Author Archives: David

ACM Washington Update, Vol. 10.2 (February 28, 2006)

CONTENTS [1] Newsletter Highlights [2] ACM Releases Major Report on the Globalization of Software [3] USACM Releases Study on Voter Registration Databases [4] Software Pioneer Peter Naur Wins ACM’s Turing Award [5] USACM Executive Committee Gathers to Set Goals for the Year Ahead [6] Cerf Cautions Congress on Internet Fast Lanes [7] Upcoming Events [8] [...]

Posted in ACM/USACM News | Comments closed

Software Pioneer Peter Naur Wins ACM’s Turing Award

ACM has named Peter Naur the winner of the 2005 A.M. Turing Award. The award is for Naur’s pioneering work on defining the Algol 60 programming language. Algol 60 is the model for many later programming languages, including those that are indispensable software engineering tools today. The Turing Award, considered the “Nobel Prize of Computing” [...]

Posted in ACM/USACM News, Events | Comments closed

Turing Award winner cautions Congress about Internet fast lanes

Members of the Senate Commerce, Science, and Transportation Committee met this week for a hearing into so-called “Net Neutrality,” the range of issues surrounding whether or not telecommunications companies should be prevented from providing (for a price) faster speeds or better access for some (perhaps at the expense of others) or whether Congress should step [...]

Posted in Innovation | Comments closed

ACM Washington Update, Vol. 10.1 (January 31, 2006)

CONTENTS [1] Newsletter Highlights [2] President Calls for Doubling of NSF and New Science and Math Education Programs [3] USACM Urges Congress to Adopt a Broader View of Data Security, ChoicePoint Gets Hammered by the FTC [4] Quest for More Information on NSA Spying Continues [5] Senate Commerce Confronts Broadcast Flag Issue [6] Sony BMG [...]

Posted in ACM/USACM News | Comments closed

ChoicePoint gets largest ever FTC civil penalty

ChoicePoint, the data broker at the center of the data breach controversy that erupted last year (and continues to play out even now), has received a $10 million fine from the Federal Trade Commission and, in addition, has agreed to contribute another $5 million to a fund aimed at helping those who were harmed following [...]

Posted in Privacy and Security | Comments closed

USACM urges policymakers to adopt a broader view of data security

Following last year’s numerous high-profile data breaches (which we’ve been covering closely), there are now numerous pieces of data security and privacy legislation pending in Congress — coming under the jurisdiction of numerous committees and using a range of different approaches. Indeed, the field is so crowded that it’s difficult to tell which bills have [...]

Posted in ACM/USACM News, Privacy and Security | Comments closed

Sony BMG settling “rootkit” cases

Last week the Wall Street Journal [subsc. req'd] reported that Sony BMG has reached tentative settlements in a number of class-action law suits brought against the company as a result of the recent “rootkit” fiasco (described in our November newsletter). According to the Journal article, the settlements provide that … consumers would be able to [...]

Posted in Intellectual Property, Privacy and Security | Comments closed

ACM Washington Update, Vol. 9.12 (December 31, 2005)

CONTENTS [1] Newsletter Highlights [2] USACM Chair Comments on Pentagon Cybersecurity [3] Congress Creates New $4.5 Billion Math and Science Educ. Program [4] News of NSA Eavesdropping Program Prompts Data Mining Speculation [5] Congress Extends Patriot Act … For a Few Weeks [6] EU Data Retention Law Passes [7] Upcoming Events [8] About USACM

Posted in ACM/USACM News | Comments closed

USACM chair comments on Pentagon cybersecurity

Prof. Eugene Spafford, USACM Chair and executive director of Purdue University’s Center for Education and Research in Information Assurance and Security (CERIAS), was interviewed recently as part of a National Public Radio (NPR) Morning Edition piece on Department of Defense (DOD) cybersecurity: Pentagon Faces Computer Security Problems by Vicky O’Hara Morning Edition, December 12, 2005 [...]

Posted in ACM/USACM News, Privacy and Security | Comments closed

E-voting tensions rising in North Carolina

North Carolina’s State Board of Elections created quite a stir recently when, surprisingly, it decided to certify Diebold e-voting equipment for use in the state despite a still-running debate about the state’s new source code “escrow” rules and the company’s compliance with them. The requirements call on companies to deposit the source code for their [...]

