Investigative & Security Professionals for Legislative Action

Current Legislative News

  • 17 Nov 2009 7:59 PM | Anonymous member (Administrator)
    Today, November 17, the Government Accountability Office released a report, which constitutes their Statement for the Record before the Senate Committee on the Judiciary's Subcommittee on Terrorism and Homeland Security.
     
    The information below concerns the protection of data in the public sector, the lack of which has caused numerous security data breaches resulting in proposed legislation, which if passed, would severely limit the information sources routinely utilized by our profession.
     
    The full 24-page GAO report "Cybersecurity-Continued Efforts Are Neded to Protect Information Systems from Evolving Threats" may be found at http://www.gao.gov/new.items/d10230t.pdf
     
    Some of their recommendations are:
     
    Develop a national strategy that clearly articulates strategic objectives, goals and priorities.
     
    Establish White House responsibility and accountability for leading and overseeing national cybersecurity policy.

    Establish a governance structure for strategy implementation.

    Publicize and raise awareness about the seriousness of the cybersecurity problem.

    Create an accountable, operational cybersecurity organization.

    Focus more actions on prioritizing assets, assessing vulnerabilities and reducing vulnerabilities than on developing additional plans.

    Bolster public-private partnerships through an improved value proposition and use of incentives.

    Focus greater attention on addressing the global aspects of cyberspace.

    Improve law enforcement efforts to address malicious activities in cyberspace.

    Place greater emphasis on cybersecurity research and development, including consideration of how to better coordinate government and private sector efforts.

    Increase the cadre of cybersecurity professionals.

    Make the federal government a model for cybersecurity, including using its acquisition function to enhance cybersecurity aspects of products and services.
     
    In recent months ISPLA submitted information to selected members of Congress in a formal report on federal privacy and cybersecurity legislation.  We also met with staff of the Senate Judiciary Subcommittee mentioned above regarding other topics of interest to our members and colleagues. Additional information regarding current cybersecurity issues and pending federal legislation may be found at WWW.ISPLA.ORG
     
    Bruce Hulme
    ISPLA Director of Government Affairs
    235 N. Pine Street
    Lansing, MI 48933
  • 16 Nov 2009 1:11 PM | Anonymous member (Administrator)

    Pretense: An Essential Recognized Investigative Technique

    Recently the media reported on a $1.8 million verdict in an invasion of privacy lawsuit in Cook County, Illinois.  The plaintiff, involved in litigation against her former employer, became the subject of a private investigation by a detective agency hired by her former employer, a defendant in the action.  Some of the facts are like a movie featuring the “Keystone Cops.”

    Reports from the Chicago Tribune and the ABA Journal related how a private investigator held the plaintiff’s residence under surveillance, during which time the investigator was observed discarding papers in the trash can of the subject’s neighbor.  The neighbor alerted the father of the plaintiff of what was observed and a “dumpster dive” of the trash can by the father revealed an envelope which identified Probe International.

    What followed were discovery proceedings, a jury trial and information that the plaintiff’s telephone call records of over 700 calls in 2005 had been obtained by her former employer, the defendant.  In a scenario, not unlike the Hewlett-Packard fiasco seems the private investigative firm contracted to a third-party vendor called Discover to obtain the plaintiff’s phone records by “pretexting.”  Although pretexting for telephone information may not have been illegal at the time it took place it is now!  This litigation eventually resulted in a verdict on the invasion of privacy claim of intrusion on seclusion of $65,000 in compensatory damages and $1,750,000 in punitive damages.

    Media reports such as the one above serve as examples by lawmakers to propose legislation to ban the use of pretexting by investigators.  However, professional investigators, as well as law enforcement, need to be able to utilize this tool for lawful investigations.


    Fortunately, in a resolution the International Association of Security & Investigative Regulators, an association of State and Provincial regulators in the U.S. and Canada, they state:

    “Be it resolved that IASIR recognizes the common practice of pretext as an investigative tool in lawful investigations by both public law enforcement and licensed private investigators and security practitioners.”

    In the section below, experts in corporate security defend pretexting and other forms of subterfuge.*

    "Pretexting sounds like a bad word, but it's not," said R. Mark Halligan, a Chicago attorney who chairs the American Bar Association committee on trade secrets. "It simply means that a person represents himself in such a manner that the person that is suspected of a crime makes a certain admission or makes certain statements the investigator would not otherwise have obtained.

    Halligan said he thinks that ferreting out trade-secret theft or unauthorized disclosure of proprietary information could merit some forms of deception.

    For example, a client once hired him to find out whether a former employee who was starting a rival business planned to illegally copy the firm's manufacturing techniques. Halligan hired an investigator who befriended the former employee at a trade show and worked to develop a relationship. After several weeks, the two men went on a fishing trip together, during which the former employee offered the investigator a job with his new firm and revealed that he had his former employers' trade secrets. The company used that information to sue the former employee with the investigator as the star witness.

