U.S. Customs and Border Protection: Trade Facilitation, Enforcement, and Security

[Excerpt] This report describes and analyzes import policy and CBP’s role in the U.S. import process. (The report does not cover CBP’s role in the U.S. export control system.) The first section of the report describes the three overarching goals of U.S. import policy and the tension among them. Second, the report provides a legislative history of customs laws, followed by an overview of the U.S. import process as it operates today. Third, the import process and CBP’s role in it are discussed. The final section highlights several policy issues that Congress may consider in its oversight role or as part of customs or trade legislation, including measures seeking to provide additional trade facilitation benefits to importers and others enrolled in “trusted trader” programs, to improve enforcement of intellectual property and trade remedy laws, to strengthen cargo scanning practices, and/or to promote modernization of customs data systems, among other issues. A list of trade-related acronyms used in the report is provided in Appendix A

CamFlow: Managed Data-sharing for Cloud Services

A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure

Monitoring Payments for Watershed Services Schemes in Developing Countries

Payments for watershed services (PWS) are schemes that use funds from water users (including governments) as an incentive for landholders to improve their land management practices. They are increasingly seen as a viable policy alternative to watershed management issues, and a means of addressing chronic problems such as declining water flows, deteriorating water quality and flooding. In some places, local governments, donor agencies and NGOs are actively trying to upscale and replicate PWS schemes across the area. While their apparent success and progress in launching new initiatives is encouraging, there is still much to be learned from formative experiences in this field, especially with regard to monitoring and evaluation.In this paper we discuss the monitoring and evaluation criteria behind compliance or transactional monitoring, which ensures that contracts are followed, and effectiveness conditionality, which looks at how schemes manage to achieve their environmental objectives regardless of the degree of compliance. Although the two are usually linked, a high degree of compliance does not necessarily ensure that a scheme is effective. This is because a poorly designed scheme may target the wrong land managers and land that is at least risk, meaning that payments do not generate the desired hydro-ecological or conservation benefits. As the levering capacity to demand payments for better watershed management increases, so does the need to understand the dynamics of such activities and demonstrate their impacts. While the growing interest in such schemes shows that participants believe in the principle of land management, evidence of their impact is needed to determine which initiatives genuinely add value and are worth pursuing

Tax reforms - taxes without tax laws

This paper suggests a new tax system without tax laws, tax collection departments and tax enforcement agencies.This new tax system will be without present system’s all Direct and Indirect taxes accompanied by tax laws, tax exemptions, multiple tax collection departments for States and Centre, compulsory accounting, auditing and tax returns to relieve 7 billion people of the world from the cobweb of ambiguous and complex tax structures, plethora of tax laws, mandatory and cumbersome accounting, auditing, tax returns and consequent quagmire of all tax related cases. Taxation, tax collection, tax enforcement, tax compliance, allocation of revenues to various ministries or departments, distribution of subsidies, implementation of welfare schemes and money supply into the economy are unified and integrated in the banking system. There will be no tax collection expenditure for the Governments and no tax compliance costs for the people either. Citizens need not maintain separate account books and submit tax returns annually for paying either Direct taxes on personal incomes or Indirect taxes while running business or industry. Yet, this new tax system envisages 20 to 30 % more revenues from single tax called "TOP Tax” - than presently accruing revenues from multiple taxes collected by different tax collection departments/agencie

Distributed Enforcement of Service Choreographies

Modern service-oriented systems are often built by reusing, and composing together, existing services distributed over the Internet. Service choreography is a possible form of service composition whose goal is to specify the interactions among participant services from a global perspective. In this paper, we formalize a method for the distributed and automated enforcement of service choreographies, and prove its correctness with respect to the realization of the specified choreography. The formalized method is implemented as part of a model-based tool chain released to support the development of choreography-based systems within the EU CHOReOS project. We illustrate our method at work on a distributed social proximity network scenario.Comment: In Proceedings FOCLASA 2014, arXiv:1502.0315

Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPA

Increased concern about data privacy has prompted new and updated data protection regulations worldwide. However, there has been no rigorous way to test whether the practices mandated by these regulations actually align with the privacy norms of affected populations. Here, we demonstrate that surveys based on the theory of contextual integrity provide a quantifiable and scalable method for measuring the conformity of specific regulatory provisions to privacy norms. We apply this method to the U.S. Children's Online Privacy Protection Act (COPPA), surveying 195 parents and providing the first data that COPPA's mandates generally align with parents' privacy expectations for Internet-connected "smart" children's toys. Nevertheless, variations in the acceptability of data collection across specific smart toys, information types, parent ages, and other conditions emphasize the importance of detailed contextual factors to privacy norms, which may not be adequately captured by COPPA.Comment: 18 pages, 1 table, 4 figures, 2 appendice

Comparison Tables of State Nutrient Trading Programs in the Chesapeake Bay Watershed

Examines opportunities for wastewater treatment plants to trade credits or offsets with other plants or farms releasing lower volumes of nutrients across states. Compares design elements of programs in Maryland, Pennsylvania, Virginia, and West Virginia

Privacy self-regulation and the changing role of the state: from public law to social and technical mechanisms of governance

This paper provides a structured overview of different self-governance mechanisms for privacy and data protection in the corporate world, with a special focus on Internet privacy. It also looks at the role of the state, and how it has related to privacy self-governance over time. While early data protection started out as law-based regulation by nation-states, transnational self-governance mechanisms have become more important due to the rise of global telecommunications and the Internet. Reach, scope, precision and enforcement of these industry codes of conduct vary a lot. The more binding they are, the more limited is their reach, though they - like the state-based instruments for privacy protection - are becoming more harmonised and global in reach nowadays. These social codes of conduct are developed by the private sector with limited participation of official data protection commissioners, public interest groups, or international organisations. Software tools - technical codes - for online privacy protection can give back some control over their data to individual users and customers, but only have limited reach and applications. The privacy-enhancing design of network infrastructures and database architectures is still mainly developed autonomously by the computer and software industry. Here, we can recently find a stronger, but new role of the state. Instead of regulating data processors directly, governments and oversight agencies now focus more on the intermediaries - standards developers, large software companies, or industry associations. And instead of prescribing and penalising, they now rely more on incentive-structures like certifications or public funding for social and technical self-governance instruments of privacy protection. The use of technology as an instrument and object of regulation is thereby becoming more popular, but the success of this approach still depends on the social codes and the underlying norms which technology is supposed to embed. --

Lex Informatica: The Formulation of Information Policy Rules through Technology

Historically, law and government regulation have established default rules for information policy, including constitutional rules on freedom of expression and statutory rights of ownership of information. This Article will show that for network environments and the Information Society, however, law and government regulation are not the only source of rule-making. Technological capabilities and system design choices impose rules on participants. The creation and implementation of information policy are embedded in network designs and standards as well as in system configurations. Even user preferences and technical choices create overarching, local default rules. This Article argues, in essence, that the set of rules for information flows imposed by technology and communication networks form a “Lex Informatica” that policymakers must understand, consciously recognize, and encourage