rodney's blog

The U.S. House of Representatives is introducting this week four pieces of legislation for votes.  Below is a summary of each bill provided by House Speaker John Boehner:

Cyber Intelligence Sharing and Protection Act (H.R. 3523), introduced by Intelligence Committee Chairman Mike Rogers (R-MI), will help private sector job creators defend themselves from attacks from countries like China and Russia by allowing the government to provide the intelligence information needed to protect their networks and their customers’ privacy.  The bill also provides positive authority to private-sector entities to defend their own networks and to those of their customers, and to share cyber threat information with others in the private sector, as well as with the federal government on a purely voluntary basis.

The National Telecommunications and Information Administration (NTIA) in the U.S. Department of Commerce has issued a Request for Public Comments  in response to the report on consumer data privacy issued by The White House in February.

According to the notice, the NTIA is requesting comment on "consumer data privacy issues that warrant the development of legally enforceable codes of conduct, as well as procedures to foster the development of these codes."

The White House announced today a long awaited report on “Consumer Data Privacy in a Networked World:  A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy.”  The report is “part of a comprehensive blueprint to improve consumers’ privacy protections and ensure that the Internet remains an engine for innovation and economic growth,” according to a statement from The White House.

Among the primary recommendations in the report is a call for a Consumer Privacy Bill of Rights to provide a baseline of clear protections for consumers and greater certainty for businesses.  The rights include:

Homeland Security and Governmental Affairs Committee Chairman Senator Joe Lieberman (ID-Conn.), Ranking Member Senator Susan Collins (R-Maine), Commerce Committee Chairman Senator Jay Rockefeller (D-W.Va.), and Select Intelligence Committee Chairwoman Senator Dianne Feinstein (D-Ca.) introduced the Senate version of comprehensive cybersecurity legislation (S.

The National Strategy for Trusted Identities in Cyberspace (NSTIC) National Program Office has issued its “Recommendations For Establishing An Identity Ecosystem Governance Structure.”  The report is in response to an earlier Notice of Inquiry (NOI) and follows a workshop on the subject.  EDUCAUSE, Internet2, and InCommon submitted comments that were featured prominently in the final recommendations.

“A core tenet of the NSTIC is that its implementation must be led by the private sector,” according to the report.  Key recommendations from the topic areas identified in the NOI are as follows:

At a time when the threat of cyberattacks has been a frequent focus of media coverage (see CBS News Report, “FBI:  Cyber threat might surpass terror threat,” and USA Today report, “Cyberattacks likely to escalate this year”), the leaders of the Senate, House of Representatives, and President Obama have pledged to pass cybersecurity legislation this year.  A subcommittee of the House Homeland Security Committee took the latest step in that direction last week when it passed H.R.

The National Strategy for Trusted Identities in Cyberspace (NSTIC) took a big step forward to gain confidence that there is more than just talk to the strategy by announcing a new Federal Funding Opportunity (FFO) for pilot programs to support the NSTIC.  The NSTIC vision is for individuals and organizations to have secure, efficient, easy-to-use and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice and innovation.

According to the announcement:

A recent memo from the Federal CIO to the CIO's of Executive Departments and Agencies is welcome news to the advocates for federated identity management.  The memo with the subject line of "Requirements for Accepting Externally-Issued Identity Credentials" mandates that "agencies are to begin leveraing externally-issued credentials, in addition to continuing to offer federally-issued credentials."  The memo begins with the observation that the use of externally-issued credentials (i.e., those that have been issued by an entity other than the federal government) will decrease the burden on uses of government information systems and reduce costs associated with managing credentials.  InCommon is included among the Trust Framework Providers that are identified among the Approved Providers and Schemes.

The Revised Regulations for the Family Educational Rights and Privacy Act (FERPA) were announced on December 2, 2011.  According to the U.S. Department of Education, the changes in the rules were “needed to ensure that the Department continues to implement FERPA in a way that protects the privacy of education records while allowing for the effective use of data.”  The rule changes are designed to accommodate increased accountability and transparency for schools and institutions of higher education.  “Improved access to data will facilitate States’ ability to evaluate education programs, to ensure limited resources are invested effectively, to build upon what works and discard what does not, and to contribute to a culture of innovation of continuous improvement in education” writes the Department in the summary of the Final regulations.

The 2011 Federal Student Aid Fall Conference held on November 29th-December 2nd covered a variety of federal student aid policy topics, ranging from state authorization to program integrity rules. 

Education Secretary Arnie Duncan kicked off the event with the following remarks:

. . . my chief message today is a sobering one. I want to ask you, and the entire higher education community, to look ahead and start thinking more creatively—and with much greater urgency—about how to contain the spiraling costs of college and reduce the burden of student debt on our nation's students.

He highlighted attempts to radically redesign courses and make smarter use of technology as ways that college leaders can help control college costs and net price.