    Investigative & Security Professionals for Legislative Action are concerned that anti-pretexting, security breach, ID theft, and social security ban legislation may cause Congress to ban all forms of pretexting, wiping out a key tool of investigators.

    "If you were to outlaw pretexting, an unintended consequence would be outlawing the use of undercover investigators to detect theft in the workplace or seek out identities of drug dealers," said Bruce Hulme, now the director of government affairs for ISPLA.

    "Undercover investigation (involves use of) pretense, subterfuge or pretext. To locate a suspect, one might use a subterfuge rather than identify oneself as an investigator," he said. "Pretexting is a recognized investigative tool used by both public and private sectors in law enforcement and public safety."   -  *San Francisco Chronicle – Sept. 12, 2006

    Although a pretext inherently involves some level of deception, courts have generally found that using a pretext to gather basic information about suspected wrongful activities does not violate the ethical rules against misrepresentation. A New Jersey court found no violation of its equivalent of Model Rule 8.4(c) when the plaintiff’s attorneys and their agents contacted the defendants’ sales representatives to purchase items bearing the name and likeness of John Lennon to show violation of a prior consent order. Apple Corps Ltd. v. Int’l Collectors Soc’y, 15 F. Supp. 2d 456 (D.N.J. 1998). In this case, the court found that although Rule 8.4(c) was not explicitly limited to material misrepresentations, it simply did not cover misrepresentations of identity or purpose while gathering evidence. The New Jersey court reasoned that courts, ethics committees and grievance committees do not condemn such behavior when engaged in by undercover agents in criminal cases or discrimination testers in civil cases. Additionally, the court found that Rule 8.4(c) should be read in conjunction with Rule 4.1, which prohibits misrepresentations of material fact, and consequently interpreted Rule 8.4(c) as targeted only at "grave misconduct."

    In another case involving comparable facts, a New York court similarly declined to exclude evidence obtained by undercover investigators because "hiring investigators to pose as consumers is an accepted investigative technique, not a misrepresentation." Gidatex, S.r.L. v. Campaniello Imp’s, Ltd. 82 F. Supp. 2d. 119 (S.D.N.Y. 1999). The court found that New York’s Rule 8.4(c) sought to protect parties from being tricked. The court found no violation of the rule because the investigators did not interview the salespeople or trick them into making statements they would not otherwise have made as part of the transaction.

    Other trademark cases confirm by implication that gathering evidence under pretext does not violate the rules against misrepresentation. See, e.g., Louis Vuitton S.A. v. Spencer Handbags Corp., 765 F.2d 966 (2d Cir. 1985); Cartier v. Symbolix, 386 F. Supp. 2d 354 (S.D.N.Y. 2005); Phillip Morris USA Inc. v. Shalabi, 352 F. Supp. 2d 1067 (C.D. Cal. 2004); Weider Sports Equip. v. Fitness First, Inc., 912 F. Supp. 502 (D. Utah 1996). The decisions in these cases do not explicitly discuss possible violations of ethics rules against misrepresentation but simply accept and rely on evidence obtained under pretext. While in most cases the investigators simply posed as customers, Vuitton involved a relatively elaborate pretext with the investigator posing as a casino owner interested in funding a counterfeiting scheme to obtain evidence against distributors of counterfeit bags.

    The principal lesson from this body of case law is that while some jurisdictions may be more flexible in their application of the governing ethical rules, an attorney should rarely direct the investigator to go beyond posing as a customer or other person with whom the target normally interacts. Discussions between the investigator and the target should be limited to matters that would normally be addressed in the transaction under investigation.

    From the Anti-Counterfeiting & Enforcement section of the International Trademark Association: BE IT RESOLVED, that the International Trademark Association:

    1.    Endorses ethical and legal pretexting as an essential tool in investigating and combating trademark infringement and counterfeiting;

    2.    Urges governments not to prohibit private uses of pretext investigations in respect of potential trademark infringement and counterfeiting; and

    3.    Where such private pretext investigations are prohibited, urges governments to make an exception for pretext investigations for trademark infringement and counterfeiting.

    BACKGROUND

    In trademark infringement and counterfeiting cases, pretext investigations are commonly used and evidence gathered through such investigations generally has been accepted.  When such investigations involve lawyers, they are generally regulated by state rules governing lawyers’ conduct.

    Pretext investigations in trademark cases occur generally when trademark owners and lawyers hire investigators to pose as consumers, purchasers, or counterfeiters to ascertain how the alleged infringer or counterfeiter presents himself to the consuming public or to ascertain the source of infringing or counterfeiting goods.  These investigative techniques are a reliable and efficient way to collect information on use or non-use of a trademark, gather information about trademark counterfeiting or infringement, ascertain information about an alleged infringer or counterfeiter, or learn information about a suspect’s representations to the public.  

    Pretext investigations may occur at any time including before or after litigation has started.  They may be crucial to establishing infringement or counterfeiting.  They may be used to gather evidence not otherwise discoverable, because the alleged infringer or counterfeiter would not cooperate.

