Policy Highlights from Communications of the ACM – July 2011 (Vol. 54, No. 7)

Below is a list of items with policy relevance from the July issue of Communications of the ACM. As always, much of the material in CACM is premium content, and free content one month may slip behind a pay wall the next. You need to be a member of ACM or a subscriber to CACM to access premium content online.

News: Technology
Automotive Autonomy by Alex Wright
A description of recent advances in automating automobiles, focusing on efforts support by Google and the European Union.

Viewpoint: Legally Speaking
Too Many Copyrights? by Pamela Samuelson
The author describes the current lack of copyright registration requirements and whether reinstating them makes sense.
Continue reading “Policy Highlights from Communications of the ACM – July 2011 (Vol. 54, No. 7)”

USACM Notes Concerns with Proposed SSA Online Authentication Process

Like many federal agencies, the Social Security Administration (SSA) is trying to provide more services in a time of limited resources. As part of its efforts to better serve the public, the SSA is working on an online authentication system to help ensure that the people it is interacting with online are indeed the people they claim to be, and qualified for the services they are requesting.

To address the first part, the SSA submitted a notice of information collection that is connected to online authentication. The intention is to issue a User ID for everyone seeking to access SSA services online, and several ways to authenticate that identity. (People will still be able to access services in person or over the phone.)

USACM responded to the notice with some concerns over the proposed authentication system. While USACM is encouraged by additional attention to authentication for online services, the proposed system is insufficient.
Continue reading “USACM Notes Concerns with Proposed SSA Online Authentication Process”

Policy Highlights from Communications of the ACM – June 2011 (Vol. 54, No. 6)

Below is a list of items with policy relevance from the June issue of Communications of the ACM. As always, much of the material in CACM is premium content, and free content one month may slip behind a pay wall the next. You need to be a member of ACM or a subscriber to CACM to access premium content online.

Column: Privacy and Security
Identity Management and Privacy: A Rare Opportunity to Get it Right by Ari Shapiro
The Senior Internet Policy Advisor at the National Institute of Standards and Technology discusses how the proposed National Strategy for Trusted Identities in Cyberspace offers a way to protect privacy, assure identities, and maintain the benefits of the Internet.

Practice
Does Deterrence Work in Reducing Information Security Policy Abuse by Employees? by Qing Hu, Zhengchuan Xu, Tamara Dinev and Hong Ling
A review of the authors research in the relationships between security policies and behavior in corporate settings, with an emphasis on how effective deterrence is in reducing violations.

USACM Summer Recap: Comments on NSTIC Governance

Often things slow down in the summer, but that’s not been the case for USACM this year. We’ve been busy commenting on various government proposals related to computing and will post about that work over the next few days.

The National Strategy for Trusted Identities in Cyberspace (NSTIC) is a government-wide effort to work with the private sector to provide identity verification options for consumers and providers. This is intended to maintain or improve confidence in online transactions. National Institute of Standards and Technology (NIST) staff wrote about the program in a recent issue of CACM (subscription required), and USACM commented on an NSTIC draft in 2009. There is a targeted implementation date of 2016. While that is far off, there is much work to do, starting with how to manage NSTIC.

NIST issued a notice of inquiry on NSTIC governance in early June, and USACM responded to questions on how this strategy should be guided moving forward. Our comments focused on the need for good governance to ensure trust in NSTIC – something critical to its effective function. Besides recommending that relevant technical and international experience be included on any NSTIC governance structure, our comments argued for ensuring that vacancies be filled promptly, and that NSTIC staff should review several existing technical bodies for insights on how to develop a governance structure.

Preliminary efforts on setting up NSTIC continue. With two workshops held so far this summer and another expected soon, there should be additional opportunities for public comment.

Policy Highlights from Communications of the ACM – May 2011 (Vol. 54, No. 5)

Below is a list of items with policy relevance from the May issue of Communications of the ACM. As always, much of the material in CACM is premium content, and free content one month may slip behind a pay wall the next. You need to be a member of ACM or a subscriber to CACM to access premium content online.

Letters
Technology Has Social Consequences by Moshe Y. Vardi
CACM’s editor describes how changes in technology have affected norms and practices around reviewers and conference program committee members.

News: Society
Data Optimization in Developing Nations by Leah Hoffman
A sketch of how data collection and analysis can be utilized for issues in the developing world.

Viewpoint: Economic and Business Dimensions
Online Advertising, Behavioral Targeting, and Privacy by Avi Goldfarb and Catherine E. Tucker
A review of recent surveys on the impact of European Union regulations on targeted online advertising.
Continue reading “Policy Highlights from Communications of the ACM – May 2011 (Vol. 54, No. 5)”

Former Microsoft Executive to Replace Kundra as Federal CIO

Shortly before Vivek Kundra’s scheduled departure from the position of federal Chief Information Officer, the White House has named his replacement.

Steven VanRoekel moves into the position from the U.S. Agency for International Development, where he was its Executive Director of Citizen and Organizational Engagement. He worked for the Federal Communications Commission (FCC) before that, serving as managing director. Part of his responsibilities at the FCC included implementing many of the federal IT initiatives that Kundra initiated, including consolidation of data centers and moving services to cloud computing where practical. Prior to federal service VanRoekel worked at Microsoft for 15 years, including serving as Senior Director for the Windows Server and Tools Division.

USACM has been most engaged with the CIO’s work through Data.gov and the efforts to put more data available online in usable formats. This work is far from complete, and we expect to be engaged with at least this aspect of Mr. VanRoekel’s work going forward.

Hill Tech Happenings, Week of August 1

Yes, there is more to Washington right now than negotiations and voting on the results.

August 2
Briefing:

The Strategic Forces Subcommittee of the Senate Armed Services Committee will receive a closed briefing on cybersecurity.
2:30 p.m., Capitol Visitors Center

August 3

Hearing:
House Science, Space and Technology Committee will hold a hearing on the possible impacts of a mobile broadband network on scientific research activities.
10 a.m., 2318 Rayburn Building

The Senate Judiciary Committee will hold a hearing on updating the Computer Fraud and Abuse Act.
10 a.m., 226 Dirksen Building
Continue reading “Hill Tech Happenings, Week of August 1”