[ga] [Fwd: (Long Post) FYI: Congressional Internet Caucus Sets Next Session Agenda (Report)]

[Jeff Williams <jwkckid1@xxxxxxxxxxxxx>]

All,

  FYI

--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Obediance of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402
E-Mail jwkckid1@xxxxxxxxxxxxx
 Registered Email addr with the USPS
Contact Number: 214-244-4827

--- Begin Message ---

• To: ST-ISC@xxxxxxxxxxxxxxx
• Subject: Re: (Long Post) FYI: Congressional Internet Caucus Sets Next Session Agenda (Report)
• From: John Messing <jmessing@xxxxxxxxxxxxxxx>
• Date: Wed, 29 Nov 2006 07:58:38 -0700
• Comments: To: Gregory Miller <gam@NTD-LLC.COM>
• Reply-to: John Messing <jmessing@xxxxxxxxxxxxxxx>
• Sender: Information Security Committee <ST-ISC@xxxxxxxxxxxxxxx>
• User-agent: Web-Based Email 4.8.16

Related to Greg's post, but perhaps a little shorter, this article
delves into the dangers of RFID passports, including an experiment in
which such a passport chip was used to detonate explosives.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005479&source=NLT_SEC&nlid=38

> -------- Original Message --------
> Subject: (Long Post) FYI: Congressional Internet Caucus Sets Next
> Session Agenda (Report)
> From: Gregory Miller <gam@xxxxxxxxxxx>
> Date: Tue, November 28, 2006 8:04 pm
> To: ST-ISC@xxxxxxxxxxxxxxx
> 
> Greetings Readers-
> Apologies for the X-post to those who may be subscribed to both 
> Network-2d and ABA-ISC.  I felt it on point with each forum's topic 
> charter to warrant x-posting.
> 
> Those copied or Bcc'd on this report: this is an FYI as I represent 
> industry interest in the Pacific Northwest as well as the Silicon Valley 
> and know you appreciate being informed, you've indicated interest in 
> these issues before, or you actually inquired about the meeting recapped 
> below.
> 
> I attended the Congressional Internet Caucus New Session Planning 
> meeting in D.C. today as a member of the Internet Caucus Advisory 
> Committee (ICAC).  Below is the proposed agenda for the next session of 
> Congress in terms of the issues that -may- be examined for legislative 
> initiative, or simply for further awareness, knowledge, and 
> consideration by the Congressional Internet Caucus (CIC).
> 
> If you are a lawyer or lawyer-technologist with a passing or compelled 
> interest in Internet law, policy, and regulation, this should interest you.
> 
> BACKGROUND
> Senator Leahy and Reps Boucher, Goodlatte, and Honda are co-chairs.  The 
> Internet is becoming top-of-mind with the new Congressional Session, I 
> suspect because its now considered by Congress to be growing into the 
> most important tool in our time of communication, commerce, and democracy.
> 
> And the public interest isn't waning either.  Typically this planning 
> session would have 2-3 dozen ardent members of the Advisory Committee 
> (which numbers a couple of hundred). Today, however, I hand-counted 
> close to 100 attendees -- compressed standing room only (while the room 
> had seats for 64.)
> 
> AGENDA ITEMS
> The issues up for consideration, and to be vetted in more detail in 
> January at the 10th Annual "State of the Net" Conference in D.C. (as 
> best as I could take notes standing there) include:
> 
> [1] RFID TAGS -- their application and use and implications on privacy 
> and security.  This issue is slated for "study" and education in the 
> Caucus and no immediate legislative initiative is planned or foreseen. 
> There is an interesting cross-connect here with other agenda items 
> including Internet Governance, Social Networking, and Location-based 
> Services (see below), and that x-connect is an abstract concept they 
> intend to study, but down the list of priorities known as an "Internet 
> of People" (whereas today we largely have an "Internet of Devices.")  It 
> was brought up by an attendee, but the Staff seized on it.  It's 
> tangential of course because RFID tags, depending on application, could 
> essentially gather and disseminate information about individuals.
> 
> [2] IDENTITY THEFT & FRAUD -- this issue, as you know, has seen a lot of 
> activity and initiative but nothing has come of it yet.  There should be 
> considerable attention in a host of committees, and as such the CIC will 
> be working to provide the informational framework (education, studies 
> and support of hearings).  Interestingly, the CIC has elevated their 
> foresight on this issue to expand their scope of interest from theft of 
> individuals' identities to the theft and fraud of component identity as 
> well; that is, they will be examining domain name hijacking, DNS 
> poisoning, IP address spoofing and the like.  Good on them, IMHO, to at 
> least get up to speed on such nefarious activity.
> 
> [3] CYBER-CRIME -- another hot issue that will see significant attention 
> and encompasses all the issues of malware, spam, viruses, intrusion, 
> host hijacking (e.g., botnets); and other tasty tortuous behavior.  This 
> is x-linked with IDENTITY THEFT & FRAUD (see supra).
> 
> [4] UNIVERSAL & ASSURED ACCESS -- this category covers a group of topics 
> and issues, and is more or less my summary way of grouping a number of 
> related things discussed today.  Among the topics include: universal 
> network access including WiFi, WiMax, and WiLANs; municipal broadband 
> services, VoIP applications in that setting; and old universal service 
> reform.  It also is supposed to address growing concerns about 
> unauthorized use of services in wireless settings.
> 
> [5] INFRASTRUCTURE -- A couple of things here.  First, Congressman 
