Information Security: Control Deficiencies Continue to Limit IRS’s Effectiveness in Protecting Sensitive Financial and Taxpayer Data, GAO-17-395: Published: Jul 26, 2017. Publicly Released: Jul 26, 2017.
“The Internal Revenue Service (IRS) made progress in addressing previously reported control deficiencies; however, continuing and newly identified control deficiencies limited the effectiveness of security controls for protecting the confidentiality, integrity, and availability of IRS’s key financial and tax processing systems. During fiscal year 2016, IRS made improvements in access controls over a number of system administrator accounts and updated certain software to prevent exposure to known vulnerabilities. However, the agency did not always (1) limit or prevent unnecessary access to systems, (2) monitor system activities to reasonably assure compliance with security policies, (3) reasonably assure that software was supported by the vendor and was updated to protect against known vulnerabilities, (4) segregate incompatible duties, and (5) update system contingency plans to reflect changes to the operating environment. An underlying reason for these control deficiencies is that IRS had not effectively implemented components of its information security program. The agency had a comprehensive framework for its program, including developing and documenting security plans; however, it did not fully implement other program components. For example, IRS did not always effectively manage information security risk or update certain policies and procedures. GAO has made recommendations to IRS to correct the identified security control deficiencies (see table). However, corrective actions for a number of the deficiencies have not been completed and the associated recommendations remained open at the conclusion of the audit of IRS’s financial statements for fiscal year 2016.”
Read more of this story at Slashdot.
Read more of this story at Slashdot.
NOAA – “The Montreal Protocol, the international treaty adopted to restore Earth’s protective ozone layer, has significantly reduced emissions of ozone-depleting chemicals from the United States. A new study by NOAA and CIRES scientists shows the 30-year old treaty has also significantly reduced climate-altering greenhouse gas emissions from the U.S. That’s because the ozone-depleting substances controlled by the treaty are also potent greenhouse gases, with heat-trapping abilities up to 10,000 times greater than carbon dioxide over 100 years. The new research, the first to quantify the impact of the Montreal Protocoloffsite link on U.S. greenhouse gas emissions with atmospheric observations, shows that reducing the use of ozone-depleting substances from 2008 to 2014 eliminated the equivalent of 170 million tons of carbon dioxide (CO2) emissions each year. That’s roughly 50 percent of the reductions achieved by the U.S. for CO2 and other greenhouse gases over the same period. The study was published today in Geophysical Research Letters“…
“Nuclear Threat Initiative is a nonprofit, nonpartisan organization working to reduce global threats from nuclear, chemical and biological weapons.”Last Updated: July, 2017 [Except as follows with the full report here] “The Democratic People’s Republic of Korea (DPRK) has an active nuclear weapons program and tested nuclear explosive devices in 2006, 2009, 2013, and twice in 2016. The DPRK is also capable of enriching uranium and producing weapons-grade plutonium. North Korea deploys short- and medium-range ballistic missiles and successfully test-launched an intercontinental ballistic missile in 2017. North Korea is also believed to possess biological and chemical weapons programs. Pyongyang unilaterally withdrew from the Treaty on the Non-Proliferation of Nuclear Weapons (NPT) in January 2003 and is not a party to the Comprehensive Nuclear-Test-Ban Treaty (CTBT) or a member of the Missile Technology Control Regime (MTCR). The DPRK is not a party to the Chemical Weapons Convention (CWC), and is believed to possess a large chemical weapons program. North Korea is a party to the Biological and Toxin Weapons Convention (BTWC) and Geneva Protocol, but is suspected of maintaining an offensive weapons program in defiance of the BTWC…”
EPIC – “The International Working Group on Data Protection in Telecommunications has adopted new recommendations to improve privacy and security standards for e-learning platforms and government intelligence gathering. The Berlin-based Working Group includes Data Protection Authorities and experts who work together to address emerging privacy challenges. The Working Paper on “E-Learning Platforms” highlights privacy risks including excessive collection of students’ personal data. “Towards International Principles or Instruments to Govern Intelligence Gathering” recommends that DPAs participate in developing an international instrument governing intelligence activities and recommends authorities promote principles concerning “Legitimacy,” “Rule of Law,” and “Oversight.” In April 2017, EPIC hosted the 61st meeting of the IWG in Washington, D.C. at the Goethe-Institut, Germany’s cultural institute.”
