumers of a data breach unless only if there is a reasonable risk that the acquired data can be used for unlawful practices. Futher, it states that if a company encrypts the data or uses other technologies or practices that render data unreadable or indecipherable, then these technologies create an automatic exemption from notification (e.g. it argues there is little risk with encryption).

This troubled USACM in two different respects. First, the creation of a risk-based standard for notification may not improve security practices. Clearly if there is a breach, regardless of the risk to consumers, a company’s security system should be hardened to deal with the vulnerabilities. If there are multiple breaches, then notification should be required. Second, just utilizing technology such as encryption doesn’t necessarily mean that the risk of identity theft is mitigated if there is a breach. From the USACM letter:

While the bill is a mixed bag, it is still a step forward. The legislation will have to be reconciled against other bills moving through House Committees before it can come before the full House of Representatives for consideration. These bills include one by the House Banking Committee that we haven’t had the chance to analyze. The Senate bills are also still in play, so there is a long way to go before these are law.

Let me apologize for not posting much lately. I can’t think of a busier time for ACM, USACM, and tech. policy happenings generally, than over the past couple of weeks. So first let me catch up on some of the major happenings.

As I reported, ACM released its report on globalization of the IT software industry. The media attention has been tremendous including stories in Newsweek, CNN, and a really great editorial in the New York Times. USACM also held it annual Executive Committee retreat last weekend; the newsletter (story #5) has a good summary. Two interesting bills were introduced last week. Senator Ron Wyden (D-OR) released his proposal (.pdf) on “Net Neutrality.” We previously covered the background on this issue here. Congressman Mike Ferguson (R-NJ) introduced an “audio flag” bill (more on this below). Finally, the whole competitiveness/innovation debate is really heating up, with the House Republican’s throwing their hat into the ring, but with little emphasis on research. Peter at CRA has a good post about this interesting development.

So back to the subject of this post. The battles over copyright policy in Washington D.C. are nothing new, but the digitizing of copyrighted works and the ability to quickly and widely distribute protected works has raised the stakes on this debate. A large part of this debate, and ultimately the most interesting to USACM, is that those holding copyrighted works are increasingly turning toward technology to protect their works in the digital age. Often called “Digital Rights Management,” these technologies present two interesting questions to policy makers. One, how does technology help or undermine existing copyright policies? Two, if technologies employed in the marketplace cannot adequately protect works or undermine existing fair uses of works, what role should policymakers have in steeping into this area and mandating how technology should perform?

To help guide policymakers thinking on this subject, below (here is the .pdf) are the policy recommendations that USACM has adopted on Digital Rights Management (DRM). The statement reflects USACM’s belief that DRM systems have a role in protecting against wide-spread infringement; however, it also reflects the community’s belief that long-standing legal uses of copyrighted works and consumer rights should be respect by policymakers wrestling with this issue.

Clearly the six principles below can be brought to bear on at least four bills Congress is currently reviewing. First, the so-called “analog hole” bill, which creates a federal mandate to prevent transferring digital content to analog and back to digital without whatever DRM is attached to the original work. Second, the “broadcast flag” bill (all we have is a draft proposal on this), which would mandate that digital receivers recognize a flag embedded in video signals with DRM. Third, the “audio flag” bill, which is similar to the broadcast flag bill but deals with digital audio broadcasts. Fourth, Representative Boucher’s (D-VA) Digital Media Consumers’ Rights Act of 2005, which among other things amends the Digital Millennium Copyright Act (DMCA) to allow for research into technological protection measures and circumvention of technology copy protection for “fair use” purposes, both of which are illegal today. USACM will now look to educate policymakers on how the principles below apply to their efforts.

(more…)

CONTENTS

[1] Newsletter Highlights
[2] ACM Releases Major Report on the Globalization of Software
[3] USACM Releases Study on Voter Registration Databases
[4] Software Pioneer Peter Naur Wins ACM’s Turing Award
[5] USACM Executive Committee Gathers to Set Goals for the Year Ahead
[6] Cerf Cautions Congress on Internet Fast Lanes
[7] Upcoming Events
[8] About USACM
(more…)

ACM has named Peter Naur the winner of the 2005 A.M. Turing Award. The award is for Naur�s pioneering work on defining the Algol 60 programming language. Algol 60 is the model for many later programming languages, including those that are indispensable software engineering tools today. The Turing Award, considered the �Nobel Prize of Computing� was first awarded in 1966, and is named for British mathematician Alan M. Turing.

