Sovereignthink

Upholding Individual, State then National Sovereignty against the Enforcement of Global Governence and Tyranny

Posts Tagged ‘Free Speech

Google CEO very, very proud of overthrowing government

with 11 comments


Google’s CEO Eric Schmidt supports Overthrow of government and total transparency? Yes, I think so…but who can trust a RAND, CIA and NSA Created Corporation’s CEO? A Google Run Rebellion and Uprising? Not the Google rebellion Murdoch had in mind?

 

Google’s cyberactivist Wael Ghonim, an executive at the company emerged as a leading voice of the Egyptian revolution and spearheaded the uprising.

Mr Ghonim is head of marketing for Google Middle East and Google North Africa.

How did he help facilitate and become one of the leaders of the Egyptian Re-publicing? For the last half year he created brush fires in the hearts of Egyptians Everywhere with the page ‘We are all Khaled Said’. Named in honor of a 28-year-old Egyptian protester who was tortured by Egyptian police.

The ‘We are all Khaled Said’ Facebook page, Twitter Account, Google technology and excellent search tools that Ghonim used, helped spark the uprising that toppled President Hosni Mubarak’s regime.

And Just like Khaled Said, in a DHS Police Styled Secret Arrest, Ghonim was illegally captured by the Egyptian Government’s Military Police.

“We are All Wael Ghonim.” Became the Battle Cry of the People, the “I am Spartacus” of Egyptians in Google’s Revolution Factory, Alliance of Youth Movements and the Color Revolution 2.0

As the revolution seemed to be losing steam, seemingly against all odds, Mubarak fled, had a stroke and 30-year-old Ghonim was released from police custody after 12 days.

Credited with re-energising the movement, Ghonim’s release has placed him and Google as the warriors of the people and victory.

“We are very, very proud of what Wael Ghonim was able to do in Egypt, they were able to use a set of technologies that included Facebook, Twitter and number of others to really express the voice of the people. And that is a good example of transparency. And we wish them very much the best. I have talked to him. We are very, very proud of what he has done.” said Google’s CEO and Leader Mr Schmidt in Barcelona.

Would the reaction of Mr Schmidt be the same if any of the United States Execs; Nikesh Arora, Shona L. Brown, David C. Drummond, Alan Eustace, Patrick Pichette or Jonathan Rosenberg, created the website ;

‘We are All Kenneth Michael Trentadue’, ‘Bernard von NotHaus‘ or ‘Richard Fine‘  

What if this same executive at Google US Sparked a revolution in America, Demanded a new government here, and called for transparency into the Federal Reserve and Federal Agencies as a good example of a Free and Just People?

I for one do not want a Google Executive run and controlled Revolution in America.

However, Silence No One and Speak the Truth.

An Informed Public Will Resist Tyranny
We are the Resistance.
Resistance is Victory.

Don’t Be Evil? 10 Ways In Which Google Runs The World

 

 

-sovereignthink

American Internet Kill Switch 2.0 or Switched Killer Internet – Target Kill Switch Mislabels Over 80,000 Innocent Americans

Google Gates Jobs gate; The RanD Giants Conspiracy

Video Exposing Google Chief Schmidt Censored by You Tube

Private Spy Corporation works for Pentagon to Avoid Constitution Stumbling Block of Liberty and Freedom

with 7 comments


Private Corporation, Project Vigilant, Spying on Citizens for Federal Secret Police

Private Spy for Pentagon to Avoid Constitution Stumbling Block – Elite Fear Exposure and Awakening

Project Vigilant is a Private organization that tracks 250 million IP addresses a day, and there are only around 300 million people in the USA. If you remove most of the Governments Employees and those that don’t have internet access every private citizen could be tracked.

Project Vigilant is a private corporation and is not held to the limits of the CIA and Government Secret Police, such as, judicial search warrants, probable cause, due process, expected privacy, etc.

Project Vigilant has been developing portfolios on Internet users since 1996 and handing the “Internet villains” information to U.S. Secret Police agencies as part of a massive intelligence gathering program.

As the latest incarnation of the Total Information Awareness spy program was revealed at yesterday’s Defcon security conference, in an effort to add more recruits to its 600 member strong cyber spy force Project Vigilant went public.

Project Vigilant’s manifold methods for gathering intelligence includes collecting information from a dozen regional U.S. Internet service providers, because the companies included a provision allowing them to share users’ Internet activities with third parties in their end user license agreements (EULAs), Vigilant was able to legally able to gather data from the Internet carriers, can develop portfolios on any name, screen name or IP address and use it to craft reports for federal agencies.
Project Vigilant director Chet Uber also founded InfraGard, the ominous FBI-affiliated public-private partnership that is a key component of the unfolding implementation of martial law in the United States. InfraGard made its intentions to act as a political police force clear in March 2009 when the group announced that questions surrounding Barack Obama’s presidential eligibility were “potentially harmful to civil order and national security”.

