Hill Tech Happenings, Week of April 13

April 14

Markup:

The House Homeland Security Committee will markup legislation. Scheduled for this session is H.R. 1731, The National Cybersecurity Protection Advancement Act of 2015.
11 a.m., 311 Cannon Office Building

Hearing:

The House Judiciary Committee will hold a hearing on HR 9, The Innovation Act, which would address patent reform.
2 p.m., 2141 Rayburn Building

Markup:

The House Energy and Commerce Committee will markup legislation. Scheduled for this session is the Data Security and Breach Notification Act of 2015. The markup will continue on April 15.
5 p.m., 2123 Rayburn Building

April 15

Markup:

The House Energy and Commerce Committee continues its markup of legislation from April 14.
10 a.m., 2123 Rayburn Building

Hearing:

The Senate Appropriations Subcommittee on Homeland Security will hold a hearing on “From Protection to Partnership: Funding the DHS Role in Cybersecurity.”
2 p.m., 138 Dirksen Building

April 16

Hearing:

The House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade will hold a hearing on The Targeting Rogue and Opaque Letters Act.
11 a.m., 2123 Rayburn Building

National Telecommunications and Information Administration Seeks Comment on Multistakeholder Process for Drones

The National Telecommunications and Information Administration (NTIA) issued a Request for Comments on a multistakeholder process for commercial and private use of unmanned aircraft systems (UAS or drones). The goal of the process is to develop and communicate best practices in privacy, transparency, and accountability for drone use.

This multistakeholder process is required by a Presidential Memorandum issued in February on the domestic use of drones. The memorandum covers policies for government use of drones as well as the multistakeholder process.

The NTIA request asks for comments on the structure and topics that should be part of the multistakeholder process.  Topics of interest include:

* The structures that could work best for the multistakeholder process, including whether to use working groups and/or to distinguish between sizes of drones;
* Currently existing codes of conduct and best practices that could be applicable in the drone context;
* The uses of UAS/drones that could present the most, or the most significant, privacy concerns;
* Information that should be disclosed about commercial and private drone operations and operators; and
* The kinds of rules that could promote accountability in drone operation.

Comments are due by 5 p.m. Eastern Time on Monday, April 20. NTIA plans to hold the first meeting in the Washington D.C. area, and the agency expects that meeting to take place later this year.

Hill Tech Happenings, Week of March 23

(March 25, edited to add new House Intelligence Committee markup on March 26)

March 24

Hearing:
The Senate Health, Education, Labor and Pensions Committee will hold a hearing on “Continuing America’s Leadership: Advancing Research and Development for Patients.”
10 a.m., 430 Dirksen Building

The House Ways and Means Subcommittee on Oversight will hold a hearing on “The Use of Data to Stop Medicare Fraud.”
10 a.m., B-318 Rayburn Building

The House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade will hold a hearing on “The Internet of Things: Exploring the Next Technology Frontier.”
11 a.m., 2123 Rayburn Building

The House Appropriations Subcommittee on Financial Services and General Government will hold a budget hearing on the Federal Communications Commission.
11 a.m., 2359 Rayburn Building

The Senate Commerce, Science and Transportation Subcommittee on Aviation Operations, Safety and Security will hold a hearing on “Unmanned Aircraft Systems: Key Considerations Regarding Safety, Innovation, Economic Impact, and Privacy.”
2:30 p.m., 253 Russell Building

Markup:
The House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade will hold a markup on the Data Security and Breach Notification Act of 2015.
5 p.m., 2123 Rayburn Building
(Will continue at noon on March 25)

March 25

Hearing:
The House Judiciary Subcommittee on Courts, Intellectual Property and the Internet will hold a hearing on “Patent Reform: Protecting American Innovators and Job Creators from Abusive Patent Litigation.”
10 a.m., 2141 Rayburn Building

Markup:
The House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade continues a markup on the Data Security and Breach Notification Act of 2015.
12 p.m., 2123 Rayburn Building

Hearing:
The House Judiciary Committee will hold a hearing on “Wrecking the Internet to Save It? The FCC’s Net Neutrality Rules.”
2 p.m., 2141 Rayburn Building

Markup:
The Senate Commerce, Science and Transportation Committee will markup pending legislation and consider nominations.  On the agenda is S. 766, the Driver Privacy Act.  This bill is expected to cover limits on retrieving data from vehicle event data recorders.
2:30 p.m., 253 Russell Building

March 26

Markup:
The House Intelligence Committee will markup the Protecting Cyber Networks Act.
9 a.m., HVC-304 Capitol

Hill Tech Happenings, Week of March 16

March 17

Hearing:

The House Oversight and Government Reform Committee will hold a hearing on “FCC: Process and Transparency.”
10 a.m., 2154 Rayburn Building

The Senate Health, Education, Labor and Pensions Committee will hold a hearing on “America’s Health IT Transformation: Translating the Promise of Electronic Health Records Into Better Care.”
10 a.m., 430 Dirksen Building

The Commerce, Justice, Science and Related Agencies Subcommittee of the House Appropriations Committee will hold a hearing on the FY 2016 budget request for the National Science Foundation.
10:30 a.m., H-309 Capitol Building

