ACM logo ACM motto image
Home | News & Activities | Weblog | About | Contact Us | Join ACM
USACM
is the U.S. Public Policy Council of the Association for Computing Machinery (ACM) ... (more)
 
Policy Resources
USACM News & Activities
Newsletter: Washington Update
Tech Policy Weblog
Policy Reports
-Globalization and Offshoring of Software
-Voter Registration Databases
Issue Areas
Copyright/IP
-DMCA
-DRM
-P2P
E-voting and Standards
Internet Governance
Open Government
Privacy
-Encryption
-National ID Systems
-Spam/UCE
Research and Development
-Access to Scientific Information
-Database Protection
-Reverse Engineering
-UCITA
Security
Web Accessibility
 
Search
USACM Policy Resources
ACM Portal

 
Archives
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
April 2004
February 2004
January 2004
June 2003
May 2003
February 2003
January 2003
December 2002
November 2002
August 2002
September 2001
August 2001
July 2001
May 2001
Older
2003
2002
2001
Misc. older News & Activities
 
RSS
RSS Link
 
About
About USACM
-USACM Members
-Policy Office FAQ
-Policy Office Staff
-Annual Reports
About ACM
-ACM Press Room
-Join ACM
 
Contact Us
ACM Public Policy Office
1100 17th Street, NW
Suite 507
Washington, DC 20036-4632
Tel: 202.659.9711
Fax: 202.667.1066

 


August 3, 2007

ACM Washington Update, Vol. 11.7 (August 3, 2007)

CONTENTS

[1] Newsletter Highlights
[2] House And Senate Pass Landmark Innovation Legislation
[3] Key Senator Signals Slowing of E-voting Reform
[4] California Top-To-Bottom Review Outlines Vulnerabilities and Deficiencies in E-Voting Systems
[5] House Committee Moves to Protect Social Security Numbers
[6] Patent Reform Legislation Advances in Congress
[7] Final Voting Standards Meeting Rescheduled
[8] About USACM

[An archive of all previous editions of Washington Update is available at
http://www.acm.org/usacm/update/]

[1] NEWSLETTER HIGHLIGHTS

Below are highlights of the top stories from July. In a flurry of activity, Congress moved forward on several technology policy related bills on innovation, patents and privacy issues as it headed to the August recess. There is more detail on each item below, as well as on our weblog at http://www.acm.org/usacm/weblog:

* The House and Senate overwhelmingly passed comprehensive legislation intended to substantially expand the pipeline of talent in the science, technology, engineering and mathematics (STEM) fields.

* The Senate Rules Committee held a second hearing on electronic voting, with the committee chair expressing concern that mandating voter-verified paper trails by 2010 is too soon.

* The California Secretary of State has released most of the reports from its top-to-bottom review of three e-voting systems, outlining the vulnerabilities and deficiencies of each.

* After several hearings, including one with testimony from USACM-EC member Annie Anton testified, the House Ways and Means Committee passed a bill to restrict sale and display of the Social Security Number.

* Patent reform legislation is working its way through Congress, with the House Judiciary Committee approving its bill and the Senate Judiciary Committee marking up its legislation

* The final meeting of the Technical Guidelines Development Committee has been rescheduled for August 17, where they will formally complete their draft of the next set of voting system standards.

[2] HOUSE AND SENATE PASS LANDMARK INNOVATION LEGISLATION

After two years of discussion, Congress has finally agreed to a comprehensive “competitiveness” legislative package intended to create, expand and bolster programs that foster innovation and domestic talent. The legislation takes two basic approaches to fostering innovation. First, it supports research. It does this largely by authorizing more funding for several key research agencies. The budgets of the National Science Foundation, the National Institute of Standards and Technology, and the Department of Energy’s Office of Science would be placed on a path toward doubling over the next 7 years. (This doesn’t mean that they will double as the law sets the targets that then must be met by annual appropriation bills.)

Second, it creates and bolster a diversity of STEM education programs. The bill authorizes $43.3 billion over the next three fiscal years for STEM education programs across the federal government. The variety is impressive ranging from new k-12 teacher programs to new opportunities for undergraduate and graduate STEM students.

In addition, the legislation has several provisions that expand outreach to women and minorities in STEM fields. The lack of females and minorities has been a key problem in computing, so this is another welcome effort.

