NC State prof and former CRA Digital Government FellowAnnie Antón sends word that The Privacy Place is conducting its 2005 survey of online privacy policies and user values. The Privacy Place is an inter-disciplinary team of researchers at North Carolina State University’s Computer Science and Business Management departments as well as the Georgia Tech College of Computing, the Purdue University Computer Science Department and the University of Lugano Communication Sciences department — all committed to disseminating information and creating tools and techniques that help IT professionals and policy makers bring privacy policies and system requirements into better alignment.
They hope to get a few thousand respondents to their survey, so Annie’s asked for some help getting the word out. I just took the survey and it only took me a few minutes (and I’m pretty dense). Here’s Annie’s request with all the details:
ThePrivacyPlace.Org 2005 Privacy Survey is Underway!
Researchers at ThePrivacyPlace.Org are conducting an online survey about privacy policies and user values. The survey is supported by an NSF ITR grant (National Science Foundation Information Technology Research) and will help us establish with our investigations of privacy policy expression and user comprehension thereof.
The URL is: http://survey.theprivacyplace.org/
We need to attract several thousand respondents, and would be most appreciative if you would consider helping us get the word out about the survey which takes about 5 to 10 minutes to complete. The results will be made available in 2006 via our project website. Prizes include
$50 Amazon.com gift certificates
and
IBM sponsored giveaways!
On behalf of the research staff at ThePrivacyPlace.Org, thank you!
Annie Antón
The governors of 27 states have sent a letter to President Bush urging him to “ensure that federal funding for university-based research remains a top national priority” in FY 2006 and beyond. In their letter, the 16 Democratic and 11 Republican governors make the case that basic research has been the fuel for innovation in their states — as well as a creator of high-wage jobs and an enabler of workforce productivity — and they credit the universities and labs performing the research with being “the training ground for our country’s next generation of highly-skilled workers.” They also cite the changing competitive environment that challenges current U.S. dominance in technology innovation:
Through economic globalization, competition in research and development has risen dramatically in the last few years. Asian and European countries have committed new resources to scientific and engineering research programs at nearly unprecedented rates. While the U.S. currently remains a global leader in science and technology, we must continue to be at the forefront of discovery and development. Only by investing in the research of today can we take full advantage of the innovations of tomorrow. Despite a period of scarce resources, basic science and engineering research is a vital national investment.
This is an important message for the President to hear, especially as the Administration is working now to put together his FY 2007 budget in time for its February release.
Unfortunately, the U.S. basic research enterprise is going to need all the help it can get. As we’ve noted before, it appears that pressures will be high on Congress to cut mandatory and discretionary spending (including federal science agencies) to offset the spiraling costs for hurricane relief and a possible tax cut. Yesterday, House Majority Leader Roy Blunt noted that Congress will be focusing on three pieces of budget legislation before they wrap up the current session this fall: a package carving savings from mandatory programs, an across-the-board cut in discretionary spending and a new hurricane relief package. Any across-the-board cut is likely to once again fall on agencies like the National Science Foundation, which suffered a similar 2 percent cut last year.
So any effort by an influential group like the 27 governors who signed this letter (and thanks to the Science Coalition for “working” this letter), is useful in the attempt to reverse what is becoming a very damaging trend of cutbacks in federal support for fundamental research.
Here’s the full letter (pdf, 1 mb). Did your governor sign?
With short notice, the House Armed Services CommitteePanel on Asymmetric and Unconventional Threats will hold a hearing tomorrow to examine cyber security, information assurance and information exploitation issues at the Department of Defense. I say short notice because the witness list for the hearing didn’t appear until today and the hearing’s lead witness, CRA Board member and Purdue professor Eugene Spafford, didn’t receive an invitation to attend until Tuesday. Joining Spaf on the panel are David Grawrock, Principal Engineer and Security Architect at Intel, and Paul Kurtz, Executive Director of the Cyber Security Industry Alliance.
Spaf has already submitted his written testimony (pdf) and it’s excellent (especially given the time constraint). In it, he notes that DOD faces some worrisome trends in defending itself from cyber threats:
The number of reported attacks of various kinds is generally increasing annually;
Attacks are becoming more sophisticated and more efficient;
Few perpetrators are ever caught and prosecuted;
An unknown (but probably large) number of attacks, frauds and violations are not detected with current defenses;
A large number of detected attacks are not reported to appropriate authorities;
The problem is international in scope, both in origin of attacks and in location of victims;
The majority of the attacks are enabled by faulty software, poor configuration, and operator error.
Exacerbating these trends at DOD are a number of factors:
An over-dependence on commercial-off-the-shelf products (COTS);
A lack of metrics measuring the safety, security and quality of IT products in a general and meaningful way;
A lack of deterrence — vandals and criminals operate with the knowledge that there’s almost no chance of being caught unless they are exceedingly careless;
A lack of fallback alternatives — no planning for how to proceed with critical mission responsibilities with degraded or disabled IT resources;
An under-investment in research, especially long-term research at DOD and throughout the federal research portfolio; and
An ill-informed application of classification by agencies like DARPA that prevent some of the best minds in the country from working on cyber security problems.
Spaf has a number of recommendations of actions to take to reduce the threat to DOD IT systems, but I thought I’d list his primary recommendation here, especially as it echoes recommendations we’ve made manytimesinthepast:
1. Most importantly, increase the priority and funding for scientific research into issues of security and protection of IT systems. This was the conclusion of the PITAC, and of numerous other studies cited in the PITAC report. Too much money is being spent on upgrading patches and not enough is being spent on fundamental research by qualified personnel. There are too few researchers in the country who understand the issues of information security, and too many of them are unable to find funding to support fundamental research. This is the case at our military research labs, commercial labs, and at our university research centers. Increased spending for research is an investment in national defense and national economic competitiveness, and is not in other expenditures for basic and applied research.
