Digital Discourse / Policy / Digital Policy Roundup

Administration releases latest cloud guidance, Cyber 2012 continues in Senate

February 7, 2012 By David LeDuc Leave a Comment

Today, GSA released its latest policy memo, a guidance document for agencies and cloud service providers, describing the general Concept of Operations (CONOPS) for the FedRAMP, the government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based services. The release of this guidance is timely, with GSA’s Dave McClure joining us at our Cloud/GOV Conference next Thursday.

In the Senate, indications this week are that the Homeland Security and Governmental Affairs Committee will hold a hearing next week on cybersecurity legislation. The legislation is still expected to be introduced later this week or early next, and drafts continue to circulate. While Majority Leader Reid signaled in late 2011 his intention for the Senate to consider legislation in this first legislative work period, it’s now clear that this will be pushed back slightly, at least until after the President’s day recess.

And the pressure will begin mounting on House and Senate negotiators to reach a deal to extend the payroll tax cut currently set to expire at the end of the month. Again, extension of the key technology industry R&D tax credit, as well as broader corporate tax reform, will be linked to these discussions, along with other critical “extenders.” The R&D tax cut has been expired since late 2011, on of 14 times it has been allowed to expire in its 30-year history.

Last week, SIIA submitted comments to the FTC in response to their request for input on facial recognition technology. In offering to work with the Commission as they map out an approach for making sure that the public is able to benefit from the further development and deployment of these innovative techniques while still preserving privacy, SIIA urged the to recognize that it has at hand a workable general framework for evaluating and considering the privacy implications of facial recognition technology.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Digital Policy Roundup, Policy Tagged With: ,

Busy Policy Week Taking Shape, and Some Key Stuff You Might Have Missed

January 31, 2012 By David LeDuc Leave a Comment

This week’s shaping up to be very busy. Particularly the calendar for Wednesday, featuring activity on issues ranging from mobile broadband, to cyber to digital learning (see full list in the calendar section).

Cybersecurity is headlining the week once again, as the Senate continues to move forward with all deliberate speed to finalize and introduce comprehensive cybersecurity legislation (still expected to be on the floor in the first half of February), while a key House Subcommittee will markup cybersecurity info. sharing legislation (H.R. 3674).

On the privacy front, the EC last week formally released its long-awaited proposal to comprehensively reform the EU’s 1995 data protection rules for online privacy. The proposal includes two legislative proposals setting out the Commission’s objectives: a Regulation setting out a general EU framework for data protection, and a Directive on protecting personal data processed for the purposes of prevention, detection, investigation or prosecution of criminal offences and related judicial activities. SIIA released a statement in response, highlighting our deep concerns and expressing our commitment to seek revisions to ease administrative burdens and make it easier for global companies to demonstrate compliance with the EU privacy regime.

Also, in the “you might have missed it” column, here’s a list of recent developments we’re tracking over the last couple weeks that should be of interest to many SIIA members:

IP:
Earlier this month, the PTO submitted two reports to Congress mandated by the recently passed patent reform legislation the “America Invents Act”: (1) the Prior User Rights Defense Study, which concludes that the AIA provisions are consistent with similar rights of major trading partners and that there is no evidence of a negative impact on innovation, and (2) the International Patent Protection for Small Business Study, which concludes that many small businesses may benefit from extending patent rights internationally, but few small businesses are aware of the need, and how to do this.

Standards:
On January 19th, the White House released a memo announcing “Principles for Federal Engagement in Standards Activities to Address National Priorities.” The memo is the result of a lengthy assessment by the NSTC Subcommittee on Standards, led by officials at NIST, OSTP and USTR re: the Government’s role in standards, which included outreach to SIIA and many of our member companies, and it follows a broader set of proposed recommendations released in October 2011.

China:
In December, official Chinese Government website sources reported that the Ministry of Industry and Information Technology (MIIT) issued its 12th Five Year Plan for the Software and Information Technology Services Industry, a document which describes the blueprint and goals for developing the software and IT services industry through direct funding mechanisms, 10 development ‘focus points,’ and 8 mega-engineering projects. Additionally, the plan calls for revenues from the domestic software and IT services sector to exceed 400B RMB, overall Y/Y growth of over 25%, and for exports to exceed 60B USD. MIIT has not released the plan to the public. For more information, please see SIIA Chinese partner USITO.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Digital Policy Roundup, Policy

Swirl of Activity Around Online Copyright Infringement Legislation as Congress Returns

January 18, 2012 By David LeDuc

As Congress heads back into session this week, substantial activity continues to swirl around legislation to curb online copyright infringement. The Administration announced a position on legislation, indicating that it had reservations on provisions that would impose DNS blocking, but committing to passage of legislation this year. Senator Patrick Leahy (D-VT) and Representative Lamar Smith (R-TX), lead sponsors of the legislation, last week announced that they would be dropping DNS blocking from the House and Senate versions of the bill, but indicated that they wanted to press forward with the modified legislation.