March 18

The Commerce, Manufacturing and Trade Subcommittee of the House Energy and Commerce Committee will hold a hearing on the Data Security and Breach Notification Act.
10 a.m., 2123 Rayburn Building

The Senate Judiciary Committee will hold a hearing on “The Impact of Abusive Patent Litigation Practices on the American Economy.”
10 a.m., 226 Dirksen Building

The Oversight and Management Efficiency Subcommittee of the House Homeland Security Committee will hold a hearing on “Unmanned Aerial System Threats: Exploring Security Implications and Mitigation Technologies.”
10 a.m., 311 Cannon Building

The Information Technology Subcommittee of the House Oversight and Government Reform Committee will hold a hearing on “Cybersecurity: The Evolving Nature of Cyber Threats Facing the Private Sector” (rescheduled from March 5).
1 p.m., 2154 Rayburn Building

The Senate Commerce, Science and Transportation Committee will hold a hearing on “Oversight of the Federal Communications Commission.”
2:30 p.m., 253 Russell

March 19

The House Intelligence Committee will hold a hearing on “The Growing Cyber Threat and Its Impact on American Business” (rescheduled from March 5).
9 a.m., HVC-210 Capitol Building

The Senate Armed Services Committee will hold a hearing on the U.S. Cyber Command, the U.S. Strategic Command and the U.S. Transportation Command.
9:30 a.m., SD-G50 Dirksen Building

The Subcommittee on Consumer Protection, Product Safety, Insurance and Data Security of the Senate Commerce, Science and Transportation Committee will hold a hearing on “Examining the Evolving Cyber Insurance Marketplace.”
10 a.m., 253 Russell Building

The Communications and Technology Subcommittee of the House Energy and Commerce Committee will hold a hearing on “FCC Reauthorization: Oversight of the Commission.”
11 a.m., 2123 Rayburn Building

Hill Tech Happenings, Week of March 9

The Senate is scheduled to vote this week on the nominations of Michelle Lee to be the Director of the U.S. Patent and Trademark Office and Daniel Marti as the Intellectual Property Enforcement Coordinator.

March 11

Hearing:

The Senate Commerce, Science and Transportation Committee will hold a hearing titled “Three Years Later: Are We Any Closer To A Nationwide Public Safety Broadband Network?
10 a.m., 253 Russell Building

Hill Tech Happenings, Week of March 2

March 3

Markup:

The House Judiciary Committee will markup legislation, and H.R. 1147, The Legal Workforce Act, is scheduled for review. This bill covers the expansion of mandatory electronic employment eligibility verification systems.  (Markup will continue on March 4.)
10 a.m., 2141 Rayburn Building

Hearing:

The Oversight and Investigations Subcommittee of the House Energy and Commerce Committee will hold a hearing on “Understanding the Cyber Threat and Implications for the 21st Century Economy
2 p.m., 2322 Rayburn Building

March 4

Markup:

The House Judiciary Committee will continue its markup of legislation, including H.R. 1147, The Legal Workforce Act.
10 a.m., 2141 Rayburn Building

Hearing:

The Cybersecurity, Infrastructure Protection and Security Technologies Subcommittee of the House Homeland Security Committee will hold a hearing on “Industry Perspectives on the President’s Cybersecurity Information Sharing Proposal.”
2 p.m., 311 Cannon Building

March 5

The House Intelligence Committee will hold a hearing on “The Growing Cyber Threat and its Impact on American Business
9 a.m., HVC-210 Capitol Building

The Information Technology Subcommittee of the House Oversight and Reform Committee will hold a hearing on “Cybersecurity: The Evolving Nature of Cyber Threats Facing the Private Sector
9 a.m., 2154 Rayburn Building

The Senate Health, Education, Labor and Pensions Committee will hold a hearing on “America’s IT Transformation: Translating the Promise of Electronic Health Records Into Better Care.”
10 a.m., 430 Dirksen Building

Administration Releases Discussion Draft for Consumer Privacy Bill of Rights

On February 27 the Obama Administration released its discussion draft for a Consumer Privacy Bill of Rights.  The Administration released a framework for a Consumer Privacy Bill of Rights in 2012, calling on Congress to enact it into law.

The Administration’s proposal includes the proposed Privacy Bill of Rights as well as enforcement provisions, a description of codes of conduct that would help implement the Privacy Bill of Rights, and other provisions.

The Privacy Bill of Rights would require covered entities to:

  • Provide individuals notice of the entity’s privacy and security policies, including changes to those policies.
  • Provide individuals with reasonable means to control the processing of information about them, consistent with context.
  • Conduct a privacy risk analysis for any processing of personal data that is not consistent with context.  Such analysis would serve to mitigate privacy risks.
  • Any privacy risk analysis would require either supervision by a Privacy Review Board approved by the FTC or heightened individual control and transparency connected to the underlying data processing.
  • Destroy, de-identify or delete personal data within a reasonable time after it was used for the purpose(s) for which it was collected.  Exceptions would be granted if a privacy risk analysis or heightened individual control and transparency were in place.
  • Provide reasonable security safeguards for collected personal data.
  • On request from an individual, provide access to the collected information on that person or an accurate representation of that information.