The hearing begins at 9 am, October 27th, and will be webcast (click on the microphone icon next to the hearing notice) and archived.
Spaf’s full testimony is here. (pdf)
As I noted in the last post, the Senate Appropriations Committee included language in the Senate verision of the FY 06 Defense Appropriations bill that would strip $55 million from an element of DARPA’s Cognitive Computing program — a move that seems to run counter to recent congressional sentiment on the role of computer science, especially university-led fundamental computer science, at DARPA. The “out of the blue” cut — there was no advance warning provided by appropriations staffers, no evidence that there was dissatisfaction with the program — would fall on the “Learning, Reasoning, and Integrated Cognitive Systems (pdf)” (COG-2) account. With little feedback from the Senate appropriators, we’re operating under the assumption that the main impetus for the cut was to provide an offset for increases elsewhere in the bill, though there’s been some speculation among Senate staff that the program may have suffered do to a misperception that it’s somehow similar to some of the agency’s more controversial bio-related programs.
It’s not. As we’ve tried to point out to the conferees who will have to determine whether the cut will stand in the compromise bill negotiated with the House (the House opted to fund the program at the agency’s requested level), research in learning, reasoning, and cognitive systems is focused on intelligent intrepretations of signals and data, on controlling unmanned vehicles, and on amplifying human effectiveness. Its aim is to reduce U.S. casualties by providing improved command and control and tactical planning against adversaries, as well as improved training systems. Work in this area includes research responsible for the Command Post of the Future (CPOF) — a software system currently deployed and very widely-used in Iraq to coordinate battle plans and integrate multiple intelligence reports, providing U.S. forces the capability to plan, execute and replan much faster than the enemy’s decision cycle and cited by Secretary Rumsfeld as the major contributor to victory in the first phase of Operation Iraqi Freedom. It’s also cricital to the research and development of autonomous, unmanned vehicles that amplify our warfighting capability while reducing the number of U.S. forces in harm’s way. Cutting support so significantly for this research will hamper advancements in defense-related IT in the short- and long-term and will slow technological advancements essential to current and future military operations in Iraq and around the globe.
It also runs completely counter to recent concerns of Congress, PITAC and the DOD’s Defense Science Board. All three bodies have raised strong concerns about the shift of DARPA resources away from fundamental research at universities, especially in information technology. The Cognitive Computing program is one area where DARPA has responded positively to these concerns.
Because these “out of the blue” cuts are so difficult to counter — they appear very late in the process with very little information about what motivated them and at a time when access to appropriations staff is most limited — we’ve focused our strategy opposing the cut by urging the members of the conference committee to abandon the Senate number and adopt the President’s budget request, the number approved by the House. You can help. We’ll tell you how soon….
Washington Post columnist Sebastian Mallaby has an interesting op-ed today inspired by news of Microsoft chairman Bill Gates’ tourofcollegecampuses, urging students to consider majoring in computer science. The piece does a good job of making the case that Gates makes in his talks to students — computing is a field with a history of producing really great stuff that promises to make even more really great stuff in the future.
In most fields of human endeavor, you hope for gradual improvements: an engine that’s somewhat more efficient, a medicine that improves life expectancy by a few months. But computer power progresses exponentially, warping social life, intellectual horizons and the business playing field.
And Mallaby lays out some examples:
Smart watches will download weather forecasts and news headlines over wireless connections. Smart phones will scan products in department stores to check where better prices can be found. Notebook computers will be portable libraries with the weight of just one novel — libraries that allow you to scribble in the margins and share your witty insights wirelessly with friends. Your home computer will respond to instructions both written and vocal, and it won’t be a computer so much as a network. Music, videos, games, photographs — oh, yes, and all your lofty intellectual outpourings — will be beamed around the house to a variety of screens and speakers. The tablet on the kitchen counter will display recipes and shopping lists. The plasma screen on the wall will be for family photos.
…All great examples of some of the foreseeable future in computing. And Gates deserves enormous credit for taking on this role of cheerleader for the field. With the current trends facing the discipline, and a general trend of US students shying away from careers in math and the sciences, this effort is sorely needed.
The only additional thing I’d wish for in these kind of presentations, especially for prospective students, would be to add more sense of purpose to the call. We’ve had a very interesting discussion about this piece amongst the members of CRA’s Government Affairs Committee, including this great observation about what could be said about the “calling” of a career in science generally, and computer science in particular, from Peter Lee at CMU (who gave me permission to post it here):
Choosing to devote your life to science and technology is not a “normal” or “safe” choice. It is a choice made by people who are exceptionally smart, caring, and idealistic. Science makes people smarter and less scared, and it also makes the world better. Becoming a scientist means joining a community of idealists.
There’s not much of that in the talks that Gates is giving, but that’s understandable. It’s easy to lose sight of intellectual and ideological appeal when the practical applications are so plainly visible.
Anyway, a digression from the piece, but something that occurred to me and many of the other members of the committee.
The meat of Mallaby’s piece comes in the final three paragraphs though, where he’s right on the money:
A lot of Washington debates are about managing bad stuff: war, terrorism, natural disasters, killer viruses, budget deficits, trade deficits, medical inflation, airline bankruptcies, imploding corporate pension plans. But policy also needs to focus on the good stuff: To figure out how we can accelerate progress. If we don’t fix the budget deficit, we will be setting ourselves up for economic punishment. But if we don’t position ourselves to take advantage of technology, we will be setting ourselves up to miss a huge economic prize.