Lamar Smith said that the markup on the legislation would resume in his House Judiciary Committee in early February. Meanwhile, Representative Bob Goodlatte (R-VA), Internet Caucus co-chair and a key supporter of the legislation, indicated yesterday in his remarks at the State of the Net Conference that any successful legislation would have to have buy-in from both content and tech companies and suggested bringing the sides together to negotiate their differences. Also last week, a group of Republican Senators wrote to Majority Leader Harry Reid asking that the legislation not be brought up for a procedural vote when the Senate returns next week, citing the need to examine the effect of the bill on cybersecurity. As of January 18, however, the bill remained on the Senate schedule for a procedural vote on January 24.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Anti-Piracy, Digital Policy Roundup, Policy Tagged With: ,

2012 Starts with a Flurry of Tech Policy

January 11, 2012 By David LeDuc Leave a Comment

Happy New Year. 2012 is starting out much like 2011 ended, with a flurry of tech policy activity, particularly in the U.S. Senate. Majority Leader Harry Reid (D-NV) has scheduled a key procedural vote on the PROTECT IP Act for Jan. 24, the second day the body will be in session for the new year.

Following that, Reid has also indicated that consideration of comprehensive cybersecurity legislation is also one of his top priorities for the first work period, even though draft legislative language was just made available in mid-December. And with the House scheduled to return a week before the Senate, it’s possible, if not likely that Judiciary Chairman Lamar Smith (R-TX) will proceed with the Committee markup of SOPA. Needless to say, the next couple weeks are going to be busy!

Also on the horizon, ICANN will begin accepting applications for new gLTDs on Thursday (January 12) despite continued objections from some members of Congress and some industry groups. The Coalition for Online Accountability, including SIIA, has recently met with NTIA leadership and the IP Enforcement Coordinator, to discuss the role of the U.S. government in curbing potential abuses of new gTLDs.

Following up on the launch of FedRAMP in December, the Administration last Friday released baseline security controls for cloud providers. Consistent with previous indication from GSA officials, these are significantly reduced from the draft controls made available about a year ago, to which SIIA and many cloud providers expressed significant concerns. GSA has reiterated that this will be an evolving list, but there is no further formal opportunity for comment.

And right before the Holidays, SIIA submitted comments to the FTC regarding their proposed revisions to the Children’s Online Privacy Protection Act (COPPA) Rule. While we expressed our support for several of the FTC’s conclusions, such as preservation of the current definition of a “child” and the “actual knowledge” standard, SIIA raised concerns regarding several of the proposals, including the proposed significant expansion of the definition of “personal information,” elimination of the “e-mail plus” method for notice and consent and various other changes.

SIIA also recommends some new approaches to accommodate new methods of notice and consent and encourages the Commission to take steps to ensure that it is applied as efficiently as possible with respect to school-based educational partners and other providers of educational materials and services.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Digital Policy Roundup, Policy Tagged With: ,

SOPA Markup On, then Off Again

December 20, 2011 By David LeDuc Leave a Comment

On again, off again. That’s been the story with the ongoing markup of the Stop Online Piracy Act (SOPA, H.R. 3261). When it appeared last Friday that the House would be in session all week, House Judiciary Committee Chair Lamar Smith (R-TX) announced that he intended to continue with the Cmte. consideration on Wednesday morning. The latest word from the Cmte. is that the markup is off, as the House goes into recess awaiting a possible conference cmte. on the tax bill.

The Judiciary Cmte. SOPA process began last Monday when Chairman Lamar Smith circulated a manager’s amendment that brought the House bill more in line with its Senate counterpart, the PROTECT IP Act (S. 968). During a lengthy markup on Thursday and Friday, the Cmte. adopted several amendments but rejected the vast majority. It came to an abrupt end when the Cmte. adjourned on Friday without deciding on whether to send the bill to the House floor. So for now (right now), it looks like the markup is off, in which case the Cmte will pick this up next year when they return in 2012, but stay tuned.

Speaking of PROTECT IP, Sen. Maj. Leader Harry Reid (D-NV) announced this weekend his intent to hold a cloture vote on the motion to proceed on the Act on Jan. 24th. The fate of that vote is uncertain, as Sen. Ron Wyden (D-OR) has promised a filibuster and his plans to put forward a Senate companion to the Open Act introduced in the House several weeks ago.

And the federal R&D tax credit, which looked like it may have a small glimmer of hope if the House and Senate entered into larger negotiations on taxes for a one year package, is currently set to expire at year-end due to lack of congressional action. Assuming this doesn’t happen — and the odds are highly stacked against it — Senate Finance Chairman Max Baucus (D-MT) last week vowed to consider a retroactive package of extenders in early 2012.