Posted in E-voting | Comments closed

ACM Washington Update, Vol. 9.11 (November 30, 2005)

CONTENTS [1] Newsletter Highlights [2] USACM Writes to Virginia Policymakers on E-voting [3] Data Security Bills Progressing, but Passage Unlikely by Year End [4] House Committees Investigate “Fair Use” and the “Analog Hole” [5] R&D Programs Weather Tough Budget Climate (So Far) [6] Sony Rootkit Stirs Controversy, While Senate Spyware Bill Advances [7] ICANN Retains [...]

Posted in ACM/USACM News | Comments closed

USACM writes to policymakers in Virginia on e-voting

Yesterday, USACM sent a letter to Virginia Delegate Tim Hugo, chair of the Joint Subcommittee Studying the Certification, Performance, and Deployment of Voting Equipment, regarding the issue of voter-verified paper records and electronic voting machines. The subcommittee is scheduled to hold a hearing on Monday, November 21, 2005, to address the issue (an agenda for [...]

Posted in ACM/USACM News, E-voting | Comments closed

IT heavyweight joins push for preemptive federal privacy legislation

Recently, Microsoft added its voice to those calling for uniform federal privacy legislation that preempts individual state laws. Brad Smith, a senior VP and general counsel for the company, made the announcement at a recent Congressional Internet Caucus gathering: Over the past few years … several factors have altered the privacy landscape in such a [...]

Posted in Privacy and Security | Comments closed

ACM Washington Update, Vol. 9.10 (October 31, 2005)

CONTENTS [1] Newsletter Highlights [2] USACM Chair Warns Against Underfunding Cybersecurity Research [3] USACM and Others Criticize DoD Export Proposal [4] Data Security Legislation Moving Forward in Congress [5] U.S. Passports to Get RFID Chips [6] U.S. Resisting U.N. Pressure on Internet Governance [7] Events in November [8] About USACM [An archive of all previous [...]

Posted in ACM/USACM News | Comments closed

USACM Chair cautions against underfunding cybersecurity research

USACM Chair Gene Spafford testified today at a House Armed Services Committee hearing as part of a cybersecurity panel on “Asymmetric and Unconventional Threats.” He was joined on the panel by David Grawrock (Intel) and Paul Kurtz (Cyber Security Industry Alliance). Spafford’s written testimony can be found here. In his oral comments, Spafford stressed several [...]

Posted in ACM/USACM News, Innovation, Privacy and Security | Comments closed

Senate committee approves privacy/data protection bill

Thursday the Senate Judiciary committee approved (by voice vote) Senator Jeff Sessions’ (R-AL) “Notification of Risk to Personal Data Act” (S. 1326). The bill calls for the creation of data protection programs, mandates security breach notifications, and provides for the preemption of similar state laws. It was one of a number of data protection bills [...]

Posted in Privacy and Security | Comments closed

Little progress seen toward securing nation’s critical infrastructure

The House Homeland Security Committee yesterday heard testimony regarding the security of the nation’s supervisory control and data acquisition (SCADA) systems — the computer systems used to control such things as water flow through dams, the operation of power plants, and so on. The occassion was a joint hearing between the Subcommittee on Economic Security, [...]

Posted in Privacy and Security | Comments closed

USACM and others criticize DOD export proposal

USACM and more than 100 other respondents recently filed comments with the Department of Defense criticizing its proposed changes to the Defense Federal Acquisition Regulation Supplement (DFARS). Among other things, the proposal mandates that all DOD contracts include a clause requiring contractors to 1. Create and maintain unique badges for foreign nationals and foreign persons [...]

Posted in ACM/USACM News, Privacy and Security | Comments closed

Spafford and Lazowska on cybersecurity R&D

There are a couple of interesting cybersecurity items currently worthy of your attention: * USACM Chair Eugene Spafford makes comments on the Department of Defense’s approach to cybersecurity in a recent Federal Computer Week article: [...] Spafford said incremental changes will not strengthen existing networks and a whole new approach [to DOD cybersecurity] is needed. [...]

Posted in Privacy and Security | Comments closed

ACM Washington Update, Vol. 9.9 (September 30, 2005)

CONTENTS [1] Newsletter Highlights [2] Carter-Baker Commission Report a Mixed Bag [3] Senate Judiciary Committee: Busy and in the Spotlight [4] Secure Flight Working Group Against Live System Testing [5] Cybercrime on the Rise [6] Barbara Simons Presented with Lifetime Achievement Award [7] Calling All Techies [8] Events in October [9] About USACM [An archive [...]

Posted in ACM/USACM News | Comments closed

Carter-Baker Commmission gets it partly right

Update (Sept. 26) — Carter and Baker have issued a response to some of the criticism their report has received — their comments appeared in the NY Times on Sept. 23 and are available here. As pointed out in today’s Washington Post, the Federal Commission on Election Reform (led by former president Jimmy Carter and [...]