What must we do to remain prize-worthy? The good news is that, in Gates’s estimation, between 17 and 19 of the world’s top 20 computer science faculties are American, and Microsoft hasn’t yet moved many software jobs offshore. But to keep things that way we need to step up federal research funding and relax post-Sept. 11 visa rules, so that the United States remains what Gates calls “an IQ magnet.” And because smart Indians, Chinese and others are more likely to return home as their countries grow freer and more prosperous, the United States must focus on growing its own talent. Last year two respected global surveys of math skills in eighth and ninth grades put the United States in 15th and 24th place, respectively. That isn’t good enough.
It would take fairly little to address these problems. Last week a panel convened by the National Academies proposed a package of measures that ranged from math prizes for high schoolers to pay raises for math teachers, along with a program to boost federal research funding by 10 percent annually for seven years. The total price tag comes to $10 billion annually, but the nation spends nearly twice that amount on absurd farm subsidies. What kind of priorities are those?
Maybe Mallaby’s seen that argument somewhere else 🙂
The bad news is that the stars are aligning in such a way as to guarantee that there will be no increase for computer science, or the sciences generally, in the foreseeable future. The Republican Leadership is being pushed hard at the moment to find funds to “pay for” the large emergency supplements paid out for hurricane relief. Odds are those funds will come through across-the-board cuts to non-defense, non-security related discretionary spending. Look for science agencies to suffer cuts similar to last year’s across-the-board 2 percent reduction (or worse).
One particular computing program is under an even bigger threat. The Senate voted to approve a $55 million cut to DARPA’s cognitive computing program as part of the FY 06 Defense Appopriations bill. The out-of-the blue cut would hit DARPA’s $114 million “Learning, Reasoning, and Integrated Cognitive Systems” account, effectively cutting the program in half. The House did not call for a cut in its version of the bill, so CRA is working to urge members of the conference committee to abandon the Senate cut and embrace the House number. We’ll have all the details in the next post. I just thought it worthy of mention that at the same time the calls keep coming for increased support of computer science and the physical sciences, and as much progress as has been made to draw the linkage between federal investment in university research and our ability to continue to innovate, a significant percentage of our policy leadership still doesn’t get it.
This by now has been covered all over the place, but I’d be remiss not to add it here, too. The National Academies convened a 20-member panel last summer at the request of Sens. Lamar Alexander (R-TN) and Jeff Bingaman (D-NM), and Reps. Sherwood Boehlert (R-NY) and Bart Gordon (D-TN) to determine the “top 10 actions, in priority order, that federal policymakers could take to enhance the science and technology enterprise so the United States can successfully compete, prosper, and be secure in the global community of the twenty-first century.” The task was fast-tracked, and an august panel was put together, chaired by former Lockheed Martin CEO Norm Augustine and including folks like Intel Chairman Craig Barrett, President of Texas A&M Robert Gates, CEO of DuPont Charles Holliday, Jr., former Director of Defense Research and Engineering at DOD (and computer scientist) Anita Jones, and MIT president emeritus Chuck Vest. The committee met once, held focus groups on the five issue areas they decided merited attention (K-12 education, higher education, research, innovation and workforce issues, and national and homeland security), then put together the report they released on Wednesday, Rising Above the Gathering Storm: Energizing and Employing America for a Brighter Economic Future.
The committee actually came up with four major recommendations, supplemented with 20 specific actions to be taken. Hard to quibble with the broad recommendations: Recommendation A: Increase America’s talent pool by vastly improving K-12 mathematics and science education.
Recruit ten thousand teachers, educate ten million minds — a program that would award competitive 4-year scholarships for students to obtain bachelor’s degrees in the physical or life sciences, engineering or mathematics with concurrent certification as K-12 math and science teachers.
Strengthen two hundred fifty thousand teachers’ skills, inspire students every day — provide summer institutes, science and mathematics master’s programs, advanced placement training, and a curriculum modeled on world-class standards for current K-12 teachers.
Enlarge the pipeline by creating opportunities and incentives for middle-school and high-school students to pursue advanced work in science and math.
Recommendation B: Sustain and strengthen the nation’s traditional commitment to the long-term basic research that has the potential to be transformational to maintain the flow of new ideas that fuel the economy, provide security, and enhance the quality of life.
Increase the federal investment in long-term basic research by 10 percent annually over the next 7 years, with special attention paid to the physical sciences, engineering, mathematics, and information sciences and to DOD basic-research funding.
Provide new research grants of $500,000 each annually, payable over 5 years, to 2000 of our most outstanding early career researchers.
Institute a National Coordination Office for Research Infrastructure to manage a centralized research-infrastructure fund of $500 million per year over the next 5 years.
Allocate at least 8 percent of the budgets of federal research agencies to high-risk, high payoff research.
Create in DOE an organziation like DARPA [hopefully in the model of “old” DARPA – ed] called ARPA-E which would be charged with R&D to meet the nation’s long-term energy challenges.
Institute a Presidential Innovation Award to stimulate scientific and engineering advances in the national interest.
Recommendation C: Make the US the most attractive setting in which to study, perform research, and commercialize technologic innovation so that we can develop, recruit, and retain the best and brightest students, scientists and engineers from within the US and throughout the world.
Provide 25,000 new 4-year undergraduate scholarships each year to US citizens attending US institutions.
Increase the number of US citizens pursuing graduate study “in areas of national need” by funding 5,000 new graduate fellowships each year.
Provide a federal tax credit to encourage employers to make continuing education available to practicing scientists and engineers.
Continue to improve visa processing for international students.
Provide a 1-year automatic visa extension to international students who receive doctorates or equivalent in STEM or other areas of national need at US institutions to remain in the US to seek employment.
Institute a new skills-based, preferential immigration option.
Reform the current system of “deemed exports”.