Uber’s organization poses as a volunteer orientated crime-fighting private outfit, and yet it is nothing more than a tentacle of the military-industrial complex’s sprawling unconstitutional internal spy apparatus.

Project Vigilant is an offshoot of the Pentagon’s Defense Advanced Research Project Agency’s Total Information Awareness, a program designed to catalogue, “Every purchase you make with a credit card, every magazine subscription you buy and medical prescription you fill, every Web site you visit and e-mail you send or receive, every academic grade you receive, every bank deposit you make, every trip you book and every event you attend,” as the New York Times’ William Safire wrote in November 2002.

TIA, symbolized by its logo of an all-seeing eye atop a pyramid shining upon the globe, was supposedly nixed by Congress shortly after it became public, but the program merely went underground and continued as a part of the Pentagon’s “black budget” and in conjunction with a 1000s of private contractors in the same mould as Project Vigilant.

As Capitol Hill Blue reported back in 2004, “Despite Congressional action cutting funding, and the resignation of the program’s controversial director, retired admiral John Poindexter, DARPA’s TIA program is alive and well and prying into the personal business of Americans 24 hours a day, seven days a week.”

DARPA has hired private contractors to perform the exact same duties set out in Total Information Awareness, and Project Vigilant is undoubtedly one of them. By hiring private companies to do the dirty work of spying on the American people, Congressional audits can be avoided and legal barriers can be sidestepped.

Project Vigilant is clearly nothing less than a government controlled attack dog fulfilling its role to implement the cybersecurity agenda, which as we have exhaustively documented has nothing to do with security and everything to do with political oppression, Chinese style Internet censorship, and the total evisceration of free speech on the world wide web and police action against dissent or exposure.

For Example, the target of one such investigation did not fall into the category of cyber criminals – “terrorists, drug cartels, mobsters” – that the group claims to be fighting.

Project Vigilant “encouraged one of its “officers”, researcher Adrian Lamo, to inform the federal government about the alleged source of a controversial video of civilian deaths in Iraq leaked to whistle-blower site Wikileaks in April,” reports Forbes.

Project Vigilant director Chet Uber used Lamo’s friendship with Bradley Manning, the former U.S. Army intelligence analyst who allegedly released the classified video, to out Manning, who now faces criminal charges. Uber told Lamo that it was his “patriotic duty” to inform on the man who was instrumental in bringing to light the war atrocities witnessed in the infamous “Collateral Murder” video, which shows U.S. troops slaughtering over a dozen innocent people and injuring others, including two children, Sajad Salah and his little sister Duaa Salah.

This ‘Belligerent’ Whistleblower, Whistleblowing only came to light because of the widespread alternative media coverage. Who knows how many ‘enemy belligerents’, ‘unprivileged enemy’, ‘political dissidents’ and those that expose government crimes or Sovereign Individual Violations?

sovereignthink

Cyber ‘Security’ Bills

Senate Bill 773 and 778 ‘‘Cybersecurity Act of 2009’’`Cybersecurity Enhancement Act of 2010′ TXThttps://sovereignthink.wordpress.com/acts-of-tyranny/the-smart-grid-and-privacy/

Full Text; HR 4061 EH “Orwellian Control of Non-Monopolized Media”

Full Text; HR 4061 EH “Orwellian Control of Non-Monopolized Media”

