ACM logo ACM motto image
Home | News & Activities | Weblog | About | Contact Us | Join ACM
USACM
is the U.S. Public Policy Council of the Association for Computing Machinery (ACM) ... (more)
 
Policy Resources
USACM News & Activities
Newsletter: Washington Update
Tech Policy Weblog
Policy Reports
-Globalization and Offshoring of Software
-Voter Registration Databases
Issue Areas
Copyright/IP
-DMCA
-DRM
-P2P
E-voting and Standards
Internet Governance
Open Government
Privacy
-Encryption
-National ID Systems
-Spam/UCE
Research and Development
-Access to Scientific Information
-Database Protection
-Reverse Engineering
-UCITA
Security
Web Accessibility
 
Search
USACM Policy Resources
ACM Portal

 
Archives
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
April 2004
February 2004
January 2004
June 2003
May 2003
February 2003
January 2003
December 2002
November 2002
August 2002
September 2001
August 2001
July 2001
May 2001
Older
2003
2002
2001
Misc. older News & Activities
 
RSS
RSS Link
 
About
About USACM
-USACM Members
-Policy Office FAQ
-Policy Office Staff
-Annual Reports
About ACM
-ACM Press Room
-Join ACM
 
Contact Us
ACM Public Policy Office
1100 17th Street, NW
Suite 507
Washington, DC 20036-4632
Tel: 202.659.9711
Fax: 202.667.1066

 


May 31, 2005

ACM Voter Registration Database Study Calls for More Details in EAC Guidance

Previously, we reported that ACM created a committee to study issues related to statewide voter registration databases and that the Election Assistance Commission (EAC) recently released its draft guidance on this topic, seeking additional comments. ACM’s committee took the opportunity to provide expert comments to the EAC.

The Help America Vote Act requires that all states have statewide voter registration databases in place by January 1, 2006. Seeking to give the states guidance on this law, the EAC released draft guidelines on how to implement statewide registration databases. ACM’s committee felt that the guidance was a good start, but that it covers only a few issues and lacks much of the technical detail that states really need:

“States will face many technical challenges in implementing these databases in a secure, accurate, and reliable manner, while protecting sensitive information and minimizing the risk of identity theft. The databases must also be easy to use and able to withstand the kinds of extreme demands to which they are likely to be subjected on Election Day. While the current guidance recognizes some of these challenges, it addresses the technical issues only at the highest level of detail. We urge the Commission to provide more technical detail on a broader set of issues as it further develops this guidance.”
(more…)

Cameron posted this at 2:30 pm ET | Filed in E-voting, ACM/USACM News | Permanent Link | Trackback

 

ACM Washington Update, Vol. 9.5 (May 31, 2005)

CONTENTS

[1] Newsletter Highlights
[2] Congress, Media, and Research Societies Bring National Attention to IT R&D Funding, USACM Weighs in
[3] ACM Voter Registration Database Study Calls for More Details in EAC Guidance
[4] USACM Provides Testimony to House Science Committee Hearing
[5] Congress Begins Work to Fund Research Agencies
[6] Congressmen Announce “Innovation Summit”
[7] Real ID Act Becomes Law
[8] House Passes Two Spyware Bills
[9] Cybersecurity Issues Move Forward in the House
[10] Administration Announces Leadership Changes in IT R&D Agencies
[11] Events to Watch In June
[12] About USACM
(more…)

David posted this at 2:28 pm ET | Filed in ACM/USACM News, Newsletter | Permanent Link | Trackback

 
May 24, 2005

Spyware bills pass House

With most eyes focused (understandably) on the Senate’s judicial filibuster fight, the House of Representatives yesterday passed two pieces of spyware legislation:

H.R. 29 – Rep. Mary Bono’s (R-CA) Securely Protect Yourself Against Cyber Trespass Act (SPY Act), which would, among other things, prohibit deceptive acts or practices intended to take unsolicited control of the computer; modify its settings; collect personally identifiable information; induce the unsolicited installation of computer software; and remove or disable a security, anti-spyware, or anti-virus technology. The bill tasks the FTC with enforcement of these provisions.