Recommendation D: Ensure that the US is the premier place in the world to innovate, invest in downstream activities, and create high-paying jobs that are based on innovation by modernizing the patent system, realigning tax policies to encourage innovation, and ensuring affordable broadband access.
“Enhance” intellectual-property protection for the 21st century global economy.
Enact a stronger R&D tax credit to encourage private investment in innovation.
Provide tax incentives for US-based innovation.
Ensure ubiquitous broadband Internet access.
Hard to find fault in much of that — though I’m leeriest of the IP-related “enhancements” (see the report for the details about each of the action items listed). The committee came up with a “back of the envelope” calculation of about $10 billion annually to fully implement the recommendations (the R&D tax credit recommendation is actually the costliest). While that number might seem impossibly high to achieve under the current political mindset for science funding — after all, NSF suffered a 2 percent cut in the last budget and the smart money is betting something similar for FY 06 when appropriations finally wrap up — in the grand scheme of things, $10 billion on top of an $840 billion discretionary budget is a relatively small investment for the potential benefit. If the President is looking for an initiative that would enhance his legacy, I think he’d be hard-pressed to find one with a better cost/benefit ratio.
Anyway, as I said, the report has gathered a reasonable amount of attention in the press. The New York Timeshas coverage, as does the Chronicle of Higher Education (subscription required). There are a couple of follow-up hearings planned, including one by the Senate Committee on Energy and Natural Resources on October 18th, and the House Science Committee on October 20th.
We’ll try and have all the details here. (Thanks to Sam Liles and Spaf for the pointers!)
The Department of Defense has proposed a change to its regulations that would strengthen requirements for the control of export-controlled technologies for DOD research contractors, including universities. The proposed rule would require contractors to have an export control program that includes regular audits and training, segregated workplaces for export-controlled technologies, and “unique badging requirements for foreign nationals and foreign persons.”
While we at CRA understand and support the need for export control and deemed export regulation, we’re concerned that the proposed rule as it stands would make fundamental research subject to novel restrictions that could seriously impair the ability of colleges, universities, industrial and federal research labs to conduct fundamental research, which would have significant ramifications for America’s economic competitiveness and technological leadership in the world.
This concern stems in large part from the fact that the proposed rule doesn’t reference the fundamental research exemption, as found in a Reagan-era National Security Decision Directive still in effect (NSDD 189). Though it appears that the authors of the proposed rule didn’t intend to add new burdens for universities — rather, intended the change to clarify existing regulations — the worry is that without an explicit mention of NSDD-189, DOD agencies might incorrectly interpret compliance requirements to require access controls in all instances, even when fundamental research is being performed. There’s also a concern that the new rule would prompt DOD program managers and contract officers to include overly restrictive language in DOD contracts in order to protect themselves from any potential liability or culpability. As the Association of American Universitiespoints out (pdf), this likely would exacerbate the already significant problems that universities have experienced with troublesome clauses in contracts from industry.
So, as we did when the Department of Commerce announced they were considering a similar rule change (and still haven’t decided), CRA filed comments (pdf) with DOD, along with more than 100 other respondents. USACM also filed comments regarding the proposed rule, which you can find — along with a good blog post from David Padgham highlighting some of the other comments received — over at the USACM Technology Policy Blog.
We’ll keep track on the rule-making progress as it moves forward at both Commerce and DOD in the coming weeks….
A quick pointer to two interesting not-directly-related pieces running today. First is Aliya Sternstein’s article in Federal Computer Week that fleshes out the PITAC to PCAST switch we noted back on September 30th. She quotes CRA Chair Dan Reed and ITAA president Harris Miller:
Former PITAC member Dan Reed, vice chancellor of IT and chief information officer at the University of North Carolina at Chapel Hill, applauded [PCAST co-Chair Floyd] Kvamme’s idea to examine the federal government’s commitment to IT R&D.
“IT pervades so many aspects of science, technology and education that examining it in a holistic context has great value,” he said.
“PCAST is really the pre-eminent scientific advisory group to the president,” Reed said. “In some ways, this elevates the IT issues to a higher level.”
Some industry observers displayed mixed emotions about the turn of events, saying they will hold their breath until PCAST’s new lineup materializes and follows through on its promises.
“Having PITAC become part of PCAST is better than nothing, but frankly, I don’t think it’s an adequate solution,” said Harris Miller, president of the IT Association of America, which represents high-tech companies.
Although PCAST is more prestigious and well-regarded by the administration, the members already have too much on their plates, he said, adding that they likely cannot handle PCAST’s huge program plus all the items that the PITAC docket would add.
(There’s a brief comment from me in there as well.)
The other interesting piece is by ZDNet News’ Declan McCullagh and Anne Broache. It’s titled “U.S. cybersecurity due for FEMA-like calamity?” and it covers the lack of adequate attention the Department of Homeland Security has paid to cyber threats to critical infrastructures.
Auditors had warned months before Hurricane Katrina that FEMA’s internal procedures for handling people and equipment dispatched to disasters were lacking. In an unsettling parallel, government auditors have been saying that Homeland Security has failed to live up to its cybersecurity responsibilities and may be “unprepared” for emergencies.
“When you look at the events of Katrina, you kind of have to ask yourself the question, ‘Are we ready?'” said Paul Kurtz, president of the Cyber Security Industry Alliance, a public policy and advocacy group. “Are we ready for a large-scale cyberdisruption or attack? I believe the answer is clearly no.”
The article also features a nice quote from CRA government affairs committee co-Chair Ed Lazowska that sums up the concerns about the agency’s research efforts:
But the right tools and funding have to be in place, too, said Ed Lazowska, a computer science professor at the University of Washington. He co-chaired the president’s Information Technology Advisory Committee, which published a report in February that was critical of federal cybersecurity efforts.
