US-EU standards must be harmonized to advance accessibility

Julie Anderson by Julie Anderson, AG Strategy Group
Friday, August 21, 2015

Making technology accessible to persons with disabilities is a critical issue to which we need to play closer attention. Within the government, the issue often falls on a federal chief information officers' long list of to-dos, rather than being a central focus. While recognizing that federal CIOs have a broad set of responsibilities and that there are many critical issues that they manage, we must place a focused eye on whether the issue of accessibility is getting the attention it should.

The Microsoft Case

Tracy Mitrano, Inside Higher Ed,  Friday, August 21, 2015

The United States must look creatively forward to ratifying treaties and other legal instruments that would bring a judicious rule of law to legal access of electronic information internationally. But our country cannot do so with a straight face until it sets its own house right. Let us find a path back to the basics of civil liberties established by our Founding Fathers. And let’s us do so in the name of both civil liberties and national defense.

US Effort to Grab Data from Microsoft in Ireland Should Frighten All Firms Using the Cloud Overseas

Jeff Gould by Jeff Gould, SafeGov.org
Thursday, August 20, 2015

It appears then that Snowden’s impact on U.S. cloud providers may not be as big as feared – at least not yet. But many CIOs may not realize that other actions by the U.S. government could pose a perhaps equally grave, though subtler, threat to cloud computing. The laws that set the rules for government access to electronic data were largely written in the 1980s. Their application to data stored by enterprise customers on cloud servers is unclear. The rights of customers to contest the government’s actions or even be informed of them are uncertain. But now, a legal battle pitting Microsoft against the Justice Department raises fundamental questions that all CIOs should pay close attention to.

The U.S. Must Lead on Technology Privacy Issues

Julie Anderson by Julie Anderson, AG Strategy Group
Thursday, August 20, 2015

One of the highest-profile cases related to surveillance practices remains unresolved. The Microsoft search warrant case, which was initiated in late 2013, raises a larger question: can a U.S. law enforcement agency compel a U.S. technology provider to turn over digital information that resides in a location outside the U.S.? Current law, the Freedom Act included, does not directly address the essential issues raised in this case, which are weighty enough to merit the attention of presidential candidates and Congress, as well as the Supreme Court. However, the LEADS Act, if passed, would help to clarify the currently murky landscape, by ensuring that policy keeps pace with technology. While the world continues to become more interconnected, geopolitical borders remain significant. A consistent and transparent rule of law regarding cross-border information-sharing must be our North Star.

Azure Government Achieves Significant Compliance Milestones

Tom Keane, Microsoft Azure Blog,  Wednesday, August 19, 2015

In April Microsoft announced four new industry certifications for Microsoft Azure – CDSA for the digital media and entertainment industry, FISC for Japanese financial services organizations, DISA Level 2 for the US defense sector, and MTCS Level 3 for the Singapore government. Today I’m excited to share another four milestones specific to Azure Government:

Who Owns Your Email? An Interview With Brad Smith, General Counsel Of Microsoft

Jeff Bennion, Above the Law,  Tuesday, August 18, 2015

There’s no question that a valid U.S. search warrant applies to physical evidence in the U.S. – like that in a house – or digital content in the U.S. – like that in a data center. But the law and longstanding practice are clear that in the physical world, search warrants stop at a country’s borders, and the U.S. government can’t search a house abroad without going through the local government. The question in our case is whether a U.S. warrant can apply to digital communications that are stored in a data center located in another country.

Making Police Body Cams Work on a Mass Scale (Industry Perspective)

Jeff Gould by Jeff Gould, SafeGov.org
Monday, August 17, 2015

The purpose of body-worn cameras is not to fill petabytes and exabytes of disk space in football-field-size data centers. The goal is to improve interactions between the police and the public they serve. To justify its cost, law enforcement agencies must be able to filter through footage quickly and effectively. They need to review it for investigative, training and disciplinary purposes. They need to share it with fellow agencies, prosecutors and defense lawyers. Last but not least, they need to be able to disclose it – at least selectively – to the public and the media. All this will have to happen while guaranteeing chains of custody, ensuring that only authorized users have access, and protecting the privacy of citizens and officers. The fundamental problem that police departments gathering large amounts of video face is that the daily tasks they need to perform with this video are labor-intensive. Searching through thousands of hours of video, transcribing and indexing what is said in them, blurring the faces of citizens or officers to protect their privacy – these tasks are impossible to perform at scale without assistance from powerful automation tools.

The quiet battle for privacy in the cloud

Dan Horowitz, The Hill,  Monday, August 17, 2015

Recently, a Federal Judge in New York was convinced by lawyers from the Obama administration that international agreements and the Fourth Amendment were simply minor impediments to be brushed aside at the behest of the Department of Justice (DoJ) and their insatiable desire to have automatic access to any electronic data U.S. citizens and companies possess. How is this possible? Why have very few people heard of this? Why aren’t the Netizens up in arms over it?

Backdoors Won't Solve Comey's Going Dark Problem

Bruce Schneier, Schneier on Security Blog,  Saturday, August 15, 2015

At the Aspen Security Forum two weeks ago, James Comey (and others) explicitly talked about the "going dark" problem, describing the specific scenario they are concerned about. Maybe others have heard the scenario before, but it was a first for me. It centers around ISIL operatives abroad and ISIL-inspired terrorists here in the US. The FBI knows who the Americans are, can get a court order to carry out surveillance on their communications, but cannot eavesdrop on the conversations, because they are encrypted. They can get the metadata, so they know who is talking to who, but they can't find out what's being said.

FedRAMP needs feds to help refine high impact baseline

Aaron Boyd, Federal Times,  Saturday, August 15, 2015

Federal IT managers working with high-impact secure systems are being asked to join a Tiger Team to assess and refine the Federal Risk Authorization Management Program (FedRAMP) proposed high baseline. The FedRAMP program office has been hard at work on the high security baseline — standards for securing sensitive data on commercial cloud systems — expected to be finalized before the end of the year.