|
|  |
|
Lobbying
Tech Group Urges Passage Of Data Protections
by Heather Greenfield
Members of the Cyber Security Industry Alliance are urging Congress to avoid the politics of last year and pass data-protection legislation. Members of the group made appeals during visits to Capitol Hill following CSIA's board meeting Thursday afternoon.
Despite millions of Americans impacted by identity theft and plenty of bills last year designed to encourage better protection of personal data, comprehensive legislation has not been enacted.
"We're at a juncture where there should be some action on this issue," said John Thompson, Symantec's CEO and the chairman of CSIA. "The number one challenge is a bill that can move."
Some of the proposed legislation would require notification of victims if data is compromised. The scope of the notification and what triggers the need for it varies. Some bills also would require or provide incentives for businesses or government agencies storing personal data to adopt best practices for securing it.
Thompson said CSIA is not supporting any specific legislation now. "What we're trying to say is action must be taken -- pick a bill," Thompson said.
CSIA Executive Director Liz Gasster said potential victims need the same security standards followed whether their personal data rests in government, bank or retailer computers.
Joseph Ansanelli, the chairman and CEO of Vontu, said CSIA would like legislation on disclosure that also provides a base security standard for all data holders to follow without proposing a specific standard. "Last year we just ran out of time," Ansanelli said.
Committee turf battles were an obstacle because multiple panels have jurisdiction over data security. House Financial Services Committee Chairman Barney Frank, D-Mass., tried to appeal to House Speaker Nancy Pelosi, D-Calif., for a working group of committee chairman to resolve differences and draft a bill this year. But House Energy and Commerce Chairman John Dingell, D-Mich., objected to that proposal in a letter to Pelosi.
This week, CEOs from member companies met with: Reps. Spencer Bachus, R-Ala.; James Clyburn, D-S.C.; John Conyers, D-Mich.; and Bobby Rush, D-Ill. The CSIA members also met with Sens. Robert Bennett, R-Utah, and Joseph Lieberman, I-Conn.
Rush introduced a bill, H.R. 958, that is before House Energy and Commerce. It aims to protect consumers by requiring "reasonable security policies" to protect computer data that contains personal information and also would create a nationwide notice if there is a security breach.
Gasster said the meetings were reassuring. She noted that Bachus, the House Financial Services Committee's ranking Republican said he would be working on the issue with Energy and Commerce ranking Republican Joseph Barton of Texas.
Thompson later met with Senate Majority Leader Harry Reid, D-Nev., to appeal to him to get committee chairs on the Senate side to work together and across party lines on data protection.
"Reid has said he's very interested in this legislation and has already been working with his committee chairs," said Tiffany Olsen Jones, a government relations manager at Symantec.
| |
|
Campaigns
State Actions On 'Robocalls' Raise Legal Questions
by Michael Martinez
Frustrated by the pervasiveness of automated "robocalls" in last year's elections, state legislators have authored measures to curtail their use in political campaigns.
More than a hundred bills targeting automated telephone calls have been introduced in more than two dozen states so far this year. Some of the measures, like one that cleared the Wisconsin Senate on Thursday, specifically address political calls. Others propose broader solutions to guard citizens against unwanted telemarketing.
According to a study by the Pew Internet and American Life Project and the Pew Research Center for the People and the Press, about two-thirds of registered voters received political robocalls in the run-up to last year's elections. State and federal lawmakers expressed concerns about the invasiveness of the calls and, in some cases, whether they were used to keep voters away from polling places.
But the push to curtail robocalls has unearthed some tricky legal questions. Because the calls are considered political speech, they have been exempted from the federal "do not call" list against unwanted telemarketing. States also are tangling with whether mandates that live operators precede all automated calls are pre-empted by federal law.
Indiana Attorney General Steve Carter sued the firm FreeEats.com last year after it placed robocalls on behalf of a U.S. House candidate. A federal judge in October upheld Indiana's law that requires live operators to obtain permission from robocall recipients before playing them recorded messages.
