Risk
12/20/2011
12:43 PM
Connect Directly
RSS
E-Mail
50%
50%

Obama Appoints Privacy Board Members

Board is designed to oversee privacy and civil liberties protections built into the administration's cybersecurity legislative proposal.

NASA's Next Mission: Deep Space
NASA's Next Mission: Deep Space
(click image for larger view and for slideshow)
President Obama has made three nominations to a board that will oversee the federal government's cybersecurity and counterterrorism efforts with an eye toward protecting Americans' privacy and civil liberties.

The president has appointed David Medine as chairman of the Privacy and Civil Liberties Oversight Board, and Rachel Brand and Patricia Wald as board members, according to a White House blog post by cybersecurity coordinator Howard Schmidt.

The federal government is engaged in numerous activities to gather and share information across agencies, with state and local governments, as well as with the private sector to secure U.S. cyber infrastructure from cyberattacks--terrorist or otherwise. The administration detailed a broad legislative cybersecurity proposal to support these plans in May.

[ Collaboration and research are key to plans to secure U.S. networks. See White House Sets Cybersecurity R&D Priorities. ]

The board's job is to prevent the feds' activities from violating privacy and civil liberty rights, and report to Congress the impact the activities have on these rights, according to Schmidt.

Specifically, the board will oversee the privacy and civil liberties protections built into the administration's cybersecurity legislative proposal, he said. The board also will recommend regulatory improvements or modifications to address any concerns.

"The administration firmly believes that both Board oversight and affirmative requirements for privacy policies and procedures are essential components of any legislation," Schmidt said.

The three nominees--who must be approved by Congress before their work can begin--all have notable legal backgrounds and have previously served or currently hold other positions with the federal government.

Medine is a partner in the WilmerHale law firm, focusing on privacy and data security. He was senior adviser to the White House Economic Council from 2000 to 2001.

Brand is currently chief counsel for regulatory litigation at the U.S. Chamber of Commerce, National Chamber Litigation Center. Previously, she was a private-practice attorney and also handled policy issues--including counterterrorism--as assistant attorney general for legal policy at the Department of Justice.

From 1979 until 1999, Wald served on the U.S. Court of Appeals for the District of Columbia, including a five-year stint as chief judge. Since then she has served as judge on the International Criminal Tribunal for the former Yugoslavia and a member on the President's Commission on the Intelligence Capabilities of the U.S. Regarding Weapons of Mass Destruction.

How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Bprince
50%
50%
Bprince,
User Rank: Ninja
12/20/2011 | 7:26:03 PM
re: Obama Appoints Privacy Board Members
Good to know that there is a designated group of people who will be looking into this. Part of the key for this though will be the level of influence they truly have over any piece of legislation.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2003-1598
Published: 2014-10-01
SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.

CVE-2011-4624
Published: 2014-10-01
Cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album-gallery) before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter.

CVE-2012-0811
Published: 2014-10-01
Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files gene...

CVE-2012-5485
Published: 2014-09-30
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.

CVE-2012-5486
Published: 2014-09-30
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.