ACM's Tech Policy Weblog

Senate Judiciary Committee Approves Data Security Bills

Fri, 06 Nov 2009 21:54:07 +0000

In a markup session yesterday, the Senate Judiciary Committee approved two bills on the protection of consumer data. S 1490, the Personal Data Privacy and Security Act of 2009, takes a number of steps to increase the penalties for identity theft and to require data brokers take additional measures to protect the information they handle. The additional steps start with implementing data privacy and security programs for databases with sensitive personal information. Data brokers would be required to disclose to an individual information that the broker has on that individual. Brokers must also maintain procedures for individuals to correct inaccuracies in this information. The bill also requires the Federal Trade Commission, the General Services Administration, and the U.S. Sentencing Commission make changes to their policies to reflect the standards and procedures described in this act. For example, the bill makes it a crime to intentionally or willfully conceal a security breach involving personal data.

The bill’s data breach notification provisions come from a separate bill the committee approved, S 139, the Data Breach Notification Act. Any federal agency or business entity that uses, accesses, or collects sensitive personally identifiable information must notify in the event of a data breach: any U.S. resident whose information was accessed or taken; and any third party that has access or control of that information. Under special circumstances other agencies would be notified as well. The Senate Judiciary Committee has approved data privacy and breach notification legislation before, and it failed to reach the Senate floor. With the number of records exposed by data breaches continuing to grow, it would be nice to see this legislation advance further in the process.

Hill Tech Happenings, Week of November 2

Mon, 02 Nov 2009 15:51:04 +0000

November 4

Markup:
The Technology and Innovation Subcommittee of the House Science and Technology Committee will review the Cybersecurity Coordination and Awareness Act, a piece of draft legislation.
10:30 a.m., 2318 Rayburn Building

November 5

Meeting:
The Senate Judiciary Committee will meet to consider nominations and pending legislation, including bills on data breach notification and data privacy.
10 a.m., 226 Dirksen Building

Hill Tech Happenings, Week of October 26

Tue, 27 Oct 2009 14:57:36 +0000

October 27

Hearing:
The Technology and Innovation Subcommittee of the House Science and Technology Committee will hold a hearing on Department of Homeland Security science and technology research priorities.
2 p.m., 2318 Rayburn Building

October 29

Hearing:
The Federal Financial Management, Government Information, Federal Services, and International Security Subcommittee of the Senate Homeland Security and Governmental Affairs Committee will hold a hearing on federal cyber defense.
2:30 p.m., 342 Dirksen Building

A Week For Computer Science Education

Wed, 21 Oct 2009 22:56:43 +0000

Computer science education reform is going to come in fits and starts working on issues from the top down (national media, federal policy, etc.) and the bottom up (in schools, districts, states, etc.). This week the “top down” piece got a nice boost from Congress by passing a resolution designating the week of December 7 (in honor of Grace Hopper’s birthday) as Computer Science Education Week. This gives the community a wonderful platform to highlight the importance of computing to society and why we need to strengthen CS education – particularly at the K-12 level.

Earlier this year, Congressman Vernon Ehlers (R-MI) approached ACM with the idea of Congressional endorsement of computer science education week. His interest came from a computer scientist from his district, armed with some good facts, briefing him on both the tremendous benefit computing has and the difficult issues computer science education faces at the K-12 level. Congressman Ehlers and his cosponsor Congressman Jared Polis (D-CO) wanted to call attention to these issues to help build the case that more students should be exposed to computer science education. When ACM first discussed the idea we weren’t sure that the various Congressionally endorsed weeks – Chemistry, Engineering, Asparagus, whatever – had a practical impact. Turns out that it does.

The first benefit is that it brings high-level attention and informs policy makers about the issues. Watch the debate, which really does highlight the field and our issues, during Congress’ consideration of the resolution (runs from 66:57 to 85:30 in the video). Second, it gives the computing community a useful messaging platform to inform others about computer science education’s benefits and issues. This is really the key takeaway. Because Congress voted on this week doesn’t mean much if the community doesn’t do something to make the week tangible. ACM plans on partnering with key computing organizations – Microsoft, Google, Intel, the Computer Science Teachers Association, the National Center for Women and Information Technology, the Computing Research Association as a start – to develop a website and outreach materials. Third, these resources can be plugged into the schools and to a variety of audiences including policy makers, school administrators, teachers, parents and the community itself to be used in a variety of ways.

There are two lessons from all of this. First, Computer Science Education Week will be what we, the computing community, make out of it. Second, bringing issues to the attention of policy makers and making a local connection in a respectful and thoughtful way can make a difference. We’ll be working hard for the next six or so weeks to develop materials and leverage existing ones for outreach around this event, so stay tuned.

Hill Tech Happenings, Week of October 19

Mon, 19 Oct 2009 12:40:39 +0000

October 21

Hearing:
The Elections Subcommittee of the Committee on House Administration will hold a hearing on modernization of election registration.
10 a.m., 1310 Longworth Building

October 22

Meeting:
The President’s Council of Advisers on Science and Technology (PCAST) will meet (continues on October 23)
10 a.m.-6 p.m., National Academy of Sciences Building, 2100 C Street, N.W., Washington.

Hearing:
The Technology and Innovation Subcommittee of the House Science and Technology Committee will hold a hearing on cybersecurity activities at the National Institute of Standards and Technology.
2 p.m., 2318 Rayburn Building

October 23

Meeting:
PCAST meeting continues
10 a.m.-4 p.m., National Academy of Sciences Building, 2100 C Street, N.W., Washington.

Computers, Freedom and Privacy 2010 Conference

Fri, 16 Oct 2009 17:48:22 +0000

The Computers, Freedom and Privacy (CFP) Conference has just released its call for proposals for the 20th edition of the conference. It will take place June 15-18, 2010 in San Jose. The theme this year is Computers, Freedom, and Privacy in the Networked Society. The early bird deadline for proposals is December 1, and final deadline is January 31. One of the conference organizers offers this starting list for possible topics.

social networks
health care privacy (including electronic health records and medical identity theft)
cloud computing
network activism for freedom and privacy
surveillance networks
the impact of data retention and privacy breach legislation around the world
getting beyond the �security vs. privacy� framing
mobile phones as universal surveillance
anonymity in a networked world
behavioral internet targeting: advertising and political campaigning
free culture
ethics and computing
media concentration and its implications
accessibility
high-speed internet access policy
freedom of information
location-aware devices and geographical discrimination
open source
fair information practices as a floor, not a ceiling