Posted in E-voting, Privacy and Security | Comments closed

Barbara Simons receives UC Berkeley Lifetime Achievement Award

USACM’s Barbara Simons recently received a Distinguished Engineering Alumni Award for Lifetime Achievement from UC Berkeley. Currently she is a member of USACM’s executive committee and is co-chairing ACM’s study of statewide voter registration databases. The full ACM release regarding the award appears below:

Posted in ACM/USACM News | Comments closed

ACM Washington Update, Vol. 9.8 (August 31, 2005)

CONTENTS [1] Newsletter Highlights [2] Commerce Dept. Gets an Earful on Proposed Export Rule Changes [3] Is the U.S. Research Environment Hostile to Foreigners? [4] Turing Award Lecture Focuses on Internet’s Impact [5] Pressure Building in States Against Real ID Act [6] California Legislature Kills RFID Restrictions [7] USACM Looks Back at FY2005 [8] Events [...]

Posted in ACM/USACM News | Comments closed

Department of Commerce gets an earful on proposed export rule changes

At around 84 megabytes, the PDF file containing the largely negative response to the Department of Commerce Bureau of Industry and Security’s (BIS’s) recent advanced notice of proposed rulemaking regarding proposed changes to U.S. deemed export regulations is one hefty document. It contains the comments of over 300 respondents — universities, researchers, scientists, medical organizations, [...]

Posted in Innovation, Privacy and Security | Comments closed

Is the U.S. creating a hostile environment for foreign researchers?

The NY Times yesterday ran a troubling article about the visa problems of a Chinese cryptographer who was unable to present an important paper detailing her research on SHA-1 at this week’s Crypto 2005 conference: On Monday, [Xiaoyun Wang] was scheduled to explain her discovery in a keynote address to an international group of researchers [...]

Posted in Innovation | Comments closed

States balk at Real ID Act’s price tag

The Seattle Post-Intelligencer reports on the feelings of some state lawmakers (who are gathering this week for a meeting of the National Conference of State Legislatures) regarding the impending implementation of the Real ID Act. The crux of the issue for many state lawmakers is just who should pay the act’s costs: [State leaders at [...]

Posted in Privacy and Security | Comments closed

California bill would limit state’s use of RFID in identification cards

With things relatively quiet in Washington just now (it is August, after all), we have a chance to take a closer look at an interesting law that is pending in the California legislature: S.B. 682, Senator Simitian’s “Identity Information Protection Act.” The bill has two main purposes: 1. Prohibit the inclusion of “contactless integrated circuit” [...]

Posted in Privacy and Security | Comments closed

USACM looks back at FY2005

Now that it’s August — typically a relatively quiet time in Washington and policy circles (and a time where our blog posts will be light) — it seems like a good point for a bit of reflection. To that end, we’d like to point out that USACM has just released its annual report for fiscal [...]

Posted in ACM/USACM News | Comments closed

WGIG report draws U.S. fire

The U.N. Working Group on Internet Governance (WGIG) recently issued its final report. The report makes a number of recommendations and proposals aimed at, among other things, creating a global multi-stakeholder forum (linked to the U.N.) to address Internet-related public policy issues and fostering full participation in Internet governance arrangements by developing countries. However, the [...]

Posted in Miscellaneous | Comments closed

ACM Washington Update, Vol. 9.7 (July 31, 2005)

CONTENTS [1] Newsletter Highlights [2] Picture of Data Security/Privacy Legislation Getting Clearer [3] The Grokster Decision: Lawyers Debate Inducement; Senators Come Down Hard on the Technology Industry [4] Turing Award Winner Blasts Current State of Federal R&D Funding [5] Pentagon Proposes New Restrictions on Research [6] Congress moves to Bolster Math and Science Programs [7] [...]

Posted in ACM/USACM News | Comments closed

Senate Commerce Committee joins the data security & privacy fray

Not to be outdone by other Congressional committees working to address the current data security and privacy crisis illustrated by this year’s numerous data breach disclosures and controversies, the Senate Commerce committee has decided to wade into the debate and is set to markup S. 1408 on Thursday. The bill, dubbed the Identity Theft Protection [...]

Posted in Privacy and Security | Comments closed

Pentagon seeking new controls on foreign researchers’ access to sensitive tech

A recent article in the Chronicle of Higher Education [subscription req'd] points us to proposed rule changes from the Department of Defense that would create new restrictions on foreign researchers’ access to export-controlled technology: The proposed rules would require foreign researchers to wear badges and would require laboratories to contain segregated work areas to control [...]