H.R. 744 – Rep. Robert Goodlatte’s (R-VA) Internet Spyware Prevention Act (I-SPY Act), which would criminalize the installation of software to commit fraud, damage a computer, or alter security settings. The bill would provide courts the power to impose fines and jail time on lawbreakers. It would also authorize $10 million a year for the Department of Justice to go after those lawbreakers (however, as Cameron noted recently in a different context, authorizing and appropriating are two very different things).

(more…)

David posted this at 1:10 pm ET | Filed in Privacy, Security, Analysis | Permanent Link | Trackback

 

Senate Judges Controversy Hits Boiling Point

Update 5/24/05: The Senate cut a deal last night paving the way for several judge confirmations, so looks like a ceasefire is in effect. The Washington Post has a good report on it.

Original Post 5/17/05: Today’s Washington Post reports that Republican and Democrat leaders have ended efforts to find a compromise over the confirmation of judges. (For background, the President has sent several judges to the Senate for confirmation; the Republicans seek an up or down majority vote on each one, while the Democrats are filibustering their nominations, meaning it takes 60 votes before a judge would face a simple majority vote.) This has been a leading issue in D.C. for well over a year now, but this week it is clear that something will happen. Senator Frist (R-TN) has said he will likely bring a confirmation up for debate, call for a special ruling to bypass the filibuster, and then force a simple majority vote on the ruling. (There is more nuance, but this is basic gist.) This scenario has been described in the media as the so-called “nuclear option.”
(more…)

Cameron posted this at 12:01 pm ET | Filed in Miscellaneous, Analysis | Permanent Link | Trackback

 
May 18, 2005

Little clearing in privacy/personal information issues

Federal Trade Commissioner (FTC) Orson Swindle had some strong words recently for business leaders attending a meeting on cybercrime convened by the Business Software Alliance and the Center for Strategic and International Studies (as reported in National Journal’s Tech Daily [subscription req’d]):

“Industry has been irresponsible, and someone’s got to pay,” [he said …]

Swindle said Congress’ current obsession with attacking the explosion in identity theft was misplaced.

“It’s not identity theft – it’s theft of information,” he said.

However, as pointed out in a NY Times article today, many of the activities from which current privacy concerns arise aren’t theft at all:
(more…)

David posted this at 1:59 pm ET | Filed in Privacy, Security | Permanent Link | Trackback

 

Murky Waters Begin to Clear: House Moves Cybersecurity Issues Forward

In a previous post (recommended reading for background to this post), we outlined House Homeland Security Chairman Cox’s (R-CA) efforts to add cybersecurity provisions to the Department of Homeland Security Authorization Act. The leading idea was to give cybersecurity more political clout within the department by moving it higher up on the bureaucratic food chain. Another idea was to add research provisions to the act. What was unclear was how this effort would proceed given four different committee’s claiming responsibility over cybersecurity – normally a recipe for gridlock. In what appears to be a win for the fledging Homeland Security Committee, The House of Representatives is poised to pass the Department of Homeland Security Authorization with a new “Cybersecurity Czar” and research and development provisions.

This is apparently homeland security week in the House of Representatives as it considers both the Homeland Security Appropriations Act and the Department of Homeland Security Authorization Act. This post covers only the cybersecurity provisions in the authorization bill. Peter at CRA has a great (and distressing) analysis of what happened in the appropriations bill. (For those of you new to authorizing versus appropriation, it is a complex topic, but the really rough summary is an authorization bill authorizes activities, while the appropriation bill actually funds them.)
(more…)

Cameron posted this at 12:17 pm ET | Filed in Security, Analysis | Permanent Link | Trackback

 
May 16, 2005

ID Theft and Phishing Converge to Pose New Threat

News.com has a rather troubling article today about how ID theft and phishing are converging to create a new very active threat to electronic commerce. Here is the key excerpt:

According to Cyota, the phishing e-mails arrive at bank customers’ in-boxes featuring accurate account information, including the customer’s name, e-mail address and full account number. The messages are crafted to appear as if they have been sent by the banks in order to verify other account information, such as an ATM personal-identification number or a credit card CVD code, a series of digits printed on the back of most cards as an extra form of identification.