with 4 comments


111th CONGRESS
2d Session
H. R. 4061

AN ACT
To advance cybersecurity research, development, and technical standards, and for other purposes.
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the `Cybersecurity Enhancement Act of 2010′.
TITLE I–RESEARCH AND DEVELOPMENT
SEC. 101. DEFINITIONS.
In this title:
(1) NATIONAL COORDINATION OFFICE- The term National Coordination Office means the National Coordination Office for the Networking and Information Technology Research and Development program.
(2) PROGRAM- The term Program means the Networking and Information Technology Research and Development program which has been established under section 101 of the High-Performance Computing Act of 1991 (15 U.S.C. 5511).
SEC. 102. FINDINGS.
Section 2 of the Cyber Security Research and Development Act (15 U.S.C. 7401) is amended–
(1) by amending paragraph (1) to read as follows:
`(1) Advancements in information and communications technology have resulted in a globally interconnected network of government, commercial, scientific, and education infrastructures, including critical infrastructures for electric power, natural gas and petroleum production and distribution, telecommunications, transportation, water supply, banking and finance, and emergency and government services.’;
(2) in paragraph (2), by striking `Exponential increases in interconnectivity have facilitated enhanced communications, economic growth,’ and inserting `These advancements have significantly contributed to the growth of the United States economy’;
(3) by amending paragraph (3) to read as follows:
`(3) The Cyberspace Policy Review published by the President in May, 2009, concluded that our information technology and communications infrastructure is vulnerable and has `suffered intrusions that have allowed criminals to steal hundreds of millions of dollars and nation-states and other entities to steal intellectual property and sensitive military information’.’;
(4) by redesignating paragraphs (4) through (6) as paragraphs (5) through (7), respectively;
(5) by inserting after paragraph (3) the following new paragraph:
`(4) In a series of hearings held before Congress in 2009, experts testified that the Federal cybersecurity research and development portfolio was too focused on short-term, incremental research and that it lacked the prioritization and coordination necessary to address the long-term challenge of ensuring a secure and reliable information technology and communications infrastructure.’; and
(6) by amending paragraph (7), as so redesignated by paragraph (4) of this section, to read as follows:
`(7) While African-Americans, Hispanics, and Native Americans constitute 33 percent of the college-age population, members of these minorities comprise less than 20 percent of bachelor degree recipients in the field of computer sciences.’.
SEC. 103. CYBERSECURITY STRATEGIC RESEARCH AND DEVELOPMENT PLAN.
(a) In General- Not later than 12 months after the date of enactment of this Act, the agencies identified in subsection 101(a)(3)(B)(i) through (x) of the High-Performance Computing Act of 1991 (15 U.S.C. 5511(a)(3)(B)(i) through (x)) or designated under section 101(a)(3)(B)(xi) of such Act, working through the National Science and Technology Council and with the assistance of the National Coordination Office, shall transmit to Congress a strategic plan based on an assessment of cybersecurity risk to guide the overall direction of Federal cybersecurity and information assurance research and development for information technology and networking systems. Once every 3 years after the initial strategic plan is transmitted to Congress under this section, such agencies shall prepare and transmit to Congress an update of such plan.
(b) Contents of Plan- The strategic plan required under subsection (a) shall–
(1) specify and prioritize near-term, mid-term and long-term research objectives, including objectives associated with the research areas identified in section 4(a)(1) of the Cyber Security Research and Development Act (15 U.S.C. 7403(a)(1)) and how the near-term objectives complement research and development areas in which the private sector is actively engaged;
(2) describe how the Program will focus on innovative, transformational technologies with the potential to enhance the security, reliability, resilience, and trustworthiness of the digital infrastructure, including technologies to secure sensitive information shared among Federal agencies;
(3) describe how the Program will foster the transfer of research and development results into new cybersecurity technologies and applications for the benefit of society and the national interest, including through the dissemination of best practices and other outreach activities;
(4) describe how the Program will establish and maintain a national research infrastructure for creating, testing, and evaluating the next generation of secure networking and information technology systems;
(5) describe how the Program will facilitate access by academic researchers to the infrastructure described in paragraph (4), as well as to relevant data, including event data representing realistic threats and vulnerabilities;
(6) describe how the Program will engage females and individuals identified in section 33 or 34 of the Science and Engineering Equal Opportunities Act (42 U.S.C. 1885a or 1885b) to foster a more diverse workforce in this area;
(7) outline how the United States can work strategically with our international partners on cybersecurity research and development issues where appropriate; and
(8) describe how the Program will strengthen all levels of cybersecurity education and training programs to ensure an adequate, well-trained workforce.
(c) Development of Roadmap- The agencies described in subsection (a) shall develop and annually update an implementation roadmap for the strategic plan required in this section. Such roadmap shall–