Posted in Privacy and Security | Comments closed

Data security & privacy bill part of a crowded Senate agenda (Part 2)

In part one, we took a look at some of the bill’s basic characteristics, its political context, and its likely prospects. In this part, we’ll address what we see as some areas of concern with the bill: Complexity, Imprecision — The bill sets forth a very dense, complex regulatory framework for data security and protecting [...]

Posted in Privacy and Security | Comments closed

Data security & privacy bill part of a crowded Senate agenda (Part 1)

Senator Russ Feingold (D-Wis.) recently added his support to the “Personal Data Privacy and Security Act” (S. 1332), an important bill from Senators Specter and Leahy that we described briefly in a recent post. At over 90 pages, the bill is a comprehensive (and complex) attempt to address the privacy and security issues that have [...]

Posted in Privacy and Security | Comments closed

ACM Washington Update, Vol. 9.6 (June 30, 2005)

CONTENTS [1] Newsletter Highlights [2] Supreme Court Rules Against Grokster, Preserves Sony Safe Harbor [3] Proposed Export Rules Could Stifle Innovation [4] Powerful Senators Introduce Privacy and Security Bill [5] USACM Urges Reconsideration of Real ID Provisions [6] PITAC Issues Computational Science Report, Then Expires [7] Cerf and Kahn Presented with ACM’s 2004 A.M. Turing [...]

Posted in ACM/USACM News | Comments closed

Specter, Leahy introduce Personal Data Privacy and Security Act

Reacting to the current troubling situation regarding data security and privacy in the U.S., two powerful senators introduced legislation yesterday designed to better protect sensitive personal information. Senator Arlen Specter (R-PA) and Senator Patrick Leahy (D-VT) — the two most powerful members of the Senate Judiciary Committee — put forward the “Data Privacy and Security [...]

Posted in Privacy and Security | Comments closed

Latest data breach may fuel the push for federal regulation of data security

The NY Times has more information (and two follow-up articles) about the staggering loss of data at a credit card transaction processing company that came to light over the weekend: The security breach was first reported Friday when MasterCard International said a lapse at CardSystems had allowed the installation of a rogue computer program that [...]

Posted in Privacy and Security | Comments closed

Senators considering ID theft solutions

Update – June 18: Details are emerging this weekend of a very large scale data breach of credit card data at a transaction processing center affecting some 40 million files. More details are available at the Washington Post and the NY Times. Yesterday the Senate Commerce, Science & Transportation Committee held a hearing on identity [...]

Posted in Privacy and Security | Comments closed

More scrutiny of e-voting in Ireland

EDRi’s latest newsletter informs us about a recent article in the Irish Times [subscription required] describing the Irish government’s plans to subject their e-voting machines to additional security and risk-related scrutiny: The Government has initiated a new round of assessment and testing of the controversial €60 million electronic voting system currently in storage. An advertisement [...]

Posted in E-voting | Comments closed

Private investigators getting nervous

The Washington Post has an article today about the ongoing work of private investigators to prevent policymakers (and some data brokers) from limiting their access to Social Security numbers, a key tool of their trade for tracking individuals: Private investigators are working to blunt legislation that cracks down on the active marketplace for Social Security [...]

Posted in Privacy and Security | Comments closed

NYT, EFF, and others push for more support for Holt e-voting bill

The NY Times is running an editorial today urging House members to support Rep. Rush Holt’s electronic voting bill (H.R. 550): There are many problems with American elections, but none more serious than the rise of paperless electronic voting, whose results cannot be trusted. Grass-roots reformers are in the middle of a two-day lobbying blitz [...]

Posted in E-voting | Comments closed

Citigroup reveals data loss

Update: The NY Times published a thoughtful follow-up article on data security today. Citigroup has become the latest member of a group of large companies that have suffered major data losses or breaches in the last several months. As reported in today’s Washington Post: A unit of financial services giant Citigroup Inc. said yesterday that [...]

Posted in Privacy and Security | Comments closed

USACM Urges Reconsideration of Real ID Provisions

The Electronic Privacy Information Center (EPIC) convened a meeting today to look into the range of policy, technical, and social issues surrounding national identification systems in light of the recently passed Real ID Act, something we’ve been quite active on recently. In April, USACM sent the Senate a letter outlining its concerns about the security [...]