This legislation is a much needed step in focusing on the keys for innovation – the research resources need for the next generation of breakthroughs, and a highly-educated workforce. This agenda has attracted the attention and support of much of the scientific, high-tech business and higher education communities. It is heartening to see this legislative breakthrough after two years of discussion.

Both bodies of Congress have passed the legislation, which is now headed to the President’s desk for an expected signature.

[3] KEY SENATOR SIGNALS SLOWING OF E-VOTING REFORM

On July 25 the Senate Rules Committee held a hearing on Chairwoman Diane Feinstein’s (D-CA) e-voting reform bill, the Ballot Reform Act (S. 1487). During the hearing, Senator Feinstein said two key things: First, she is likely to push the dates back for requiring voter-verified paper ballots. Second, she will not move a bill unless it is broadly supported, meaning by both advocates for reform, and state and local officials and other impacted groups.

While the basic form of Senator Feinstein’s bill resembles the House effort (H.R. 811, which was introduced by Congressman Rush Holt (D-NJ)) the bill has some key differences. First among them is a later deadline for implementation - the 2010 elections. The bill also provides more flexibility to states in the development and implementation of post-election audits. S1487 has stronger source code disclosure provisions, and the bill has additional provisions focused on other aspects of voting - standards for absentee and provisional ballots, among other things. Senator Feinstein noted during the hearing that the legislation is a work in progress, and she will continue to seek input from voting organizations and other interested people (many of whom submitted comments for the record).

The witness list for the hearing included Senator Hillary Clinton (D-NY), sponsor of a bill to provide a more effective means of allocating resources for polling places, as well as several state and local elections officials. The arguments against the bill will be familiar to those who have followed e-voting debates - short timelines, limited resources (which will be strained by yet another wholesale change in voting technology), the difficulty of dealing with paper rolls, etc. Two arguments were repeated throughout the hearing: the bill forecloses innovation and no voting system currently exists that complies with the provisions of the bill.

While the Committee was responsive to the criticisms of the bill, at least the Chair seems committed to moving forward with a bill. The likely differences with the House legislation - particularly where deadlines are concerned - will complicate final passage of e-voting legislation.

Senator Feinstein’s legislation can be reviewed here:

http://thomas.loc.gov/cgi-bin/query/z?c110:S.1487:

In related news Senator Ensign (R-NV) introduced his own e-voting reform effort, which would mandate the use of voter-verified paper ballots and manual audits. We haven’t review the legislation in detail, but it appears to be similar to H.R. 811. Senator Ensign’s legislation can be found here:

http://thomas.loc.gov/cgi-bin/query/z?c110:S.1869:

[4] CALIFORNIA TOP-TO-BOTTOM REVIEW OUTLINES VULNERABILITIES AND DEFICIENCIES IN E-VOTING SYSTEMS

On July 27, The California Secretary of State released the first of the reports from the teams conducting a top-to-bottom review of three of the voting systems used in California. You can read all of the relevant, available documents at the Secretary of State’s website:

http://sos.ca.gov/elections/elections_vsr.htm

As of this writing, the Accessibility report, Red Team reports and Source Code Team reports are available online (see previous link). The Document Review Team reports are being reviewed prior to their release. For the review, the state contracted with the University of California to have separate teams review the voting systems, to include a “review of documents and studies associated with each voting system, a review of the computer source code each machine relies on, and a red team penetration attack to see if the system’s security can be compromised.”

There was a public hearing on the red team and accessibility reports on July 30. The webcast is currently archived for viewing at:

http://www.calchannel.com/search.php?date=073007&source=All&type=All&title=&Search=Submit
http://sos.ca.gov/elections/voting_systems/ttbr/hearing_transcripts_073007.pdf (hearing transcript)

The red teams found that they could compromise all three of the systems reviewed, which were manufactured by Diebold (AccuVote TSx), Sequoia (Edge I and II) and Hart Intercivic (eState). Some points worth noting:

The overview of the red team reports states that the teams have noted that most, but not all, of the weaknesses could be handled by addressing physical security, contingency planning and security training of staff.

Because there review was short - about five weeks - the vulnerabilities found are considered a lower limit for these systems.