(1) specify the role of each Federal agency in carrying out or sponsoring research and development to meet the research objectives of the strategic plan, including a description of how progress toward the research objectives will be evaluated;
(2) specify the funding allocated to each major research objective of the strategic plan and the source of funding by agency for the current fiscal year; and
(3) estimate the funding required for each major research objective of the strategic plan for the following 3 fiscal years.
(d) Recommendations- In developing and updating the strategic plan under subsection (a), the agencies involved shall solicit recommendations and advice from–
(1) the advisory committee established under section 101(b)(1) of the High-Performance Computing Act of 1991 (15 U.S.C. 5511(b)(1)); and
(2) a wide range of stakeholders, including industry, academia, including representatives of minority serving institutions and community colleges, National Laboratories, and other relevant organizations and institutions.
(e) Appending to Report- The implementation roadmap required under subsection (c), and its annual updates, shall be appended to the report required under section 101(a)(2)(D) of the High-Performance Computing Act of 1991 (15 U.S.C. 5511(a)(2)(D)).
SEC. 104. SOCIAL AND BEHAVIORAL RESEARCH IN CYBERSECURITY.
Section 4(a)(1) of the Cyber Security Research and Development Act (15 U.S.C. 7403(a)(1)) is amended–
(1) by inserting `and usability’ after `to the structure’;
(2) in subparagraph (H), by striking `and’ after the semicolon;
(3) in subparagraph (I), by striking the period at the end and inserting `; and’; and
(4) by adding at the end the following new subparagraph:
`(J) social and behavioral factors, including human-computer interactions, usability, user motivations, and organizational cultures.’.
SEC. 105. NATIONAL SCIENCE FOUNDATION CYBERSECURITY RESEARCH AND DEVELOPMENT PROGRAMS.
(a) Computer and Network Security Research Areas- Section 4(a)(1) of the Cyber Security Research and Development Act (15 U.S.C. 7403(a)(1)) is amended–
(1) in subparagraph (A) by inserting `identity management,’ after `cryptography,’; and
(2) by amending subparagraph (I) to read as follows:
`(I) enhancement of the ability of law enforcement to detect, investigate, and prosecute cyber-crimes, including crimes that involve piracy of intellectual property, crimes against children, and organized crime.’.
(b) Computer and Network Security Research Grants- Section 4(a)(3) of such Act (15 U.S.C. 7403(a)(3)) is amended by striking subparagraphs (A) through (E) and inserting the following new subparagraphs:
`(A) $68,700,000 for fiscal year 2010;
`(B) $73,500,000 for fiscal year 2011;
`(C) $78,600,000 for fiscal year 2012;
`(D) $84,200,000 for fiscal year 2013; and
`(E) $90,000,000 for fiscal year 2014.’.
(c) Computer and Network Security Research Centers- Section 4(b) of such Act (15 U.S.C. 7403(b)) is amended–
(1) in paragraph (4)–
(A) in subparagraph (C), by striking `and’ after the semicolon;
(B) in subparagraph (D), by striking the period and inserting `; and’; and
(C) by adding at the end the following new subparagraph:
`(E) how the center will partner with government laboratories, for-profit entities, other institutions of higher education, or nonprofit research institutions.’; and
(2) by amending paragraph (7) to read as follows:
`(7) AUTHORIZATION OF APPROPRIATIONS- There are authorized to be appropriated to the National Science Foundation such sums as are necessary to carry out this subsection for each of the fiscal years 2010 through 2014.’.
(d) Computer and Network Security Capacity Building Grants- Section 5(a) of such Act (15 U.S.C. 7404(a)) is amended–
(1) in paragraph (3)(A), by inserting `, including curriculum on the principles and techniques of designing secure software’ after `network security’; and
(2) by amending paragraph (6) to read as follows:
`(6) AUTHORIZATION OF APPROPRIATIONS- There are authorized to be appropriated to the National Science Foundation such sums as are necessary to carry out this subsection for each of the fiscal years 2010 through 2014.’.
(e) Scientific and Advanced Technology Act Grants- Section 5(b)(2) of such Act (15 U.S.C. 7404(b)(2)) is amended to read as follows:
`(2) AUTHORIZATION OF APPROPRIATIONS- There are authorized to be appropriated to the National Science Foundation such sums as are necessary to carry out this subsection for each of the fiscal years 2010 through 2014.’.
(f) Graduate Traineeships in Computer and Network Security- Section 5(c)(7) of such Act (15 U.S.C. 7404(c)(7)) is amended to read as follows:
`(7) AUTHORIZATION OF APPROPRIATIONS- There are authorized to be appropriated to the National Science Foundation such sums as are necessary to carry out this subsection for each of the fiscal years 2010 through 2014.’.
(g) Postdoctoral Research Fellowships in Cybersecurity- Section 5(e) of such Act (15 U.S.C. 7404(e)) is amended to read as follows:
`(e) Postdoctoral Research Fellowships in Cybersecurity-
`(1) IN GENERAL- The Director shall carry out a program to encourage young scientists and engineers to conduct postdoctoral research in the fields of cybersecurity and information assurance, including the research areas described in section 4(a)(1), through the award of competitive, merit-based fellowships.
`(2) AUTHORIZATION OF APPROPRIATIONS- There are authorized to be appropriated to the National Science Foundation such sums as are necessary to carry out this subsection for each of the fiscal years 2010 through 2014.’.
(h) Prohibition on Earmarks- None of the funds appropriated under this section, and the amendments made by this section may be used for a Congressional earmark as defined in clause 9(d) of rule XXI of the Rules of the House of Representatives.
(i) Computer and Network Security Capacity Building Grants–Manufacturing Extension Partnership- Section 5(a)(3) of the Cyber Security Research and Development Act (15 U.S.C. 7404(a)(3)) is amended–
(1) by striking `and’ at the end of subparagraph (I);
(2) by redesignating subparagraph (J) as subparagraph (K); and
(3) by inserting after subparagraph (I) the following new subparagraph:
`(J) establishing or enhancing collaboration in computer and network security between community colleges, universities, and Manufacturing Extension Partnership Centers; and’.
SEC. 106. FEDERAL CYBER SCHOLARSHIP FOR SERVICE PROGRAM.
(a) In General- The Director of the National Science Foundation shall carry out a Scholarship for Service program to recruit and train the next generation of Federal cybersecurity professionals and to increase the capacity of the higher education system to produce an information technology workforce with the skills necessary to enhance the security of the Nation’s communications and information infrastructure.
(b) Characteristics of Program- The program under this section shall–
(1) provide, through qualified institutions of higher education, scholarships that provide tuition, fees, and a competitive stipend for up to 2 years to students pursing a bachelor’s or master’s degree and up to 3 years to students pursuing a doctoral degree in a cybersecurity field;
(2) provide the scholarship recipients with summer internship opportunities or other meaningful temporary appointments in the Federal information technology workforce or, at the discretion of the Director, with appropriate private sector entities; and
(3) increase the capacity of institutions of higher education throughout all regions of the United States to produce highly qualified cybersecurity professionals, through the award of competitive, merit-reviewed grants that support such activities as–
(A) faculty professional development, including technical, hands-on experiences in the private sector or government, workshops, seminars, conferences, and other professional development opportunities that will result in improved instructional capabilities;
(B) institutional partnerships, including minority serving institutions and community colleges;
(C) development of cybersecurity-related courses and curricula; and
(D) outreach to secondary schools and 2-year institutions to increase the interest and recruitment of students into cybersecurity-related fields.
(c) Scholarship Requirements-
(1) ELIGIBILITY- Scholarships under this section shall be available only to students who–
(A) are citizens or permanent residents of the United States;
(B) are full-time students in an eligible degree program, as determined by the Director, that is focused on computer security or information assurance at an awardee institution; and
(C) accept the terms of a scholarship pursuant to this section.
(2) SELECTION- Individuals shall be selected to receive scholarships primarily on the basis of academic merit, with consideration given to financial need, to the goal of promoting the participation of individuals identified in section 33 or 34 of the Science and Engineering Equal Opportunities Act (42 U.S.C. 1885a or 1885b), and to veterans. For purposes of this paragraph, the term `veteran’ means a person who–
(A) served on active duty (other than active duty for training) in the Armed Forces of the United States for a period of more than 180 consecutive days, and who was discharged or released therefrom under conditions other than dishonorable; or
(B) served on active duty (other than active duty for training) in the Armed Forces of the United States and was discharged or released from such service for a service-connected disability before serving 180 consecutive days.
For purposes of subparagraph (B), the term `service-connected’ has the meaning given such term under section 101 of title 38, United States Code.
(3) SERVICE OBLIGATION- If an individual receives a scholarship under this section, as a condition of receiving such scholarship, the individual upon completion of their degree must serve as a cybersecurity professional within the Federal workforce for a period of time as provided in paragraph (5). If a scholarship recipient is not offered employment by a Federal agency or a federally funded research and development center, the service requirement can be satisfied at the Director’s discretion by–
(A) serving as a cybersecurity professional in a State, local, or tribal government agency; or
(B) teaching cybersecurity courses at an institution of higher education.
(4) CONDITIONS OF SUPPORT- As a condition of acceptance of a scholarship under this section, a recipient shall agree to provide the awardee institution with annual verifiable documentation of employment and up-to-date contact information.
(5) LENGTH OF SERVICE- The length of service required in exchange for a scholarship under this subsection shall be as follows:
(A) For a recipient in a bachelor’s degree program, 1 year more than the number of years for which the scholarship was received.
(B) For a recipient in a master’s degree program, 2 years more than the number of years for which the scholarship was received.
(C) For a recipient in a doctorate degree program, 3 years more than the number of years for which the scholarship was received.
(d) Failure to Complete Service Obligation-
(1) GENERAL RULE- If an individual who has received a scholarship under this section–
(A) fails to maintain an acceptable level of academic standing in the educational institution in which the individual is enrolled, as determined by the Director;
(B) is dismissed from such educational institution for disciplinary reasons;
(C) withdraws from the program for which the award was made before the completion of such program;
(D) declares that the individual does not intend to fulfill the service obligation under this section; or
(E) fails to fulfill the service obligation of the individual under this section,
such individual shall be liable to the United States as provided in paragraph (3).
(2) MONITORING COMPLIANCE- As a condition of participating in the program, a qualified institution of higher education receiving a grant under this section shall–
(A) enter into an agreement with the Director of the National Science Foundation to monitor the compliance of scholarship recipients with respect to their service obligation; and