FreeEats, which was paid by the Economic Freedom Fund to place the calls, has appealed the case to the 7th U.S. Circuit Court of Appeals. Oral arguments were held earlier this month.
Milo Cividanes, an attorney whose firm is representing FreeEats in the Indiana case, said at the National Conference of State Legislatures' spring forum on Friday that its outcome would influence how federal and state lawmakers can regulate robocalls.
North Dakota sued FreeEats in 2004 to stop robocalls it was placing in a senatorial race there. FreeEats, which is based in Virginia, argued that North Dakota's automated calling laws did not apply because it was making the calls from outside the state.
The North Dakota Supreme Court ruled that the state statute is not pre-empted by federal law, and the firm that placed the calls was ordered to pay thousands of dollars in penalties.
Cividanes said that robocalling became a phenomenon during last year's elections and that candidates began using them more frequently because they realized how effective they are. He said robocalls may have been abused by some campaigns last year but added that there are ways to get the technology on more solid legal ground.
| |
|
Security
Government To Test Internet Routing In Space
by Winter Casey
The U.S. government is moving forward with a project to test Internet routing in space. Companies will work on a Defense Department plan to determine the feasibility of conducting military communications through an Internet router located there.
Last week, Intelsat General, a subsidiary of the commercial satellite company Intelsat, announced that it will manage the project, known as IRIS, which was funded and announced in fiscal 2007 as a joint capability technology demonstration by the Defense Department. Other companies set to work on the endeavor include Cisco Systems, Concerto Advisors, SEAKR Engineering and Space Systems/Loral.
"IRIS extends the Internet into space, integrating satellite systems and the ground infrastructure for war-fighters, first responders and others who need seamless and instant communications," Intelsat General CEO Bill Shernit said in a statement. "IRIS will enable U.S. and allied military forces with diverse satellite equipment to seamlessly communicate over the Internet from the most remote regions of the world."
According to Intelsat, the router would work like a computer processor in the sky and merge communications being received on various frequency bands. The router then would transmit signals to multiple users based on data instructions from a station on earth.
It is hoped that the router also would enable military units to communicate with each other across various forms of technology.
The Defense Information Systems Agency will be responsible for coordinating the use of the technology within government. The Defense Department chose the IRIS project from hundreds of other proposals. The space initiative will be funded as a Joint Capability Technology Demonstration.
The demonstration program is a revamped version of the Advanced Concept Technology Demonstrations initiative. ACTD was renamed and updated to better meet the challenges of the 21st century, address congressional concerns, and respond to recommendations made by the Government Accountability Office.
In April 2007, the Defense Department announced that it plans to work on 10 such demonstration projects. Two look to enhance maritime tracking and coordinated radio-frequency communications. Another project would work toward high-speed, wireless Web connections over long distances.
President Bush proposed $2.69 million to be spent on the demonstrations in fiscal 2008.
| |
|
Cyber Security
Cyber Threats To U.S. Agencies Abound, Experts Say
by Aliya Sternstein
With hackers constantly concocting new types of malicious software, government agencies are struggling to stay abreast of the latest threats, according to a report released Thursday by federal auditors.
One new trick that intruders are trying involves a covert form of "malware" called a rootkit. A rootkit remains dormant, invisible to the user and even the computer's operating system, while gaining access to information in the computer and any network connected to the computer.
"[T]he purpose of the rootkit is to jimmy the door or make a key to the house that no one else knows that you have, so you can gain entry," said Jim Butterworth, the director of incident response at Guidance Software, a computer investigation firm. "It's a significant threat to all government agencies."
While rootkits can be outwitted by users and sophisticated technical protections, including a tool offered by Guidance, agencies are not fully executing their defense strategies, according to a new report from the Government Accountability Office.
User training is critical to combating threats, Butterworth said. "A lot of times it is human error that results in an intrusion. It is accidental. ... It is unintentional."