> Goodlatte expressed interest in the implication of IPv6 or next 
> generation Internet protocols.  As best I understand it in follow up 
> after the general meeting, some in the Caucus may increasingly be of the 
> opinion that IPv6 implementation is potent to the advancing of new 
> services, yet its roll-out may be dragging due to other commercial 
> agendas. Others suggest it's a matter of American innovation leadership 
> and an element of pushing the U.S. back up the world rankings in 
> advancing the state of telecommunications.  This new interest in IPv6 
> may perhaps have been catalyzed by agendas of Advisory members or other 
> advocacy (read: lobbying) but really I cannot (yet) figure out why this 
> is even remotely of legislative concern just yet, aside from perhaps its 
> role in muni-broadband services(?)
> 
> 2nd, was the issue of network resilience, but since it was called out a 
> couple of times by different Congressmen (staff) I will separate it 
> below, but suffice for this category that there is concern about the 
> so-called backbone of the Internet and including things like root 
> servers, DNS services, etc., and what role government should have in 
> ensuring availability, if at all.  3rd, and a small issue of more 
> academic interest to them at this point that came up in post meeting 
> chat with Sen Leahy's Staff, but one I know interests a couple of you... 
> was the concept of certified time.  Without dropping into a rat-hole 
> (and for some readers on a X-posted list, this is already well 
> understood), within a digital economy there is a need for authenticated 
> time stamping.  How are time services provided, secured, verified, 
> authenticated, etc.?  Again this is an issue for which they are only 
> expressing early interest (at this time) in education and examination. 
> They do NOT see any legislative issue, but do have the foresight to 
> recognize that certified time is akin to a necessary gear in the 
> machinery of the Internet.  At NT&D we agree; ironically we were 
> approached by a prospective client last week with a nifty venture in 
> this very area, on which I cannot comment further, but the timing is 
> weirdly coincidental.
> 
> [6] NETWORK RESILIENCE -- this topic is related to national defense and 
> homeland security, and critical infrastructure.  The issue is that 
> Congress now appreciates that the Internet is approaching the status of 
> "essential service" similar to electricity and water.  The concern is 
> related to cyber-crime (and begs the issue of whether the fighting of 
> terrorism -- dare I say "cyber-terrorism -- is really a military matter 
> or actually a police & law enforcement matter). How one comes down on 
> that is nearly orthogonal to the point, which is whether the things are 
> in place to provide for fault tolerance, incident and crisis response, 
> and recovery in the event of severe outage caused either by nonfeasance 
> or malfeasance.
> 
> [7] INTERNET TAXATION -- this is nearly a "res ipsa" matter, but of 
> course is goes most tactically to the issue of the expiration of the 
> moratorium, while begging the more strategic issues of long term structures.
> 
> [8] INTERNET GOVERNANCE & ITS COUSIN: 'NET NEUTRALITY  -- this issue and 
> its relative have been in the news and on the minds of Congress (more 
> the latter issue of Neutrality than the former of Governance), catalyzed 
> by the efforts in reforming the Telecommunications Act.  Rep Boucher is 
> making this one of his top priorities for the next session to get 
> resolved, largely b/c this topic of Neutrality is diverting limited 
> attention and resources away from other matters on this Agenda.  Network 
> Neutrality is a highly religious, and somewhat complicated matter. 
> Unfortunately, it has become unnecessarily complicated and religious. 
> There are also issues of preemption emerging as states are taking 
> matters into their own hands (where they see perceive real matters 
> existing).
> 
> The more interesting point -- and a drum I have been beating for a while 
> -- IMHO is Internet Governance. And it's finally coming on to the radar 
> of the Congressional Internet Caucus.  Frankly, I believe it should be 
> the heart and soul of their existence.  And if you, as a technology 
> lawyer or technologist have an interest in law, policy, standards, and 
> regulations as they may apply to the Internet, then -this- issue is 
> significant.
> 
> The triple-net of this is, while the U.S. argues amongst itself about 
> Neutrality and other matters on this Agenda, the International arena is 
> marching full speed ahead on determining not whether, but HOW to govern 
> and regulate the Internet as a global (not U.S. centric) medium of 
> communications, commerce, and democracy.  I find this unsettling and in 
> need of significant U.S. engagement (and diplomacy) and less of an 
> arrogant, go-it-alone, "we're in charge because we invented it" 
> attitude. Like it or not, the Internet is a global phenomena and for the 
> sake of communications, commerce, and democracy it must be. (Sorry for 
> the editorial.)  The issues of ICANN, ISOC, the roles of IANA and other 
> elements are in play in the minds of E.U. politicians.  Perhaps 
> concerning to some, is the potential for the U.N. to presume to take 
> jurisdiction over the Internet.  But the potential worst-case outcome, 
> frankly, is balkanization.  So, its potentially a political Pandora's 
> box.  I know there are whip smart professionals and academicians here 
> and on other forums tracking this matter.  The headline is: Congress in 
