September 16, 2015
Vol. 19, Issue 7
ACM Washington Update
ACM Washington Update recaps ACM's initiatives in the U.S. technology policy arena monthly. Please forward this newsletter to friends and colleagues in the computing community. View more details on each item below, as well as on the blog. Follow USACM on Twitter and Facebook.
- USACM submitted comments to NIST on a draft privacy risk management framework for federal information systems.
- President Obama established a National Strategic Computing Initiative for high-performance computing.
- The FTC is accepting presentation proposals on privacy and security research for PrivacyCon 2016.
- NTIA will hold the next drone privacy multistakeholder meeting on September 24.
- NTIA will hold the first cybersecurity multistakeholder forum on vulnerability research disclosure on September 29.
- NIST is accepting public comments on U.S. participation in international cybersecurity standards.
- Nominations for the inaugural ACM Policy Award are due by November 30.
- The inaugural ACM/CSTA Cutler-Bell Prize in High School Computing challenges U.S. high school seniors to develop innovative solutions using their knowledge of computer science.
- In Memoriam: Joseph Traub, a computing pioneer and widely recognized leader in U.S. science policy and computing education.
to the top
USACM submitted comments to the National Institute of Standards and Technology (NIST) on the draft report, Privacy Risk Management for Federal Information Systems. USACM supports NIST's efforts to define a framework to help manage growing privacy risk in the processing of personal information in federal information technology systems. Introducing a privacy risk management framework can provide continuity across the government sector, its service providers, and those in the private sector who may consider adopting the framework.
Among the comments, USACM recommends that NIST consider providing additional discussion of the interrelationship of privacy risk management with the other risks that federal agencies manage. Many privacy risks are interdependent with other types of risks, data actions, and processes. Ideally, the framework would describe how these work in tandem to address risk comprehensively.
USACM looks forward to participating in NIST's ongoing efforts to help federal agencies better manage their privacy risks through sound privacy policies and practices.
to the top
President Obama signed an Executive Order establishing the National Strategic Computing Initiative to ensure the U.S. remains on the leading-edge of research, development, and deployment of high-performance computing.
This government-wide strategic plan provides a framework for policy and funding priorities to increase U.S. leadership in computing power by leveraging the strengths of government, industry, and academia. It encourages holistic approaches to capacity building of both computing technology and talent.
The long-range plan provides five strategic themes:
The White House Office of Science and Technology Policy (OSTP) and the Office of Management and Budget (OMB) will co-lead an inter-agency Executive Council responsible for establishing, reviewing, and updating an implementation plan.
- Deliver exascale computing systems that can apply exaflops of computing power to exabytes of data
- Stay on the forefront of high-performance computing capabilities for important applications, particularly in modeling, simulation, and data analytics
- Establish a path for viable underlying hardware technology as successors to current semiconductor technology
- Support new approaches to improving application developer productivity in high-performance computing
- Develop sustainable public-private collaborations
to the top
The FTC invites presentation proposals on consumer privacy and security issues in the commercial sector for a privacy conference, PrivacyCon, to be held on January 14 in Washington, D.C. The conference is intended for security researchers, academics, industry representatives, consumer advocates, and regulators. The event will be free and open to the public.
The FTC is particularly interested in expert panel and research presentation proposals that address research and trends related to de-identification, drones, big data, security by design techniques, new vulnerabilities, the Internet of Things, smart homes, voice-activation, and health/fitness apps and devices.
Participants will discuss the latest policy initiatives, ways to further collaboration between researchers and policymakers, and practical steps for companies and consumers to take to safeguard sensitive data.
Proposals are due by October 9.
to the top
The National Telecommunications and Information Administration (NTIA) will convene the second meeting of the multistakeholder process on drone privacy, transparency, and accountability on September 24. Stakeholders will continue discussions of how to organizationally and substantively approach important privacy issues related to the use of drones, known as unmanned aircraft systems (UAS).
A key goal of the meeting will be to identify and prioritize topics for the group to develop "best practices." At the first meeting last month, NTIA reinforced that the goal is to identify best practices rather than enforceable codes of conduct. Among the proposed priority topics for the group to consider are notice and choice, de-identification, and data security.
Along with deciding on prioritized topics, the group will discuss an anticipated work plan to address responsibilities and a timeline for critical actions. Suggestions from the first meeting included creating a charter to guide the multistakeholder action, establishing working groups, and sharing information through additional briefings.
President Obama called for the initiation of this multistakeholder process to promote the responsible commercial and private use of drone technology and to develop a framework that considers the implications for privacy, civil rights, and civil liberties.
NTIA will hold two additional meetings this year on October 21 and November 20. NTIA also is considering future briefings on privacy law. All the meetings will be held in Washington, D.C. The meetings will be webcast. NTIA will post the agenda and additional information in advance of the meetings.
to the top
The National Telecommunications and Information Administration (NTIA) will hold the kickoff meeting for the new cybersecurity multistakeholder process on vulnerability research disclosure on September 29 at the University of California, Berkeley, School of Law. The process aims to establish stakeholder consensus about high-level principles that will promote better collaboration among security researchers, vendors, and owners of products.
