Please Participate in Privacy Survey

An important part of crafting useful privacy policies is being informed by the best research available. To that end, organizations like The Privacy Place have focused on researching privacy questions and providing that information to the public. It’s a research center, and its work is sponsored in part by North Carolina State University and the National Science Foundation.

The Privacy Place is currently conducting a survey about user values and privacy policies. It won’t take terribly long to complete, and there are prizes available. Please connect to the survey and complete it.

Pre-Election Legislating: A Mixed Bag

While most attention is focused on the economic bailout proposals debated in Congress, other legislative activity is worth noting. Congress is supposed to break later this week for a campaign-related recess. It is unclear whether a post-election legislative session will be called. It was not following the 2006 elections, which resulted in a shift in Congressional control. It is possible that whoever the next President is would welcome a post-election session, but it is more likely that they would prefer things wait for January and their swearing-in.

First, as Peter Harsha has described at the Computing Research Policy blog, the new budgetary process is to finance the first part of fiscal years with continuing resolutions (CR). Besides a failure of basic job responsibilities, this pattern now means that proposed budget increases are either postponed or erased, as CRs will fund the government at the levels of the previous fiscal year.
Continue reading “Pre-Election Legislating: A Mixed Bag”

Bill Boosting Cybercrime Prosecution Passes House

A bill awaits Presidential signature that would strengthen prosecution and penalties for identity theft and other cybercrimes. Tucked into another bill (HR 5938) that extends Secret Service protection for former vice presidents, it should become law soon.

This bill will institute federal civil and criminal penalties for various cybercrimes, including cyberextortion and conspiracy to commit cybercrimes. Penalties for existing federal cybercrimes will be added and/or strengthened, including criminal forfeiture (where the guilty party must forfeit both the proceeds of the crime and the equipment used to commit that crime), and an expansion of restitution to include compensation for the time spent recovering the stolen identity.

Two important changes cover unintentional holes in federal protection against identity theft. The law would include intrastate (within the state) cases of identity theft, as well as theft of an organization’s identity. Neither kind of identity theft is currently covered under federal law.

Full details of the cybercrime provisions can be found in Title II of the bill.

While not an advancement of U.S. law in the area of cybercrime, this bill will help tighten federal law. As sometimes happens when law is applied to new areas of technology (or new areas of crime), what worked for the closest legal analogue doesn’t quite work for the new area. With the passage of this bill, identity theft and other cybercrimes will have stiffer penalties, and cover more fraudulent online activity. Now if only catching the criminals were as easy.

Hill Tech Happenings, Week of September 22

September 24
The Senate Veterans Affairs Committee will hold a hearing on information technology cooperation between the Department of Defense and the Department of Veterans Affairs.
9:30 a.m., 418 Russell Building

Joint Hearing:
The Elections Subcommittee of the Committee on House Administration and the Constitution, Civil Rights and Civil Liberties Subcommittee of the House Judiciary Committee will hold a joint hearing on efforts to prepare for the 2008 election.
10 a.m., 2141 Rayburn Building

September 25
The Senate Commerce, Science and Transportation Committee will hold a hearing on broadband providers and privacy.
10 a.m., 253 Russell Building

The Senate Rules and Administration Committee will hold a hearing on nominations for the Election Assistance Commission.
2:30 p.m., 301 Russell Building

Hill Tech Happenings, Week of September 15

Update: September 18 hearing just changed from closed to open, so I’ve added it here.

September 16
The Emerging Threats, Cybersecurity and Science and Technology Subcommittee of the House Homeland Security Committee will hold a hearing on cybersecurity in the next administration.
2 p.m., 311 Cannon Building

September 18
The House Select Intelligence Committee will hold a cybersecurity hearing.
9 a.m., 210 Cannon Building

GAO Criticizes Certification Program for Voting Testing Labs

In a recently released report, the Government Accountability Office (GAO) criticized the voting system testing lab accreditation program administered by the Election Assistance Commission (EAC) and supported by the National Institute of Standards and Technology (NIST). You can read the report online.

The voting system testing lab accreditation program is intended to certify the processes and standards of those laboratories that test voting systems. The main thrust of the GAO criticism is that the supporting materials – the standards and program manuals – have not adequately defined all the aspects of an effective testing regime. What standards and practices have been put in place are not sufficiently delineated to the point where they can be used repeatedly and consistently. Now the GAO acknowledges that the EAC has responded to the report by taking some necessary first steps, but more needs to be done.

Attention in the press and the public usually focuses on the more explicit face of electronic voting – the machines and the actual elections. But voting is a process, or rather, a series of processes, that start long before Election Day and involve certification and approval of every piece of equipment and process involved. Just as electronic voting equipment needs to be well designed, engineered and evaluated, so do the organizations and processes that approve this equipment. If you’re curious about how your state certifies its voting equipment, check with the state Secretary of State or state elections department.

ACM Washington Update, Vol. 12.8 (September 4, 2008)


[1] Newsletter Highlights
[2] USACM-EC Member Will Speak on Electronic Voting
[3] New Primer on IT Workforce Based on ACM Work
[4] Online Activity Tracked Without Explicit Consent
[5] Voting Machine Vendor Admits Problem with Its Software
[6] Column: Science Policy Isn’t Always about Science
[7] About USACM

[An archive of all previous editions of Washington Update is available at]
Continue reading “ACM Washington Update, Vol. 12.8 (September 4, 2008)”

Primer on IT Workforce Issues

In June, ACM, along with CRA and the National Center for Women in Information Technology (NCWIT), hosted a roundtable discussion with government affairs officials from some of the top IT companies (Microsoft, Cisco, HP, Google, etc.). The goal was to give them perspective on workforce issues that the professional computing organizations find while working within our community. The full report from this workshop is now available.

The meat of the report consists of three main sections — diversity, research and education. Lucy Sanders, Executive Director at NCWIT started the session off with a talk on diversity issues. Peter Harsha, Director of Government Affairs at CRA spoke about research issues. And I gave a talk on education issues — particularly focused on k-12 education.

The report is well worth a read for a quick primer on some of the key IT workforce issues.