The accessibility report highlights several issues for each system. These include physical access problems, interface issues (both visual and audio), manual dexterity problems, and other concerns. The report considers each of the reviewed systems to be “substantially noncompliant when assessed against the requirements of the [Help America Vote Act] and specified in the 2005 [Voluntary Voting System Guidelines] guidelines.”

The three source code review documents note several flaws in each system, some of which have not been corrected after they were previously found and communicated to the vendors. While the report acknolwedges (as the red teams do) that changes in election procedures could reduce the exposure, it argues it is likely that poll workers and/or election officials probably could not adequately implement such changes. The recent Brennan Center/Samuelson Center report on post-election audits would re-emphasize that point. That report is available at:

http://brennancenter.org/dynamic/subpages/download_file_50135.pdf

The Secretary of State should release the Document Review reports soon. If she is motivated by these reports to decertify any of these systems, she would need to do so by today, August 3, if it were to take effect for the 2008 elections.

[5] HOUSE COMMITTEE MOVES TO PROTECT SOCIAL SECURITY NUMBERS

By a 41-0 vote, the House Ways and Means Committee passed legislation intended to reduce identity theft through restricting the use of the Social Security Number (SSN). After a series of hearings on the issue, including one where USACM-EC Member Annie Anton testified, the Committee cited the easy availability of the SSN and its common use as an identifier as reasons it contributes to identity theft.

Among the provisions of the bill:

* Federal, State, and local governments would be prohibited from selling and displaying the SSNs to the general public, as well as transmitting SSNs over the Internet without encryption.

* The private sector would be prohibited from the same things as governments, but is also restricted from making unnecessary disclosures of individuals’ SSNs to government agencies.

* A uniform truncation standard for the SSN would be introduced of no more than the last four digits.

* State law governing use of SSNs would not be preempted where state law is stronger.

* The National Research Council would be required to conduct a study to evaluate the feasibility of banning the use of the SSN as an authenticator.

* New or increased civil and criminal penalties for most of the provisions, especially for Social Security Administration employees fraudulently selling or transferring SSNs or Social Security cards.

There are other bills currently working their way through Congress that include restrictions on the use and display of the SSN, notably H.R. 948 (the Social Security Number Protection Act of 2007 - currently referred to the Ways and Means Committee), S. 1178 (the Identity Theft Prevention Act of 2007 - awaiting Senate action), and S. 1651 (the Social Security Number Online Protection Act of 2007 - currently referred to Senate Judiciary). The Ways and Means bill is a bit more comprehensive than the other bills, and notably does not involve the Federal Trade Commission. The Committee has an overview of its bill at:

http://waysandmeans.house.gov/news.asp?formmode=release&id=539

As Congress has to meld the various competing bills, it will likely be several months before final legislation passes Congress.

[6] PATENT REFORM LEGISLATION ADVANCES IN CONGRESS

Patent reform legislation is making its way through both houses of Congress. The Senate Judiciary Committee considered S. 1145, and, after lengthy consideration, approved it on July 19 on a nearly party-line vote. The previous day, the House Judiciary Committee passed its bill, H.R. 1908, by a voice vote. The bills are largely similar, and represent a major shift in several provisions of patent law. The reforms are, in part, an effort toward international harmonization of intellectual property standards.

The major changes focus on post-grant review and various standards for patent litigation. Both bills would strengthen the post-grant review process, where patents can be challenged after they are granted for issues of quality and whether or not they meet the traditional patent standards - they are unique, non-obvious, etc. This area highlights the major difference between the bills. The House legislation strengthens the current re-examination process, while the Senate bill allows a second window of examination starting a year after the granting of the patent. There is concern that the second window would encourage harassment by lawsuit of patent holders, presumably more so than is currently claimed (usually through venue shopping or tenuous connections between the challenged patent and prior art).

The changes proposed in patent litigation involve damage determinations and the inequitable conduct defense. The new damage standard in the legislation would award damages based on the relative contribution of the patented technology to the overall product. The inequitable conduct defense argues that the patent holder acted in such a way to be deceitful in the attainment of the patent. The new legislation would increase the burden of proof for such defenses.