He added that checking Web-based mail or surfing the Internet could open a computer to a rootkit. Thumb drives, too, can become conduits for malware. Butterworth urged agencies to mitigate the danger posed by removable devices by disabling USB ports on all employee computers, except ports used for required work-related purposes.
The 2010 decennial census, where household data will be collected by using handheld computers, presents a particular cyber-security challenge.
The census "is a nightmare," Butterworth said. "If you are going to hire armies of people to go hit the street, [do not give] them modems and virtual private network access to pump information back into the infrastructure. ... No Bluetooth, no Wi-Fi [wireless technologies]. Those are vulnerable."
He said the Census Bureau should focus on developing secure transmission mechanisms along the entire data route -- during collection, transfer, processing and archiving.
In discussing government-wide information security overall, Butterworth said he "would praise the agencies for being aware that the threat exists and taking steps to develop policies; I would criticize the agencies for understaffing, under-funding and not following through on policy enforcement. Policy without enforcement is useless."
In fiscal 2006, 21 of 24 major agencies cited weak information security controls, GAO noted. The underlying cause was a failure to fully implement agency-wide information security programs.
"Significant information security weaknesses continue to place federal agencies at risk," the report states. Until agencies carry out their information security programs, "federal data and systems will not be sufficiently safeguarded to prevent unauthorized use, disclosure and modification."
| |
|
Intellectual Property
Patent Experts Divided Over Merits Of Reform Plan
by Andrew Noyes
Long-awaited patent legislation introduced this week won praise from many in the high-tech sector, but critics said the identical House and Senate measures do not follow suggestions in a 2004 report that jumpstarted the congressional crusade to update U.S. patent laws.
The almost 200-page National Research Council guidebook and a similar report by the FTC issued a year earlier have been frequently cited as roadmaps for reform by lawmakers and industry lobbyists. They were routinely referenced at recent patent hearings.
The council's paper called for increased flexibility and reliability of the U.S. patent system. The current regime does not require a major overhaul, the report's authors wrote, but economic and legal strains make clear the need for change.
Ken Johnson, the senior vice president for the Pharmaceutical Research Manufacturers of America, whose group released a statement criticizing the bill, S. 1145 and H.R. 1908, claimed that key recommendations from the research council were not followed. PhRMA officials on Thursday refused to go public with specific problems they have with the bills.
Speaking for the Coalition for 21st Century Patent Reform, Procter & Gamble Vice President Steven Miller, also complained that much of the legislation does not follow the council's advice. The group is backed by his firm, as well as Eli Lilly, General Electric, Johnson & Johnson and more than 30 other companies.
Stanford University law professor John Barton, who helped auther the report, disagreed, saying he was "fundamentally happy" with the legislation. The bills' "first-to-file" provision, which would give priority to the first person to send a patent application for a technology to the Patent and Trademark Office, regardless of the invention date, is a major step toward international patent harmonization that his committee considers a priority.
Barton also cheered the legislation for its proposal to create a "second window" for challengers to disprove patent validity. He said the language is "aimed at preventing the really dumb patents," a problem that his panel worries is getting worse.
The section on "willful infringement," which would limit "treble damages" in patent disputes, is necessary, he said, but it would not go far enough to combat "patent trolls" who get patents only to seek licensing deals rather than develop products.
Fellow report author James Pooley, who is president-elect of the American Intellectual Property Law Association, said the willfulness language "is just what we had in mind." He said several other changes need to be made to get AIPLA's endorsement.
"Inequitable conduct" language, which would ban patent applicants from failing to disclose material information to PTO, needs to be part of the measures, Pooley said. Additionally, the proposed standard for apportionment of damages is an unwelcome shift away from earlier legislative proposals.