    In the course of such investigations, investigators may explicitly or implicitly misrepresent who they are, may misstate the purpose of their visit, questions or interviews, and may secretly tape record, photograph or videotape others during the visits (to the extent such secret recording is permitted by law).

    Examples of such pretext investigations are:

    •·         A brand owner suspects that its products are infringed upon or counterfeited and therefore hires private investigators to visit some stores or showrooms, speak to salespeople, determine who the owner of the store is and ascertain the scope of the infringing or counterfeit activity;

    •·         Before or after commencing an action against an infringer or counterfeiter, a brand owner hires private investigators to take pictures of a store window displaying infringing or counterfeit goods, to buy infringing or counterfeit goods and to speak with sales representatives in order to assess how they present the products to consumers;

    •·         Before or after commencing an action against an Internet infringer or counterfeiter, a brand owner hires private investigators to contact the online seller, exchange communication with the seller and purchase infringing or counterfeit goods to ultimately identify the seller and ascertain his or her domicile; or

    •·         After commencing an action against an infringer or counterfeiter, discovery is difficult and a brand owner has difficulties getting the requested documentation.  The brand owner, therefore, hires an investigator to visit defendant’s stores, speak to defendant’s salespeople and record conversations with defendant’s low-level employees in order to gather evidence as to defendant’s representations to consumers regarding the infringing or counterfeit goods.

    Use of pretexts extends well beyond the investigation of trademark infringement and counterfeiting cases:

    •·         A ban on such use would make all in-plant and internal survey style undercover investigations illegal, for posing as either an employee or as one other than an investigator would be a pretext.

    •·         All “sting” operations would be illegal and the use of pretense in attempting to track down the location of thieves and their illegally gotten gains taken from the clients of investigators would be a crime.

    •·         Retail loss interrogations would be restricted as many recognized interrogation techniques involve subterfuge or some limited pretext when questioning a suspect.

    •·         Retail testing operations or the use of “Mystery Shoppers” would be illegal, as operatives would be posing as customers.

    •·         Investigators conducting surveillance, who are approached by a neighbor inquiring as to the reason for their presence, would be unable to use a simple pretext to explain their presence in order not to alert the subject of their surveillance.

    •·         Simply using a pretense to determine whether or not a subject is at home or place of employment would be illegal.  Such practice is common in holding visual electronic surveillance of subjects in workers compensation claims and personal injury litigation.

    Note: ISPLA member Roger H. Schmedlen of Loss Prevention Concepts, Ltd and Bruce Hulme, Director of Government Affairs for ISPLA contributed to this article.

    For further information about Investigative & Security Professionals for Legislative Action go to: www.ISPLA.org

    ISPLA relies on contributions from our colleagues in the investigative and security professions in order to continue our lobbying efforts in Washington.  Checks may be sent to ISPLA at 235 N. Pine Street, Lansing, MI 48933

  • 13 Oct 2009 10:33 AM | Anonymous member (Administrator)

    ISPLA’s Chairman Peter Psarouthakis and Bruce Hulme, Director of Government Affairs, were joined by ISPLA Executive Committee members, Nicole Bocra, Al Cavasin, Jim Carino and Jim Olsen at a conference recently held with Federal Trade Commission representatives of the Division of Privacy and Identification Protection. 

     

    The FTC was presented with industry position statements concerning several bills pending in Congress, which. if passed, will severely curtail our profession’s access to database information which we routinely rely upon during the course of our handling investigations.  Also provided to the FTC was a 2007 “white” paper previously submitted by ISPLA Legislative Director Bruce Hulme. That paper had been prepared in connection with the President’s Identity Theft Task Force recommendations in 2008.

     

    ISPLA was also asked to consider participating in December at an upcoming FTC roundtable discussion to explore the privacy challenges posed by the vast array of 21st century technology and business practices that collect and use consumer data.  Such practices include social networking, cloud computing, online behavioral advertising, mobile marketing, and the collection and use of information by retailers, data brokers, third-party applications, and other diverse businesses.  We were advised that the goal of this forum is to determine how best to protect consumer privacy while supporting beneficial uses of the information and technological innovation.

     

    The roundtable discussions will consider the risks and benefits of information collection and use in online and offline contexts, consumer expectations surrounding various information management practices, and the adequacy of existing legal and self-regulatory regimes to address privacy interests.  Roundtable participants will include stakeholders representing a wide range of views and experiences, such as academics, privacy experts, consumer advocates, industry participants and associations, technology experts, legislators, international representatives, and others. 

     

    The FTC was advised of our concerns with HR 3126, the Consumer Financial Protection Agency Act, which would establish a new agency to regulate the manner in which the financial services industry deals with consumers.  They were aware that it contained a provision that would transfer jurisdiction from the Federal Trade Commission to the proposed new Consumer Financial Protection Agency.  ISPLA, working with other professional associations, has expressed hope that non-financial businesses won’t fall under CFPA jurisdiction.  ISPLA had previously held a meeting with Representative Barney Frank, the bill’s sponsor, and conveyed our preference that issues affecting private investigators who may be compiling consumer investigative reports remain under the jurisdiction of the FTC.  It is our hope that any new draft of Congressman Frank’s bill will allow for our concerns.

