Risk
12/20/2011
12:43 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Obama Appoints Privacy Board Members

Board is designed to oversee privacy and civil liberties protections built into the administration's cybersecurity legislative proposal.

NASA's Next Mission: Deep Space
NASA's Next Mission: Deep Space
(click image for larger view and for slideshow)
President Obama has made three nominations to a board that will oversee the federal government's cybersecurity and counterterrorism efforts with an eye toward protecting Americans' privacy and civil liberties.

The president has appointed David Medine as chairman of the Privacy and Civil Liberties Oversight Board, and Rachel Brand and Patricia Wald as board members, according to a White House blog post by cybersecurity coordinator Howard Schmidt.

The federal government is engaged in numerous activities to gather and share information across agencies, with state and local governments, as well as with the private sector to secure U.S. cyber infrastructure from cyberattacks--terrorist or otherwise. The administration detailed a broad legislative cybersecurity proposal to support these plans in May.

[ Collaboration and research are key to plans to secure U.S. networks. See White House Sets Cybersecurity R&D Priorities. ]

The board's job is to prevent the feds' activities from violating privacy and civil liberty rights, and report to Congress the impact the activities have on these rights, according to Schmidt.

Specifically, the board will oversee the privacy and civil liberties protections built into the administration's cybersecurity legislative proposal, he said. The board also will recommend regulatory improvements or modifications to address any concerns.

"The administration firmly believes that both Board oversight and affirmative requirements for privacy policies and procedures are essential components of any legislation," Schmidt said.

The three nominees--who must be approved by Congress before their work can begin--all have notable legal backgrounds and have previously served or currently hold other positions with the federal government.

Medine is a partner in the WilmerHale law firm, focusing on privacy and data security. He was senior adviser to the White House Economic Council from 2000 to 2001.

Brand is currently chief counsel for regulatory litigation at the U.S. Chamber of Commerce, National Chamber Litigation Center. Previously, she was a private-practice attorney and also handled policy issues--including counterterrorism--as assistant attorney general for legal policy at the Department of Justice.

From 1979 until 1999, Wald served on the U.S. Court of Appeals for the District of Columbia, including a five-year stint as chief judge. Since then she has served as judge on the International Criminal Tribunal for the former Yugoslavia and a member on the President's Commission on the Intelligence Capabilities of the U.S. Regarding Weapons of Mass Destruction.

How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
12/20/2011 | 7:26:03 PM
re: Obama Appoints Privacy Board Members
Good to know that there is a designated group of people who will be looking into this. Part of the key for this though will be the level of influence they truly have over any piece of legislation.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: LOL.
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3154
Published: 2014-04-17
DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file conte...

CVE-2013-2143
Published: 2014-04-17
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.

CVE-2014-0036
Published: 2014-04-17
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.

CVE-2014-0054
Published: 2014-04-17
The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External ...

CVE-2014-0071
Published: 2014-04-17
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections.

Best of the Web