U.S. Department of Commerce Cites ACM U.S. Public Policy Council

By Renee Dopplick, ACM Director of Public Policy

The U.S. Department of Commerce’s new Green Paper: Fostering the Advancement of the Internet of Things references and cites input provided by the ACM U.S. Public Policy Council, particularly as related to IoT privacy and security and the possible roles the U.S. government should play in the evolution of IoT. The Department invites additional input on its proposed approach, current initiatives, and next steps. The ACM U.S. Public Policy Council plans to provide additional comments to the Department.

The Green Paper cites the ACM U.S. Public Policy Council for the following:

  • The Department agreed with the ACM U.S. Public Policy Council and a few other commentators that it is premature to define IoT and that further discussion is needed. Defining the scope of the term now could risk inadvertently limiting innovation and the potential of IoT.
  • Privacy and security issues are specific policy categories to address.
  • Fixing security flaws and having methods to allow updates from reputable sources is important, even if the original manufacturer or service provider no longer supports the device or is no longer in business.
  • Without patching capabilities, it is difficult to mitigate devices’ known security flaws on a large scale.
  • The security research community needs greater recognition for its role. The research community can independently discover, assess, and correct cybersecurity vulnerabilities.
  • The Department noted that the ACM U.S. Public Policy Council and a few other commentators argue that IoT raises novel privacy concerns.
  • The U.S. government can play an important role in fostering the development of IoT through government application, procurement, and international engagement.

The ACM U.S. Public Policy Council submitted comments in June 2016. The comments were developed by the Council’s Working Group on IoT, Co-Chaired by Alan Rea and Nick Feamster, in collaboration with the Privacy Committee, Chaired by Brian Dean, and the Security Committee, Chaired by Alec Yasinsac.

About the ACM U.S. Public Policy Council
These comments were developed by the ACM U.S. Public Policy Council (USACM), which serves as the focal point for ACM’s interaction with the U.S. government in all matters of U.S. public policy related to information technology. The membership of the ACM U.S. Public Policy Council is comprised of computer scientists, educators, researchers, and other technology professionals. ACM U.S. Public Policy Council statements represent the views of the Council and do not necessarily represent the views of the Association.