The Department of Defense has proposed a change to its regulations that would strengthen requirements for the control of export-controlled technologies for DOD research contractors, including universities. The proposed rule would require contractors to have an export control program that includes regular audits and training, segregated workplaces for export-controlled technologies, and “unique badging requirements for foreign nationals and foreign persons.”
While we at CRA understand and support the need for export control and deemed export regulation, we’re concerned that the proposed rule as it stands would make fundamental research subject to novel restrictions that could seriously impair the ability of colleges, universities, industrial and federal research labs to conduct fundamental research, which would have significant ramifications for America’s economic competitiveness and technological leadership in the world.
This concern stems in large part from the fact that the proposed rule doesn’t reference the fundamental research exemption, as found in a Reagan-era National Security Decision Directive still in effect (NSDD 189). Though it appears that the authors of the proposed rule didn’t intend to add new burdens for universities — rather, intended the change to clarify existing regulations — the worry is that without an explicit mention of NSDD-189, DOD agencies might incorrectly interpret compliance requirements to require access controls in all instances, even when fundamental research is being performed. There’s also a concern that the new rule would prompt DOD program managers and contract officers to include overly restrictive language in DOD contracts in order to protect themselves from any potential liability or culpability. As the Association of American Universities points out (pdf), this likely would exacerbate the already significant problems that universities have experienced with troublesome clauses in contracts from industry.
So, as we did when the Department of Commerce announced they were considering a similar rule change (and still haven’t decided), CRA filed comments (pdf) with DOD, along with more than 100 other respondents.
USACM also filed comments regarding the proposed rule, which you can find — along with a good blog post from David Padgham highlighting some of the other comments received — over at the USACM Technology Policy Blog.
We’ll keep track on the rule-making progress as it moves forward at both Commerce and DOD in the coming weeks….
A quick pointer to two interesting not-directly-related pieces running today. First is Aliya Sternstein’s article in Federal Computer Week that fleshes out the PITAC to PCAST switch we noted back on September 30th. She quotes CRA Chair Dan Reed and ITAA president Harris Miller:
Former PITAC member Dan Reed, vice chancellor of IT and chief information officer at the University of North Carolina at Chapel Hill, applauded [PCAST co-Chair Floyd] Kvamme’s idea to examine the federal government’s commitment to IT R&D.
“IT pervades so many aspects of science, technology and education that examining it in a holistic context has great value,” he said.
“PCAST is really the pre-eminent scientific advisory group to the president,” Reed said. “In some ways, this elevates the IT issues to a higher level.”
Some industry observers displayed mixed emotions about the turn of events, saying they will hold their breath until PCAST’s new lineup materializes and follows through on its promises.
“Having PITAC become part of PCAST is better than nothing, but frankly, I don’t think it’s an adequate solution,” said Harris Miller, president of the IT Association of America, which represents high-tech companies.
Although PCAST is more prestigious and well-regarded by the administration, the members already have too much on their plates, he said, adding that they likely cannot handle PCAST’s huge program plus all the items that the PITAC docket would add.
(There’s a brief comment from me in there as well.)
The other interesting piece is by ZDNet News’ Declan McCullagh and Anne Broache. It’s titled “U.S. cybersecurity due for FEMA-like calamity?” and it covers the lack of adequate attention the Department of Homeland Security has paid to cyber threats to critical infrastructures.
Auditors had warned months before Hurricane Katrina that FEMA’s internal procedures for handling people and equipment dispatched to disasters were lacking. In an unsettling parallel, government auditors have been saying that Homeland Security has failed to live up to its cybersecurity responsibilities and may be “unprepared” for emergencies.
“When you look at the events of Katrina, you kind of have to ask yourself the question, ‘Are we ready?’” said Paul Kurtz, president of the Cyber Security Industry Alliance, a public policy and advocacy group. “Are we ready for a large-scale cyberdisruption or attack? I believe the answer is clearly no.”
The article also features a nice quote from CRA government affairs committee co-Chair Ed Lazowska that sums up the concerns about the agency’s research efforts:
But the right tools and funding have to be in place, too, said Ed Lazowska, a computer science professor at the University of Washington. He co-chaired the president’s Information Technology Advisory Committee, which published a report in February that was critical of federal cybersecurity efforts.