The council's recommendation for Congress to examine whether some research uses of patented inventions could be shielded from legal liability was ignored in the bill, Barton added. "It's a complex issue that we gave a complex answer to. Clearly, they weren't able to pull out a precise direction to proceed."
| |
|
Crime
Justice Scores Wins On Software And Music Piracy
by Andrew Noyes
The Justice Department on Friday announced a handful of software and music piracy enforcement actions at the U.S. district court in Alexandria, Va. Three accused individuals pleaded guilty to infringement charges, and another was sentenced to two years in prison, according to agency press releases.
Hew Raymond Griffiths, a 44-year-old British national living in Bateau Bay, Australia, pleaded guilty to criminal copyright-infringement charges in one of the first extraditions for an intellectual property offense. If convicted, he could get 10 years of jail time and a $500,000 fine.
Griffiths, who led one of the oldest and most renowned Internet software piracy groups, was transported from Australia to the United States in February. The defendant was part of a ring called DrinkOrDie that was responsible for pirating more than $50 million worth of content. Authorities dismantled the group in 2001 through raids in the United States and abroad.
In another case, Arthur Gomez, 25, of La Habra, Calif., and Sergey Ribiakost, 21, of Bardonia, N.Y., pleaded guilty to one count of conspiracy to commit copyright infringement. If convicted, they face up to five years in prison and $250,000 fines, Justice said.
Gomez and Ribiakost also were involved in the online piracy community as members of the pre-release music group Apocalypse Crew, one of several stealthy organizations that acted as "first providers" of much of the pirated music available on the Web, Justice said.
More than 40 members of the so-called "warez scene" have been convicted as part of Operation FastLink, an ongoing federal crackdown that began in 2004, officials said.
In the past five years, several crackdowns have led to 100-plus felony convictions for copyright-related crimes, officials said.
Justice also announced that the owner of a massive for-profit software piracy site was sentenced to 24 months in prison. Ronnie Knott, 36, of Salt Lake City, ran a business known as "Smart PC" and "CDBackups," which provided paid access to unauthorized software programs.
Subscribers paid as much as $125 per month for the service. Knott admitted that he collected about $20,000 in subscription fees until the FBI closed the site in May 2006. The defendant illegally reproduced software with a retail value of nearly $2.5 million, officials said.
| |
|
On The Hill
Lawmakers Introduce Slew Of Tech-Related Bills
by Theresa Poulson
As lawmakers examined an administration-backed proposal to expand the authority of the Foreign Intelligence Surveillance Act, senators introduced legislation that aims to reiterate FISA as the sole authority to permit domestic electronic surveillance.
That legislation, S. 1114, was among a large batch of technology-related measures introduced by lawmakers in the first week that both chambers of Congress were back from the annual spring recess. The other new bills are:
-- H.R. 1908 and S. 1145, long-awaited companion measures to overhaul the nation's patent system (see separate story);
-- H.R. 1867, which would reauthorize the National Science Foundation from fiscal 2008 to fiscal 2010. CongressDaily reports that a House Science and Technology subcommittee approved the bill by voice vote Thursday;
-- H.R. 1868, which would authorize National Institute of Standards and Technology programs from fiscal 2008 to fiscal 2010. A House Science and Technology subcommittee approved the bill by voice vote Thursday (see separate story);
-- H.R. 1930, which proposes reforms to the visa system for highly educated workers; (see separate brief in today's issue);
-- H.R. 1928, which calls for an NSF report on the under-representation of certain groups in science, technology, engineering and mathematics;
-- H.R. 1952, which would create a national health information infrastructure and increase tax deductions for the purchase of qualified healthcare technology by medical providers;
-- H.R. 1863, which would initiate a two-year program to test a mobile processing unit to perform certain services of the Veterans Affairs Department;
-- H.R. 1864, which would mandate the automated processing of veterans' disability compensation claims; and H.R. 1925, which would establish an services network for veterans in the Gulf Coast region;
-- H.R. 1893, which would require the inclusion of warning labels on Internet and catalogue advertising of certain toys and games;
-- S. 1123, which would require the Internal Revenue Service to simplify the system for small businesses to claim the new excise tax on toll telephone services; and S. 1124, which would establish a national, Internet-accessible filing system for federal tax liens;
-- S. 1133, which would exclude any electronically filed tax returns resulting in tax refunds distributed by refund anticipation loans from being counted toward congressionally mandated electronic-filing goals;
-- H.R. 1891, which would promote the development of disaster plans that consider citizen input;
-- And H. Res. 314, which would support the goals of World Intellectual Property Day.
