2,469 research outputs found
Managing the Regulatory State: The Experience of the Bush Administration
This Article traces the history of Presidential management of the regulatory state up to the administration of President George W. Bush. It focuses on the latter\u27s implementation of smarter regulation, an approach to regulation based on unfunded mandates on the private sector implemented through the Office of Management and Budget, an organization within the Executive Office of the President. It finds cost-benefit analysis an essential, yet often neglected, tool for implementing efficient and effective regulations. It concludes the policies promoted under President Bush\u27s OMB have effectively cut costs by streamlining the rule-making process and discouraging adopting new federal rules, but cautions there is still a sea of overlapping regulations and conflict over turf among agencies causing the administrative state to steadily rise in cost
On the Feasibility of Fine-Grained TLS Security Configurations in Web Browsers Based on the Requested Domain Name
Most modern web browsers today sacrifice optimal TLS security for backward
compatibility. They apply coarse-grained TLS configurations that support (by
default) legacy versions of the protocol that have known design weaknesses, and
weak ciphersuites that provide fewer security guarantees (e.g. non Forward
Secrecy), and silently fall back to them if the server selects to. This
introduces various risks including downgrade attacks such as the POODLE attack
[15] that exploits the browsers silent fallback mechanism to downgrade the
protocol version in order to exploit the legacy version flaws. To achieve a
better balance between security and backward compatibility, we propose a
mechanism for fine-grained TLS configurations in web browsers based on the
sensitivity of the domain name in the HTTPS request using a whitelisting
technique. That is, the browser enforces optimal TLS configurations for
connections going to sensitive domains while enforcing default configurations
for the rest of the connections. We demonstrate the feasibility of our proposal
by implementing a proof-of-concept as a Firefox browser extension. We envision
this mechanism as a built-in security feature in web browsers, e.g. a button
similar to the \quotes{Bookmark} button in Firefox browsers and as a
standardised HTTP header, to augment browsers security
Reining in the Data Traders: a Tort for the Misuse of Personal Information
In 2005, three spectacular data security breaches focused public attention on the vast databases of personal information held by data traders such as ChoicePoint and LexisNexis, and the vulnerability of that data. The personal information of hundreds of thousands of people had either been hacked or sold to identity thieves, yet the data traders refused to reveal to those people the specifics of the information sold or stolen. While Congress and many state legislatures swiftly introduced bills to force data traders to be more accountable to their data subjects, fewer states actually enacted laws, and none of the federal bills were taken to a vote before the election in 2006. In large part, individuals remain powerless to discover the information a data trader holds about them, to discover what information was sold or stolen, to prevent data traders from using their personal information in unauthorized ways, or to hold data traders accountable for lax security.
The Article argues that a new common law tort should be used to force reform and accountability on data traders, and to provide remedies for individuals who have suffered harm to their core privacy interests of choice and control-choice about who may receive their information, control over the information revealed, and how the recipient of that information may use it. The Article examines the current legislative and common law regimes, concluding that there are no effective remedies for individuals who have suffered harm from data misuse. Given the ineffective legislative response to the security breaches of 2005, the Article argues that the existing scheme of common law privacy torts should be expanded to create a new tort for information misuse. The new tort borrows from existing privacy torts-in particular, the tort of appropriation-and existing privacy statutes, importing the Fair Information Practices from the Privacy Act of 1974 as a standard of care
Recommended from our members
China and the United StatesâA Comparison of Green Energy Programs and Policies
[Excerpt] China is the worldâs most populous country with over 1.3 billion people. It has experienced tremendous economic growth over the last three decades with an annual average increase in gross domestic product of 9.8% during that period. This has led to an increasing demand for energy, spurring China to add an average of 53 gigawatts (gw) of electric capacity each year over the lastten years to its power generation capabilities.