“DHS has an appropriately large focus on weapons of mass destruction but an inappropriately small focus on critical infrastructure protection, and particularly on cybersecurity,” Lazowska said in an e-mail interview.
The department is currently spending roughly $17 million of its $1.3 billion science-and-technology budget on cybersecurity, he said. His committee report calls for a $90 million increase in National Science Foundation funding for cybersecurity research and development.
Until then, Lazowska said, “the nation is applying Band-Aids, rather than developing the inherently more secure information technology that our nation requires.”
Both are worth a read!
Former House Speaker Newt Gingrich joined yesterday’s meeting of the National Academies’ Computer Science and Telecommunications Board, ostensibly to talk about health care and IT — though he probably only spent a couple of minutes total on the topic. Instead, the board and those of us in the audience got Gingrich’s take on what’s wrong with America’s innovation ecosystem and his plan for addressing it. The presentation was very interesting — Gingrich is a remarkable extemporaneous speaker, even in front of an audience that I suspect was not full of Gingrich “fans.” I jotted down some brief notes as he outlined his recommendations and I reprint them here, just because I thought it was a nicely structured approach. According to Gingrich, we need to:
1) Dramatically, radically overhaul math and science education by:
- paying students in grades 7-12 a wage equivalent to what they’d make at McDonald’s if they earn “B’s” or better.
- eliminating regulation that prevents those with subject expertise from teaching that subject in schools (retired scientists and engineers, for example)
2) Triple the size of NSF
- The Administration’s budget priorities are wrong. Congress is wrong. Regrets that his biggest mistake as speaker was not tripling NSF when they doubled NIH
3) Establish a national library of science similar to PubMed
- especially needed for adults looking to further education
4) Need to dramatically deregulate our markets (presumably telecom)
- need to have the highest capital investment in new technologies of any country in the world
5) We need to have “a vision of a dynamic successful future” in order to recruit the next generation of scientists and engineers
- President has the right instinct with moon/mars, but the wrong program
- there’s no coherent vision now of a scientifically exciting future
While he says it’s important to have a positive vision of the future for attracting future scientists and engineers, policymakers need to be motivated by the negatives. The current budget situation is a total mess, he said, but messes can be great opportunities. Increasing federal support for fundamental R&D is a really large change and “really large change is a long-wave process.” CEOs need to say to policymakers “here is what you have to do” and then communicate the downside:
We will lose without investment in NSF – “Do you want US to be the new Europe?” The US is in a dominating position, but that position is not permanent. “We are temporarily and briefly the most powerful country in the world.” Unfortunately, making the case is like the challenge of convincing relatively healthy people they should eat healthy and exercise. They don’t see a pressing need, even though the change would help them live longer, healthier lives. The US can “decay elegantly forever.” The challenge is to reverse that.
I thought it was a very interesting talk.
John Markoff, tech reporter for the NY Times (we’ve covered a few of his stories, including this really important one, here in this space) also participated in the meeting, running through his history of the rise of the personal computer, as told in his book What the Dormouse Said. Markoff also talked a bit about his frustration with what’s happening with tech coverage in journalism and at the Times — a move to cover much more of the business side of technology with less emphasis on the exciting stories about the science — but understood the pressures facing the publishers given the absolutely grim financial situations newspapers find themselves in at the moment. We’ve seen this in the advocacy community. The one “case” for the need to support fundamental research that seems to get the most traction both in the press and among policymakers at the moment is the “innovation” case — that is, the linkage between fundamental research performed by the nation’s universities and federal labs and innovation in U.S. industries. I suppose that’s not surprising. But more often it would be nice, I think — especially if one of our goals is inspiring the next generation of scientists and engineers — to see stories covering the excitement of the path to discovery, the quest for knowledge….
Anyway, on the whole, I thought it was a very enjoyable morning at the National Academies.
From the CCC Blog
- A Retrospective on Alan Turing’s Influence Erwin Gianchandani
- Microsoft Research Names 2012 Faculty Fellows Erwin Gianchandani
- Revisiting “Where the jobs are…” Erwin Gianchandani
- “Troves of Personal Data, Forbidden to Researchers” Erwin Gianchandani