  • 07 Oct 2009 11:53 AM | Anonymous member (Administrator)

    During September, ISPLA representatives met in Washington, DC with Congressional sponsors, or their staff, regarding each of the following House bills, except for the Employee Free Choice Act.  That legislation will be resolved in the Senate.

     

    Privacy advocates are aggressively pushing their agenda with continued efforts to close investigative and security professionals’ sources of information and access to records of personal identifying information.  Security breach, stalking, pretexting, anti-spoofing, identity theft, and Social Security number ban legislation are the vehicles for such attempts. When such legislation is proposed on what appear to be valid grounds, there are unintended consequences often not foreseen by the sponsors.

     

    Restricting Access to Social Security numbers, limiting use of credit reports and security breach issues:

     

    Should legislation limit private investigators’ access to Social Security numbers, which are a key identifier used to locate people, there would be serious due process issues. Such bills always provide an exception for law enforcement. However, if the government only has access to such information an inequity will exist if such access is denied to defense counsel and its investigators.

     

    There is a legitimate critical need for continued access to such information. It is used to identify and locate witnesses, missing children, heirs, deadbeat parents, and criminals. It is also a necessary tool in combating and investigating ID theft, as well as other types of fraud. It is a means of locating individuals who have hidden their ill-gotten gains taken from our clients.

     

    HR 3306, the “Social Security Number Privacy and Identity Theft Prevention Act of 2009” – Rep. John S. Tanner [D-TN-8]

     

    In amending the Social Security Act to enhance SSN account privacy protections and fraudulent misuse of the Social Security account number, HR 3306 prohibition of the sale, purchase, and display to the general public of the Social Security account number in the private sector is a worthwhile act.  However, there is no exception for the necessary valid use of such a number by investigators and security professionals needing such information during the course of conducting lawful investigations.  

     

    Suggested Exceptions:

     

    "… to the extent necessary to identify or locate missing or abducted children, witnesses to an ongoing or potential civil or criminal law suit, criminals, criminal suspects, parties to lawsuits, parents delinquent in child support payments, organ and bone marrow donors, pension fund beneficiaries, missing heirs, and for similar legal, medical, or family related purposes, if the person selling, providing, displaying, or obtaining the social security account number does not do so for marketing purposes."

    Additional exceptions might include fraud prevention and other legitimate uses in conducting lawful investigations by state licensed investigators.

     

    The Drivers Protection Act of 1994 contains is a provision for allowing an exception for investigations that reads in part "...in anticipation of litigation.” It also specifically mentions state licensed private investigators and security firms. 

     

    HR 122, the “Protecting the Privacy of Social Security Numbers Act” – Rep. Rodney P. Frelinghuysen [R-NJ-11]

     

    In amending title 18, United States Code, and the Social Security Act to limit the misuse of Social Security numbers, and establishing criminal penalties for such misuse, it is important to investigative and security professionals that the “business to business” exception remain in this proposed legislation.

     

    HR 3149, the “Equal Employment Act for All” – Rep. Steve Cohen [D-TN-9]

     

    In amending the Fair Credit Reporting Act to prohibit the use of consumer credit checks against prospective and current employees regarding adverse action, pre-employment background screening and workplace and other investigations will be hindered.


    HR 1529, the “Second Chance for Ex-Offenders Act of 2009” – Rep. Charles Rangel [D-NY-15]

     

    Creates mechanism in expunging non-violent federal criminal records thus impacting the usefulness of background and pre-employment investigations, as well as the investigation of serious “white collar crime”, generally non-violent.

     

    HR 3126, the “Consumer Financial Protection Agency Act of 2009”   - Rep. Barney Frank [D-MA-4]

     

    Precludes the Federal Trade Commission of rulemaking authority which will become the jurisdiction of a new Consumer Financial Protection Agency. The FTC has a long history of knowing the needs of the investigative and security professions and its methods of and need for information gathering subject to the FCRA, GBLA, and other laws.

     

    H.R. 414, the "Camera Phone Predator Act"- Rep. Peter King [R-NY-3]

     

    Require any mobile phone containing a digital camera to sound a tone whenever a photograph is taken with the camera's phone.  In a far fetched stretch, disabling or silencing the tone would purportedly violate a consumer product safety standard and require enforcement by the Consumer Product Safety Commission.  Legislative intent is thought by some as a measure to the recent trend of taking "up-skirting" photos with camera phones which would be thwarted by cell phones having to make a clicking sound when taking pictures. Bills such as this need a “criminal intent” exception for lawfully conducted investigations and surveillance.