Dr. Naur was editor in 1960 of the hugely influential �Report on the Algorithmic Language Algol 60.� He is recognized for the report�s elegance, uniformity and coherence, and credited as an important contributor to the language�s power and simplicity. The report made pioneering use of what later became known as Backus-Naur Form (BNF) to define the syntax of programs. BNF is now the standard way to define a computer language. Naur is also cited for his contribution to compiler design and to the art and practice of computer programming.

ACM will present the Turing Award at the annual ACM Awards Banquet on May 20, 2006, at the Westin St. Francis Hotel in San Francisco, CA. For more information on Dr. Naur and the Turing Award, see ACM’s official press release here

After more than year of study, today ACM released its report (press release below, .pdf is here) examining issues surrounding the migration of jobs within the computing and information technology field. It found that, despite the media drumbeat on offshoring, that the demand for IT jobs remains strong. However, that doesn’t mean countries can be complacent. The study also found that global competition is fierce and growing, offshoring and globalization will continue to be part of corporate strategies, and if countries want to compete in this marketplace they must adopt strategies that attract, educate, and retain the best IT talent. Here is an excerpt from the New York Times article this morning:

In fact, it is this fierce global competition that is helping drive President Bush’s American Competitive Initiative and many Congressional initiatives.

(more…)

Update 2/17/06: Declan McCullagh wrote a nice story about the study for CNET News.com.

Original Post 2/16/06: Citing the danger of voter fraud and disenfranchisement from poorly implemented databases, a committee of experts commissioned by USACM released a report today making almost 100 recommendations to state and local officials charged with creating and managing statewide voter registration databases (VRDs). The report is a comprehensive “soup-to-nuts” look at challenges elections officials face in making sure databases are accurate, private, usable, secure, and reliable.

The report responds to the mandate passed by Congress in the Help America Vote Act that all states create and manage statewide VRDs. The committee wanted to give objective technical advice to elections officials on the many challenges they will face in meeting this mandate. The report has been about a year in the making, and we’ve covered some of the work of this group on the weblog (1, 2) including comments they filed with the Election Assistance Commission about this issue.

The press release on the report is below (and a .pdf is here), and here is a link to the page hosting the report.

The policy office personally wants to thank the study committee members for their hard work on this report.  Each took time from his or her regular life to scope out the issues and then write a very detailed and comprehensive report.

(more…)

CONTENTS

[1] Newsletter Highlights
[2] President Calls for Doubling of NSF and New Science and Math Education Programs
[3] USACM Urges Congress to Adopt a Broader View of Data Security, ChoicePoint Gets Hammered by the FTC
[4] Quest for More Information on NSA Spying Continues
[5] Senate Commerce Confronts Broadcast Flag Issue
[6] Sony BMG Settling “Rootkit” Cases
[7] Upcoming Events
[8] About USACM
(more…)

Following last year’s numerous high-profile data breaches (which we’ve been covering closely), there are now numerous pieces of data security and privacy legislation pending in Congress – coming under the jurisdiction of numerous committees and using a range of different approaches. Indeed, the field is so crowded that it’s difficult to tell which bills have the best chance for success. It will take a concerted effort on the part of members to piece together a proposal that is agreeable to the committees, members, and other interests who have staked claims in this area. If and when that might happen is also unclear.

Given these multiple moving targets, USACM released a letter to members of Congress this week expressing some of the technical community’s concerns regarding data security legislation and urging policymakers to adopt a broader approach. Rather than supporting any specific bill or specific model of data security, the letter seeks to call policymakers’ attention to the principles undergirding the long-established Code of Fair Information Practices (FIPs). The committee feels that these principles should be a part of any legislation enacted by Congress.

The full letter is available below, while a PDF version is also available, here.
(more…)

CONTENTS

[1] Newsletter Highlights
[2] USACM Chair Comments on Pentagon Cybersecurity
[3] Congress Creates New $4.5 Billion Math and Science Educ. Program
[4] News of NSA Eavesdropping Program Prompts Data Mining Speculation
[5] Congress Extends Patriot Act … For a Few Weeks
[6] EU Data Retention Law Passes
[7] Upcoming Events
[8] About USACM
(more…)

Prof. Eugene Spafford, USACM Chair and executive director of Purdue University’s Center for Education and Research in Information Assurance and Security (CERIAS), was interviewed recently as part of a National Public Radio (NPR) Morning Edition piece on Department of Defense (DOD) cybersecurity:

An audio archive of the segment is available here.

In the NPR piece Spafford echoes some recent testimony he gave before a House Armed Services Committee hearing, where he urged a different approach to DOD cybersecurity involving a shift away from reliance on commercial-off-the-shelf (or COTS) products and away from systems and software with extraneous functionality. For more information on this hearing, including a link to Spafford’s written testimony, see our October newsletter.