| |
|
Today's Feature:
Executive Summary
This week's massacre at Virginia Tech in Blacksburg has cast an unflattering light on communications practices at college campuses but also has brought attention to disaster-response technologies that may thwart future tragedy.
Every Friday, read the Executive Summary by K. Daniel Glover.
|
|
|
|
E-briefs
Security: With Monday's shooting rampage at Virginia Tech University as a sobering backdrop, the FCC's "First Responders Summit," held Friday by the agency's Public Safety and Homeland Security Bureau, acquired a new sense of urgency. "We never know when or where the next crisis can happen," Democratic Commissioner Jonathan Adelstein said, emphasizing that the public-safety infrastructure must be "up to speed" nationwide. "Prompt communications save lives, and a delay of that information may lead to even more of a loss," said Republican Commissioner Deborah Taylor Tate, who called the Virginia shooting "historic." She said the massacre, in which 32 students were killed, underscores the critical importance of emergency communications. "This summit is especially poignant in the wake of the tragedies at Virginia Tech," said GOP regulator Robert McDowell, who addressed the event in pre-taped remarks. Panelists discussed emergency efforts by various states and federal agencies.
Broadband: A pair of congressmen from Massachusetts announced on Friday plans to write to Verizon Communications to urge the company to continue building high-speed Internet infrastructure in their home state. Verizon has suspended its efforts to secure a statewide video-franchising law in the Bay State. The company said the state's regulatory system could delay the expansion of its fiber-optic network there. Sen. John Kerry and Rep. Edward Markey, both Democrats, said they hope Verizon continues to invest in Massachusetts. "Verizon is investing in states from coast to coast, and I really would like to see that investment continue in Massachusetts," Kerry said in a statement. "I seriously hope that this is not part of some cynical bargaining effort by Verizon, and that the company will return to local communities and continue investing in this network."
Labor: Industry officials awaiting the availability of more visas for highly skilled workers are praising the introduction of separate stand-alone bills to boost the number of visas. The National Association of Manufacturers said a new House bill, H.R. 1930, would reform the visa system for highly educated foreign nationals, making it easier for manufacturers to hire and retain the best minds from around the world. "The manufacturing economy is reliant on innovation and highly educated professionals, particularly those with advanced degrees in science, technology, engineering and mathematics, which are critical to maintaining our competitive edge," NAM President John Engler said. A Senate companion measure, S. 1083, also was filed. The bills further would let graduates of U.S. universities stay in America and use their degrees.
E-Government: Starting Monday, hospital workers within the Veterans Affairs Department's health system will be able to retrieve the medical records of wounded soldiers in Afghanistan and Iraq with a VA version of an existing Defense Department patient-tracking tool. GovExec.com reports that the VA's adaptation of Defense's patient-tracking application will give clinicians access to soldiers' medical records from the battlefield and throughout every transfer point along the way to a VA hospital in Baltimore. Dr. Edward Huycke, the chief coordination officer with Defense at the VA, said the 154 hospitals and more than 800 clinics operated by the Veterans Health Administration will "absolutely" have the ability to obtain the same information found in the Defense system through the new Web-based VA application.