"The question of how vulnerabilities can and should be disclosed will be a critical part of the discussion, as will how vendors receive and respond to this information," NTIA says in the meeting announcement. "However, disclosure is only one aspect of successful collaboration."
The objectives of the first meeting are to:
The meeting will be open to all interested parties. Pre-registration to attend in person or to watch the live webcast is strongly encouraged.
- Explore how vulnerability information is shared, received, and resolved
- Review perceived challenges in successful collaborations
- Identify and discuss which high-priority substantive issues could be acted on by the group
- Discuss logistical issues and the creation of working groups
- Identify concrete goals and work plans
to the top
The National Institute of Standards and Technology (NIST) is accepting public comments on a new interagency report advocating U.S. participation in international cybersecurity standardization.
The report identifies four interrelated strategic objectives: (a) enhance national and economic security and public safety, (b) ensure standards and assessment tools are technically sound, (c) facilitate international trade, and (d) promote innovation and competitiveness.
The report provides eight recommendations on how to foster public-private cooperation, domestically and internationally, and how agencies can participate in international standards development. (1) ensure U.S. government coordination, (2) promote U.S. government participation in cybersecurity standards development, (3) develop timely and technically sound standards and assessment schemes for cybersecurity, (4) leverage public-private collaboration in cybersecurity standards development, (5) enhance international coordination and information sharing, (6) support and expand standards training for federal agencies, (7) develop international cybersecurity standards that minimize privacy risk, and (8) use relevant international cybersecurity standards to achieve policy objectives.
Comments are due by September 24.
to the top
ACM is accepting nominations for the inaugural ACM Policy Award to honor the contributions of an individual, or a small group, who has had a significant impact on the formation or execution of public policy related to computing. The award is accompanied by a $10,000 prize.
The achievement must represent a major policy innovation or a significant ongoing engagement that has had broad influence on computing policy. If a small group is being nominated, the information must describe why these particular individuals should be recognized.
ACM Policy Award nominations must be received by November 30.
to the top
The new ACM/CSTA Cutler-Bell Prize in High School Computing challenges high school seniors in the United States to develop innovative solutions using their knowledge of computer science. Four winners will each be awarded $10,000 and a trip to an awards reception.
Submissions should demonstrate ingenuity, complexity, relevancy, originality, and a desire to further computer science as a discipline. Students should be prepared to describe what the project is, how it was created, and why it is relevant.
The prize is named for David Cutler and Gordon Bell. Cutler is a software engineer, designer and developer of several operating systems including Windows NT at Microsoft and RSX-11M, VMS and VAXELN at Digital Equipment Corporation. He is Senior Technical Fellow at Microsoft. Bell is an electrical engineer and an early employee of Digital Equipment Corporation where he led the development of VAX. He is now a researcher emeritus at Microsoft Research.
Submissions are due by January 1, 2016.
to the top
Computing pioneer Jospeh Traub passed away on August 24. ACM recognized him as an ACM Fellow in 1994 for his research on information-based complexity and parallel computing, for his contributions to U.S. science policy, and for his leadership in computing education.
Traub founded the Computer Science and Technology Board (CSTB) of the National Research Council of the National Academy of Sciences, serving as its chair 1986-1992 and again 2005-2009. The CSTB provides independent advice to the federal government on technical and public policy issues relating to computing and communications.
He headed the Computer Science Department at Carnegie Mellon University in the 1970s and then founded the Computer Science Department at Columbia University. He was an external professor at the Santa Fe Institute.
In a 2011 interview published in ACM's Ubiquity magazine, Traub described four issues for the future of computing: (1) networking and computing scaling, particularly in the post-Moore's Law era, (2) information-based complexity and how "when the technology changes, or might change, that alters what algorithms are permitted," (3) cybersecurity as only becoming "still more important," and (4) the vital need for more students to study computer science because "the key to the country's future is innovation."
to the top
About Washington Update - ACM Washington Update is produced by the ACM Public Policy Office. It highlights activities of the ACM U.S. Public Policy Council (USACM) and the ACM Education Policy Committee (EPC), as well as other events in Washington that affect the computing community.
About USACM - The ACM U.S. Public Policy Council (USACM) is the focal point for ACM's interactions with U.S. government organizations, the computing community, and the U.S. public in all matters of U.S. public policy related to information technology.
About EPC - The ACM Education Policy Committee (EPC) engages policymakers and the public on public policy issues that relate to computer science and computing-related education, including the importance of high-quality education at all levels to the labor market and the economy.
Views expressed are not necessarily those of ACM. To send comments, please write to firstname.lastname@example.org.
To subscribe to ACM’s Washington Update newsletter, send an e-mail to email@example.com
with "subscribe WASHINGTON-UPDATE "First Name" "Last Name" (no quotes) in the body of the message.
To unsubscribe, simply include the "SIGNOFF WASHINGTON-UPDATE" command in an email to firstname.lastname@example.org
If in the future you would like to re-subscribe, please enter your address at
You can also subscribe or unsubscribe by clicking the links on the right-hand column of the web edition of this newsletter.
to the top