While we normally post policy-related stories and this one isn’t policy per se, it struck us as particularly troubling for couple of reasons. First, both identity theft and phishing seem to be growing threats to consumers. While Congress has held numerous hearings on the deluge of identity theft incidents since the start of the year (here is one we covered on ChoicePoint), it has yet to move any of various pieces of legislation to regulate data brokers or increase privacy protection. Further, little attention has been paid to phishing. We doubt that Congress is looking into how the issues may be converging. In fairness, Congress does move rather slowly, particularly on issues that overlap so many different committees such as this one.

Second, Congress just passed, and the President signed, the Real ID Act as part of the emergency supplemental appropriations bill. In USACM’s view, this act will significantly increase the risk of identity theft by linking each state’s drivers license databases to one another without any security mandates or clearly identifying who has access to what data.

Since Congress is generally a strong supporter of fostering electronic commerce, it would seem it should balk at things that can directly undermine this goal. This article would also seem to strengthen security expert Bruce Schneier’s arguments that new threats can undermine two-factor security strategies.

Cameron posted this at 12:38 pm ET | Filed in Privacy, Security, Analysis | Permanent Link | Trackback

 
May 13, 2005

Computing research community: Boost federal funding levels for fundamental IT R&D

The House Science Committee held a hearing yesterday on computer science research. USACM and CRA, along with a number of other organizations concerned about the future of computing research, issued joint testimony for the hearing:

[F]ederal investment helps fuel the innovation that insures the U.S. remains the world leader in business, that we have the strongest possible defense, and that we continue to find ways to live longer, healthier lives. To keep the fires of innovation lit, we should continue to boost funding levels for fundamental IT R&D.

The full testimony is available (PDF, 1.6 MB) here.

CRA tracks computing research and funding issues very closely, and their Computing Research Policy Weblog has the most detailed coverage of the hearing.

Following the hearing, ACM President David Patterson made comments in an ACM press release:

He concluded that the US still has the world’s strongest capability in fundamental research in IT, and the most experience in how to leverage that capability toward economic growth. “But we run a grave risk in cutting funding for fundamental IT research,” said Patterson. “Our concern is that the total level of national investment in fundamental IT research needs to be restored to meet the needs of our economy in an increasingly competitive world.”

The full release is available below (click here for a PDF of the release).
(more…)

David posted this at 1:40 pm ET | Filed in Research, ACM/USACM News, Funding | Permanent Link | Trackback

 

Congressmen announce “Innovation Summit”

At a Capitol Hill press conference yesterday, a group of House members announced plans to hold a national “Innovation Summit” later this year. The event was led by Rep. Frank Wolf (R-VA), along with his Congressional colleagues Rep. Vern Ehlers (R-MI), Rep. Sherwood Boehlert (R-NY), and Rep. Don Manzullo (R-IL). They were joined by former Michigan Governor John Engler from the National Association of Manufacturing; Deborah Wince-Smith from the Council on Competitiveness; John Castellani from the Business Roundtable; John Palafoutas from the American Electronics Association; and Dr. Alan Merten, President of George Mason University.

The group voiced concerns that the United States is losing its leadership in science and innovation. Rep. Wolf noted that the group’s “hope is that the conference will bring together the nation’s best and brightest to help develop a blueprint for the future of American science and innovation.”

Rep. Wolf’s press release regarding the summit is available here.

The event took place only minutes before the scheduled start of yesterday’s House Science Committee hearing on computer science research, to which we directed your attention the other day. Peter Harsha, CRA’s director of government affairs, has promised an update on how the hearing went and its likely fallout.

We will bring you more information about the Innovation Summit as it becomes available.

David posted this at 9:11 am ET | Filed in Research, Events | Permanent Link | Trackback

 
May 11, 2005

ACM President’s Op-Ed: Surrendering U.S. leadership in IT

In an excellent op-ed for News.com, ACM’s President Dave Patterson argues that the federal government is abandoning its previous vision of investing in long-term IT research that has driven many amazing innovations and multibillion industries (i.e. the Internet).