Genevieve Zook [excerpted from her article] – JULY/AUGUST 2017 | AALL SPECTRUM 23
- American Library Association bit.ly/JA17ALA
- Bowdoin College Library bit.ly/JA17Bowdoin
- Harvard Library bit.ly/JA17Harvard
- Hillsborough Community College Libraries bit.ly/JA17Hills
- Indiana University East bit.ly/JA17IU
- Pace University Library bit.ly/JA17Pace
- Penn State University Libraries bit.ly/JA17Pacehttp://bit.ly/JA17Pace
- The Public Library of Albuquerque and Bernalillo County bit.ly/JA17
- Toronto Public Library bit.ly/JA17Toronto
- University of Michigan Library bit.ly/JA17Mich
- University of Oregon bit.ly/JA17Oregon
- University of Virginia Library bit.ly/JA17UV
- University of Wisconsin College Library bit.ly/JA17Wiscon
- Valencia College bit.ly/JA17Valencia
Read more of this story at Slashdot.
WSJ.com – “…Back in 2003, as a midlevel manager at the National Institute of Standards and Technology, Bill Burr was the author of “NIST Special Publication 800-63. Appendix A.” [this is the 2017 version] The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly. Long, easy-to-remember phrases now get the nod over crazy characters, and users should be forced to change passwords only if there is a sign they may have been stolen, says NIST, the federal agency that helps set industrial standards in the U.S…”
- Via NIST- “The Special Publication (SP) 800-63 suite provides technical requirements for federal agencies implementing digital identity services. The publication includes: an overview of identity frameworks; using authenticators, credentials, and assertions in a digital system; and a risk-based process to select assurance levels. Organizations have the flexibility to choose the appropriate assurance level for their needs. SP 800-63 comprises a suite of documents that can be used independently or in concert to meet identity needs.”
“Newly obtained case-by-case court records show that depending upon the community in which the immigrant resides, the odds of obtaining representation in Immigration Court deportation proceedings vary widely. If you happen to live in Honolulu, Hawaii, the odds are over 90 percent that you will be able to find an attorney to represent you. The odds are also high if you live in Manteca, California or in Pontiac. Michigan. However these odds drop to less than 30 percent if you reside in Roma-Los Saenz or Huntsville, Texas, or in Coral Springs-Margate, Florida, or even in Atlanta-Decatur, Georgia. Residents of Hawaii, New Hampshire, and Mississippi head the list of states where residents are most likely to obtain representation. West Virginia is in fourth place. Kansas, South Dakota, and Georgia had the worst composite records for their residents finding representation. But even within these states the odds differ by location. The 25 communities that ranked the highest on the odds of finding an attorney were spread across seventeen states. Three states had communities that ranked both in the top 25 as well as in the bottom 25 places in the U.S. Few dispute the importance of having an attorney to effectively argue one’s case. Representation can also lead to a number of efficiencies in the handling of court proceedings. Now for the very first time, the public can determine the odds of obtaining representation for individuals residing in each state, county, and local community within a county, who as of the end of May 2017 had pending cases before the Immigration Court.These findings are based upon court records that were obtained and analyzed by the Transactional Records Access Clearinghouse (TRAC) at Syracuse University. To see the full report, go to: http://trac.syr.edu/immigration/reports/477/“
The petition of the day is:McCarthan v. Collins 17-85
Issue: Whether a person in federal custody is entitled to file an application for habeas corpus under 28 U.S.C. § 2241 because a 28 U.S.C. § 2255 motion is “inadequate or ineffective” to permit him to raise a claim that his conviction or sentence is invalid under an intervening and retroactively applicable statutory-interpretation decision of the Supreme Court.