CONTENTS

[1] Newsletter Highlights
[2] USACM Writes to Virginia Policymakers on E-voting
[3] Data Security Bills Progressing, but Passage Unlikely by Year End
[4] House Committees Investigate “Fair Use” and the “Analog Hole”
[5] R&D Programs Weather Tough Budget Climate (So Far)
[6] Sony Rootkit Stirs Controversy, While Senate Spyware Bill Advances
[7] ICANN Retains Internet Governance Position
[8] Turing Award Winners Earn Nation�s Highest Civilian Award
[9] Events in December
[10] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

Yesterday, USACM sent a letter to Virginia Delegate Tim Hugo, chair of the Joint Subcommittee Studying the Certification, Performance, and Deployment of Voting Equipment, regarding the issue of voter-verified paper records and electronic voting machines. The subcommittee is scheduled to hold a hearing on Monday, November 21, 2005, to address the issue (an agenda for that hearing is available here).

The letter seeks to draw the lawmaker’s attention to the e-voting position that ACM adopted last year. Readers may recall that the committee sent a similar letter to lawmakers in Hawaii earlier this year.

The full letter is available below or here as a PDF file.
(more…)

CONTENTS

[1] Newsletter Highlights
[2] USACM Chair Warns Against Underfunding Cybersecurity Research
[3] USACM and Others Criticize DoD Export Proposal
[4] Data Security Legislation Moving Forward in Congress
[5] U.S. Passports to Get RFID Chips
[6] U.S. Resisting U.N. Pressure on Internet Governance
[7] Events in November
[8] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

USACM Chair Gene Spafford testified today at a House Armed Services Committee hearing as part of a cybersecurity panel on “Asymmetric and Unconventional Threats.” He was joined on the panel by David Grawrock (Intel) and Paul Kurtz (Cyber Security Industry Alliance). Spafford’s written testimony can be found here. In his oral comments, Spafford stressed several points:

• The interconnectedness of systems today, meaning that a vulnerability or attack in one system can lead to problems for other systems;

• The fuzzy line now between civilian and military infrastructure (e.g., many military bases rely on civilian power grids, civilian networks, etc.)
• The danger in underfunding and shortening the horizon for cybersecurity research; and
• The need for more well-trained cybersecurity professionals.

We’ll have more on this hearing in our forthcoming October newsletter. Meanwhile, Peter Harsha (CRA) has an excellent post about the hearing and some of the background.

USACM and more than 100 other respondents recently filed comments with the Department of Defense criticizing its proposed changes to the Defense Federal Acquisition Regulation Supplement (DFARS). Among other things, the proposal mandates that all DOD contracts include a clause requiring contractors to

1. Create and maintain unique badges for foreign nationals and foreign persons employed by the entity;

2. Build segregated work areas for these persons; and,
3. Prevent these individuals from gaining any access to export-controlled technology without first obtaining a specific license, authorization or exemption, even if these individuals may be working under the longstanding fundamental research exemption.

USACM’s comments express its concern that the proposal, among other things, would place a costly new burden on research, discriminate against foreign researchers, and jeopardize the fundamental research exemption that has long promoted an open and fertile research environment. USACM is also worried that DOD, in issuing this proposal, has not given enough consideration to a similar advanced notice of proposed rulemaking issued recently by the Department of Commerce’s Bureau of Industry and Security. USACM and others were critical of this proposal, as well.

USACM’s full statement on the DOD proposal is available here.
(more…)

CONTENTS

[1] Newsletter Highlights
[2] Carter-Baker Commission Report a Mixed Bag
[3] Senate Judiciary Committee: Busy and in the Spotlight
[4] Secure Flight Working Group Against Live System Testing
[5] Cybercrime on the Rise
[6] Barbara Simons Presented with Lifetime Achievement Award
[7] Calling All Techies
[8] Events in October
[9] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

USACM’s Barbara Simons recently received a Distinguished Engineering Alumni Award for Lifetime Achievement from UC Berkeley. Currently she is a member of USACM’s executive committee and is co-chairing ACM’s study of statewide voter registration databases.

The full ACM release regarding the award appears below:

(more…)

CONTENTS

[1] Newsletter Highlights
[2] Commerce Dept. Gets an Earful on Proposed Export Rule Changes
[3] Is the U.S. Research Environment Hostile to Foreigners?
[4] Turing Award Lecture Focuses on Internet’s Impact
[5] Pressure Building in States Against Real ID Act
[6] California Legislature Kills RFID Restrictions
[7] USACM Looks Back at FY2005
[8] Events in September
[9] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

Now that it’s August – typically a relatively quiet time in Washington and policy circles (and a time where our blog posts will be light) – it seems like a good point for a bit of reflection.

