Digital Discourse / Software / Government

This week in the Federal Cloud: May 13-18

May 18, 2012 By

There was big news in cloud this week with the announcement by GSA on May 14th of the first certified 3rd Party Assessment Organizations (3PAOs). The initial 3PAOs include a federal agency (DOT Enterprise Service Center), SRA International, and a number of small to mid-size companies specializing in FISMA certification. The 3PAOs are an integral part of the FedRAMP process so this action represents a major step forward for the FedRAMP program and vendors wishing to go through the FedRAMP process can now hire one of these approved 3PAOs to assess the security of their system. The link below will take you to GSA’s list of accredited 3PAOs.

Also this week, we began to get some clarity around the role of industry in the shared services initiative, with public comments from OMB Officials about how the strategy will be implemented and what role industry and government shared service providers will play in the initiative. According to OMB, they are not distinguishing public and private sector service providers. Read more from Federal News Radio.

Michael Hettinger is VP for the Public Sector Innovation Group (PSIG) at SIIA. Follow his PSIG tweets at @SIIAPSIG.

Share|
Filed Under: Government, Policy, Policy - Cloud Computing, PSIG, Software Tagged With: , ,

Lorraine Landfried, Deputy CIO for Product Development at VA to speak to SIIA Public Sector Group

May 16, 2012 By

Lorraine Landfried

As part of its ongoing Executive Roundtable Series, SIIA will host Lorraine Landfried, Deputy CIO for Product Development at the Department of Veterans Affairs for a roundtable discussion on the latest developments around IT enhancement and strategy within VA.

In her role at VA, Landfried facilitates all IT development activities, including planning and oversight of the IT projects supporting the Secretary’s 16 major initiatives.

The roundtable will be the first executive discussion before SIIA’s new Public Sector Innovation Group, a newly created division of SIIA comprised of innovative software and IT services firms seeking to take advantage of the evolving Federal investment in Cloud-related technologies.

The event is open to all SIIA members and invited guests. Please contact Mike Hettinger for more information.

Event details:
What: SIIA Public Sector Innovation Group Executive Roundtable
When: May 24, 2012, 11:00am
Where: SIIA Offices, 1090 Vermont Avenue, Suite 600, Washington, DC

Michael Hettinger is VP for the Public Sector Innovation Group (PSIG) at SIIA. Follow his PSIG tweets at @SIIAPSIG.

Share|
Filed Under: Government, Policy, Policy - Cloud Computing, PSIG, Software Tagged With: , ,

TPP Negotiators Discuss IP and Cross Border Data, OMB/NIST Talk Standards Reform, FTC MySpace Settlement Keys on Syncing and Cyber Continues to Slip in Senate

May 15, 2012 By

TPP Negotiators Convene in Dallas
Negotiators for the nine countries committed to a Trans-Pacific Partnership trade agreement met in Dallas starting on May 8 for a new round of discussions aimed at opening trade and encouraging investment among the countries that border the Pacific Ocean. SIIA had a presence at the stakeholder event held by the US Trade Representative (USTR) on May 12, which allowed interested parties to interact directly with the negotiators working on their issues. SIIA is supported a TPP agreement that would contain strong copyright enforcement provisions, measures to protect trade secrets and prevent the disclosure of software source code, and provisions allowing the cross-border flow of information and prohibiting mandated localization of cloud computing servers. A significant development at the discussions was the suggestion from several countries that some of the provisions of the Anti-Counterfeiting Trade Agreement (ACTA) be substituted for the corresponding provisions in the US proposal on intellectual property. In addition, some countries raised privacy objections to the US proposal on cross-border data flows.

OMB Workshop on Voluntary Consensus Standards

Today, NIST hosted an OMB workshop on Federal Participation in the Development and Use of Voluntary Consensus Standards. The workshop explored agency experiences in the implementation of OMB Circular A-119, public and private sector discussion regarding challenges associated with referencing private sector standards in federal regulations and industry case studies from their perspective on federal use of private sector standards and conformity assessment mechanisms. The Workshop is another step in an ongoing exploration of the Government’s participation in standards development, including a recent Federal Register Notice requesting public comment on whether or not OMB should consider supplementing the existing OMB Circular A-119, a memo earlier this year and proposed policy recommendations in October 2011.

