Risk
12/20/2011
12:43 PM
Connect Directly
RSS
E-Mail
50%
50%

Obama Appoints Privacy Board Members

Board is designed to oversee privacy and civil liberties protections built into the administration's cybersecurity legislative proposal.

NASA's Next Mission: Deep Space
NASA's Next Mission: Deep Space
(click image for larger view and for slideshow)
President Obama has made three nominations to a board that will oversee the federal government's cybersecurity and counterterrorism efforts with an eye toward protecting Americans' privacy and civil liberties.

The president has appointed David Medine as chairman of the Privacy and Civil Liberties Oversight Board, and Rachel Brand and Patricia Wald as board members, according to a White House blog post by cybersecurity coordinator Howard Schmidt.

The federal government is engaged in numerous activities to gather and share information across agencies, with state and local governments, as well as with the private sector to secure U.S. cyber infrastructure from cyberattacks--terrorist or otherwise. The administration detailed a broad legislative cybersecurity proposal to support these plans in May.

[ Collaboration and research are key to plans to secure U.S. networks. See White House Sets Cybersecurity R&D Priorities. ]

The board's job is to prevent the feds' activities from violating privacy and civil liberty rights, and report to Congress the impact the activities have on these rights, according to Schmidt.

Specifically, the board will oversee the privacy and civil liberties protections built into the administration's cybersecurity legislative proposal, he said. The board also will recommend regulatory improvements or modifications to address any concerns.

"The administration firmly believes that both Board oversight and affirmative requirements for privacy policies and procedures are essential components of any legislation," Schmidt said.

The three nominees--who must be approved by Congress before their work can begin--all have notable legal backgrounds and have previously served or currently hold other positions with the federal government.

Medine is a partner in the WilmerHale law firm, focusing on privacy and data security. He was senior adviser to the White House Economic Council from 2000 to 2001.

Brand is currently chief counsel for regulatory litigation at the U.S. Chamber of Commerce, National Chamber Litigation Center. Previously, she was a private-practice attorney and also handled policy issues--including counterterrorism--as assistant attorney general for legal policy at the Department of Justice.

From 1979 until 1999, Wald served on the U.S. Court of Appeals for the District of Columbia, including a five-year stint as chief judge. Since then she has served as judge on the International Criminal Tribunal for the former Yugoslavia and a member on the President's Commission on the Intelligence Capabilities of the U.S. Regarding Weapons of Mass Destruction.

How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
12/20/2011 | 7:26:03 PM
re: Obama Appoints Privacy Board Members
Good to know that there is a designated group of people who will be looking into this. Part of the key for this though will be the level of influence they truly have over any piece of legislation.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0761
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

CVE-2014-0762
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows physically proximate attackers to cause a denial of service (infinite loop or process crash) via crafted input over a serial line.

CVE-2014-2380
Published: 2014-08-27
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.

CVE-2014-2381
Published: 2014-08-27
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.

CVE-2014-3344
Published: 2014-08-27
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq3...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.