(B) provide to the Director, on an annual basis, post-award employment information required under subsection (c)(4) for scholarship recipients through the completion of their service obligation.
(3) AMOUNT OF REPAYMENT-
(A) LESS THAN ONE YEAR OF SERVICE- If a circumstance described in paragraph (1) occurs before the completion of 1 year of a service obligation under this section, the total amount of awards received by the individual under this section shall be repaid or such amount shall be treated as a loan to be repaid in accordance with subparagraph (C).
(B) MORE THAN ONE YEAR OF SERVICE- If a circumstance described in subparagraph (D) or (E) of paragraph (1) occurs after the completion of 1 year of a service obligation under this section, the total amount of scholarship awards received by the individual under this section, reduced by the ratio of the number of years of service completed divided by the number of years of service required, shall be repaid or such amount shall be treated as a loan to be repaid in accordance with subparagraph (C).
(C) REPAYMENTS- A loan described in subparagraph (A) or (B) shall be treated as a Federal Direct Unsubsidized Stafford Loan under part D of title IV of the Higher Education Act of 1965 (20 U.S.C. 1087a and following), and shall be subject to repayment, together with interest thereon accruing from the date of the scholarship award, in accordance with terms and conditions specified by the Director (in consultation with the Secretary of Education) in regulations promulgated to carry out this paragraph.
(4) COLLECTION OF REPAYMENT-
(A) IN GENERAL- In the event that a scholarship recipient is required to repay the scholarship under this subsection, the institution providing the scholarship shall–
(i) be responsible for determining the repayment amounts and for notifying the recipient and the Director of the amount owed; and
(ii) collect such repayment amount within a period of time as determined under the agreement described in paragraph (2), or the repayment amount shall be treated as a loan in accordance with paragraph (3)(C).
(B) RETURNED TO TREASURY- Except as provided in subparagraph (C) of this paragraph, any such repayment shall be returned to the Treasury of the United States.
(C) RETAIN PERCENTAGE- An institution of higher education may retain a percentage of any repayment the institution collects under this paragraph to defray administrative costs associated with the collection. The Director shall establish a single, fixed percentage that will apply to all eligible entities.
(5) EXCEPTIONS- The Director may provide for the partial or total waiver or suspension of any service or payment obligation by an individual under this section whenever compliance by the individual with the obligation is impossible or would involve extreme hardship to the individual, or if enforcement of such obligation with respect to the individual would be unconscionable.
(e) Hiring Authority- For purposes of any law or regulation governing the appointment of individuals in the Federal civil service, upon successful completion of their degree, students receiving a scholarship under this section shall be hired under the authority provided for in section 213.3102(r) of title 5, Code of Federal Regulations, and be exempted from competitive service. Upon fulfillment of the service term, such individuals shall be converted to a competitive service position without competition if the individual meets the requirements for that position.
(f) Authorization of Appropriations- There are authorized to appropriated to the National Science Foundation to carry out this section–
(1) $18,700,000 for fiscal year 2010;
(2) $20,100,000 for fiscal year 2011;
(3) $21,600,000 for fiscal year 2012;
(4) $23,300,000 for fiscal year 2013; and
(5) $25,000,000 for fiscal year 2014.
SEC. 107. CYBERSECURITY WORKFORCE ASSESSMENT.
Not later than 180 days after the date of enactment of this Act the President shall transmit to the Congress a report addressing the cybersecurity workforce needs of the Federal Government. The report shall include–
(1) an examination of the current state of and the projected needs of the Federal cybersecurity workforce, including a comparison of the different agencies and departments, the extent to which different agencies and departments rely on contractors to support the Federal cybersecurity workforce, and an analysis of the capacity of such agencies and departments to meet those needs;
(2) an analysis of the sources and availability of cybersecurity talent, a comparison of the skills and expertise sought by the Federal Government and the private sector, an examination of the current and future capacity of United States institutions of higher education, including community colleges, to provide cybersecurity professionals with those skills sought by the Federal Government and the private sector, and a description of how successful programs are engaging the talents of women and African-Americans, Hispanics, and Native Americans in the cybersecurity workforce;
(3) an examination of the effectiveness of the National Centers of Academic Excellence in Information Assurance Education, the Centers of Academic Excellence in Research, and the Federal Cyber Scholarship for Service programs in promoting higher education and research in cybersecurity and information assurance and in producing a growing number of professionals with the necessary cybersecurity and information assurance expertise;
(4) an analysis of any barriers to the Federal Government recruiting and hiring cybersecurity talent, including barriers relating to compensation, the hiring process, job classification, job security clearance and suitability requirements, and hiring flexibilities;
(5) a specific analysis of the capacity of the agency workforce to manage contractors who are performing cybersecurity work on behalf of the Federal Government; and
(6) recommendations for Federal policies to ensure an adequate, well-trained Federal cybersecurity workforce, including recommendations on the temporary assignment of private sector cybersecurity professionals to Federal agencies.