The enforcement mechanisms for the Privacy Bill of Rights are the Federal Trade Commission (FTC) and states’ attorneys general.  The FTC could enforce violations of this law as unfair or deceptive trade practices.  A state’s attorney general could initiative a civil action if he or she believes a company has caused harm to a substantial number of that state’s citizens.  The FTC must be notified before any state action is initiated.

Companies can find safe harbor from this act by complying with codes of conduct approved by the FTC that were developed by an open multistakeholder process.

Hill Tech Happenings, Week of February 23

February 25

Hearing:

The Senate Commerce, Science and Transportation Committee will hold a hearing titled “Preserving the Multistakeholder Model of Internet Governance.”
10 a.m., 253 Russell Building

The Communications and Technology Subcommittee of the House Energy and Commerce Committee will hold a hearing titled “The Uncertain Future of the Internet.”
10:30 a.m., 2322 Rayburn Building

The House Homeland Security Committee will hold a hearing titled “The Administration’s Cybersecurity Legislative Proposal on Information Sharing.”
11:30 a.m., 311 Cannon Building

The House Oversight and Government Reform Committee will hold a hearing on the relationship between the Federal Communications Commission and the White House.
2 p.m., 2154 Rayburn Building

February 26

The Senate Judiciary Committee will consider the nomination of Michelle Lee to be the Director of the U.S. Patent and Trademark Office.
9:30 a.m., 226 Dirksen Building

The Commerce, Manufacturing and Trade Subcommittee of the House Energy and Commerce Committee will hold a hearing on Patent Demand Letters.
10:15 a.m., 2322 Rayburn Building

The House Judiciary Committee will hold a hearing on the function and resources of the U.S. Copyright Office.
1:30 p.m., 2141 Rayburn Building

The Counterterrorism and Intelligence Subcommittee of the House Homeland Security Committee will hold a hearing titled “Addressing Remaining Gaps in Federal, State and Local Information Sharing.”
2 p.m., 311 Cannon Building

President and FAA Act On Drone Activity

On February 15th the President issued an Executive Memorandum on the domestic use of unmanned aerial systems (UAS/drones).  That same day the Federal Aviation Administration (FAA) proposed new regulations for the routine use of some small UAS.  Once those regulations are published in the Federal Register, the public will have 60 days to submit comments.

The Executive Memorandum focuses on government use of drones and establishing a multistakeholder process to engage commercial and private users of UAS in developing and communicate best practices in UAS.  Government agencies shall, prior to development of new UAS technology, and every three years thereafter, examine their UAS policies to ensure that privacy, civil rights and civil liberties are protected with the collection, use, retention and dissemination of information by UAS.  Such policies must incorporate the following elements:

  • Collection and/or use of information must be done consistent with and relevant to an authorized purpose.
  • Information that may contain personally identifiable information shall not be retained for more than 180 days unless necessary to an authorized mission of the agency, required by law, or maintained in a system of records covered by the Privacy Act
  • Unless collected information is maintained in a system of records covered by the Privacy Act, it shall not be disseminated outside of the agency unless required by law or fulfills an authorized purpose and complies with agency requirements.

Policies covering agency drone use must also include provisions to address accountability for those with access to UAS-collected information, promote transparency about UAS activity in the United States, and prevent discrimination and respond to complaints concerning privacy, civil liberties and civil rights concerns.

The multistakeholder engagement process would be initiated through the National Telecommunications and Information Administration at the Department of Commerce.  In consultation with private sector stakeholders and other interested government agencies, this process would promote the responsible commercial and private use of UAS technology in a way that would preserve rights and freedoms.

The FAA proposed rules (summary) focus on non-hobby, non-recreational operations of small UAS, defined as under 55 pounds.  Where the Executive Memorandum outlines concerns over how drone use can affect privacy, civil liberties and civil rights, the FAA rules target how these UAS are flown and the criteria for certifying their operators.  The drones will be restricted to daytime operations and operators will have to be within line-of-sight of the aircraft.  While acknowledging concerns about privacy, civil rights and civil liberties in UAS operations, the FAA will defer to the Executive Memorandum and participate in the multistakeholder process.

USACM Congratulates New EAC Commissioners

USACM has sent letters to each of the three newly sworn-in Commissioners of the Election Assistance Commission (EAC): Thomas Hicks, Matthew Masterson and Christy McCormick.  In the letters, USACM congratulates the new Commissioners, and makes recommendations to the EAC:

  • Reestablish the Technical Guidelines Development Committee.
  • Update the Voluntary Voting System Guidelines, the Voting System Testing and Certification Program Manual, and the Voting System Test Laboratory Program Manual (this was recommended by the former Co-Chairs of the Presidential Commission on Election Administration).
  • Set standards for online delivery of blank ballots and blank voter registration forms.

The EAC will hold its first meeting of 2015 on February 24th at its headquarters in Silver Spring, Maryland.  Agenda items include the Voluntary Voting Systems Guidelines, the program manuals for the EAC voting testing and certification programs.