Posted in ACM/USACM News, Privacy and Security | Comments closed

NYT: Virtually Unprotected

The NY Times ran an editorial today sounding the cybersecurity alarm (again): [...] Experts have long warned that the nation’s power, transportation and communications systems are vulnerable to “cyberattacks” that could devastate the economy and cause huge damage to life and property. Now a new government report has concluded that far too little is being [...]

Posted in Privacy and Security | Comments closed

ACM Washington Update, Vol. 9.5 (May 31, 2005)

CONTENTS [1] Newsletter Highlights [2] Congress, Media, and Research Societies Bring National Attention to IT R&D Funding, USACM Weighs in [3] ACM Voter Registration Database Study Calls for More Details in EAC Guidance [4] USACM Provides Testimony to House Science Committee Hearing [5] Congress Begins Work to Fund Research Agencies [6] Congressmen Announce “Innovation Summit” [...]

Posted in ACM/USACM News | Comments closed

Spyware bills pass House

With most eyes focused (understandably) on the Senate’s judicial filibuster fight, the House of Representatives yesterday passed two pieces of spyware legislation: H.R. 29 — Rep. Mary Bono’s (R-CA) Securely Protect Yourself Against Cyber Trespass Act (SPY Act), which would, among other things, prohibit deceptive acts or practices intended to take unsolicited control of the [...]

Posted in Privacy and Security | Comments closed

Little clearing in privacy/personal information issues

Federal Trade Commissioner (FTC) Orson Swindle had some strong words recently for business leaders attending a meeting on cybercrime convened by the Business Software Alliance and the Center for Strategic and International Studies (as reported in National Journal’s Tech Daily [subscription req'd]): “Industry has been irresponsible, and someone’s got to pay,” [he said ...] Swindle [...]

Posted in Privacy and Security | Comments closed

Computing research community: Boost federal funding levels for fundamental IT R&D

The House Science Committee held a hearing yesterday on computer science research. USACM and CRA, along with a number of other organizations concerned about the future of computing research, issued joint testimony for the hearing: [F]ederal investment helps fuel the innovation that insures the U.S. remains the world leader in business, that we have the [...]

Posted in ACM/USACM News, Innovation | Comments closed

Congressmen announce “Innovation Summit”

At a Capitol Hill press conference yesterday, a group of House members announced plans to hold a national “Innovation Summit” later this year. The event was led by Rep. Frank Wolf (R-VA), along with his Congressional colleagues Rep. Vern Ehlers (R-MI), Rep. Sherwood Boehlert (R-NY), and Rep. Don Manzullo (R-IL). They were joined by former [...]

Posted in Events, Innovation | Comments closed

Court rejects broadcast flag

Infoworld has the following article on a recent legal setback for the entertainment industry: Court tosses out FCC’s Broadcast Flag In an opinion that is bound to stir fierce debate over television broadcast piracy protections, the U.S. Court of Appeals struck down the Federal Communications Commission’s “broadcast flag” regulation meant to set out anti-piracy guidelines [...]

Posted in Intellectual Property | Comments closed

Schneier on Real ID

Security expert Bruce Schneier has a sobering post on the Real ID Act today: REAL ID The United States is getting a national ID card. The REAL ID Act … establishes uniform standards for state driver’s licenses, effectively creating a national ID card. It’s a bad idea, and is going to make us all less [...]

Posted in Privacy and Security | Comments closed

Patterson & Lazowska write op-ed on support for computing research

Peter Harsha at the Computing Research Association (CRA) has a good report on a recent op-ed in Science by former CRA Board members and current PITAC members Ed Lazowska and David Patterson (who also happens to be President of ACM and a member of USACM’s Executive Committee). Quoting Peter, the article discusses “the impact of [...]

Posted in Innovation | Comments closed

ACM Washington Update, Vol. 9.4 (Apr. 29, 2005)

CONTENTS [1] April Proves to be a Busy Month for ACM Policy Activities [2] ACM Provides Testimony to EAC on Voter Databases [3] USACM Questions Real ID Act’s Security Standards [4] High-Performance Computing Legislation Passes House [5] EAC Technical Committee Adopts Voting System Standards; EAC Commissioner Resigns [6] Cyber Czar Legislation Takes First Step in [...]

Posted in ACM/USACM News | Comments closed

Congress May Require Closer Scrutiny to Get a Driver’s License

From the front page of today’s NY Times, an article on the Real ID Act’s progress: WASHINGTON, May 2 – Congress is moving quickly toward setting strict rules on how states issue driver’s licenses, requiring them to verify whether each applicant for a new license or a renewal is in this country legally. A House [...]