“DHS has an appropriately large focus on weapons of mass destruction but an inappropriately small focus on critical infrastructure protection, and particularly on cybersecurity,” Lazowska said in an e-mail interview.
The department is currently spending roughly $17 million of its $1.3 billion science-and-technology budget on cybersecurity, he said. His committee report calls for a $90 million increase in National Science Foundation funding for cybersecurity research and development.
Until then, Lazowska said, “the nation is applying Band-Aids, rather than developing the inherently more secure information technology that our nation requires.”
Former House Speaker Newt Gingrich joined yesterday’s meeting of the National Academies’Computer Science and Telecommunications Board, ostensibly to talk about health care and IT — though he probably only spent a couple of minutes total on the topic. Instead, the board and those of us in the audience got Gingrich’s take on what’s wrong with America’s innovation ecosystem and his plan for addressing it. The presentation was very interesting — Gingrich is a remarkable extemporaneous speaker, even in front of an audience that I suspect was not full of Gingrich “fans.” I jotted down some brief notes as he outlined his recommendations and I reprint them here, just because I thought it was a nicely structured approach. According to Gingrich, we need to:
1) Dramatically, radically overhaul math and science education by:
paying students in grades 7-12 a wage equivalent to what they’d make at McDonald’s if they earn “B’s” or better.
eliminating regulation that prevents those with subject expertise from teaching that subject in schools (retired scientists and engineers, for example)
2) Triple the size of NSF
The Administration’s budget priorities are wrong. Congress is wrong. Regrets that his biggest mistake as speaker was not tripling NSF when they doubled NIH
3) Establish a national library of science similar to PubMed
especially needed for adults looking to further education
4) Need to dramatically deregulate our markets (presumably telecom)
need to have the highest capital investment in new technologies of any country in the world
5) We need to have “a vision of a dynamic successful future” in order to recruit the next generation of scientists and engineers
President has the right instinct with moon/mars, but the wrong program
there’s no coherent vision now of a scientifically exciting future
While he says it’s important to have a positive vision of the future for attracting future scientists and engineers, policymakers need to be motivated by the negatives. The current budget situation is a total mess, he said, but messes can be great opportunities. Increasing federal support for fundamental R&D is a really large change and “really large change is a long-wave process.” CEOs need to say to policymakers “here is what you have to do” and then communicate the downside:
We will lose without investment in NSF – “Do you want US to be the new Europe?”
The US is in a dominating position, but that position is not permanent. “We are temporarily and briefly the most powerful country in the world.”
Unfortunately, making the case is like the challenge of convincing relatively healthy people they should eat healthy and exercise. They don’t see a pressing need, even though the change would help them live longer, healthier lives. The US can “decay elegantly forever.” The challenge is to reverse that.
I thought it was a very interesting talk.
John Markoff, tech reporter for the NY Times (we’ve covered a fewofhis stories, including this really important one, here in this space) also participated in the meeting, running through his history of the rise of the personal computer, as told in his book What the Dormouse Said. Markoff also talked a bit about his frustration with what’s happening with tech coverage in journalism and at the Times — a move to cover much more of the business side of technology with less emphasis on the exciting stories about the science — but understood the pressures facing the publishers given the absolutely grim financial situations newspapers find themselves in at the moment. We’ve seen this in the advocacy community. The one “case” for the need to support fundamental research that seems to get the most traction both in the press and among policymakers at the moment is the “innovation” case — that is, the linkage between fundamental research performed by the nation’s universities and federal labs and innovation in U.S. industries. I suppose that’s not surprising. But more often it would be nice, I think — especially if one of our goals is inspiring the next generation of scientists and engineers — to see stories covering the excitement of the path to discovery, the quest for knowledge….
Anyway, on the whole, I thought it was a very enjoyable morning at the National Academies.
Ben Worthen has a great interview with former President’s IT Advisory Committee co-Chair Ed Lazowska in CIO Magazine in which Lazowska, freed from his role as presidential advisor after the President allowed PITAC’s charterto expire, pulls no punches describing the failure of the Administration to adequately support and prioritize cyber security research and development. Here’s a snippet:
[Lazowska:] Long-range R&D has always been the role of the national government. And the trend, despite repeated denials from the White House to the Department of Defense, has decreased funding for R&D. And of the R&D that does get funded, more and more of it is on the development side as opposed to longer-range research, which is where the big payoffs are in the long term. That’s a more fundamental problem that CIOs aren’t responsible for. [Worthen:] You feel strongly that the government’s treatment of cybersecurity R&D has been particularly neglectful.
[Lazowska:] PITAC found that the government is currently failing to fulfill this responsibility. (The word failing was edited out of our report, but it was the committee’s finding.) Let me talk very quickly about three federal agencies that you might think are focusing on this but are not:
» Most egregiously, the Department of Homeland Security simply doesn’t get cybersecurity. DHS has a science and technology (S&T) budget of more than a billion dollars annually. Of this, [only] $18 million is devoted to cybersecurity. For FY06, DHS’s S&T budget is slated to go up by more than $200 million, but the allocation to cybersecurity will decrease to $17 million! It’s also worth noting that across DHS’s entire S&T budget, only about 10 percent is allocated to anything that might reasonably be called “research” rather than “deployment.”
» Defense Advanced Research Projects Agency (DARPA) is investing in cybersecurity, but has classified all of its recent new program starts in this field. It’s fine to do classified research, but we must also recognize the negative consequences, and we should (but don’t) fund nonclassified research to make up for it. One negative consequence is that classified research is very slow to impact commercial IT systems, on which the entire nation, and even much of the Department of Defense, relies. Another negative consequence is that the nation’s university-based researchers cannot participate, because universities do not perform classified research. This eliminates many of the nation’s best cybersecurity researchers. It also means that students are not trained in cybersecuritythe training of students is an important byproduct of research.