     

    HR 1409, the “Employee Free Choice Act of 2009” – Rep. George Miller [D-CA-7]

     

    Eliminates the secret ballot allowing unions to utilize “card check” method in organizing a company and mandates that if contract is not signed within a prescribed time limit binding arbitration takes effect with regard to setting wages and work rules. Mandatory arbitration we feel will more likely favor Labor’s position. This legislation, if enacted, directly adversely affects security companies and their clients. We believe this legislation, which is also being pressured by the SEIU will be followed by attempts to gut 9(b)3 which prohibits a unionized company from having its security guards members of the same company union.

     

    PLEASE SUPPORT OUR LOBBYING AND POLITICAL ACTION ACTIVITES IN WASHINGTON!  PLEASE JOIN ISPLA TODAY! Sign up and Go to: WWW.ISPLA.ORG     Annual dues are just $99.00.

  • 02 Oct 2009 10:30 AM | Anonymous member (Administrator)
    On September 30, 2009 the Michigan Council of Private Investigators (MCPI) presented its 2009  Investigative Excellence and Professionalism awards to the three deserving individuals list below. Please join us in congratulating them for jobs very well done. 
     
    The 2009 MCPI Professionalism Award went to long-time legislative advocate for the Investigative and Security Professions, Bruce Hulme of New York. The Professionalism Award is presented to an individual "who has made the most significant contribution(s) to the investigations industry as a whole." Mr. Hulme was recognized for the contributions he has made and continues to make on behalf of the Investigative and Security professions over the past 30 plus years. Mr. Hulme is a past president, current board member, and former legislative committee chairman of the National Council of Investigation and Security Services (NCISS), past president and current legislative chair of the Associated Licensed Detectives of New York State (ALDONYS), board member and legislative chair for INTELLENET and, currently, the legislative director for Investigative and Security Professionals for Legislative Action (ISPLA).
     
    The 2009 MCPI Investigative Excellence Award went to two investigative reporters, Jim Schaefer and M.L. Elrick, from the Detroit Free Press. The Investigative Excellence Award is presented to a person(s), "who has exemplified all of the best qualities in an investigator: tenacity, honor, integrity, and resourcefulness." Mr. Schaefer and Mr. Elrick are recognized for their investigation into the activities of former Detroit Mayor Kwame Kilpatrick. In 2008, Jim Schaefer and M.L. Elrick won seven national awards, including the Pulitzer Prize, for exposing Mayor Kilpatrick's text message scandal. These two individuals ran an amazing investigation that resulted in exposing not only the former Mayor's lies, but also the extreme corruption in his administration. Because of their investigations and reporting, Mayor Kilpatrick  was convicted of perjury and resigned from public office.
     
    Michigan Council of Private Investigators
    Board of Directors
  • 29 Sep 2009 3:52 PM | Anonymous member (Administrator)

     

    ISPLA, through its nonpartisan ISPLA-PAC, has provided another “first” for Investigative and Security Professionals.

     

    ISPLA and officers of its newly formed ISPLA-PAC, which was officially organized on July 2, spent most of last week in Washington, DC.  ISPLA also walked the halls of Congress meeting with members or their staff regarding every House bill of concern to this profession.  

     

    On Wednesday, September 23, ISPLA Chairman Peter Psarouthakis and Bruce Hulme, Director of Government Affairs, presented ISPLA-PAC checks to Representatives Pete Sessions, Republican from Texas and Barney Frank, Democrat from Massachusetts.  While both of these public servants are arguably at complete ends of the political spectrum, they have been long-time supporters of the investigative and security professions.  ISPLA believes that these two donations to their re-election campaign committees are especially timely.

     

    Republican Congressman Sessions’s legislative contribution to our profession has been well known to ISPLA.  Our leadership and our Texas members of ISPLA worked with him over the years to help fashion legislation to amend onerous provisions of the Fair Credit Reporting Act, which hindered workplace investigations by private investigators.  ISPLA will be working with Representative Sessions, while gathering other sponsors for proposed legislation and taking a proactive position executing our legislative agenda.

     

    Democratic Congressman Barney Frank is chairman of the powerful House Financial Services Committee.  He has sponsored HR 3126, the Consumer Financial Protection Agency Act, which would establish a new agency to regulate the manner in which the financial services industry deals with consumers.  Our profession has concerns with a provision that would transfer jurisdiction from the Federal Trade Commission to the proposed new Consumer Financial Protection Agency.  ISPLA, working with other professional associations, has expressed hope that non-financial businesses won’t fall under CFPA jurisdiction.  We have conveyed our preference that issues affecting private investigators who may be compiling consumer investigative reports remain under the jurisdiction of the FTC.  It is our hope that any new draft of Representative Frank’s bill will allow for our concerns.

     

    Congressman Frank has been a friend to our profession dating back to the time leading up to passage of the Drivers Privacy Protection Act of 1994.  He was one of the first to recognize that unless our profession retained access to DMV records and given an exception, the initial bill would have created a safe haven for thieves and their ill-gotten gains stolen from our clients. 