So, looking forward to 2012, the schedule for January will be VERY full of key tech issues. In addition to the Sen. focus on the tax extenders, and PROTECT IP, Maj. Leader Reid announcement weeks ago that cybersecurity will be early on the docket. Also in January, we’re likely to finally see the release of the Administration’s privacy report in early 2012 and the EU draft revisions to the data directive will be officially released. Enjoy the Holidays, we’ll see you in the New Year.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

 

Share|
Filed Under: Digital Policy Roundup, Policy Tagged With: ,

Judiciary Presses Forward with SOPA; White House Unveils IT Reforms

December 13, 2011 By David LeDuc Leave a Comment

December continues to be anything but a slow month in Washington. Yesterday, House Judiciary Cmte. Chairman Lamar Smith (R-TX) confirmed his plans to markup the Stop Online Piracy Act (SOPA, H.R. 3261). In addition to scheduling the markup, Smith released a revised version of the bill that reflects weeks of working closely with stakeholders and other members “to strengthen the bill and address legitimate concerns from groups who are interested in working with Congress to combat foreign rogue websites.” Changes to the revised bill as highlighted by Committee staff include: elimination of the redirection clause for infringing websites, orders for an interagency report on the domain name system, addition of a new clause to relieve Web firms of monitoring sites, and clarification of the definitions re: which sites and companies are covered.

Last week, Federal CIO Steve VanRoekel made several important announcements regarding ongoing efforts to reform federal IT and embrace cloud computing. In what he characterized as a “year of change in Federal IT,” VanRoekel declared that “cloud computing has become an integral part of the government’s IT DNA,” and made the following announcements:

1. Released a memo to formally establish FedRAMP (the Federal Risk and Authorization Management Program), a long-anticipated program intended to reduce the duplicative efforts, inconsistencies and cost inefficiencies when assessing and authorizing cloud systems.
2. Released the Shared Strategy Memo to provide the roadmap for agencies to increase use of shared solutions through leveraging tools to do more with less, in accordance with the cloud-first policy and cloud migrations under the IT Reform plan.
3. Released the TechStat Report highlighting tools and practices for agencies to turn around or terminate failing projects at the agency-level.

And tomorrow, the House Energy and Commerce Sbcmte. on Communications and Technology has scheduled a hearing to air concerns by the growing list of U.S. lawmakers regarding the pending roll-out of ICANN’s Top-Level Domain Name Program. This hearing follows a similar one by the Senate Commerce Committee last week where Chairman Jay Rockefeller (D-WV) and other Cmte. members warned ICANN officials to proceed with caution and head their voices of concern.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Anti-Piracy, Cloud Computing, Digital Policy Roundup, Policy Tagged With: , ,

ICANN in Senate Cmte. Crosshairs, EU Readying Release of Draft Data Directive

December 7, 2011 By David LeDuc Leave a Comment

This Thursday, December 8th, the Senate Commerce Committee will hold a hearing regarding ICANN’s Expansion of Top Level Domains. The purpose of the hearing is to examine the merits and implications of ICANN’s new gTLD program that is set to roll out in January 2012 and ICANN’s continuing efforts to address concerns raised by the Internet community regarding new gTLDs.

Not withstanding the hearing, there is no indication that the new gTLD application window of January 2012 to April 2012 is likely to change.  SIIA has provided a briefing for members on the potential impacts of the gTLD expansion, if you have not seen it, you can access it here.

Today, Cybersecurity Subcommittee Chairman Dan Lungren (R-CA) held a hearing on his draft information sharing cybersecurity legislation to create a nonprofit called the National Information Sharing Organization. It would serve as a national clearinghouse for sharing information about cyberthreats among the federal government, operators of critical infrastructure, state and local governments and the private sector.

This follows last week’s approval of a new cybersecurity information sharing bill by the House Intelligence Committee to allow the government and private companies to share information about electronic threats and attacks. Private entities would participate on a voluntary basis and would receive significant liability protections in return. There are significant differences between the measures, which Chairman Lungren has characterized as “complimentary.”  Neither of the bills are likely to receive a vote in the House before 2012.

The European Commission has sent their draft review of the European Data Protection Directive privacy though an inter-services consultation process.  This process will end on December 9th. The draft review document will be officially released to the public later – most likely in January, perhaps on January 25th or so to coincide with Data Protection Day. Draft copies may be informally available at some point before that.

And on the IP front, indications are still that House Judiciary Chairman Lamar Smith still plans to proceed with a markup of SOPA on Wednesday, Dec. 14th.  Stay tuned on that one.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Digital Policy Roundup, Policy
« Older Posts
CmTr