Managing the Regulatory State: The Experience of the Bush Administration

This Article traces the history of Presidential management of the regulatory state up to the administration of President George W. Bush. It focuses on the latter\u27s implementation of smarter regulation, an approach to regulation based on unfunded mandates on the private sector implemented through the Office of Management and Budget, an organization within the Executive Office of the President. It finds cost-benefit analysis an essential, yet often neglected, tool for implementing efficient and effective regulations. It concludes the policies promoted under President Bush\u27s OMB have effectively cut costs by streamlining the rule-making process and discouraging adopting new federal rules, but cautions there is still a sea of overlapping regulations and conflict over turf among agencies causing the administrative state to steadily rise in cost

On the Feasibility of Fine-Grained TLS Security Configurations in Web Browsers Based on the Requested Domain Name

Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply coarse-grained TLS configurations that support (by default) legacy versions of the protocol that have known design weaknesses, and weak ciphersuites that provide fewer security guarantees (e.g. non Forward Secrecy), and silently fall back to them if the server selects to. This introduces various risks including downgrade attacks such as the POODLE attack [15] that exploits the browsers silent fallback mechanism to downgrade the protocol version in order to exploit the legacy version flaws. To achieve a better balance between security and backward compatibility, we propose a mechanism for fine-grained TLS configurations in web browsers based on the sensitivity of the domain name in the HTTPS request using a whitelisting technique. That is, the browser enforces optimal TLS configurations for connections going to sensitive domains while enforcing default configurations for the rest of the connections. We demonstrate the feasibility of our proposal by implementing a proof-of-concept as a Firefox browser extension. We envision this mechanism as a built-in security feature in web browsers, e.g. a button similar to the \quotes{Bookmark} button in Firefox browsers and as a standardised HTTP header, to augment browsers security

Reining in the Data Traders: a Tort for the Misuse of Personal Information

In 2005, three spectacular data security breaches focused public attention on the vast databases of personal information held by data traders such as ChoicePoint and LexisNexis, and the vulnerability of that data. The personal information of hundreds of thousands of people had either been hacked or sold to identity thieves, yet the data traders refused to reveal to those people the specifics of the information sold or stolen. While Congress and many state legislatures swiftly introduced bills to force data traders to be more accountable to their data subjects, fewer states actually enacted laws, and none of the federal bills were taken to a vote before the election in 2006. In large part, individuals remain powerless to discover the information a data trader holds about them, to discover what information was sold or stolen, to prevent data traders from using their personal information in unauthorized ways, or to hold data traders accountable for lax security. The Article argues that a new common law tort should be used to force reform and accountability on data traders, and to provide remedies for individuals who have suffered harm to their core privacy interests of choice and control-choice about who may receive their information, control over the information revealed, and how the recipient of that information may use it. The Article examines the current legislative and common law regimes, concluding that there are no effective remedies for individuals who have suffered harm from data misuse. Given the ineffective legislative response to the security breaches of 2005, the Article argues that the existing scheme of common law privacy torts should be expanded to create a new tort for information misuse. The new tort borrows from existing privacy torts-in particular, the tort of appropriation-and existing privacy statutes, importing the Fair Information Practices from the Privacy Act of 1974 as a standard of care