Read more of this story at Slashdot.
Most Americans are familiar with some parts of the Bill of Rights, such as the First Amendment’s guarantee of free speech and the Second Amendment’s protection of the right to bear arms. Other provisions, however, are less well known – for example, the 10th Amendment, which provides that the “powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.” But the 10th Amendment is at the heart of an important Supreme Court case this fall, in which New Jersey and a group of horse-owners will argue that a federal law that bars virtually all states from legalizing sports betting violates the Constitution.
The federal law is the Professional and Amateur Sports Protection Act (known as PASPA), which Congress passed in 1992. PASPA makes it illegal for states to “authorize” “a lottery, sweepstakes, or other betting, gambling, or wagering scheme based” “on one or more competitive games in which amateur or professional athletes participate.” PASPA grandfathered in four states – Delaware, Montana, Nevada and Oregon – that already had sports gambling, and it also carved out an exception for New Jersey that would have allowed sports betting at the state’s casinos, as long as the state set up the scheme within one year after PASPA went into effect.
New Jersey didn’t take advantage of that exception at the time, but nearly two decades later the state appeared to have second thoughts. In 2010, the New Jersey legislature held hearings to consider the possibility of sports betting, which would benefit the state’s struggling racetracks and casinos. In 2011, New Jersey residents overwhelmingly voted to amend the state’s constitution to give the legislature the power to legalize sports betting, which the legislature did in 2012. The National Collegiate Athletic Association and the four major professional sports leagues – the National Basketball Association, the National Football League, the National Hockey League and Major League Baseball – quickly went to federal court to challenge the 2012 law, arguing that it violated PASPA.
The state did not dispute that the 2012 law conflicted with PASPA. Instead, it countered that PASPA violates the 10th Amendment, which the Supreme Court has interpreted to prohibit the federal government from “commandeering” the states to enforce federal law. But the lower courts rejected that argument, with the U.S. Court of Appeals for the 3rd Circuit ruling that the “anti-commandeering doctrine” did not apply because PASPA does not require the states to do anything; it simply bars them from allowing sports betting. The Supreme Court denied review of that decision.
In 2014, the New Jersey legislature returned to the drawing board. It passed a new law that did not affirmatively legalize sports betting, but instead repealed existing prohibitions on sports betting, at least as they applied to New Jersey casinos and racetracks. The NCAA and professional sports leagues again went to federal court, where the lower courts once again ruled for the leagues. This time, the full 3rd Circuit ruled that, even though New Jersey had “artfully couched” the 2014 law as simply a “repealer,” the statute nonetheless authorized sports betting at casinos and racetracks in the state. This time the Supreme Court agreed to weigh in, granting two petitions for review by New Jersey Governor Chris Christie and the New Jersey Thoroughbred Horsemen’s Association, a group of horse-owners and trainers that also owns a racetrack in New Jersey, which the group believes can only be saved from financial ruin by money from sports betting.
In the Supreme Court, Christie and the NJTHA portray PASPA as an attempt to to take over the legislature’s job that is “dramatic, unprecedented, and in direct conflict with this Court’s Tenth Amendment jurisprudence barring Congress from controlling how the States regulate private parties.” Unlike the 2012 law, they emphasize, the 2014 law does not affirmatively authorize sports betting, but instead just repeals the existing bars on sports betting at casinos and racetracks, without giving the state any role to play in the sports betting that will follow. Indeed, they point out, during the litigation challenging the 2012 law, the federal government itself told the 3rd Circuit that New Jersey was “free to repeal those prohibitions in whole or in part.” And if the 10th Amendment bars the federal government from requiring states to regulate, they contend, it must also be true that the federal government cannot require states to keep on their books laws that they have opted to repeal – which amounts to essentially the same thing as mandatory regulation.