2005 Internet Privacy Survey
/In: Misc. /by Peter HarshaNC State prof and former CRA Digital Government Fellow Annie Antón sends word that The Privacy Place is conducting its 2005 survey of online privacy policies and user values. The Privacy Place is an inter-disciplinary team of researchers at North Carolina State University’s Computer Science and Business Management departments as well as the Georgia Tech College of Computing, the Purdue University Computer Science Department and the University of Lugano Communication Sciences department — all committed to disseminating information and creating tools and techniques that help IT professionals and policy makers bring privacy policies and system requirements into better alignment.
They hope to get a few thousand respondents to their survey, so Annie’s asked for some help getting the word out. I just took the survey and it only took me a few minutes (and I’m pretty dense). Here’s Annie’s request with all the details:
Governors Urge President to Support Fundamental Research
/In: Funding, FY06 Appropriations, Policy /by Peter HarshaThe governors of 27 states have sent a letter to President Bush urging him to “ensure that federal funding for university-based research remains a top national priority” in FY 2006 and beyond. In their letter, the 16 Democratic and 11 Republican governors make the case that basic research has been the fuel for innovation in their states — as well as a creator of high-wage jobs and an enabler of workforce productivity — and they credit the universities and labs performing the research with being “the training ground for our country’s next generation of highly-skilled workers.” They also cite the changing competitive environment that challenges current U.S. dominance in technology innovation:
This is an important message for the President to hear, especially as the Administration is working now to put together his FY 2007 budget in time for its February release.
Unfortunately, the U.S. basic research enterprise is going to need all the help it can get. As we’ve noted before, it appears that pressures will be high on Congress to cut mandatory and discretionary spending (including federal science agencies) to offset the spiraling costs for hurricane relief and a possible tax cut. Yesterday, House Majority Leader Roy Blunt noted that Congress will be focusing on three pieces of budget legislation before they wrap up the current session this fall: a package carving savings from mandatory programs, an across-the-board cut in discretionary spending and a new hurricane relief package. Any across-the-board cut is likely to once again fall on agencies like the National Science Foundation, which suffered a similar 2 percent cut last year.
So any effort by an influential group like the 27 governors who signed this letter (and thanks to the Science Coalition for “working” this letter), is useful in the attempt to reverse what is becoming a very damaging trend of cutbacks in federal support for fundamental research.
Here’s the full letter (pdf, 1 mb). Did your governor sign?
HASC to Review DOD Cyber Security Efforts Tomorrow
/In: Security /by Peter HarshaWith short notice, the House Armed Services Committee Panel on Asymmetric and Unconventional Threats will hold a hearing tomorrow to examine cyber security, information assurance and information exploitation issues at the Department of Defense. I say short notice because the witness list for the hearing didn’t appear until today and the hearing’s lead witness, CRA Board member and Purdue professor Eugene Spafford, didn’t receive an invitation to attend until Tuesday. Joining Spaf on the panel are David Grawrock, Principal Engineer and Security Architect at Intel, and Paul Kurtz, Executive Director of the Cyber Security Industry Alliance.
Spaf has already submitted his written testimony (pdf) and it’s excellent (especially given the time constraint). In it, he notes that DOD faces some worrisome trends in defending itself from cyber threats:
Exacerbating these trends at DOD are a number of factors:
Spaf has a number of recommendations of actions to take to reduce the threat to DOD IT systems, but I thought I’d list his primary recommendation here, especially as it echoes recommendations we’ve made many times in the past:
The hearing begins at 9 am, October 27th, and will be webcast (click on the microphone icon next to the hearing notice) and archived.
Spaf’s full testimony is here. (pdf)
Senate Approves Nearly 50 Percent Cut to DARPA IT R&D Account
/In: FY06 Appropriations /by Peter HarshaAs I noted in the last post, the Senate Appropriations Committee included language in the Senate verision of the FY 06 Defense Appropriations bill that would strip $55 million from an element of DARPA’s Cognitive Computing program — a move that seems to run counter to recent congressional sentiment on the role of computer science, especially university-led fundamental computer science, at DARPA. The “out of the blue” cut — there was no advance warning provided by appropriations staffers, no evidence that there was dissatisfaction with the program — would fall on the “Learning, Reasoning, and Integrated Cognitive Systems (pdf)” (COG-2) account. With little feedback from the Senate appropriators, we’re operating under the assumption that the main impetus for the cut was to provide an offset for increases elsewhere in the bill, though there’s been some speculation among Senate staff that the program may have suffered do to a misperception that it’s somehow similar to some of the agency’s more controversial bio-related programs.
It’s not. As we’ve tried to point out to the conferees who will have to determine whether the cut will stand in the compromise bill negotiated with the House (the House opted to fund the program at the agency’s requested level), research in learning, reasoning, and cognitive systems is focused on intelligent intrepretations of signals and data, on controlling unmanned vehicles, and on amplifying human effectiveness. Its aim is to reduce U.S. casualties by providing improved command and control and tactical planning against adversaries, as well as improved training systems. Work in this area includes research responsible for the Command Post of the Future (CPOF) — a software system currently deployed and very widely-used in Iraq to coordinate battle plans and integrate multiple intelligence reports, providing U.S. forces the capability to plan, execute and replan much faster than the enemy’s decision cycle and cited by Secretary Rumsfeld as the major contributor to victory in the first phase of Operation Iraqi Freedom. It’s also cricital to the research and development of autonomous, unmanned vehicles that amplify our warfighting capability while reducing the number of U.S. forces in harm’s way. Cutting support so significantly for this research will hamper advancements in defense-related IT in the short- and long-term and will slow technological advancements essential to current and future military operations in Iraq and around the globe.