Health: European Union countries have adopted a declaration outlining their commitment to cross-border electronic health services. "We seek to ensure that, in the future, electronic health services for Europe's citizens do not stop at national borders. ... This not only serves the continuity of care but also affords safety in an emergency," Theo Schroder Klaus, the German state secretary at the Federal Ministry of Health, said in a statement. "We want to give patients access to their medical records and patient summaries from everywhere within the European Union," he said. "This not only serves the continuity of care but also affords safety in an emergency." EU nations and Iceland, Liechtenstein and Norway have committed to pursue cooperation on cross-border e-health services across Europe. The declaration recommends that common European e-health standards be established.
Environment: Two members of Congress from California are praising a large e-recycling event planned for Washington to celebrate Earth Day on Sunday. "E-waste is a serious threat to public health and the environment," Democratic Rep. Mike Thompson said. "Each year, about 100 million electronic devices become obsolete, and many of them are being thrown away in places where the toxic materials inside can leak into our soil and water." He said he is committed to creating a national e-waste policy. Republican Rep. Mary Bono agreed in a statement that said: "Our environment deserves a solution to the dramatic increase of waste generated by our ever-expanding use of technology. What we throw away is no longer just paper or milk cartons; it's keyboards, monitors, LCD screens, desktops, laptops, calculators and countless types of technologies that today we consider essential." Dell is co-hosting the free e-waste recycling event at Freedom Square in Washington.
Education: Starting this fall, many students at the University of Pennsylvania will have the option to use a customized version of Microsoft's Windows Live Mail for their e-mail accounts, the school announced Thursday. Penn had been in talks with Google and Microsoft to outsource e-mail accounts to either Google's Gmail service or Windows Live. Penn Live will host student e-mail accounts, as well as other communications tools, such as calendars, address books and social networks. E-mail accounts still will bear the university's upenn.edu ending. "We think that this is going to prove to be a good fit within the Penn environment," Associate Provost Andrew Binns said, "and we know from the input of our students that the features will meet their needs. We're excited about the prospect of being able to offer our students better tools for more effective communication and collaboration with their classmates."
Education: Moving on a widening scandal involving student-loan providers and college financial aid officers, Sen. Edward Kennedy on Friday requested information from officials at Widener University and Capella University, an online school offering undergraduate and graduate degrees. CongressDaily reports that Kennedy, a Massachusetts Democrat who is chairman of the Senate Health, Education, Labor and Pensions Committee, alleges that the officials may have been paid handsome sums by lending companies in exchange for business. On Wednesday, House Education and Labor Committee Chairman George Miller, D-Calif., demanded that Education Secretary Margaret Spellings impose a moratorium on preferred lender lists and "implement emergency reforms in the student-loan industry." Spellings said Tuesday that the department would temporarily bar lenders from accessing a database containing confidential information on 60 million students while the department investigated the possible misuse of the data.
|
|
|
President -- John Fox Sullivan, 202-739-8468
Editor in Chief -- Louis Peck, 202-739-8481
Editor -- K. Daniel Glover (bio)
Assistant Editor -- Theresa Poulson
Senior Writers -- David Hatch (bio), Heather Greenfield (bio), Andrew Noyes (bio) and Aliya Sternstein (bio)
Special Correspondent -- Chris Strohm (bio)
Staff Writer -- Michael Martinez
Senior Business Affairs Manager -- Chris Hamby
Business Affairs Associate -- Anne TeBeest
Advertising Sales -- Alex Treadway
National Journal's Technology Daily is published every weekday, except holidays, by National Journal Group Inc., 600 New Hampshire Avenue, NW, Washington, DC 20037.
| | ©2006 by National Journal Group Inc. All rights reserved. Reproduction or transmission in any form of this product by any means—from a retrieval service or any other electronic form or from a photocopy—in whole or part without permission is strictly prohibited.
National Journal Group makes no representations or warranties with respect to and is not responsible for the content of World Wide Web sites linked to by this publication but not controlled by National Journal Group.
Please read the details of our Privacy Policy.
Editorial: 202-266-7197
Fax: 202-266-7094
Subscription
Inquiries: 202-266-7264
Customer Service: 202-266-7230 or 1-800-207-8001
|
|
|
|