China and the United States—A Comparison of Green Energy Programs and Policies

[Excerpt] China is the world’s most populous country with over 1.3 billion people. It has experienced tremendous economic growth over the last three decades with an annual average increase in gross domestic product of 9.8% during that period. This has led to an increasing demand for energy, spurring China to add an average of 53 gigawatts (gw) of electric capacity each year over the lastten years to its power generation capabilities. China has set ambitious targets for developing its renewable energy resources with a major push of laws, policies, and incentives in the last few years. The wind power sector is illustrative of China’s accomplishments, as installed wind power capacity has gone from 0.567 gw in 2003 to 12.2 gw in 2008, and China surpassed the United States in 2010 with over 41 gw of installed wind power capacity. Notably, however, approximately one-third of that capacity is not yet connected to the power grid. Plans already exist to grow China’s wind power capacity to 100 gw by 2020. A similar goal exists for the solar photovoltaic power sector which China intends to increase generating capacity from 0.14 gw as of 2009 to over 1.8 gw by 2020. A hold on large and medium-scale hydropower project development has been lifted, with a virtual doubling of hydropower capacity planned. Most recently, China pledged ahead of the Copenhagen talks in 2009 that 15% of total energy consumption will come from non-fossil fuel sources by the year 2020. The 12th Five Year Plan will encompass 2011 to 2015, and will further formalize the link to green energy with specific deployment goals and investment. China recognizes that developing its domestic renewable energy industry and building its manufacturing capacity will help it meet energy demands at home and win advantages in future export markets. The key piece of legislation in recent years for advancing renewable electricity in China is the Renewable Energy Law of 2005. The law was designed to “promote the development and utilization of renewable energy, improve the energy structure, diversify energy supplies, safeguard energy security, protect the environment, and realize the sustainable development of the economy and society.” Renewable energy is subsidized by a fee charged to all electricity users in China of about 0.029 cents per kilowatt-hour, and was originally based on the incremental cost difference between coal and renewable energy power generation. However, energy efficiency and conservation are officially China’s top energy priority. These are considered the “low-hanging fruit” in the quest to reduce energy use and cut demand. Energy conservation investment projects have priority over energy development projects under the Energy Conservation Law of 1997, with government-financed projects being selected on “technological, economic and environmental comparisons and validations of the projects.” China is the world’s largest market for new construction, and new building standards have been in development since 2005 with national energy design criteria for residential buildings. In the power generation sector, many smaller, less efficient coal-fired power plants have been closed. In contrast to China, some argue that the United States does not have a comprehensive national policy in place for promotion of renewable energy technologies, with some observers saying that the higher costs of renewable electricity are not conducive to market adoption. However, for both countries, the reasons for increasing the use of renewable energy are diverse, and include energy security, energy independence, cleaner air, and more recently anthropogenic climate change, sustainability concepts, and economic development. Creating new, higher quality jobs could reasonably be said to be primary drivers of policy goals in both the United States and China

Information Systems Audit for University Governance in Bucharest Academy of Economic Studies

Today’s successful audit leaders never lose sight of the importance of continually assessing and improving the organizations’ university governance structure. Focusing on small and large mission, and using practical exercises and individual activities, the auditors will help gain the skills necessary to review and improve university governance structure, while developing techniques to assess risk management activities. Attendees will leave with an understanding of legal and regulatory guidelines as they pertain to university governance and discuss in-depth issues such as business ethics, transparency and disclosure, IT governance and university risks management. Identification, evaluation and management of university risks, is an important element of the university governance system. Today, the Bucharest Academy of Economic Studies is in a complex process to realize a university governance integrate information system. In context of this paperwork there are presented the main aspects for developing and implementing in actual phase information systems audit, to recognize the risks and establish the necessary measures to eliminate them.University Governance, IT Governance, IS Audit, Risks Management, Performance

Exploring Russian Cyberspace: Digitally-Mediated Collective Action and the Networked Public Sphere

This paper summarizes the major findings of a three-year research project to investigate the Internet's impact on Russian politics, media and society. We employed multiple methods to study online activity: the mapping and study of the structure, communities and content of the blogosphere; an analogous mapping and study of Twitter; content analysis of different media sources using automated and human-based evaluation approaches; and a survey of bloggers; augmented by infrastructure mapping, interviews and background research. We find the emergence of a vibrant and diverse networked public sphere that constitutes an independent alternative to the more tightly controlled offline media and political space, as well as the growing use of digital platforms in social mobilization and civic action. Despite various indirect efforts to shape cyberspace into an environment that is friendlier towards the government, we find that the Russian Internet remains generally open and free, although the current degree of Internet freedom is in no way a prediction of the future of this contested space