Over the last 10 years, however, there’s been a major shift in funding priorities and policy at DARPA and the National Science Foundation. The current DARPA policy, which mandates 12-month “go/no go” research milestones for IT, has shortened deadlines, thus discouraging long-term research. In addition, programs formerly open to academics are now classified; other programs have citizenship restrictions. In three years, DARPA halved academic IT research to $123 million in fiscal year 2004. DARPA today is no longer engaging all the best talent in long-term research, which has been so vital to America’s prowess in defense and essential to a robust economy.

He further explains how big of an issue this is as other agencies aren’t filling this gap:

In the last five years, IT proposals to the National Science Foundation jumped from 2,000 to 6,500, forcing the agency to leave many worthy proposals unfunded. Sadly, other agencies are not stepping in to take up the challenge. The Department of Homeland Security, which some hoped would augment the Science Foundation and DARPA, spends just a few million dollars per year for IT research. NASA also is downsizing its IT effort; in March it encouraged all but 70 of its 1,400 employees at its Silicon Valley center to retire.

He also discusses the implications of this shift in strategies:

The history of IT is littered with companies that lost substantial leads in this fast-changing field. I see no reason why it couldn’t happen to countries. Indeed, at the recent International Collegiate Programming Contest of the Association for Computing Machinery, four Asian teams finished in the top dozen, including the champion, while the best U.S. finish was 17th, its worst ever. If current U.S. government policies continue, IT leadership could easily be surrendered to Asia.

The column and tomorrow’s (Thursday, May 12) the House Science Committee hearing do a great job of framing the issues that Congress and the Executive Branch really have to consider.

Cameron posted this at 9:46 am ET | Filed in Research, Funding | Permanent Link | Trackback

 
May 10, 2005

Congress Passes Real ID Act

Update 5/10/05:The Senate passed the supplemental appropriations conference report tonight by a vote of 100-0.

Update 5/6/05: The House passed the supplemental appropriations conference report yesterday by a overwhelming margin 368-58-1.

Original Post 5/5/05:The House and Senate have reached agreement on the Real ID Act. We posted the final agreement here. It is largely the same bill that passed the House as part of the supplemental appropriations bill (see our previous coverage for more background).

The legislation prevents federal agencies from accepting state driver’s licenses for official purposes unless they meet certain minimum standards spelled out in the act. It also requires states to check citizenship against federal databases. Finally, it requires all states to share these databases with each other. (There are several more provisions, but those are the highlights.)

Last month USACM sent the Senate a letter outlining its concerns about the security aspects of the database provisions and its national ID implications. It’s safe to say the final bill still raises those same concerns.

The Real ID Act is part of the supplemental appropriations bill, which the House is scheduled to consider, and will likely pass, today. The Senate will take up the bill next week. The President has already indicated he will sign it.

Cameron posted this at 9:43 pm ET | Filed in Privacy, National IDs | Permanent Link | Trackback

 

Congress to Probe the State of IT R&D Funding

This Thursday (May 12) at 10:00 a.m. EDT the House Science Committee will review the current landscape of the federal government’s commitment to IT R&D funding and its implications for the future.

The hearing is titled “The Future of Computer Science Research in the U.S.,” and the witnesses are:

  • Dr. John H. Marburger III, Director, Office of Science and Technology Policy, Executive Office of the President;
  • Dr. Anthony J. Tether, Director, Defense Advanced Research Projects Agency;
  • Dr. Wm. A. Wulf, President, National Academy of Engineering; and
  • Dr. Tom Leighton, Chief Scientist and co-founder, Akamai Technologies, and member of the President’s Information Technology Advisory Committee

The committee webcasts all of its hearings (www.house.gov/science), and I recommend watching as this is the first hearing to delve into many of the issues the community and the media have discussed over the past few years.
(more…)

Cameron posted this at 2:20 pm ET | Filed in Research, Funding | Permanent Link | Trackback

 

Court rejects broadcast flag

Infoworld has the following article on a recent legal setback for the entertainment industry:

Court tosses out FCC’s Broadcast Flag

In an opinion that is bound to stir fierce debate over television broadcast piracy protections, the U.S. Court of Appeals struck down the Federal Communications Commission’s “broadcast flag” regulation meant to set out anti-piracy guidelines as the country’s broadcast television stations switch to digital technology […]

Of course, that’s not the end of this saga. (more…)

David posted this at 7:47 am ET | Filed in Intellectual Property | Permanent Link | Trackback

 
May 9, 2005

Schneier on Real ID

Security expert Bruce Schneier has a sobering post on the Real ID Act today:

REAL ID

The United States is getting a national ID card. The REAL ID Act … establishes uniform standards for state driver’s licenses, effectively creating a national ID card. It’s a bad idea, and is going to make us all less safe. It’s also very expensive. And it’s all happening without any serious debate in Congress.