FTC Settlement with MySpace has Implications on Syncing
On May 8, the FTC released a settlement with MySpace that has implications for companies that synchronize (“sync”) or link data through unique identifiers. The FTC charged that MySpace broke its privacy promises to consumers by making it possible for an ad network to connect MySpace’s user identifier with the ad network’s own user identifier . As a result, the two data bases of user information could be merged into a single record. In his post on the topic, the FTC’s chief technology officer, Ed Felton, issued a general warning to firms in this area: “If your product syncs pseudonyms or identifiers with third parties, or makes such syncing possible, you might want to ask yourself which information flows, if any, are enabled by the syncing, and whether those information flows are consistent with your privacy obligations.”

Cyber Continues to Slip in Senate
Senate leaders recently confirmed that consideration of comprehensive cybersecurity legislation will not take place this month, but they’re still hopeful this will now happen in June. Additionally, a planned bipartisan discussion among key Senators that was originally scheduled for today has also been pushed back to next week. These most recent setbacks follow major substantive opposition revealed last week when a coalition of civil-liberties groups urged the Senate to reject the legislation because it would allow military spy agencies to gain access to people’s personal information.

ICANN Announces Date to Reopen Applications
The latest from ICANN is that they are targeting May 22 to reopen its application system for new Web gTLDs, with the anticipated new deadline for submitting applications to be May 30.

For SIIA policy updates including upcoming events, news and analysis, subscribe to SIIA’s weekly policy email newsletter, Digital Policy Roundup.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Digital Policy Roundup, Government, Policy, Software

SIIA Submits Testimony to Congressional Forum on Information Technology

May 15, 2012 By

Last Friday, Representatives Elijah Cummings (MD) and Gerry Connelly (VA) hosted a Congressional Forum on Information Technology at the Fairfax County, Virginia Government Center to review government’s efforts to leverage innovative technology to reduce cost and improve citizen services. The forum featured testimony from Federal CIO Steven Van Roekel, as well as industry representatives including SIIA Public Sector Innovation Group Board Member, David Mihalchik of Google. SIIA was pleased to have been asked by the Members to provide testimony for the record.

SIIA’s testimony focused on the important transformative benefits of cloud computing – economic growth, choice and lower cost — and encouraged Congress to consider these when looking at cloud computing. We also highlighted the key security benefits that can be realized by implementing cloud computing, discussed the importance of the 25 Point Plan to Reform Federal IT, and explored the inter-relationship between Cloud First, FedRAMP, the Shared Services Strategy and the Federal Data Center Consolidation Initiative.
Overall, the interaction between Reps. Cummings and Connelly and the forum witnesses was thoughtful and successfully highlighted the issues of importance to government and industry alike as the federal government moves ahead with cloud computing. It was particularly encouraging to see these key members of the House Oversight and Government Reform Committee engage on an issue of such great importance to SIIA members and the federal IT industry as a whole and we applaud them for their effort.

Read the full text of SIIA’s statement.

Michael Hettinger is VP for the Public Sector Innovation Group (PSIG) at SIIA. Follow his PSIG tweets at @SIIAPSIG.

Share|
Filed Under: Cloud Computing, Government, Policy, Policy - Cloud Computing, PSIG, Software Tagged With: , ,

This week in the Federal Cloud: April 30-May 4

May 4, 2012 By

There were a couple of expected but relatively big announcements around cloud in the federal government this week. First and foremost was the issuance of the Federal IT Shared Services Strategy on May 2nd by Federal CIO, Steve VanRoekel. The Shared Services Strategy, like the Shared-First Initiative before it, seeks to reduce the overall cost of government by eliminating duplicative IT and streamlining operations, while moving agencies to shared platforms for commodity IT (like email and storage), support IT (HR and financial management) and eventually mission IT (performance management). Under the plan, agencies have until August 31 to create their shared services roadmaps.

Also this week, we heard the first definitive date for the launching of the FedRAMP Initial Operational Capabilities (IOC), as it was publically announced that June 6th would be the date. This means, according to the FedRAMP timeline that we will see an operational program, with limited scope. We should also expect to see progress toward the official authorization/certification of CSPs, an updated Concept of Operations, and updated continuous monitoring guidance. It also means we will have to have approved third party assessors (3PAOs) in the very near term as they play an integral part in certifying CSPs. It was originally expected that we would have approved 3PAOs in April, but that date was later pushed to early May.

In other cloud news:

Michael Hettinger is VP for the Public Sector Innovation Group (PSIG) at SIIA. Follow his PSIG tweets at @SIIAPSIG.