To that end, we’d like to point out that USACM has just released its annual report for fiscal year 2005. The report chronicles the committee’s work over the past year, including highlights ranging from our activities aimed at educating policymakers about the Induce Act, to our e-voting statement, to leadership changes at USACM and at ACM’s D.C. public policy office, and on to more recent items like our formal comments on the Department of Commerce’s proposal regarding deemed export controls.

The full report is available (PDF) here.

CONTENTS

[1] Newsletter Highlights
[2] Picture of Data Security/Privacy Legislation Getting Clearer
[3] The Grokster Decision: Lawyers Debate Inducement; Senators Come Down Hard on the Technology Industry
[4] Turing Award Winner Blasts Current State of Federal R&D Funding
[5] Pentagon Proposes New Restrictions on Research
[6] Congress moves to Bolster Math and Science Programs
[7] U.N. Working Group on Internet Governance Issues Report
[8] Events In August
[9] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

CONTENTS

[1] Newsletter Highlights
[2] Supreme Court Rules Against Grokster, Preserves Sony Safe Harbor
[3] Proposed Export Rules Could Stifle Innovation
[4] Powerful Senators Introduce Privacy and Security Bill
[5] USACM Urges Reconsideration of Real ID Provisions
[6] PITAC Issues Computational Science Report, Then Expires
[7] Cerf and Kahn Presented with ACM’s 2004 A.M. Turing Award
[8] Events to Watch In July
[9] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

Update: Many organizations filed comments with BIS (the rumor has it around 200). The only one that we have seen so far (besides the CRA link at the bottom) is by the Association of American Universities. Apparently many business groups filed as well, including several IT and trade associations. We’ll post links to the big ones as they come in.

Original Post 6/28/05: Yesterday USACM filed comments with the Department of Commerce expressing deep concern about its proposal to change rules that apply to foreign nationals working in the United States using sensitive equipment. The committee objected to the proposal, stating that it could place new and costly burdens on the information technology sector and universities, and exacerbate an already hostile environment for foreign-born researchers working in the U.S., while providing questionable security gains.
(more…)

The Electronic Privacy Information Center (EPIC) convened a meeting today to look into the range of policy, technical, and social issues surrounding national identification systems in light of the recently passed Real ID Act, something we’ve been quite active on recently. In April, USACM sent the Senate a letter outlining its concerns about the security aspects of the database provisions and its national ID implications. However, Congress ultimately left many of the concerns of USACM and the privacy community unaddressed.

In light of today’s EPIC event, USACM issued a press release calling for a reconsideration of Real ID’s provisions (click here for the full release):

Marc Rotenberg, EPIC’s executive director, began the meeting by pointing out how the Real ID Act had worked its way through the legislative process without any meaningful debate – (more…)

Previously, we reported that ACM created a committee to study issues related to statewide voter registration databases and that the Election Assistance Commission (EAC) recently released its draft guidance on this topic, seeking additional comments. ACM’s committee took the opportunity to provide expert comments to the EAC.

The Help America Vote Act requires that all states have statewide voter registration databases in place by January 1, 2006. Seeking to give the states guidance on this law, the EAC released draft guidelines on how to implement statewide registration databases. ACM’s committee felt that the guidance was a good start, but that it covers only a few issues and lacks much of the technical detail that states really need:

CONTENTS

[1] Newsletter Highlights
[2] Congress, Media, and Research Societies Bring National Attention to IT R&D Funding, USACM Weighs in
[3] ACM Voter Registration Database Study Calls for More Details in EAC Guidance
[4] USACM Provides Testimony to House Science Committee Hearing
[5] Congress Begins Work to Fund Research Agencies
[6] Congressmen Announce “Innovation Summit”
[7] Real ID Act Becomes Law
[8] House Passes Two Spyware Bills
[9] Cybersecurity Issues Move Forward in the House
[10] Administration Announces Leadership Changes in IT R&D Agencies
[11] Events to Watch In June
[12] About USACM
(more…)

The House Science Committee held a hearing yesterday on computer science research. USACM and CRA, along with a number of other organizations concerned about the future of computing research, issued joint testimony for the hearing:

The full testimony is available (PDF, 1.6 MB) here.

CRA tracks computing research and funding issues very closely, and their Computing Research Policy Weblog has the most detailed coverage of the hearing.