Posted in Privacy and Security | Comments closed

Alleged ID theft at DC Blockbuster

From an article in this morning’s Washington Post: A former employee of the Blockbuster video store in [Washington's] Dupont Circle [neighborhood] has been indicted on charges of stealing customers’ identities, then using them to buy more than $117,000 in trips, electronics and other goods, including a Mercedes-Benz. A grand jury charged that Miles N. Holloman [...]

Posted in Privacy and Security | Comments closed

Soaries resigning from Election Assistance Commission

Current Election Assistance Commission (EAC) member and former EAC chairman DeForest B. Soaries Jr. recently announced his resignation from the EAC, citing, among other things, dissatisfaction with the level of support the EAC has received from the federal government: “All four of us had to work without staff, without offices, without resources,” Mr. Soaries said. [...]

Posted in E-voting | Comments closed

Chairman Barton speaks out again on protecting personal information

The New York Times recently ran an editorial pointing out how crucial California’s data breach notification law has been in bringing to light the current vulnerabilities of personal information:

Posted in Privacy and Security | Comments closed

WSJ article points to relative weakness of US online banking security

The Wall Street Journal (subscription required) has an article today that describes how many European banks have tighter security for online banking:

Posted in Privacy and Security | Comments closed

Data brokers continue to face intense scrutiny from lawmakers

Chairman Arlen Specter (R-PA) presided over a Senate Judiciary Committee hearing yesterday looking further into recent breaches of personal information at data brokers like ChoicePoint, LexisNexis, and Acxiom. The hearing served to deepen the sense in Washington that Congressional action to regulate data brokers and the commercial use of personal information is inevitable at this [...]

Posted in Privacy and Security | Comments closed

Questions (and suggestions) about DHS CPO

Declan McCullagh’s most recent article provides some interesting insight into the power and effectiveness of the Department of Homeland Security’s Chief Privacy Officer (CPO), Nuala O’Connor Kelly. The article seems to reinforce the notion that privacy concerns aren’t always taken as seriously within DHS as they are within other organizations that have CPOs: Nuala O’Connor [...]

Posted in Privacy and Security | Comments closed

USACM writes to policymakers in Hawaii on e-voting

USACM today sent a letter to state policymakers in Hawaii to call their attention to the e-voting statement that ACM adopted last year. The letter seeks to offer USACM’s technical and policy input as electronic voting legislation works its way through the Hawaii legislature (something that’s currently going on in many state legislatures across the [...]

Posted in ACM/USACM News, E-voting | Comments closed

From bad to worse

If you were thinking that the controversy over recent large-scale data breaches and identity theft was settling down into a nice orderly policy debate, think again: LexisNexis Data on 310,000 People Feared Stolen NEW YORK/AMSTERDAM (Reuters) – Data broker LexisNexis said Tuesday that personal information may have been stolen on 310,000 U.S. citizens, or nearly [...]

Posted in Privacy and Security | Comments closed

States Scramble To Protect Data

“Legislatures in more than two dozen states are considering ways to give consumers more control over personal information that is collected and sold by private firms, but many of the proposals are drawing fire from financial services companies. Bills are on the table in 28 states responding to a series of high-profile security breaches at [...]

Posted in Privacy and Security | Comments closed

DHS privacy chief advises new panel to focus on due process, redress

Wednesday (April 6) saw the first meeting of the Department of Homeland Security’s new Data Privacy and Integrity Advisory Committee (the creation of which we covered earlier here). The 20-member committee will be led by the Heritage Foundation’s Paul Rosenzweig (chair) and Lisa Sotto (vice chair), a Hunton and Williams partner. The committee heard from [...]

Posted in Privacy and Security | Comments closed

ACM Washington Update, Vol. 9.3 (March 31, 2005)

CONTENTS [1] U.S. Supreme Court Hears Arguments in MGM v. Grokster [2] USACM Calls for Stronger Cybersecurity in Power Plants [3] Experts Begin Voter-Registration Database Study [4] Momentum Turns Toward Privacy Protection [5] Legislation on the Move [6] Innovation Finds Another Champion [7] Events to Watch In April [8] About USACM [An archive of all [...]

Posted in ACM/USACM News | Comments closed

NYT editorial: When David Steals Goliath’s Music

“The battle over online music piracy is usually presented as David versus Goliath: the poor student in his dorm hunted down by a music conglomerate. It is easy, in that matchup, to side with the student. But when the Supreme Court takes up the issue this week, we hope it considers another party to the [...]