China has set ambitious targets for developing its renewable energy resources with a major push of laws, policies, and incentives in the last few years. The wind power sector is illustrative of Chinaâs accomplishments, as installed wind power capacity has gone from 0.567 gw in 2003 to 12.2 gw in 2008, and China surpassed the United States in 2010 with over 41 gw of installed wind power capacity. Notably, however, approximately one-third of that capacity is not yet connected to the power grid. Plans already exist to grow Chinaâs wind power capacity to 100 gw by 2020. A similar goal exists for the solar photovoltaic power sector which China intends to increase generating capacity from 0.14 gw as of 2009 to over 1.8 gw by 2020. A hold on large and medium-scale hydropower project development has been lifted, with a virtual doubling of hydropower capacity planned. Most recently, China pledged ahead of the Copenhagen talks in 2009 that 15% of total energy consumption will come from non-fossil fuel sources by the year 2020. The 12th Five Year Plan will encompass 2011 to 2015, and will further formalize the link to green energy with specific deployment goals and investment. China recognizes that developing its domestic renewable energy industry and building its manufacturing capacity will help it meet energy demands at home and win advantages in future export markets.
The key piece of legislation in recent years for advancing renewable electricity in China is the Renewable Energy Law of 2005. The law was designed to âpromote the development and utilization of renewable energy, improve the energy structure, diversify energy supplies, safeguard energy security, protect the environment, and realize the sustainable development of the economy and society.â Renewable energy is subsidized by a fee charged to all electricity users in China of about 0.029 cents per kilowatt-hour, and was originally based on the incremental cost difference between coal and renewable energy power generation.
However, energy efficiency and conservation are officially Chinaâs top energy priority. These are considered the âlow-hanging fruitâ in the quest to reduce energy use and cut demand. Energy conservation investment projects have priority over energy development projects under the Energy Conservation Law of 1997, with government-financed projects being selected on âtechnological, economic and environmental comparisons and validations of the projects.â China is the worldâs largest market for new construction, and new building standards have been in development since 2005 with national energy design criteria for residential buildings. In the power generation sector, many smaller, less efficient coal-fired power plants have been closed.
In contrast to China, some argue that the United States does not have a comprehensive national policy in place for promotion of renewable energy technologies, with some observers saying that the higher costs of renewable electricity are not conducive to market adoption. However, for both countries, the reasons for increasing the use of renewable energy are diverse, and include energy security, energy independence, cleaner air, and more recently anthropogenic climate change, sustainability concepts, and economic development. Creating new, higher quality jobs could reasonably be said to be primary drivers of policy goals in both the United States and China
Information Systems Audit for University Governance in Bucharest Academy of Economic Studies
Todayâs successful audit leaders never lose sight of the importance of continually assessing and improving the organizationsâ university governance structure. Focusing on small and large mission, and using practical exercises and individual activities, the auditors will help gain the skills necessary to review and improve university governance structure, while developing techniques to assess risk management activities. Attendees will leave with an understanding of legal and regulatory guidelines as they pertain to university governance and discuss in-depth issues such as business ethics, transparency and disclosure, IT governance and university risks management. Identification, evaluation and management of university risks, is an important element of the university governance system. Today, the Bucharest Academy of Economic Studies is in a complex process to realize a university governance integrate information system. In context of this paperwork there are presented the main aspects for developing and implementing in actual phase information systems audit, to recognize the risks and establish the necessary measures to eliminate them.University Governance, IT Governance, IS Audit, Risks Management, Performance
Exploring Russian Cyberspace: Digitally-Mediated Collective Action and the Networked Public Sphere
This paper summarizes the major findings of a three-year research project to investigate the Internet's impact on Russian politics, media and society. We employed multiple methods to study online activity: the mapping and study of the structure, communities and content of the blogosphere; an analogous mapping and study of Twitter; content analysis of different media sources using automated and human-based evaluation approaches; and a survey of bloggers; augmented by infrastructure mapping, interviews and background research. We find the emergence of a vibrant and diverse networked public sphere that constitutes an independent alternative to the more tightly controlled offline media and political space, as well as the growing use of digital platforms in social mobilization and civic action. Despite various indirect efforts to shape cyberspace into an environment that is friendlier towards the government, we find that the Russian Internet remains generally open and free, although the current degree of Internet freedom is in no way a prediction of the future of this contested space
- âŠ