October 2, 2014
Vol. 18, Issue 9
ACM Washington Update
ACM Washington Update recaps ACM’s initiatives in the U.S. technology policy arena monthly. Please forward this newsletter to friends and colleagues in the computing community. View more details on each item below, as well as on the blog. Follow USACM on Twitter and Facebook.
The Federal Communications Commission (FCC) is holding a series of roundtables on policy issues connected to its proposed rulemaking on the Open Internet.
The National Institute of Standards and Technology (NIST) held its second Privacy Engineering workshop in San Jose on September 15 and 16.
NIST presented its Draft Privacy Engineering Objectives and Risk Model in a webcast.
Federal agencies in the Networking and Information Technology Research and Development (NITRD) program will lead the development of a national privacy research strategy.
The Food and Drug Administraiton (FDA) will hold a workshop medical device cybersecurity and seeks public comment on the topic.
The U.S. Copyright Office has opened the petition process for the 2015 rulemaking on anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA).
to the top
The FCC will hold its sixth and final Open Internet Roundtable
on October 7. The FCC has been holding these staff-led roundtables to discuss policy issues related to the 2014 Open Internet Notice of Proposed Rulemaking
and the best approaches to regulatory requirements for fixed and mobile markets. The roundtable will be open to the public and will be streamed live.
The agenda, list of speakers, and video for each roundtable are posted on the individual event pages.
to the top
The National Institute of Standards and Technology (NIST), in coordination with the International Association of Privacy Professionals (IAPP), hosted the Second Privacy Engineering Workshop
on September 15-16 in San Jose, California. The workshop brought together legal experts, system designers, privacy engineers, and other privacy professionals from government, industry, academia, and civil society to discuss definitions, objectives, and the privacy risk model developed during the first workshop held in April. NIST is using feedback from this second workshop to help inform the drafting of an initial report on privacy engineering.
to the top
On Thursday, October 2, the National Institute of Standards and Technology (NIST) presented its draft (including a discussion deck
- Privacy Engineering Objectives and Risk Model
. The development of these materials has been informed by two Privacy Engineering workshops (
) that NIST co-hosted with the International Association of Privacy Professionals.
The focus of the Privacy Objectives and Risk Model is on protecting privacy in the course of unanticipated consequences of normal system behavior. Malicious actors and attacks can be mitigated through security procedures.
Part of the motivation for this document is to address communications gaps around privacy and the development of tools to measure the effectiveness of privacy practices. The objectives are not intended to describe a complete privacy risk management framework, as they are just one component of such a model. NIST intends to add more components over time, but is focused on the objectives and the risk model for now.
Comments are being taken on the draft objectives and risk model until October 15. Comments can be sent to firstname.lastname@example.org.
to the top
The White House Office of Science and Technology Policy has asked a steering group in the federal Networking and Information Technology Research and Development (NITRD) Program to lead development of a National Privacy Research Strategy. As part of this effort, there is a Request for Information
(RFI) seeking comment. Submissions (of no more than 20 pages) are due by October 17.
The call for such a research strategy is informed, per the RFI, from calls for additional research into privacy-enhancing technologies. The resulting strategy will include research objectives and a framework for organizing ideas to address those objectives. This framework is intended to encourage approaching privacy research questions from a multi-disciplinary perspective, including several disciplines in approaching privacy-enhancing technologies.
There are four main questions/topics in the RFI:
- Privacy Objectives
- Assessment Capabilities
- Multi-disciplinary Approach
- Privacy Architecture
to the top
The Food and Drug Administration (FDA) will hold aworkshop
on medical device cybersecurity on October 21 and 22 in Arlington, Virginia. Titled "Collaborative Approaches for Medical Device and Health Care Cybersecurity," the event is intended for a broad audience of stakeholders engaged in health care and public health. The workshop will be webcast, but if you are planning to attend in person, registration will close by 4 p.m. ET on October 14.
The FDA is looking for comments on a set of questions
connected to the workshop themes by October 7 and on any aspect of the workshop by November 24.
to the top
The U.S. Copyright Office is accepting petitions
for the triennial rulemaking proceedings to determine exemptions to the anti-circumvention prohibitions under the Digital Millennium Copyright Act (DMCA). The deadline for petitions is November 3.
To help enhance public understanding of the process and its evidentiary requirements, the U.S. Copyright Office has changed the procedures to lower the burden during the first step of submitting a petition. Parties still need to provide a statement on the requested proposed exemption, describing the specific class or category of copyrighted works, the technological protections measures that prevent access, the noninfringing uses that would be facilitated by circumvention, and how the inability to circumvent adversely affects proposed noninfringing uses. However, parties no longer need to submit the full legal and factual support with the initial petition.
Consistent with the Unlocking Consumer Choice and Wireless Competition Act enacted into law earlier this year, the Copyright Office will consider any proposal for a cellphone unlocking exemption. The Copyright Office invites proposals to expand the unlocking exemption to other wireless devices but urges parties to provide an "appropriate level of specificity," noting that the exemption may vary across the different types of wireless devices.
The U.S. Copyright Office will consider and consolidate the petitions before publishing the list of proposed exemptions and inviting submissions of legal and evidentiary support. All petitions will be posted online to allow parties to coordinate their efforts in later proceedings.
to the top
About Washington Update -- ACM Washington Update is produced by the ACM Public Policy Office. It highlights activities of the U.S. Public Policy Council of ACM (USACM), and the ACM Education Policy Committee (EPC) as well as other events in Washington that affect the computing community.
About USACM -- The U.S. Public Policy Council of ACM (USACM) is the focal point for ACM's interactions with U.S. government organizations, the computing community, and the U.S. public in all matters of U.S. public policy related to information technology.
About EPC -- The ACM Education Policy Committee engages policymakers and the public on public policy issues that relate to computing and computer science and the computing field.
Views expressed are not necessarily those of ACM. To send comments, please write to email@example.com.
To subscribe to ACM’s Washington Update newsletter, send an e-mail to firstname.lastname@example.org with “subscribe WASHINGTON-UPDATE “First Name” “Last Name” (no quotes) in the body of the message.
To unsubscribe, simply include the “SIGNOFF WASHINGTON-UPDATE” command in an email to email@example.com.
As an alternative, enter your email address at: http://optout.acm.org/listserv_index.cfm?ln=washington-update and we’ll remove you.
If in the future you’d like to re-subscribe, please enter your address at
You can also subscribe or unsubscribe by clicking the links on the right-hand column of the web edition of this newsletter.
to the top