Posted in Intellectual Property | Comments closed

Grokster and StreamCast face the music

“The entertainment industry is taking its battle against illegal downloading to America’s Supreme Court. But attacking the technology behind file-sharing could stifle innovation without tackling the industry’s long-term problems [...] THE music business should have stuck by Thomas Edison’s technology if it wanted to avoid the threat of piracy. His wax cylinders could record a [...]

Posted in Intellectual Property | Comments closed

Wash Post editorial: Up for the Count

“MARYLAND VOTERS will never know for sure whether their election choices last year were recorded correctly — and the same uncertainty could haunt them next year if lawmakers again fail to address a serious defect in the touch-screen voting machines used throughout the state. When functioning properly — and the state elections administrator, Linda H. [...]

Posted in E-voting | Comments closed

Momentum Turns Toward Privacy Protection

One thing became crystal clear during this week’s hearings involving the leaders of information brokers ChoicePoint and LexisNexis (among others) by a House Energy and Commerce subcommittee and the Senate Banking Committee (here and here): namely, the intent of policymakers to take action toward regulating the information brokerage industry. Indeed, the question now is less [...]

Posted in Privacy and Security | Comments closed

Strong language from lawmakers on data brokers

Some strong words from powerful policymakers in a NY Times article today: “I personally see no socially redeeming value in anyone having the right to give away and sell my personal information unless I approve it,” the chairman of the House Energy and Commerce Committee, Joe Barton, said yesterday. “Under current law these companies [information [...]

Posted in Privacy and Security | Comments closed

Capitol Hill beginning to stir following ChoicePoint debacle as news breaks on LexisNexis breach

LexisNexis, a large international provider of legal and business data, announced today that it, too, had recently been the vicitim of identity thieves. A Washington Post article this afternoon describes how “data on 32,000 consumers was fraudulently gathered in a series of incidents.” Among the data were such things as names, addresses, Social Security numbers [...]

Posted in Privacy and Security | Comments closed

Bono spyware bill advances

U.S. Rep. Mary Bono’s (R-CA) “Securely Protect Yourself Against Cyber Trespass Act (or “SPY ACT”) passed another hurdle earlier today as the full House Energy and Commerce Committee held a hearing to mark up H.R. 29. The measure has fairly wide bipartisan support and counts 58 cosponsors as of this writing.

Posted in Privacy and Security | Comments closed

Former cybersec czar comments on Real ID and more

“Have you ever wondered what good it does when they look at your driver’s license at the airport? Let me assure you, as a former bureaucrat partly responsible for the 1996 decision to create a photo-ID requirement, it no longer does any good whatsoever. [...] Congress is debating the Real ID bill [click here for [...]

Posted in Privacy and Security | Comments closed

Data Providers Lobby to Block More Oversight

“[...] For years, fears of identity theft and improper disclosure of private information have fueled calls for tighter regulation of the mountains of personal data now electronically available to employers, insurance companies, lenders and others. Those anxieties have risen since ChoicePoint revealed last month that alleged identity thieves had duped the company into selling the [...]

Posted in Privacy and Security | Comments closed

ACM & CRA Host UMich SI Intern

Maurice Solomon, a graduate student in information economics and policy at the University of Michigan School of Information, is spending the week working with the ACM and CRA Washington D.C. offices. The visit is part of the school’s Alternative Spring Break program, which seeks to help students gain experience and learn new skills though partnerships [...]

Posted in ACM/USACM News, Education and Workforce | Comments closed

ACM Washington Update Vol. 9.2 (February 28, 2005)

CONTENTS [1] Successful Policy Summit Focuses USACM’s Agenda [2] USACM Joins Legal Scholars To Protect Innovation [3] USACM Weighs in on High-Performance Computing Legislation [4] ChoicePoint Privacy Breach Getting Congressional Attention [5] Real ID Act Passes U.S. House of Representatives [6] Congress Organizes (Mostly): IT Policy Implications [7] Events to Watch In March [8] About [...]

Posted in ACM/USACM News | Comments closed

Still more on the ChoicePoint case

“The recently disclosed privacy breach at the data collection giant ChoicePoint, in which con artists gained access to the Social Security numbers, addresses and other personal data of nearly 145,000 people, has exposed the shortcomings of the laws governing the data-mining industry and consumer privacy. [...] But whatever the specific legal fallout of the ChoicePoint [...]

Posted in Privacy and Security | Comments closed

ChoicePoint theft may usher in regulation

“A major break-in at one of the nation’s largest information brokers could usher in regulation for companies that have trafficked in data unfettered for years, computer-security experts and privacy advocates say. New York, Texas and Georgia are among states pressing for laws that mirror California’s breach law, which requires companies to notify residents if their [...]