     

    These ISPLA-PAC donations are but a small expression of our thanks to these two members of Congress who understand the needs of investigative and security professionals.

  • 19 Sep 2009 8:15 PM | Anonymous member (Administrator)

    Proposed New Federal Privacy Act & Cybersecurity Legislation

    As Congress begins this fall’s session, five cybersecurity initiatives will likely be addressed. These cybersecurity priorities which Congress and the executive branch will be considering are:

    1. Privacy

    Congress is expected to begin writing a new law to update the 35-year-old federal Privacy Act that was enacted decades before anyone had ever envisioned the modern Internet, as well as much of today's information technology. The groundwork for this prospective legislation occurred this past spring.

    First, the federal Information Security and Privacy Advisory Board issued a report entitled Toward a 21st Century Framework for Federal Government Privacy Policy, which calls for the creation of a federal chief privacy officer, as well as chief privacy officers in major federal agencies and a federal Chief Privacy Officers' Council. The panel also recommended steps to change federal laws and regulations to allow the government to more efficiently use specific technologies, such as cookies, while maintaining citizens' privacy.

    Second, the Center for Democracy and Technology has created a draft bill based wherein cybersecurity professionals and others have proposed language for a new privacy law.

    We understand that CDT Vice President Ari Schwartz believes Congress will be drafting a bill this fall, but passage won't likely come until next year at the earliest. ISPLA members met with Schwartz several months ago and discussed with him briefly some of his thoughts on this proposed legislation.

    Meanwhile, the Office of Management and Budget is seeking to change a federal rule that bans the use of persistent cookies - small pieces of browser software that tracks and authenticates web viewing activities by users - which federal CIO Vivek Kundra says would enhance citizen participation in government. However, privacy experts have expressed concern that changing the 9-year-old ban on cookies poses privacy risks, a contention Kundra says would not occur. A final action is expected soon.

    2. White House Cybersecurity Adviser

    Two matters must be addressed. First, whether Congress should establish by law a White House cybersecurity office that would manage federal-wide cybersecurity and second, the naming of a presidential White House cybersecurity coordinator that doesn't require Congressional action.

    When Sen. Tom Carper, D.-Del., introduced S. 921, the U.S. Information and Communications Act it contained a provision to establish a National Office of Cyberspace in the White House, with its director confirmed by the Senate. Over the summer, however, S. 921 was revised, and that provision was eliminated. The White House hasn't shown much enthusiasm for a Senate-confirmed cybersecurity director, and Carper earlier this year said he wanted to craft legislation that gains widespread support from both Congressional chambers, as well as the Obama administration. Still, many lawmakers and cybersecurity policymakers in and out of government like the idea of a so-called cybersecurity czar, and just because U.S. ICE was revised once, doesn't mean it can't happen again.

    Meanwhile, several months ago President Obama promised to name a cybersecurity coordinator, which would not require Senate confirmation and would not be as a high-level adviser as some had hoped. Although the coordinator would have some direct access to the president, he or she would report to the national security adviser and national economic adviser. One reason the post remains vacant is the reluctance of potential coordinator candidates to report to two different bosses in the White House, each of whom could have differing agendas. That the cybersecurity coordinator doesn't have more direct access to the president is another reason the job remains vacant. Where the coordinator is found on the White House organizational chart does matter to some potential candidates. 

    3. FISMA Reform

    Cybersecurity policymakers, by and large agree that the Federal Information Security Management Act, the law that governs federal IT security, is outdated and needs to be revised. The main thrust behind U.S. ICE - before the Senate Homeland Security and Governmental Affairs Committee - is aimed to do just that.

    One significant departure from the past would be the way the government measures Information Technology security. Under FISMA, agencies must show how they comply with the processes determined to secure IT systems. U.S. ICE would rely less on compliance, but more on developing ways to establish in real time whether systems and networks are truly secure, including vulnerability tests in which teams of so-called "red team" hackers assault government IT assets.

    Among the most controversial provisions in the revised U.S. ICE bill is the shifting of much of the leadership on developing federal cybersecurity policy, at least for civilian agencies, to the Department of Homeland Security from the White House, including the responsibility of reviewing the IT security budgets of civilian agencies. Supporters of such a shift contend Homeland Security is the proper place, since it's the civilian department with the most cybersecurity expertise. Opponents contend that giving Homeland Security authority over other federal departments and agencies is inappropriate, and could cause friction within the executive branch.

    Another bill, S. 773, the Cybersecurity Act of 2009 would revise the way the federal government governs IT security. Sponsored by Senators Jay Rockefeller, D.-W.Va., and Olympia Snowe, R.-Maine, the bill's most controversial provision - giving the president authority to limit or halt Internet traffic to and from federal IT systems and the mostly privately owned nation's critical IT infrastructure - has reportedly been softened since it’s introduced this past spring.