It also runs completely counter to recent concerns of Congress, PITAC and the DOD’s Defense Science Board. All three bodies have raised strong concerns about the shift of DARPA resources away from fundamental research at universities, especially in information technology. The Cognitive Computing program is one area where DARPA has responded positively to these concerns.
Because these “out of the blue” cuts are so difficult to counter — they appear very late in the process with very little information about what motivated them and at a time when access to appropriations staff is most limited — we’ve focused our strategy opposing the cut by urging the members of the conference committee to abandon the Senate number and adopt the President’s budget request, the number approved by the House. You can help. We’ll tell you how soon….
Washington Post OpEd: Ready for High-Tech Progress?
/In: R&D in the Press /by Peter HarshaWashington Post columnist Sebastian Mallaby has an interesting op-ed today inspired by news of Microsoft chairman Bill Gates’ tour of college campuses, urging students to consider majoring in computer science. The piece does a good job of making the case that Gates makes in his talks to students — computing is a field with a history of producing really great stuff that promises to make even more really great stuff in the future.
And Mallaby lays out some examples:
…All great examples of some of the foreseeable future in computing. And Gates deserves enormous credit for taking on this role of cheerleader for the field. With the current trends facing the discipline, and a general trend of US students shying away from careers in math and the sciences, this effort is sorely needed.
The only additional thing I’d wish for in these kind of presentations, especially for prospective students, would be to add more sense of purpose to the call. We’ve had a very interesting discussion about this piece amongst the members of CRA’s Government Affairs Committee, including this great observation about what could be said about the “calling” of a career in science generally, and computer science in particular, from Peter Lee at CMU (who gave me permission to post it here):
There’s not much of that in the talks that Gates is giving, but that’s understandable. It’s easy to lose sight of intellectual and ideological appeal when the practical applications are so plainly visible.
Anyway, a digression from the piece, but something that occurred to me and many of the other members of the committee.
The meat of Mallaby’s piece comes in the final three paragraphs though, where he’s right on the money:
Maybe Mallaby’s seen that argument somewhere else 🙂
The bad news is that the stars are aligning in such a way as to guarantee that there will be no increase for computer science, or the sciences generally, in the foreseeable future. The Republican Leadership is being pushed hard at the moment to find funds to “pay for” the large emergency supplements paid out for hurricane relief. Odds are those funds will come through across-the-board cuts to non-defense, non-security related discretionary spending. Look for science agencies to suffer cuts similar to last year’s across-the-board 2 percent reduction (or worse).
One particular computing program is under an even bigger threat. The Senate voted to approve a $55 million cut to DARPA’s cognitive computing program as part of the FY 06 Defense Appopriations bill. The out-of-the blue cut would hit DARPA’s $114 million “Learning, Reasoning, and Integrated Cognitive Systems” account, effectively cutting the program in half. The House did not call for a cut in its version of the bill, so CRA is working to urge members of the conference committee to abandon the Senate cut and embrace the House number. We’ll have all the details in the next post. I just thought it worthy of mention that at the same time the calls keep coming for increased support of computer science and the physical sciences, and as much progress as has been made to draw the linkage between federal investment in university research and our ability to continue to innovate, a significant percentage of our policy leadership still doesn’t get it.
New National Academies Report Warns Congress “Decisive Action Needed Now” to Preserve US Competitive Edge
/In: Policy /by Peter HarshaThis by now has been covered all over the place, but I’d be remiss not to add it here, too. The National Academies convened a 20-member panel last summer at the request of Sens. Lamar Alexander (R-TN) and Jeff Bingaman (D-NM), and Reps. Sherwood Boehlert (R-NY) and Bart Gordon (D-TN) to determine the “top 10 actions, in priority order, that federal policymakers could take to enhance the science and technology enterprise so the United States can successfully compete, prosper, and be secure in the global community of the twenty-first century.” The task was fast-tracked, and an august panel was put together, chaired by former Lockheed Martin CEO Norm Augustine and including folks like Intel Chairman Craig Barrett, President of Texas A&M Robert Gates, CEO of DuPont Charles Holliday, Jr., former Director of Defense Research and Engineering at DOD (and computer scientist) Anita Jones, and MIT president emeritus Chuck Vest. The committee met once, held focus groups on the five issue areas they decided merited attention (K-12 education, higher education, research, innovation and workforce issues, and national and homeland security), then put together the report they released on Wednesday, Rising Above the Gathering Storm: Energizing and Employing America for a Brighter Economic Future.
The committee actually came up with four major recommendations, supplemented with 20 specific actions to be taken. Hard to quibble with the broad recommendations:
Recommendation A: Increase America’s talent pool by vastly improving K-12 mathematics and science education.
Recommendation B: Sustain and strengthen the nation’s traditional commitment to the long-term basic research that has the potential to be transformational to maintain the flow of new ideas that fuel the economy, provide security, and enhance the quality of life.
Recommendation C: Make the US the most attractive setting in which to study, perform research, and commercialize technologic innovation so that we can develop, recruit, and retain the best and brightest students, scientists and engineers from within the US and throughout the world.
Recommendation D: Ensure that the US is the premier place in the world to innovate, invest in downstream activities, and create high-paying jobs that are based on innovation by modernizing the patent system, realigning tax policies to encourage innovation, and ensuring affordable broadband access.