Following the hearing, ACM President David Patterson made comments in an ACM press release:

The full release is available below (click here for a PDF of the release).
(more…)

CONTENTS

[1] April Proves to be a Busy Month for ACM Policy Activities
[2] ACM Provides Testimony to EAC on Voter Databases
[3] USACM Questions Real ID Act’s Security Standards
[4] High-Performance Computing Legislation Passes House
[5] EAC Technical Committee Adopts Voting System Standards; EAC Commissioner Resigns
[6] Cyber Czar Legislation Takes First Step in Congress
[7] Legislation on the Move
[8] Events to Watch In May
[9] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

ACM recently formed a committee of experts (names and affiliations below) to provide states with guidance on implementing statewide voter-registration databases. Today the Committee outlined its efforts before the Election Assistance Commission (EAC), which is seeking input on its proposed guidance to the states regarding these databases.
(more…)

Today the House of Representatives passed the High-Performance Computing Revitalization Act. USACM and the Computing Research Association (CRA) praised the House’s action.

USACM Chair Gene Spafford commented:

The High-Performance Computing Program (also known as the Networking and Information Technology Research and Development Program � NITRD) sets up a collaborative multi-agency research, development, and deployment program focused on high-performance computing systems, software, and applications (among other things). The underlying law also established the President�s Information Technology Advisory Committee (PITAC), on which USACM has sitting members.

The legislation has three primary areas. The first rewrites the overarching goals of the program. The second makes minor changes to reporting requirements and PITAC. The third updates many participating agencies� duties to reflect each agency�s mission. USACM sent a letter in February to House Science Committee Chairman Sherwood Boehlert (R-NY) commenting on the legislation.

The legislation now moves to the Senate for consideration.

USACM today sent a letter to state policymakers in Hawaii to call their attention to the e-voting statement that ACM adopted last year.

The letter seeks to offer USACM’s technical and policy input as electronic voting legislation works its way through the Hawaii legislature (something that’s currently going on in many state legislatures across the country).

The letter appears below and is also available as a PDF file.
(more…)

Citing the increased risk of identity theft the proposed Real ID Act would create, today USACM sent a letter (HTML, PDF) to Senator Lamar Alexander (R-TN) expressing its concerns about the legislation. Last week, Senator Alexander penned an op-ed stating that while he wasn’t necessarily opposed to national IDs, the Real ID Act wasn�t the right approach. USACM’s letter points out the legislation’s significant and troubling flaws by making two main points:

• The legislation provides financial incentives for all 50 states to share their driver’s license databases; however, it has no security policies for such sharing. Considering that the overall security of the system will be determined by its weakest link, the risk of identity theft increases substantially.

• The minimum standards for identification create a de facto national identification system, but this may fall short of accomplishing its stated goal of reducing terrorist�s access to valid identification. Specifically, the letter points out that someone can bribe a clerk in any of the 50 states to get a valid license and security personnel may be less likely to assess its validity because it would meet the new standards.

The Real ID Act was sent from the House to the Senate as a rider on a must-pass funding measure. Last week, we reported that the Senate Appropriations Committee was going to strip out the rider and consider a “clean” bill. The fate of the Real ID Act is unclear. It could be added as an amendment during Senate consideration of the supplemental approprations measure, or it could be subject to conference negotiations between the House and Senate over the supplemental bill. This will continue to be a hot topic of debate in April, and we’ll keep following its progress.
(more…)

CONTENTS

[1] U.S. Supreme Court Hears Arguments in MGM v. Grokster
[2] USACM Calls for Stronger Cybersecurity in Power Plants
[3] Experts Begin Voter-Registration Database Study
[4] Momentum Turns Toward Privacy Protection
[5] Legislation on the Move
[6] Innovation Finds Another Champion
[7] Events to Watch In April
[8] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

In a letter to the Nuclear Regulatory Commission (NRC), USACM advocates for stronger cybersecurity in power plants across the nation. The letter points out the critical role of computer-controlled safety systems in today�s power plants and the importance of securing these systems:

(more…)

Peter Harsha at the Computing Research Association reports, The House Science Committee marked up the High-Performance Computing Act on Thursday. The bill is almost the same as last year, when it passed the House but died in the Senate. USACM formally commented on the merits of the legislation to Science Committee Chairman Boehlert.

The sponsors are more optimistic that they will be able to get the bill to President Bush�s desk this Congress. Considering they have two years to do so, it is a relatively safe bet.

Apparently the only sticking point at yesterday�s markup was the rejection of an amendment offered by Rep. Brad Sherman (D-CA) to investigate the �cultural and social implications� of artificial intelligence.