Posted in Privacy and Security | Comments closed

ChoicePoint sued over identity theft

“A California woman has sued ChoicePoint Inc. for fraud and negligence after criminals gained access to a database of personal records compiled by the company. The suit, which seeks class-action status, was filed in Los Angeles Superior Court last Friday and claims that for at least five months the company failed to adequately protect people’s [...]

Posted in Privacy and Security | Comments closed

New-look passports

“[...] At America’s insistence, passports are about to get their biggest overhaul since they were introduced. They are to be fitted with computer chips that have been loaded with digital photographs of the bearer (so that the process of comparing the face on the passport with the face on the person can be automated), digitised [...]

Posted in Privacy and Security | Comments closed

ChoicePoint fraud case likely to generate activity in Congress

“One of the nation’s largest commercial information services said yesterday that thousands of Washington area residents were among those whose personal and financial details were sold to fraud artists apparently behind a nationwide identity theft scheme. As many as 4,500 residents in the District, Maryland and Virginia were among up to 145,000 people whose names, [...]

Posted in Privacy and Security | Comments closed

NYT editorial: Tackling Election Reform

“After a second consecutive presidential election marred by significant flaws in the mechanics of voting, it’s time for Congress to take a hard look at fixing the system. Two Senate bills aim to do that. A Republican-sponsored bill is narrowly tailored around making electronic voting more reliable. A more ambitious bill, sponsored by the Democrats, [...]

Posted in E-voting | Comments closed

Plan for patenting software stalls in Europe’s parliament

“In a rare move, the European Parliament demanded Thursday that a controversial proposal for a law on software patents be scrapped and that the debate begin anew. The proposed law is intended to harmonize the patent rules of the 25 countries in the European Union. Current laws do not permit software patents, but some have [...]

Posted in Intellectual Property | Comments closed

More on ChoicePoint fraud case

“One of the nation’s biggest information services has begun warning more than 100,000 people across the country they may be targets of fraud, following disclosures the company inadvertently sold personal and financial records to fraud artists apparently involved in a massive identity theft scheme. ChoicePoint Inc. electronically delivered thousands of reports containing names, addresses, Social [...]

Posted in Privacy and Security | Comments closed

Cerf and Kahn Receive 2004 ACM Turing Award

“ACM, the Association for Computing Machinery, has named Vinton G. Cerf and Robert E. Kahn the winners of the 2004 A.M. Turing Award, considered the “Nobel Prize of Computing,” for pioneering work on the design and implementation of the Internet’s basic communications protocols. [...] ACM President David Patterson said the collaboration of Cerf and Kahn [...]

Posted in ACM/USACM News, Events | Comments closed

More on Real ID Act

Declan McCullagh has a new article about the Real ID Act, which (as we reported here) easily passed the House of Representatives last week. Among other things, Declan reports on the opposition to the bill by Rep. Ron Paul (R-TX), one of “eight Republicans to object to the measure.” Declan also addresses the legislation’s chances [...]

Posted in Privacy and Security | Comments closed

Database giant gives access to fake firms

“Criminals posing as legitimate businesses have accessed critical personal data stored by ChoicePoint Inc., a firm that maintains databases of background information on virtually every U.S. citizen, MSNBC.com has learned. The incident involves a wide swath of consumer data, including names, addresses, Social Security numbers, credit reports and other information. ChoicePoint aggregates and sells such [...]

Posted in Privacy and Security | Comments closed

Real ID Act passes the House

Yesterday House Judiciary Committee Chairman James Sensenbrenner’s (R-WI) immigration bill, the Real ID Act (H.R. 418), was passed by the U.S. House of Representatives. The bill is intended to disrupt terrorist travel and bolster U.S. border security and includes much of the immigration reform language that was dropped from last year’s intelligence overhaul legislation (discussed [...]

Posted in Privacy and Security | Comments closed

Bill proposes e-voting paper trail

” Voting machines must include a verifiable paper trail and audit capability in time for the 2006 elections, according to a bill introduced this week in Congress. [...] Called the Voting Integrity and Verification Act, the bill says states must allow the “voter to review an individual paper version of the voter’s ballot before the [...]

Posted in E-voting | Comments closed

Parents Protest Student Computer ID Tags

“SUTTER, Calif. (AP) — The only grade school in this rural town is requiring students to wear radio frequency identification badges that can track their every move. Some parents are outraged, fearing it will take away their children’s privacy. The badges introduced at Brittan Elementary School on Jan. 18 rely on the same radio frequency [...]

Posted in Privacy and Security | Comments closed