As you know, USACM has been active on Real ID, but it appears to be a done deal at this point. Indeed, we may see Senate action as early as this afternoon on the supplemental appropriations bill which includes the Real ID Act.

David posted this at 9:47 am ET | Filed in Privacy, National IDs, Security | Permanent Link | Trackback

 
May 6, 2005

Patterson & Lazowska write op-ed on support for computing research

Peter Harsha at the Computing Research Association (CRA) has a good report on a recent op-ed in Science by former CRA Board members and current PITAC members Ed Lazowska and David Patterson (who also happens to be President of ACM and a member of USACM’s Executive Committee).

Quoting Peter, the article discusses “the impact of the changing federal landscape for support of computing research.”

David posted this at 11:51 am ET | Filed in Research, Funding | Permanent Link | Trackback

 

Patent Reform Takes Center Stage

We haven’t covered patent reform much in this blog, but it is an issue that Congress and the Administration are reviewing. As we previously reported, Congress is likely to look toward patent reform legislation while it waits for the Supreme Court to decide MGM v. Grokster.

Yesterday’s Washington Post had an article that gives a good overview of the issue and the current efforts:

Some corporations have internal teams whose sole mission is to file for and acquire as many patents as possible. Patent examiners are overwhelmed, and are waving on patent applications – especially in technology areas – that would be called head-scratching if one were being polite. Meanwhile, everyone seems to be suing everyone else claiming patent violations, helping to clog the courts and costing everyone money.

It also concisely describes the differening positions and what may happen:

The tech firms want a higher standard for when such injunctions are granted, and want damages to be based only on the portion of the product covered by the patent in question, rather than the patent being considered essential to the whole product or service. But small inventors, and representatives from other industries such as biotechnology, argue that the hammer of injunction and high damage awards are the only things that hold back big companies from trampling on smaller competitors’ patents, crushing them in the marketplace and then simply paying any fines as a cost of doing business. Not on the table, however, are more controversial notions aimed at deeper change to the patent system. These were snuffed out long ago, in a process effectively hijacked by large companies and powerful patent-lawyer groups.

(more…)

Cameron posted this at 6:18 am ET | Filed in Intellectual Property, Analysis | Permanent Link | Trackback

 
May 4, 2005

Powerful Appropriator Calls for Tripling of Basic Research Funding

The Computing Research Association (CRA) has a good post about Representative Frank Wolf’s (R-VA) call on President Bush to triple the federal government’s investment in basic research. He sent the President a letter (which is also on CRA’s website) outlining his concern about the levels of federal investment in basic research and its impact on the future of American competitiveness. It is especially important that it is Rep. Wolf saying this as he is Chairman of the Appropriations Subcommittee that has jurisdiction over much of the federal research budget.

Peter at CRA makes the key point in his post:

Wolf’s goal in writing to the President isn’t to affect the FY 06 appropriations process directly – after all, at this point the President’s only official role in the FY 06 budget process is to veto or sign the final approps bill – but to encourage the President to make basic research a priority in his FY 2007 budget request. Doing so would give appropriators next year more “headroom” to increase budgets for basic research – headroom sorely lacking this year. This is an approach many groups in the science community (including CRA) are taking as well, in addition to working very hard to get the highest possible funding level in FY 06.
Cameron posted this at 8:57 am ET | Filed in Research, Funding | Permanent Link | Trackback

 
May 3, 2005

ACM Washington Update, Vol. 9.4 (Apr. 29, 2005)