Share|
Filed Under: Cloud Computing, Government, Policy, Policy - Cloud Computing, PSIG, Software Tagged With: ,

This Week in the Federal Cloud: April 23-27

April 27, 2012 By

Probably the biggest cloud event this week was the Salesforce.com Cloud Force event held on Wednesday at the DC Convention Center. The more than 1000 attendees were treated to a keynote presentation by former Federal CIO, Vivek Kundra. The event focused heavily on the use of social media in the corporate world but also featured the announcement of the launching of Salesforce’s government cloud.

This week also featured the launching of the Cloud Computing Exchange by Meritalk. The Cloud Computing Exchange, like Meritalk’s other “exchanges” is designed to foster discussion and the sharing of best practices among government and industry. The first quarterly meeting of the exchange featured a keynote by the National Oceanographic and Atmospheric Administration (NOAA) highlighting their recent transition to Google Apps for Government to manage their email system. The Meritalk Cloud Computing Exchange was followed by a Capitol Hill Brainstorming Session with keynotes from Senators Tom Carper (DE) and Scott Brown (MA) as well as panels of government and industry cloud leaders, including SIIA Members Google and IBM.

In other cloud news:

Michael Hettinger is VP for the Public Sector Innovation Group (PSIG) at SIIA. Follow his PSIG tweets at @SIIAPSIG.

Share|
Filed Under: Cloud Computing, Government, Policy, Policy - Cloud Computing, PSIG, Software Tagged With: ,

Mobile Payments Get Currency

April 25, 2012 By

The FTC is looking at mobile payments this Thursday, an event that caps several weeks of intense attention to this innovative new technology by policymakers. In March the House Financial Services Committee and the Senate Banking Committee held hearings. And the Internet Caucus held a Congressional briefing, which I chaired.

Several years ago a study by ITIF highlighted mobile payment’s opportunities for efficiencies, growth and innovation. It wondered why it hadn’t taken off in the US, the way it had in other jurisdictions such as Japan and Korea. Since then Square, Intuit, Google, ISIS, PayPal have all ramped up their efforts to bring the new service to consumers and retailers in an attractive easy to use package. The majority of Americans will be embracing mobile payments by 2020, a Pew Internet study found last week.

The benefits are enormous. Mobile payment technology means faster checkout, more through put for merchants, the opportunity to send and receive offers and promotions, greater security, and a platform for new innovative services that haven’t been created yet.

It is worth pausing on the benefits of increased security. Unlike traditional magnetic stripe payment card transactions, mobile payments use a different security code for each transaction. Even if the transaction data is compromised, it cannot be used to make a counterfeit card that would work at the point of sale. This takes the merchant system out of harm’s way and reduces risk to cardholders. Mobile payments implemented on a smartphone can also be protected by a password or PIN number, adding barriers to illicit use of a lost or stolen phone. If asked to choose based on security, shoppers would be smart to use mobile payments over traditional cards.

Some have suggested that mobile payments create increased privacy risks because new information would be available to new players. But these risks are speculative and are being addressed in advance by market players who design their systems to be privacy-protective. They know that the market will only work on the basis of trust, careful handling of personal information, and a compelling user experience.

Mobile payment providers collect location information from their users, but only with affirmative consent. Product specific information isn’t collected at all and so cannot be added to a consumer profile to target ads. Cell phone and email information are available to mobile payment service providers at the time of sign up, but are not transferred to third parties such as retailers. Mobile payment services are savvy enough to avoid the mistake of allowing secret, undesirable acquisition of contact information by third parties. Under the Google Wallet rules, for example, contact information could not be disclosed to a retailer for marketing or advertising purposes without affirmative consent.

The privacy default for mobile payments is that consent is needed for any sharing of consumers’ personal information for marketing purposes. Industry participants have set up their systems with this requirement for consent as the default. This privacy-by-default approach renders concerns about privacy violations more theoretical than real. Mobile payment users can feel confident that they can enjoy the conveniences and added security and usefulness of mobile payments without worrying about privacy violations.

Mark MacCarthy, Vice President, Public Policy at SIIA, directs SIIA’s public policy initiatives in the areas of intellectual property enforcement, information privacy, cybersecurity, cloud computing and the promotion of educational technology.

Share|
Filed Under: All About Mobile, Government, Mobility, Policy, Policy - Cybersecurity, Policy - Privacy, Software, Software Events Tagged With: , , ,
« Older Posts
Newer Posts »