Where industries and inventors stand on the bills typically reflects their use of patents. Industries like biotech and pharmaceuticals, which usually have a small number of patents on individual products, are generally resistant to the changes because they feel that any addition scrutiny on their patents reduces their value. Information technology companies have been advocating for these changes as they better support industries that use many patents in individual products (the iPhone has approximately 600 patents connected to its underlying technology).

Both bills still need to be considered by their respective chambers. It would not be surprising to see these bills stall as they receive more scrutiny.

[7] FINAL VOTING STANDARDS MEETING RESCHEDULED

According to the Technical Guidelines Development Committee (TGDC) – the body charged with developing federal voting system standards – website, the plenary meeting originally scheduled for July 3 will now take place on August 17. It will still take place by teleconference, from 11:30-5:30 Eastern time. Further details were supposed to be available by July 30 at the TGDC website. At this meeting the TGDC will finalize its draft of the next set of Voluntary Voting System Guidelines (VVSG).

There are a series of conference calls scheduled in July and August for the various TGDC subcommittees, you can find more information on those meetings at the TGDC website:

http://voting.nist.gov

Given the schedule, it is not surprising that the previously established July 31 deadline for submitting the TGDC draft to the Election Assistance Commission (EAC) has slipped. That said, given the rush to develop standards following the passage of the Help America Vote Act, it would be preferable to have the document go to the EAC late, but without outstanding technical questions.

There is a new (dated July 20) version of the VVSG now online:

http://vote.nist.gov/meeting-08172007/VVSG-Draft-07202007.pdf

While there will be a public comment period once the EAC approves the document (probably sometime in late Fall), people are welcome to review the document and submit their comments right now to voting@nist.gov.

=============================================================

[8] ABOUT USACM

USACM is the U.S. Public Policy Committee of the Association for Computing Machinery (ACM). ACM is an educational and scientific society uniting the world’s computing educators, researchers and professionals to inspire dialogue, share resources and address the field’s challenges. ACM strengthens the profession’s collective voice through strong leadership, promotion of the highest standards, and recognition of technical excellence. ACM supports the professional growth of its members by providing opportunities for life-long learning, career development, and professional networking.

For more information about USACM and ACM, see:

http://www.acm.org/usacm/about.html

BACK ISSUES

For earlier editions of the ACM Washington Update, see

http://www.acm.org/usacm/update/

SUBSCRIBE/UNSUBSCRIBE

To subscribe to ACM’s Washington Update newsletter, send an e-mail to listserv@acm.org with “subscribe WASHINGTON-UPDATE “First Name” “Last Name” (no quotes) in the body of the message.

To unsubscribe, simply include the “SIGNOFF WASHINGTON-UPDATE” command in an
email to listserv@acm.org.

David B. posted this at 5:12 pm ET | Filed in ACM/USACM News | Permanent Link |



Trackbacks

The URI to TrackBack this entry is: http://usacm.acm.org/usacm/weblog/wp-trackback.php/530

None at this time.

 
November 2009
S M T W T F S
« Oct    
1234567
891011121314
15161718192021
22232425262728
2930  
 
Weblog Categories
Access to Information
Accessibility
ACM/USACM News
Analysis
Biometrics
DMCA
DRM
E-Goverment
E-voting
Education and Workforce
Encryption
Events
Funding
Healthcare
Hill Tech Happenings
Homeland security
Intellectual Property
International
Internet Governance
Letters
Miscellaneous
National IDs
Newsletter
Opinion
P2P
People
Polls
Privacy
Research
RFID
Sci/Tech Policy (General)
Security
Spam
Standards
State & Local
Surveillance
Telecommunications
Testimony
VoIP
 
Tech Policy Links
ACM Tech News
American Library Association (ALA)
-ALA Office Intellectual Freedom
Center for Democracy and Technology
Computer Science Teachers Association (CSTA)
Computing Research Association (CRA)
-CRA's Policy Weblog
Electronic Frontier Foundation (EFF)
-Deep Links: EFF's Weblog
Electronic Privacy Information Center (EPIC)
Freedom To Tinker
The National Academies
-CSTB
Nothing is as simple ... (Jim Horning's blog)
PolicyBeta (Digital Policy blog for the Center for Democracy & Technology)
Public Knowledge
Schneier on Security
THOMAS
ACM Privacy Policy | ACM Code of Ethics

Questions? Comments?
Email us