Hill Tech Happenings, Week of October 31

UPDATE (November 2 added):
November 2

The Senate Commerce, Science and Transportation Committee will review pending legislation. A bill on data security is scheduled for this session.
2:30 p.m.,
November 3

The Research and Science Education Subcommittee of the House Science, Space and Technology Committee will hold a hearing on STEM (science, technology, engineering, and mathematics) education and employment.
10 a.m., 2318 Rayburn Building

Computing Researchers Weigh in on Changes to Human Subjects Research Regulations

The Department of Heath and Human Services is planning to revise what it calls the Common Rule – the regulations overseeing federally funded research involving human subjects. These regulations were last updated in the early 1990s, so the proposed changes try to catch up with the advances in research and in computing since that time.

The proposed changes are in two major categories. The first is a series of revisions to procedures for Institutional Review Boards (IRBs) and the types of research that must undergo various levels of review. The other major category is in data and information protection. With the changes in computing storage and the increasing ease of re-identifying information that was stripped of identifying characteristics, increased data security measures were needed.

In connection with ACM’s Special Interest Group on Computer-Human Interaction (SIGCHI) and the Institute of Electrical and Electronics Engineers – USA (IEEE-USA), USACM submitted comments in response to the proposed rules. Some highlights from the recommendations in our comments:
Continue reading “Computing Researchers Weigh in on Changes to Human Subjects Research Regulations”

Growing Trust – Cybersecurity and the Internet and Information Innovation Sector

In August USACM submitted comments on the draft green paper “Cybersecurity, Innovation and the Internet Economy” issued by the Internet Policy Task Force of the Department of Commerce. This work by the Task Force is an important recognition of how cybersecurity and privacy can support each other as they help ensure that the online environment benefits consumers and commercial interests alike.

An important theme of the green paper is trust – how risks to cybersecurity threaten it and how maintaining this trust is critical to a robust Internet and Information Innovation Sector (called I3S in the paper). While maintaining that trust will be a challenge, USACM’s comments make recommendations for policies to help us get there.

    • Increase software developer accountability for the products they produce and market, thus saving businesses from ever having to make the difficult decision between innovation and market share and security.
    • Create comprehensive web security and web application standards, as well as reasonably constrained data retention policies and practices, which will be vital as more businesses place data within cloud computing environments to quickly implement innovative business processes and minimize infrastructure and security costs.
    • Increase research in web application and services security that seeks, among other things, new approaches to accommodate increased wireless access via mobile devices.
    • Widespread security education for both businesses and customers to strengthen cybersecurity within the I3S. This can be achieved with the use of practical resources and processes to secure businesses’ web applications and services and by providing usable guidance to consumers to help them become more security conscious.