> general, and the Congressional Internet Caucus in particular, now are 
> concerned with matters of global Internet governance.  If you're a 
> lawyer with clients in e-business globally, you should be concerned too.
> 
> (FWIW and not intended as a plug but only a resource): If my Blog ever 
> comes out of hibernation (infosec2d.net) due to some technical and 
> business complications, a colleague and I are covering these issues in 
> more depth (but only deep enough to inform lawyers who have a tangential 
> and not primary interest to advise their clients; there are lots of 
> resources and blogs out there that are giving exhaustive treatment to 
> Internet Governance & Regulation.)
> 
> [9] DATA MINING & PRIVACY -- this issue concerns the fact that in a 
> digital economy, increasingly content is the currency and the value of 
> information on individuals is growing astronomically. All the issues of 
> privacy, security, and integrity of data mining are in play here.  This 
> is also an area of examination, education, and study, but legislative 
> initiatives are on the horizon and related to problems such as data loss 
> and unauthorized or accidental disclosure.  This is wrapped up with the 
> next agenda point below, and also has implications in the international 
> arena as the digital economy is global by Internet design.
> 
> [10] INFORMATION SECURITY & PRIVACY -- this is related to several of the 
> agenda items above (the previous one in particular) and a couple of 
> Congressional Staffers mentioned interest and intentions to examine 
> whether legislation with teeth needs to be put forth to increase the 
> requirements for information systems security (in addition to privacy 
> assurances) and recourses for breaches.  This has been a record breaking 
> year for data security breaches, and that has not been lost on Congress.
> 
> [11] IP & INNOVATION PROTECTION AS IT APPLIES TO THE INTERNET -- 
> contained in this category are matters of digital protection of IP 
> (e.g., watermarking, digital signing, et al); the implication of new 
> mash-ups presented as novel services on the 'Net; patent reform; 
> snippets, YouTube style derivative works, etc; and the Web 2.0 phenomena 
> of individuals as simultaneously consumers and producers of content.
> 
> IMPRESSIONS
> If you read this far, I'm honored, and you're definitely interested in 
> the matters of Internet policy, law and regs, or otherwise bored into 
> wading through this ;-)  To summarize (as I've pounded the keys enough 
> here) this is an aggressive agenda and I cannot imagine CIC, let alone 
> Congress getting through even a fraction of the issues.  Of course, at 
> the CIC State of the Net Conference next month, the ICAC and CIC will 
> engage in the difficult process of prioritizing.
> 
> It's worth remembering that the CIC is in place to inform Congress and 
> legislative initiative and to ensure there is leadership in Congress who 
> are reasonably informed, as much as possible in light of everything they 
> must address, on matters of the Internet and a digital society. So this 
> is an on-going and evolving agenda and there isn't a mandate of 
> addressing everything here or crafting legislation on every point.  Some 
> of this is simply the process of building awareness and knowledge 
> through the help of the Advisory Committee.
> 
> There is something in there for everyone, and I hope their web site 
> continues to expand and improve on handling these issues.  To that end, 
> we're working with CIC staff to make that happen.  As with all things, 
> it may require some fund raising and resource acquisition.
> 
> I hope this has been informative and good fodder for discussions in 
> these forums beyond current threads of law office technology, electronic 
> discovery, security breaches, or e-voting ;-)
> Cheers
> Greg
> 
> 
> Gregory Miller JD
> Member: Congressional Internet Caucus Advisory Committee
> 
> Managing Director
> Network Tool-&-Die Company LLC
> 	Venture Catalysts for a Digital Economy
> _________
> PORTLAND | SAN FRANCISCO | BOSTON
> 
> This message is for the sole use of the intended recipient(s) and may 
> contain confidential or privileged information.  If you are not the 
> intended recipient, please inform the sender immediately by reply eMail 
> and destroy all copies of the original message.  Any unauthorized use, 
> disclosure or further distribution is prohibited.  Thank you.
> 
> Your e-mail address will only be used within the ABA and its entities.
> We do not sell or rent e-mail addresses to anyone outside the ABA.
> 
> To change your e-mail address or remove your name from any future general distribution e-mails you can call us at 1-800-285-2221 or write to:
> 
>    American Bar Association
>    Service Center
>    321 N Clark Street
>    Chicago, IL  60610
> 
> To unsubscribe send the following in the body of a message to
> listserv@xxxxxxxxxx  - unsubscribe st-isc
> 
> To review our privacy statement, go to
> http://www.abanet.org/privacy_statement.html.

Your e-mail address will only be used within the ABA and its entities.
We do not sell or rent e-mail addresses to anyone outside the ABA.

To change your e-mail address or remove your name from any future general distribution e-mails you can call us at 1-800-285-2221 or write to:

   American Bar Association
   Service Center
   321 N Clark Street
   Chicago, IL  60610

To unsubscribe send the following in the body of a message to
listserv@xxxxxxxxxx  - unsubscribe st-isc

To review our privacy statement, go to
http://www.abanet.org/privacy_statement.html.

--- End Message ---