    Still, S. 773 - assigned to the Senate Commerce, Science and Transportation Committee, a panel chaired by Rockefeller - contains provisions not included in U.S. ICE, such as a requirement that IT security professionals working on government systems be licensed. Though laudable, some lawmakers and policymakers say there are not a sufficient number of certified cybersecurity professionals to fill all of the jobs.

    Present thinking is that an amalgamated bill will surface that would include provisions from both measures, with other provisions falling by the wayside. 

    4. Naming a NIST Director

    The National Institute of Standards and Technology (NIST) does a lot more than provide IT security governance for the federal government. But a plan to reorganize NIST's IT Laboratory, where much of that guidance originates, can not move forward until a NIST director is named.

    NIST's top IT official contends that the reorganization, which would place the institute's chief cybersecurity adviser in the ITL office, would encourage more multidisciplinary collaboration with other NIST units in developing cybersecurity programs and guidance.

    But the organization requires the blessing of the NIST director, a presidentially nominated post that has been vacant for over two years. The White House says the administration is actively seeking a NIST director, but when asked didn't explain why one has yet to be named or when the nomination would occur.


    5. Cloud Computing

    Kundra advocates the federal government employing cloud computing - where applications and data are run and stored on servers with access over the Internet - to drive efficiencies. He implemented the computing practice while head of the District of Columbia IT office.

    Among the potential cloud computing benefits identified by a team of NIST computer scientists: dedicated security teams, greater infrastructure security, reduction in certification and accreditation activities, simplifying compliance analysis, low-cost disaster recovery and rapid reconstitution of services.

    The information security challenges they identified included conflicts with existing data dispersal and international privacy laws, data ownership, service guarantees, securing virtual machines, massive outages and encryption needs.

    Legislation before Congress would establish processes to develop and employ cloud computing securely. The NIST computer scientists are expected to issue shortly a special publication on cloud computing, though widespread adoption of cloud computing by federal agencies is thought to be years off.

    Bruce Hulme, Director of Government Affairs

  • 14 Sep 2009 11:24 PM | Anonymous member (Administrator)

    For Immediate Release

    Contact: 

    Judith Ingram

    September 14, 2009

    Julia Queen

      Christian Hilland

    2010 CONGRESSIONAL CANDIDATES RAISE OVER $250 MILLION IN FIRST HALF OF 2009;
    SENATE CANDIDATES RAISE RECORD AMOUNT FOR PERIOD

    WASHINGTON – Candidates for the U.S. Senate and House of Representatives in 2010 reported raising a total of $250.3 million from January 1 through June 30, 2009, according to disclosure reports filed with the Federal Election Commission (FEC).Candidates seeking election to 36 U.S. Senate seats reported raising $93.2 million during the first six months of 2009.Democratic Senate candidates raised $54.1 million, while Republicans raised $39.1 million.Candidates for the House of Representatives reported raising $157.1 million in the first six months of this year, with Democrats raising $97.5 million and Republicans raising $59.6 million.

    U.S. Senate

    The $93.2 million that 70 individual Senate campaign committees raised in 2009 was the highest total ever reported for the first six months in a non-election year, surpassing the previous high of $84.8 million raised in the first half of 2007. In 2003, the last time this same group of Senate seats was up for election, 63 candidates raised $75.6 million during the first six months of the cycle. However, there are two additional open seats this election cycle due to the vacancies created by the Senate resignations of Vice President Joe Biden and Secretary of State Hillary Clinton.

    From January 1 through June 30, 2009, contributions from individuals accounted for $65 million, or 70% of the total Senate candidates raised. Political action committee (PAC) contributions to Senate candidates totaled $20.1 million, representing 22% of the campaigns’ receipts.

    Senate candidates ended the first six months of 2009 with $150.8 million cash-on-hand and debts of $2.9 million, some from previous elections.

    U.S. House of Representatives

    Campaign finance reports filed by House candidates for the period January 1 through June 30, 2009, show 416 House incumbents with combined receipts of $132 million, a $7.6 million 5.4%) decrease from the same period in 2007. Individual contributions accounted for $63.6 million of House incumbents’ total receipts while contributions from PACs amounted to $64.2 million, in the first half of 2009.From January 1 through June 30 of this year, 250 incumbent Democrats raised $85.9 million, while 166 incumbent Republicans raised $46.1 million. Democratic members reported a combined $147 million cash-on-hand total at the end of the reporting period, and Republicans reported $78.2 million.

    The median receipts for Democratic House incumbents were $273,576, up from $268,072 in the first six months of 2007.For Republican members, the median receipts this year were $226,824, down from $242,012 in 2007.An equal number of candidates had receipts above and below these median values.

    Receipts for the 38 Democratic House freshmen totaled $18.6 million, while the 25 Republican freshmen reported receipts of $8.5 million. Democratic freshmen had median receipts of $509,573, while the median for Republican freshmen was $371,052.

    Non-incumbents raised a total of $25.1 million for House races during the first six months of 2009, with 94 Democrats raising $11.6 million and 146 Republicans raising $13.5 million. In the same period in 2007, 135 Democrats raised $16.3 million and 94 Republicans raised $8.3 million.

