Policy Highlights from Communications of the ACM – February 2011 (Vol. 54, No. 2)

Below is a list of items with policy relevance from the February issue of Communications of the ACM. As always, much of the material in CACM is premium content, and free content one month may slip behind a pay wall the next. You need to be a member of ACM or a subscriber to CACM to access premium content online.

News: Technology
Chipping Away at Greenhouse Gases, by Gregory Goth
Review of processor algorithms that could lead to significant cost and energy savings. Also considered are the new research questions posed by the new technologies.

News: Society
Following the Crowd by Samuel Greengard
Discussion of crowdsourcing and how private and public sector organizations have tapped into the phenomenon.

Viewpoints: Privacy and Security
Against Cyberterrorism by Maura Conway
The author argues why cyber-based terrorist attacks aren’t as likely to occur as might be commonly thought.

Viewpoints: Economic and Business Dimensions
Household Demand for Broadband Internet Service by Gregory Rosston, Scott Savage and Donald Waldman
A consumer survey indicates what people are willing to pay for various speeds of Internet service.

Viewpoints: Education
From Science to Engineering by Mark Guzdial
The need for finding and measuring better ways to teach computer science is explored, with comparisons to physics and engineering education.

Policy Highlights from Communications of the ACM – January 2011 (Vol. 54, No. 1)

Below is a list of items with policy relevance from the January issue of Communications of the ACM. As always, much of the material in CACM is premium content, and free content one month may slip behind a pay wall the next. You need to be a member of ACM or a subscriber to CACM to access premium content online.

News: Society
India’s Elephantine Effort by Marina Krakovsky
Description of India’s efforts to establish a biometric ID program, in part to do better in delivering government subsidies to the people who are supposed to receive them.

Viewpoints: Law and Technology
Google AdWords and European Trademark Law by Stefan Bechtold
The article reviews recent trademark infringement cases involving keyword searches and what liability Google may have in such matters.

Viewpoint
Cloud Computing Privacy Concerns on Our Doorstop by Mark D. Ryan
Using the example of conference management systems, the author outlines the risks and benefits of cloud computing services.

Contributed Articles
Follow the Intellectual Property by Gio Wiederhold
While movement of jobs between countries has occupied much attention in policy debates, the article focuses on the associated movement of intellectual property rights.

Review Article
A Firm Foundation for Private Data Analysis by Cynthia Dwork
A review of the technical challenges of Differential Privacy – analyzing database information without disclosing private information about people in the database.

Administration Issues National Strategy for Trusted Identities in Cyberspace

Last Friday the Obama Administration released its National Strategy for Trusted Identities in Cyberspace (NSTIC), a plan to leverage private sector tools to make it easier for some kinds of transactions to happen online. This would include both consumer and government transactions, and attempt to establish a system where identity can be confirmed online in a way that is much more certain than what is commonly done online.

The strategy outlines the establishment of an Identity Ecosystem that would “securely support transactions that range from anonymous to fully-authenticated and from low- to high-value.” This statement recognizes that some aspects of the Internet not only do not need identities to be confirmed to the same extent desired for something like a mortgage contract, but can thrive on anonymity. As the Strategy envisions this Ecosystem, various credentials and other means of authenticating or authorizing a person for certain activities or transactions would be established (likely evolving from some of what’s currently available). These items could then be used when a person seeks to access a number of different goods and services online. One of the selling points to consumers would be that this Ecosystem would reduce the need to maintain a number of different identities and/or passwords to operate on the web.

While NSTIC envisions the private sector doing a fair amount of work, the government will proceed with establishing an implementation plan and a national program office to coordinate efforts. Arguably it is in the implementation plan, and how well it is followed, that will determine the success or failure of the strategy. In order for there to be trusted identities online, there must be trust in the tools used and in the entities charged with operating those tools. As this usually has required nudging to take place in other parts of the online landscape, it seems unlikely that this strategy will not be successfully implemented without trust.

Last summer USACM issued comments on a draft of NSTIC. Those comments reflect the concerns expressed above concerning successful implementation and management of this strategy. They still make good sense moving forward with implementation of the Strategy. Issuing this document is the first step in what will likely be a long, multi-year process. It’s not too late to read the Strategy and follow the issue as the implementation plan is developed.

USACM Vice-Chair Testifies on Challenges of Electronic Employment Verification

On April 14, Dr. Annie Ant?n, Vice Chair of USACM and Professor in the Computer Science Department of North Carolina State University, testified in front of the Social Security Subcommittee of the House Ways and Means Committee. She was one of the witnesses at a hearing on the Social Security Administration’s role in verifying employment eligibility. Other witnesses included staff from the Social Security Administration, the Government Accountability Office, and public interest groups interested in the issue. You can watch the hearing online.

Dr. Ant?n’s testimony focused on the effectiveness of E-Verify, an electronic system of employment verification used in a number of states for an increasing number of employers, with over 16 million queries in fiscal year 2010. USACM has testified on E-Verify and/or electronic employment eligibility before, in 2008 and 2007.

Highlights of Dr. Ant?n’s testimony included:

  • The E-Verify system cannot effectively detect individuals who use stolen or forged identities. A 2009 evaluation of E-Verify found that 54 percent of illegal immigrants checked by the system were incorrectly identified as employment-eligible for that reason.
  • Proper validation and testing of systems prior to widespread use will help minimize the possibilities of failure, which can contribute to additional identity theft and fraud.
  • Mission creep for a system like E-Verify can lead to additional technical issues, leading to cost and/or schedule overruns and increased security vulnerabilities.

As this is the third time USACM has testified on this issue, it seems likely that the issue will continue to be a concern for Congress going forward.

Hill Tech Happenings, Week of April 11

April 12

Hearing:

The Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security of the Senate Homeland Security and Governmental Affairs Committee will hold a hearing on executive branch plans to combat wasteful IT spending
10:30 a.m., 342 Dirksen Building

The Subcommittee on Crime and Terrorism of the Senate Judiciary Committee will hold a hearing on cybersecurity and cybercrime
2:30 p.m., 226 Dirksen Building

April 14

Hearing:

The Social Security Subcommittee of the House Ways and Means Committee will hold a hearing on the Social Security Administration’s obligations in electronic employment eligibility verification. USACM Co-Chair Dr. Annie Antón is one of the scheduled witnesses.
2 p.m., B-318 Rayburn Building