SEC. 108. CYBERSECURITY UNIVERSITY-INDUSTRY TASK FORCE.
(a) Establishment of University-Industry Task Force- Not later than 180 days after the date of enactment of this Act, the Director of the Office of Science and Technology Policy shall convene a task force to explore mechanisms for carrying out collaborative research and development activities for cybersecurity through a consortium or other appropriate entity with participants from institutions of higher education and industry.
(b) Functions- The task force shall–
(1) develop options for a collaborative model and an organizational structure for such entity under which the joint research and development activities could be planned, managed, and conducted effectively, including mechanisms for the allocation of resources among the participants in such entity for support of such activities;
(2) propose a process for developing a research and development agenda for such entity, including guidelines to ensure an appropriate scope of work focused on nationally significant challenges and requiring collaboration;
(3) define the roles and responsibilities for the participants from institutions of higher education and industry in such entity;
(4) propose guidelines for assigning intellectual property rights, for the transfer of research and development results to the private sector, and for the sharing of lessons learned on the effectiveness of new technologies from the private sector with the public sector; and
(5) make recommendations for how such entity could be funded from Federal, State, and nongovernmental sources.
(c) Composition- In establishing the task force under subsection (a), the Director of the Office of Science and Technology Policy shall appoint an equal number of individuals from institutions of higher education, including community colleges, and from industry with knowledge and expertise in cybersecurity, and shall include representatives from minority-serving institutions.
(d) Report- Not later than 12 months after the date of enactment of this Act, the Director of the Office of Science and Technology Policy shall transmit to the Congress a report describing the findings and recommendations of the task force.
SEC. 109. CYBERSECURITY CHECKLIST DEVELOPMENT AND DISSEMINATION.
Section 8(c) of the Cyber Security Research and Development Act (15 U.S.C. 7406(c)) is amended to read as follows:
`(c) Checklists for Government Systems-
`(1) IN GENERAL- The Director of the National Institute of Standards and Technology shall develop or identify and revise or adapt as necessary, checklists, configuration profiles, and deployment recommendations for products and protocols that minimize the security risks associated with each computer hardware or software system that is, or is likely to become, widely used within the Federal Government.
`(2) PRIORITIES FOR DEVELOPMENT- The Director of the National Institute of Standards and Technology shall establish priorities for the development of checklists under this subsection. Such priorities may be based on the security risks associated with the use of each system, the number of agencies that use a particular system, the usefulness of the checklist to Federal agencies that are users or potential users of the system, or such other factors as the Director determines to be appropriate.
`(3) EXCLUDED SYSTEMS- The Director of the National Institute of Standards and Technology may exclude from the requirements of paragraph (1) any computer hardware or software system for which the Director determines that the development of a checklist is inappropriate because of the infrequency of use of the system, the obsolescence of the system, or the inutility or impracticability of developing a checklist for the system.
`(4) AUTOMATION SPECIFICATIONS- The Director of the National Institute of Standards and Technology shall develop automated security specifications (such as the Security Content Automation Protocol) with respect to checklist content and associated security related data.
`(5) DISSEMINATION OF CHECKLISTS- The Director of the National Institute of Standards and Technology shall ensure that Federal agencies are informed of the availability of any product developed or identified under the National Checklist Program for any information system, including the Security Content Automation Protocol and other automated security specifications.
`(6) AGENCY USE REQUIREMENTS- The development of a checklist under paragraph (1) for a computer hardware or software system does not–
`(A) require any Federal agency to select the specific settings or options recommended by the checklist for the system;
`(B) establish conditions or prerequisites for Federal agency procurement or deployment of any such system;
`(C) imply an endorsement of any such system by the Director of the National Institute of Standards and Technology; or
`(D) preclude any Federal agency from procuring or deploying other computer hardware or software systems for which no such checklist has been developed or identified under paragraph (1).’.
SEC. 110. NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY CYBERSECURITY RESEARCH AND DEVELOPMENT.
Section 20 of the National Institute of Standards and Technology Act (15 U.S.C. 278g-3) is amended by redesignating subsection (e) as subsection (f), and by inserting after subsection (d) the following:
`(e) Intramural Security Research- As part of the research activities conducted in accordance with subsection (d)(3), the Institute shall–
`(1) conduct a research program to develop a unifying and standardized identity, privilege, and access control management framework for the execution of a wide variety of resource protection policies and that is amenable to implementation within a wide variety of existing and emerging computing environments;
`(2) carry out research associated with improving the security of information systems and networks;
`(3) carry out research associated with improving the testing, measurement, usability, and assurance of information systems and networks; and