    The following tables include fundraising totals for the top 50 Senate and House members in the following categories: total receipts, contributions from individuals, PAC contributions, disbursements, and cash-on-hand. Comparative charts and graphs are also included, along with summary statistical information for each Senate candidate. Information on financial activity for these Senate candidates in 2005-2006, 2007-2008 and 2009-2010 is also provided.

    Senate Campaign Financial Summary [EXCEL] [PDF]

    Senate Candidate Top 50 Receipts [EXCEL] [PDF]

    Senate Candidate Top 50 Contributions from Individuals [EXCEL] [PDF]

    Senate Candidate Top 50 Contributions from Other Committees (PACs) [EXCEL] [PDF]

    Senate Candidate Top 50 Disbursements [EXCEL] [PDF]

    Senate Candidate Top 50 Cash on Hand [EXCEL] [PDF]

    House Incumbent Summary [EXCEL] [PDF]

    House Freshmen Summary [EXCEL] [PDF]

    House Nonincumbent Summary [EXCEL] [PDF]

    House Incumbent Top 50 Receipts [EXCEL] [PDF]

    House Incumbent Top 50 Contributions from Individuals [EXCEL] [PDF]

    House Incumbent Top 50 Contributions from Other Committees (PACs) [EXCEL] [PDF]

    House Incumbent Top 50 Disbursements [EXCEL] [PDF]

    House Incumbent Top 50 Cash on Hand [EXCEL] [PDF]

    House Nonincumbent Top 50 Receipts [EXCEL] [PDF]

    The Federal Election Commission (FEC) is an independent regulatory agency that administers and enforces federal campaign finance laws. The FEC has jurisdiction over the financing of campaigns for the U.S. House of Representatives, the U.S. Senate, the Presidency and the Vice Presidency. Established in 1975, the FEC is composed of six Commissioners who are nominated by the President and confirmed by the U.S. Senate.

    # # #

  • 04 Sep 2009 5:30 PM | Anonymous member (Administrator)

    ABA Fights Bankruptcy Code Provision – Files Amicus Brief

    Case before U.S. Supreme Court

    By Rachel Feintzeig

    The country’s most prominent legal organization is taking a stand against the Bankruptcy Code.

    The 400,000-member American Bar Association Tuesday filed an amicus brief with the Supreme Court challenging the constitutionality of a change made to the Bankruptcy Code as part of its 2005 overhaul. The provision in question bars attorneys from encouraging clients who are considering filing for bankruptcy protection to take on more debt.

    Minnesota law firm Milavetz, Gallop & Milavetz P.C. believes the rule violates its attorneys’ right to free speech. In 2007, Milavetz, alongside two prospective clients and two of its lawyers, launched a lawsuit against the U.S. that has found its way all the way up to the nation’s highest court.

    Before the nine justices, including new Supreme Court Justice Sonia Sotomayor, take up the case as part of their upcoming fall term, the ABA decided to weigh in with some words of caution.

    “The ABA requests that, in determining whether the BAPCPA [Bankruptcy Abuse Protection Consumer Protection Act] withstands constitutional scrutiny, the Court consider the substantial negative, and unnecessary, impact of the BAPCPA on state regulation of the legal profession and on the important protections embodied in the attorney-client privilege,” the ABA said in the amicus brief.

    The association warned that classifying attorneys as “debt relief agencies” – the group subject to increased regulation under the Bankruptcy Code, would undermine long-standing rules protecting attorney-client privilege and leaving regulation of the legal profession to individual states.

    “The BAPCPA is an express attempt to regulate attorneys in ways that are in direct conflict with existing state laws and ethical rules, and with the attorney’s role of advisor and advocate,” the ABA said.

  • 04 Sep 2009 3:03 PM | Anonymous member (Administrator)

    TJX settles ID theft lawsuit for $525G

    Data security breaches have been a prime reason for the large number of legislative bills introduced in state and federal legislatures the past five years. ISPLA has been closely monitoring them.

    The TJX Cos. Inc. reached a settlement with several financial institutions tied to a massive theft of customer data.

    Framingham-based TJX, which operates discount retail chains T.J. Maxx, Marshalls and HomeGoods, said it paid $525,000 under the deal - primarily reimbursing the banks for some of their legal expenses.

    The four remaining banks that sought to join as plaintiffs in a class-action suit - AmeriFirst Bank, HarborOne Credit Union, SELCO Community Credit Union and Trustco bank - agreed to drop all their claims against TJX.

    TJX denied wrongdoing and said the payment was covered in a reserve taken earlier.

    The data breach involved at least 45 million card numbers of customers at TJX’s stores, one of the largest breaches on record.

    Albert Gonzalez, a computer hacker accused of masterminding an identity theft ring that hit TJX and other retailers, plead guilty recently.

                                                         ISPLA

Powered by Wild Apricot. Try our all-in-one platform for easy membership management