USACM signed onto a Supreme Court amicus brief with sixty law professors in support of Grokster in the case of MGM vs. Grokster. MGM studios sued Grokster arguing that Grokster should be held liable for users downloading copyrighted material using their peer-to-peer software. This argument, if accepted, would overturn the landmark “Sony decision,” which created a safe harbor for companies to innovate and has been heralded as the “Magna Carta” of the information technology industry. (For more detailed background visit EFF’s webpage dedicated to the subject.) The following is a summary of our argument:

“This case is fundamentally about technology policy, not about file sharing or copyright infringement. Each of the alternative secondary liability standards for which Petitioners and supporting amici argue would dramatically change the balance of power between the entertainment industry and the technology industry. It would do so despite the absence of a statutory basis in copyright law for this change and would disrupt settled expectations in the information technology industry.” (more…)

Maurice Solomon, a graduate student in information economics and policy at the University of Michigan School of Information, is spending the week working with the ACM and CRA Washington D.C. offices. The visit is part of the school’s Alternative Spring Break program, which seeks to help students gain experience and learn new skills though partnerships with information-focused organizations.

“There’s a fascinating amount of work for ACM and CRA to do,” said Maurice, referring to the array of issues in Washington in which technology plays a part. “I have been learning in depth about e-voting, telecom policy, protecting innovation, research funding, and the voices that the ACM and CRA contribute to these areas.” One of the most educational parts of the experience so far, attending a House Commerce Committee hearing on recent telecom mergers, “helped me see the broad intersection between the business and policy worlds,” said Maurice.

After completing his undergraduate degree in math-economics, Maurice spent a year teaching English in Japan before beginning his graduate education. After graduating, he plans to go into strategy consulting for information and technology focused firms.

CONTENTS

[1] Successful Policy Summit Focuses USACM’s Agenda
[2] USACM Joins Legal Scholars To Protect Innovation
[3] USACM Weighs in on High-Performance Computing Legislation
[4] ChoicePoint Privacy Breach Getting Congressional Attention
[5] Real ID Act Passes U.S. House of Representatives
[6] Congress Organizes (Mostly): IT Policy Implications
[7] Events to Watch In March
[8] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

“ACM, the Association for Computing Machinery, has named Vinton G. Cerf and Robert E. Kahn the winners of the 2004 A.M. Turing Award, considered the “Nobel Prize of Computing,” for pioneering work on the design and implementation of the Internet’s basic communications protocols.

[…] ACM President David Patterson said the collaboration of Cerf and Kahn in defining the Internet architecture and its associated protocols represents a cornerstone of the information technology field […]”

SOURCE: ACM

Note: Also see a related article in today’s NY Times.

“ACM has named Cameron Wilson, a veteran of Capitol Hill, as its new Director of Public Policy […]

Wilson will head the ACM Public Policy Office in Washington, DC. Previously, he was Deputy Chief of Staff and Legislative Director for Congressman Vernon Ehlers of Michigan, where he navigated the murky policy waters of Washington. Congressman Ehlers, the first research physicist in Congress, chairs the Environment, Technology and Standards Subcommittee of the House Science Committee, and is a strong supporter of “substantial and stable” science funding. Wilson also worked for the Subcommittee, managing technical standards and other technology issues […]”

SOURCE: ACM Membernet

CONTENTS

[1] Cameron Wilson Begins as ACM Policy Office Director
[2] Numerous Briefs Filed in MGM v. Grokster Case
[3] New Legislation on National Standards for Driver’s Licenses
[4] PITAC Approves Report on Federal Cybersecurity R&D
[5] White House Names New Homeland Security Director
[6] Upcoming Events
[7] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

CONTENTS

[1] ACM Job Migration Task Force Meets in D.C.
[2] U.S. Supreme Court to Consider P2P Case
[3] Intelligence Reform Legislation Becomes Law
[4] European Union Policy Developments
[5] Upcoming Events
[6] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

ACM’s Job Migration Task Force held a meeting earlier this month in Washington, D.C. Among others, the Task Force heard presentations from representatives of the Institute for International Economics, the Cato Institute, the Economic Policy Institute, and the U.S. General Accountability Office (GAO).

The group, co-chaired by Moshe Y. Vardi (Rice University) and Frank Mayadas (Alfred P. Sloan Foundation), was created to examine global job migration trends resulting from outsourcing and offshoring of IT jobs. It includes representatives from North America, Europe, India, China, Japan, and Israel. The task force expects to release the results of its study in the second half of 2005.

For more information, see the ACM Membernet article announcing the task force’s launch.