`(4) carry out research associated with improving security of industrial control systems.’.
SEC. 111. NATIONAL ACADEMY OF SCIENCES STUDY ON THE ROLE OF COMMUNITY COLLEGES IN CYBERSECURITY EDUCATION.
Not later than 120 days after the date of enactment of this Act, the Director of the Office of Science and Technology Policy, in consultation with the Director of the National Coordination Office, shall enter into a contract with the National Academy of Sciences to conduct and complete a study to describe the role of community colleges in cybersecurity education and to identify exemplary practices and partnerships related to cybersecurity education between community colleges and 4-year educational institutions.
SEC. 112. NATIONAL CENTER OF EXCELLENCE FOR CYBERSECURITY.
(a) In General- As part of the Program, the Director of the National Science Foundation shall, in coordination with other Federal agencies participating in the Program, establish a National Center of Excellence for Cybersecurity.
(b) Merit Review- The National Center of Excellence for Cybersecurity shall be awarded on a merit-reviewed, competitive basis.
(c) Activities Supported- The National Center of Excellence for Cybersecurity shall–
(1) involve institutions of higher education or national laboratories and other partners, which may include States and industry;
(2) make use of existing expertise in cybersecurity;
(3) interact and collaborate with Computer and Network Security Research Centers to foster the exchange of technical information and best practices;
(4) perform research to support the development of technologies for testing hardware and software products to validate operational readiness and certify stated security levels;
(5) coordinate cybersecurity education and training opportunities nationally;
(6) enhance technology transfer and commercialization that promote cybersecurity innovation; and
(7) perform research on cybersecurity social and behavioral factors, including human-computer interactions, usability, user motivations, and organizational cultures.
SEC. 113. CYBERSECURITY INFRASTRUCTURE REPORT.
Not later than 1 year after the date of enactment of this Act, the Comptroller General shall transmit to the Congress a report examining key weaknesses within the current cybersecurity infrastructure, along with recommendations on how to address such weaknesses in the future and on the technology that is needed to do so.
TITLE II–ADVANCEMENT OF CYBERSECURITY TECHNICAL STANDARDS
SEC. 201. DEFINITIONS.
In this title:
(1) DIRECTOR- The term `Director’ means the Director of the National Institute of Standards and Technology.
(2) INSTITUTE- The term `Institute’ means the National Institute of Standards and Technology.
SEC. 202. INTERNATIONAL CYBERSECURITY TECHNICAL STANDARDS.
The Director, in coordination with appropriate Federal authorities, shall–
(1) ensure coordination of United States Government representation in the international development of technical standards related to cybersecurity; and
(2) not later than 1 year after the date of enactment of this Act, develop and transmit to the Congress a proactive plan to engage international standards bodies with respect to the development of technical standards related to cybersecurity.
SEC. 203. PROMOTING CYBERSECURITY AWARENESS AND EDUCATION.
(a) Program- The Director, in collaboration with relevant Federal agencies, industry, educational institutions, and other organizations, shall develop and implement a cybersecurity awareness and education program to increase public awareness, including among children and young adults, of cybersecurity risks, consequences, and best practices through–
(1) the widespread dissemination of cybersecurity technical standards and best practices identified by the Institute; and
(2) efforts to make cybersecurity technical standards and best practices usable by individuals, small to medium-sized businesses, State, local, and tribal governments, and educational institutions, especially with respect to novice computer users, elderly populations, low-income populations, and populations in areas of planned broadband expansion or deployment.
(b) Workshops- In carrying out activities under subsection (a)(1), the Institute is authorized to host regional workshops to provide an overview of cybersecurity risks and best practices to businesses, State, local, and tribal governments, and educational institutions.
(c) Manufacturing Extension Partnership- The Director shall, to the extent appropriate, implement subsection (a) through the Manufacturing Extension Partnership program under section 25 of the National Institute of Standards and Technology Act (15 U.S.C. 278k).
(d) Report to Congress- Not later than 90 days after the date of enactment of this Act, the Director shall transmit to the Congress a report containing a strategy for implementation of this section.
SEC. 204. IDENTITY MANAGEMENT RESEARCH AND DEVELOPMENT.
The Director shall establish a program to support the development of technical standards, metrology, testbeds, and conformance criteria, taking into account appropriate user concerns, to–
(1) improve interoperability among identity management technologies;
(2) strengthen authentication methods of identity management systems;
(3) improve privacy protection in identity management systems, including health information technology systems, through authentication and security protocols; and
(4) improve the usability of identity management systems.
SEC. 205. PRACTICES AND STANDARDS.
The National Institute of Standards and Technology shall work with other Federal, State, and private sector partners, as appropriate, to develop a framework that States may follow in order to achieve effective cybersecurity practices in a timely and cost-effective manner.
Passed the House of Representatives February 4, 2010.
Attest:
Clerk.
111th CONGRESS
2d Session
H. R. 4061
AN ACT
To advance cybersecurity research, development, and technical standards, and for other purposes.
END

%d bloggers like this: