November 6, 2014
Vol. 18, Issue 10
ACM Washington Update
ACM Washington Update recaps ACM’s initiatives in the U.S. technology policy arena monthly. Please forward this newsletter to friends and colleagues in the computing community. View more details on each item below, as well as on the blog. Follow USACM on Twitter and Facebook.
USACM submitted comments to the Networking and Information Technology Research and Development (NITRD) program on a National Privacy Research Strategy.
In its comments to the National Institute of Standards and Technology (NIST) on experience with the Cybersecurity Framework, USACM focused on the Roadmap supporting that Framework.
In a press statement before the mid-term elections, USACM re-emphasized the role of technology in voting.
The U.S. Patent and Trademark Office and NIST will host a meeting on cybersecurity and patents in Silicon Valley on November 14.
to the top
In October, USACM submitted comments
in response to a Request for Information
from the Networking and Information Technology Research and Development (NITRD) program on a National Privacy Research Strategy
. Specifically, NITRD asked for input on the privacy objectives that would inform the strategy. The strategy will emphasize "research directions for privacy-enhancing technologies, designs, and methods to enable privacy-preserving information systems."
USACM's comments outlined several scenarios that highlight privacy issues that would benefit from additional research. The comments also recommended including more than one paradigm for evaluating privacy research results. Focusing on one privacy paradigm (such as economic privacy) to the exclusion of others (like privacy as autonomy) would provide a limited view on the value of research questions and the results of privacy research.
USACM encouraged the use of multi-disciplinary approaches to privacy research questions. It also recommended new training for computer science researchers, so that they can better understand how end users experience privacy. Additionally, USACM noted that it's important to address both software architecture and enterprise architecture.
This Request for Information was the first part of the development of the National Privacy Research Strategy, a process likely to take a few months. There may be additional opportunities to comment once NITRD has developed a draft or preliminary research strategy.
to the top
As part of its work on the Cybersecurity Framework
(Framework), the National Institute of Standards and Technology (NIST) sought comments
from stakeholders on their experiences with it. USACM has followed the development of the Framework since the 2013 Executive Order
that required it. We submitted comments on a preliminary outline of the Framework back in April 2013
. Our latest comments re-emphasized a point of our April 2013 comments - the need to minimize the amount of information disclosed.
In our comments, USACM focused on the Roadmap
that supports the Framework. The Roadmap identifies areas for alignment, collaboration, and development that would assist parties in implementing the Framework. USACM identified areas in the Framework that could inform each other, such as Technical Privacy Standards and Data Analytics. Additionally, the comments identified autonomous devices (items like a smart meter that rely on networking to function) as an area that should be a priority. As they can be used in sectors like energy and health care, they could qualify as critical infrastructure.
to the top
Before the mid-term Congressional elections, USACM released a statement
to emphasize the importance of voting technology in elections. It echoes past statements from USACM on voting, including its 2013 remarks
to the Presidential Commission on Election Administration. In the statement USACM outlines seven principles needed to effectively protect the accuracy and impartiality of elections:
- Reliability: Minimize the chances of failures and ensure the success of holding elections for which citizens trust results, whether or not they supported the outcome.
- Responsiveness: Ensure that voters can register, vote, and be notified of results within the time limits required by the system.
- Security: Prevent the insertion of users or votes into the system, the removal of votes, or the determination of vote content by unauthorized personnel.
- Privacy: Protect the identities and votes of system users.
- Auditing: Allow ballots to be recounted accurately and without revealing voters' individual choices.
- Accessibility: Ensure that voting systems, including voting technologies, are accessible and usable for every citizen throughout the voting process.
- Usability: Ensure validated design of paper and electronic ballots so users can confidently record their intent.
USACM continues to recommend that voting systems:
- Embody careful engineering, strong safeguards, and rigorous testing in both their design and operation;
- Enable each voter to inspect a physical (e.g. paper) record to verify that his or her vote has been accurately cast, and to serve as an independent check on the results produced and stored by the system; and
- Make stored records permanent to enable an accurate recount of the vote.
to the top
The U.S. Patent and Trademark Office (USPTO), in partnership with the National Institute of Standards and Technology (NIST), will host the first multistakeholder Cybersecurity Partnership Meeting Cybersecurity Partnership Meeting
on November 14 in Menlo Park, California. The public meeting will focus on the intersection of cybersecurity with intellectual property, with a particular focus on patents. The event is open to the public, but space is limited. Requests to attend in person must be submitted by November 10. A live webcast will be available.
USPTO Deputy Director Michelle Lee will provide opening remarks. USPTO Technology Center Director Nestor Ramirez will provide an overview of cybersecurity patent initiatives, the internal workgroup that examines computer and network security patent applications, and computer security patent application statistics. USPTO Legal Advisor Michael Cygan will team up with Symantec's Senior Director for IP in the Legal Department, Angela Ziegenhorn, to provide an overview of what the recent U.S. Supreme Court decision in Alice Corp. v. CLS Bank
means for the patent eligibility of software and other cybersecurity-related inventions and the updated examiner guidance on subject-matter eligibility.
NIST Computer Security Division Group Manager Kevin Stine will present on the voluntary NIST Cybersecurity Framework
and outcomes from the 6th Cybersecurity Framework Workshop, October 29-30 Cybersecurity Framework Workshop, October 29-30
. The Cybersecurity Framework, initially released in February 2014, identifies methodologies, standards, guidelines, and industry best practices to address cyber risks.
The day will conclude with an hour-long open discussion with the speakers. Attendees will be able to ask questions and provide input. Attendees might want to consider sharing their thoughts on gaps that need addressing to promote network security and overall cybersecurity, ways to improve patent claim clarity, and topics for future Cybersecurity Partnership meetings.
The confirmed list of additional speakers includes:
- Mohammad H. Qayoumi, President of San Jose State University and member of the Department of Homeland Security Academic Advisory Council
- David Kinsinger, Vice President and Chief Patent Counsel at L-3
- John Vandenberg, Partner at Klarquist Sparkman
Requests to attend in person must be submitted by November 10. For additional information and to access the live webcast on November 14, visit the Cybersecurity Partnership Meeting website
to the top
About Washington Update -- ACM Washington Update is produced by the ACM Public Policy Office. It highlights activities of the ACM U.S. Public Policy Council (USACM) and the ACM Education Policy Committee (EPC), as well as other issues and events in Washington that affect the computing community.
About USACM -- The ACM U.S. Public Policy Council (USACM) is the focal point for ACM's interactions with U.S. government organizations, the computing community, and the U.S. public in all matters of U.S. public policy related to information technology.
About EPC -- The ACM Education Policy Committee (EPC) engages policymakers and the public on public policy issues that relate to computer science and computing-related education, including the importance of high-quality education at all levels to the labor market and the economy.
Views expressed are not necessarily those of ACM. To send comments, please write to firstname.lastname@example.org.
To subscribe to ACM’s Washington Update newsletter, send an e-mail to email@example.com with “subscribe WASHINGTON-UPDATE “First Name” “Last Name” (no quotes) in the body of the message.
To unsubscribe, simply include the “SIGNOFF WASHINGTON-UPDATE” command in an email to firstname.lastname@example.org.
As an alternative, enter your email address at: http://optout.acm.org/listserv_index.cfm?ln=washington-update and we’ll remove you.
If in the future you’d like to re-subscribe, please enter your address at
You can also subscribe or unsubscribe by clicking the links on the right-hand column of the web edition of this newsletter.
to the top