CONTENTS

[1] Election Over, Concerns with E-Voting Linger
[2] Congress Increases NIST Labs Funding for FY 2005
[3] FCC Claims Jurisdiction over VoIP Regulation
[4] TSA to Test New System with U.S. Airline Passenger Data
[5] U.N. Working Group on Internet Governance Meets
[6] Upcoming Events
[7] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

USACM and the Computing Research Association (CRA) recently sent a joint letter to Congressional appropriators in support of funding for the National Institute of Standards and Technology (NIST) laboratories. In the letter, USACM and CRA describe the crucial and broadly beneficial nature of NIST’s work and voice support for funding levels equal to (or higher) than the levels proposed in legislation under consideration in the Senate. The joint letter concludes that “NIST provides an invaluable setting for industry, academia, and government to work together on crucial technical issues,” and that the “underfunding of NIST will adversely affect [its] credibility as well as [its] ability to function, and will have serious long-term consequences.” NIST labs are also working to support e-voting security and standards initiatives.

A copy of the letter is available here

CONTENTS

[1] ACM Leadership Approves Position Statement on Voting Systems
[2] USACM Joins Diverse Coalition Seeking Hearings on the Induce Act
[3] USACM Launches New Web Site and Tech Policy Weblog
[4] Congress to Take Action on 9/11 Commission Recommendations
[5] International Developments in Cybercrime, Spam, and Internet Governance
[6] Upcoming Events of Interest to Computing Community
[7] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

Cites Risks of Computer-based Systems

Seeking to improve the security, accessibility, and public confidence in the voting process, ACM’s elected leadership has approved a public statement on the deployment and use of computer-based electronic voting (e-voting) systems for public elections. ACM’s position is that while computer-based e-voting systems have the potential to improve the electoral process, such systems must embody careful engineering, strong safeguards, and rigorous testing in both their design and operation. [See the official release here.]
(more…)

USACM has joined a broad coalition of stakeholders (including IEEE-USA, the American Association of Universities, the U.S. Chamber of Commerce, and numerous IT companies) in sending a letter to the U.S. Senate concerning the Induce Act (S. 2560).

USACM continues to be troubled that the proposal’s flawed approach of restricting technology rather than focusing on individual acts of infringement could have serious unintended consequences which could undermine continued innovations in software and digital computing and introduce new liabilities for technology developers.

CONTENTS

[1] USACM Releases FY2004 Report of Activities and Achievements
[2] Digital Copyright Policy Actions of Interest to Computing Community
[3] VoIP Subject to Wiretap Mandates
[4] Privacy: Congress Holds Hearing, ACLU Releases Surveillance Report, and More
[5] Recommendations for E-voting Call for Better Security, Testing, and Auditing
[6] United Nations Moving Forward with Working Group on Internet Governance

[An archive of all previous editions of Washington Update is available here.]
(more…)

USACM recently prepared a report covering activities and achievements for the fiscal year beginning on July 1, 2003, and concluding on June 31, 2004. During the period, USACM’s achievements included convening a workshop for election officials and technologists to discuss the risks and vulnerabilities of paperless electronic voting systems; educating policymakers and courts regarding the impacts of laws and legislation that may limit the freedom to publish and to engage in analysis and research; and working in partnership with the Computing Research Association and other key stakeholders from the computing community to highlight the crucial role federal investment in IT R&D plays in the advancement of all fields of computing and the development of new experts. Click here to review the report.

USACM Co-Chair Gene Spafford was recently awarded the ACM Special Interest Group on Computers and Society (SIGCAS) 2004 “Making a Difference Award.” The award is given annually to an individual nationally recognized for work related to the interaction of computers and society. The recipient is a leader in promoting awareness of ethical and social issues in computing. The recipients of this award and the award itself encourage responsible action by computer professionals.

SIGCAS brings together computer professionals, specialists in other fields, and the public at large to address concerns and raise awareness about the ethical and societal impact of computers.

CONTENTS

[1] USACM Voices Reservations About Induce Act (S. 2560)
[2] USACM Endorses Congressional Testimony on IT R&D
[3] Risks and Vulnerabilities of E-voting Continue to Stir Controversy
[4] New Federal Court Decision and Administration Action Affect Privacy
[5] CRA Awards Simons and Klawe at Snowbird Conference
[6] Computer Science and Telecommunications Board Appoints New Co-Chairs
[7] European Policymakers Issue Report on DRM

[An archive of all previous editions of Washington Update is available here.]
(more…)

In advance of today’s hearing on the Inducing Infringement of Copyrights Act of 2004 (S. 2560), USACM sent a letter to Senate Judiciary Committee Chairman Orrin Hatch expressing reservations about the legislation and offering to provide input on its development. In the letter, USACM cautions that the legislation’s flawed approach of restricting technology rather than focusing on individual acts of infringement could have serious unintended consequences which could undermine continued innovations in software and digital computing and introduce new liabilities for technology developers. (July 22, 2004).