Hard to find fault in much of that — though I’m leeriest of the IP-related “enhancements” (see the report for the details about each of the action items listed). The committee came up with a “back of the envelope” calculation of about $10 billion annually to fully implement the recommendations (the R&D tax credit recommendation is actually the costliest). While that number might seem impossibly high to achieve under the current political mindset for science funding — after all, NSF suffered a 2 percent cut in the last budget and the smart money is betting something similar for FY 06 when appropriations finally wrap up — in the grand scheme of things, $10 billion on top of an $840 billion discretionary budget is a relatively small investment for the potential benefit. If the President is looking for an initiative that would enhance his legacy, I think he’d be hard-pressed to find one with a better cost/benefit ratio.
Anyway, as I said, the report has gathered a reasonable amount of attention in the press. The New York Times has coverage, as does the Chronicle of Higher Education (subscription required). There are a couple of follow-up hearings planned, including one by the Senate Committee on Energy and Natural Resources on October 18th, and the House Science Committee on October 20th.
We’ll try and have all the details here.
(Thanks to Sam Liles and Spaf for the pointers!)
CRA Comments on DOD Export Regulations
/In: Policy /by Peter HarshaThe Department of Defense has proposed a change to its regulations that would strengthen requirements for the control of export-controlled technologies for DOD research contractors, including universities. The proposed rule would require contractors to have an export control program that includes regular audits and training, segregated workplaces for export-controlled technologies, and “unique badging requirements for foreign nationals and foreign persons.”
While we at CRA understand and support the need for export control and deemed export regulation, we’re concerned that the proposed rule as it stands would make fundamental research subject to novel restrictions that could seriously impair the ability of colleges, universities, industrial and federal research labs to conduct fundamental research, which would have significant ramifications for America’s economic competitiveness and technological leadership in the world.
This concern stems in large part from the fact that the proposed rule doesn’t reference the fundamental research exemption, as found in a Reagan-era National Security Decision Directive still in effect (NSDD 189). Though it appears that the authors of the proposed rule didn’t intend to add new burdens for universities — rather, intended the change to clarify existing regulations — the worry is that without an explicit mention of NSDD-189, DOD agencies might incorrectly interpret compliance requirements to require access controls in all instances, even when fundamental research is being performed. There’s also a concern that the new rule would prompt DOD program managers and contract officers to include overly restrictive language in DOD contracts in order to protect themselves from any potential liability or culpability. As the Association of American Universities points out (pdf), this likely would exacerbate the already significant problems that universities have experienced with troublesome clauses in contracts from industry.
So, as we did when the Department of Commerce announced they were considering a similar rule change (and still haven’t decided), CRA filed comments (pdf) with DOD, along with more than 100 other respondents.
USACM also filed comments regarding the proposed rule, which you can find — along with a good blog post from David Padgham highlighting some of the other comments received — over at the USACM Technology Policy Blog.
We’ll keep track on the rule-making progress as it moves forward at both Commerce and DOD in the coming weeks….
Two News Pieces: PCAST and Cyber Security
/In: R&D in the Press /by Peter HarshaA quick pointer to two interesting not-directly-related pieces running today. First is Aliya Sternstein’s article in Federal Computer Week that fleshes out the PITAC to PCAST switch we noted back on September 30th. She quotes CRA Chair Dan Reed and ITAA president Harris Miller:
(There’s a brief comment from me in there as well.)
The other interesting piece is by ZDNet News’ Declan McCullagh and Anne Broache. It’s titled “U.S. cybersecurity due for FEMA-like calamity?” and it covers the lack of adequate attention the Department of Homeland Security has paid to cyber threats to critical infrastructures.
The article also features a nice quote from CRA government affairs committee co-Chair Ed Lazowska that sums up the concerns about the agency’s research efforts:
Both are worth a read!
Gingrich and Markoff at CSTB
/In: Policy /by Peter HarshaFormer House Speaker Newt Gingrich joined yesterday’s meeting of the National Academies’ Computer Science and Telecommunications Board, ostensibly to talk about health care and IT — though he probably only spent a couple of minutes total on the topic. Instead, the board and those of us in the audience got Gingrich’s take on what’s wrong with America’s innovation ecosystem and his plan for addressing it. The presentation was very interesting — Gingrich is a remarkable extemporaneous speaker, even in front of an audience that I suspect was not full of Gingrich “fans.” I jotted down some brief notes as he outlined his recommendations and I reprint them here, just because I thought it was a nicely structured approach. According to Gingrich, we need to:
I thought it was a very interesting talk.
John Markoff, tech reporter for the NY Times (we’ve covered a few of his stories, including this really important one, here in this space) also participated in the meeting, running through his history of the rise of the personal computer, as told in his book What the Dormouse Said. Markoff also talked a bit about his frustration with what’s happening with tech coverage in journalism and at the Times — a move to cover much more of the business side of technology with less emphasis on the exciting stories about the science — but understood the pressures facing the publishers given the absolutely grim financial situations newspapers find themselves in at the moment. We’ve seen this in the advocacy community. The one “case” for the need to support fundamental research that seems to get the most traction both in the press and among policymakers at the moment is the “innovation” case — that is, the linkage between fundamental research performed by the nation’s universities and federal labs and innovation in U.S. industries. I suppose that’s not surprising. But more often it would be nice, I think — especially if one of our goals is inspiring the next generation of scientists and engineers — to see stories covering the excitement of the path to discovery, the quest for knowledge….
Anyway, on the whole, I thought it was a very enjoyable morning at the National Academies.
Lazowska on Cyber Security and the Failure of the Administration
/In: Policy /by Peter HarshaBen Worthen has a great interview with former President’s IT Advisory Committee co-Chair Ed Lazowska in CIO Magazine in which Lazowska, freed from his role as presidential advisor after the President allowed PITAC’s charter to expire, pulls no punches describing the failure of the Administration to adequately support and prioritize cyber security research and development. Here’s a snippet:
There’s also a great sidebar: Blame the Internet
And the main editorial for the issue: Who Owns Security?
All worth the read.