CONTENTS

[1] April Proves to be a Busy Month for ACM Policy Activities
[2] ACM Provides Testimony to EAC on Voter Databases
[3] USACM Questions Real ID Act’s Security Standards
[4] High-Performance Computing Legislation Passes House
[5] EAC Technical Committee Adopts Voting System Standards; EAC Commissioner Resigns
[6] Cyber Czar Legislation Takes First Step in Congress
[7] Legislation on the Move
[8] Events to Watch In May
[9] About USACM

[An archive of all previous editions of Washington Update is available here.]
(more…)

David posted this at 9:03 am ET | Filed in ACM/USACM News, Newsletter | Permanent Link | Trackback

 

Congress May Require Closer Scrutiny to Get a Driver’s License

From the front page of today’s NY Times, an article on the Real ID Act’s progress:

WASHINGTON, May 2 - Congress is moving quickly toward setting strict rules on how states issue driver’s licenses, requiring them to verify whether each applicant for a new license or a renewal is in this country legally.

A House and Senate conference now taking place has included the requirements, which apply to all 50 states and other jurisdictions that issue licenses, in a supplemental appropriations bill for Iraq, aides involved in the process said on Monday. The draft legislation will be completed in the next few days and is all but certain to pass.

This article confirms our earlier report that the Real ID Act is likely to remain a part of the supplemental appropriations legislation.

Recently, USACM sent Senator Lamar Alexander (R-TN), who has been working against the Real ID Act, a letter expressing our concerns about the bill.

David posted this at 6:02 am ET | Filed in Privacy, National IDs | Permanent Link | Trackback

 
May 2, 2005

Cyber Czar Legislation Takes First Step in Congress

Update 5/2/05: Last week, the Homeland Security Committee folded the “cyber czar” legislation (see below), pretty much as is, into the Department of Homeland Security Authorization Act of 2006. This massive bill reauthorizes and updates many different programs at the department.

The Committee did add two items to the cybersecurity provisions. The first is a new $3.7 million (over one year) professional development program for cybersecurity. The program would be run by the National Science Foundation but funded by the Department of Homeland Security. The second is language that assures that this position has no impact whatsoever on the existing cybersecurity guidelines for federal agencies.

We have also worked up (at Spaf’s request) an organization chart that compares current law to proposed structure. The chart shows the bill’s intent to increase the political clout of the office. For example, come budget season it will only have to go through two levels of bureaucratic tradeoffs instead of three – a likely worthy goal.

Lastly, we posted a Congressional Research Service report on cybersecurity. This report has been floating around the Internet for a while, but it is worth reading if you haven’t yet. It is a long report that outlines the many challenges with this complex issue.
(more…)

Cameron posted this at 8:45 pm ET | Filed in Security, Analysis, Homeland security | Permanent Link | Trackback

 
May 2005
S M T W T F S
« Apr   Jun »
1234567
891011121314
15161718192021
22232425262728
293031  
 
Weblog Categories
Access to Information
Accessibility
ACM/USACM News
Analysis
Biometrics
DMCA
DRM
E-Goverment
E-voting
Education and Workforce
Encryption
Events
Funding
Healthcare
Hill Tech Happenings
Homeland security
Intellectual Property
International
Internet Governance
Letters
Miscellaneous
National IDs
Newsletter
Opinion
P2P
People
Polls
Privacy
Research
RFID
Sci/Tech Policy (General)
Security
Spam
Standards
State & Local
Surveillance
Telecommunications
Testimony
VoIP
 
Tech Policy Links
ACM Tech News
American Library Association (ALA)
-ALA Office Intellectual Freedom
Center for Democracy and Technology
Computer Science Teachers Association (CSTA)
Computing Research Association (CRA)
-CRA's Policy Weblog
Electronic Frontier Foundation (EFF)
-Deep Links: EFF's Weblog
Electronic Privacy Information Center (EPIC)
Freedom To Tinker
The National Academies
-CSTB
Nothing is as simple ... (Jim Horning's blog)
PolicyBeta (Digital Policy blog for the Center for Democracy & Technology)
Public Knowledge
Schneier on Security
THOMAS
ACM Privacy Policy | ACM Code of Ethics

Questions? Comments?
Email us