The Computing Research Association (CRA) held it biennial conference in Snowbird, Utah, recently. Running from July 11-13, the conference brought together the chairs of Ph.D.-granting departments of computer science and computer engineering, as well as leaders from U.S. industrial and government computing research laboratories. A number of other senior people from research groups, government, academia, and professional societies also attended. The goal of the conference is to provide a context in which attendees can discuss practical and strategic issues facing their organizations. More information about the conference can be found at http://www.cra.org/Activities/snowbird/2004/index.html.

Shown here is a photo from the conference’s technology policy panel. Seated left to right are Charles Brownstein (CSTB, USACM), Barbara Simons (USACM Co-chair), Peter Harsha (CRA), Jeff Grove (ACM Policy Office), and Eugene Spafford (USACM Co-chair).

Should computer-based electronic voting systems provide a physical record so voters can inspect permanent records of their ballots before they are cast and so meaningful recounts may be conducted? Find out more and give your opinion. To learn more about USACM concerns and activities concerning this issue, see our evoting web page.

CONTENTS

[1] USACM Recommends Changes to the DMCA to Permit Research and Discussion
[2] USACM Creates Privacy Subcommittee (and Other Developments)
[3] Evoting Continues to Stir Controversy
[4] Voice Over Internet Protocol Becoming a Global Policy Issue
[5] Cicerone Nominated to be National Academy of Sciences President
[6] Peace Corps Looking for Volunteers with IT Skills
[7] Cybercrime Treaty Moves Toward Ratification

[An archive of all previous editions of Washington Update is available here.]
(more…)

In a submission to the Congressional Internet Caucus for an upcoming panel, USACM raised concerns about the chilling effect the DMCA is having on cybersecurity research and the ability of technologists to discover and fix dangerous bugs in code, to analyze and stop malicious code and spyware, and to publish and discuss computing research. USACM recommends a more balanced approach that targets copyright infringement while permitting non-infringing uses of copy-protected works.

CONTENTS

[1] Pentagon Advisory Committee Issues Report on TIA
[2] Investigation Finds Widespread Government Data Mining
[3] Developments at State Level to Impact Use of Evoting Systems
[4] British Computer Society Raises Concerns Regarding UK Identity Card Proposal
[5] High-End-Computing Revitalization Task Force (HECRTF) Issues Report
[6] David Padgham Joins ACM Policy Office Staff

[An archive of all previous editions of Washington Update is available here.]
(more…)

In a letter to the newly created U.S. Election Assistance Commission, USACM urged that independent technical experts be involved in the development and assessment of electronic voting standards and technologies. USACM offered to provide its technical assistance to the Commission.

In a joint letter, USACM and CRA urged Congress to fully fund the FY2005 budget request of the National Institute of Standards and Technology for IT research and computer security related activities. USACM and CRA noted that NIST research in cybersecurity, semiconductor manufacturing, and nanotechnology could help unlock future advancements in computing.

USACM joined a diverse coalition of IT companies, library advocates, consumer rights groups and research organizations known as the Digital Futures Coalition in calling on Congress to make changes to the Digital Millennium Copyright Act of 1998 (DMCA).

Among the proposed changes, the coalition is seeking to ensure that scientists could not be sued under the DMCA when engaged in legitimate scientific research, such as for cyber security purposes.

In a letter to the U.S. Senate concerning S. 1621, the Consumers, Schools, and Libraries Digital Rights Management Awareness Act, USACM welcomed provisions of the Act that block government imposed DRM regulations, provide public transparency concerning the commercial use of DRM, and that require a review of DRM restrictions on research, education and communication activities.

USACM has joined a diverse coalition of voting rights groups and reform advocates in sending a letter to Congress urging full funding for research and standards initiatives intended to enhance the security of electronic voting systems. USACM also issued a press release.

Should US legal protections for collections of data be expanded? Find out more and give your opinion. To learn more about USACM concerns and activities concerning this issue, see our Database Policy page.

USACM has written a letter to the Association of American Publishers regarding AAP’s support for the arrest of Dmitry Sklyarov and the DMCA. Here is the August 1, 2001, response from the AAP.

USACM has issued a press release regarding the effect of the DMCA on academic freedom and speech.