Christie and the NJTHA also warn the justices of dire consequences if the leagues prevail. Looking beyond sports betting, they caution that if the 3rd Circuit’s interpretation of “authorization by law” as also barring repeals is allowed to stand, “it is not difficult to imagine other examples in which Congress could dictate policy outcomes in States without ever having to legislate directly. Rather than enact gun control measures of its own, for example, Congress could prohibit States from relaxing existing restrictions on the purchase of firearms by particular persons.”
The NCAA and the leagues push back, praising the 3rd Circuit’s ruling as a “commonsense conclusion.” The Supreme Court’s cases, they stress, make clear that the anti-commandeering doctrine only comes into play when Congress expressly creates obligations that “force states to do Congress’ bidding.” But PASPA, they suggest, does nothing of the sort: “It does not compel states (or state officials) to do anything,” but instead simply bars the states from authorizing sports betting. In that sense, they argue, PASPA isn’t any different from “scores” of other federal laws that regulate the states by specifically barring them from passing laws that “conflict with federal policy.” And in this particular case, the leagues observe, there is direct evidence that Congress would have viewed the state’s current efforts to allow sports betting at casinos as a PASPA violation: PASPA specifically gave the state “an exemption for a one-year window, and only a one-year window, to adopt such a law.”
The leagues also reject New Jersey’s argument that the 2014 law only repeals some prohibitions on sports betting, rather than authorizing it, as “mere semantics.” Even if New Jersey calls the 2014 law a “partial repeal,” the leagues say, it is still an authorization. To be sure, the leagues concede, PASPA does not necessarily prohibit “any and all state efforts to repeal or alter existing sports gambling prohibitions.” But it does require courts to look at “the substance of state laws, not just at labels.” And here, the leagues conclude, the 3rd Circuit was correct that, “whatever else PASPA may prohibit or permit, it does not allow a state to use wordplay to channel sports gambling to its favored venues for state-authorized gambling while prohibiting it everywhere else.”
The justices often grant review to resolve differences in opinion among the federal courts of appeals. However (as the leagues emphasized in urging the court to stay out of the dispute), there is no such division in this case, and – when asked by the Supreme Court to weigh in – the federal government (whose opinions the justices take seriously) recommended that review be denied. The fact that the Supreme Court nonetheless agreed to take on the case suggests that at least several justices regard the 10th Amendment issue as an important one; we’ll know more about how they are likely to rule when they hear oral argument this fall.
The post The 10th Amendment, anti-commandeering and sports betting: In Plain English appeared first on SCOTUSblog.
Read more of this story at Slashdot.
On the latest edition of our summer series, “In Recess,” Dan Epps and official guest host Leah Litman (filling in for Ian Samuel, who is enjoying a Croatian vacation) get you up to speed on what has been happening at the Supreme Court. We discuss some particularly interesting briefs that have been filed in pending cases, including the U.S. Department of Justice’s brief in Husted v. A. Philip Randolph Institute, in which the solicitor general’s office changed its views on an important voting-rights issue. We also discuss the unexpected developments in PEM Entities LLC v. Levin, a bankruptcy case that was going to be argued next term that was “dismissed as improvidently granted” last week. To help us make sense of that unusual order, and what might have prompted it, we bring in official First Mondays bankruptcy expert Danielle D’Onfro, who expands on her analysis of the order in her post last week. But that’s not all: We also have an interview with the great John Elwood, partner in Vinson & Elkins’ appellate practice group and creator of Relist Watch, an invaluable recurring feature on this blog.
- In The Washington Post, Robert Barnes reports on Masterpiece Cakeshop v. Colorado Civil Rights Commission, noting that “the Supreme Court took its own sweet time” deciding whether to review the “dispute between a gay couple and a baker who refused to make them a wedding cake,” and that “[s]ome liberals wonder … whether a liberal justice might have tipped the scale,” on the theory that “[i]f the proliferation of cases around the country means Supreme Court intervention is inevitable, … better to take it while Justice Anthony M. Kennedy is on the court.”
- At Empirical SCOTUS, Adam Feldman examines the effect of lower-court dissents on Supreme Court case grants and outcomes, focusing on whether “some judges’ dissents are given more weight than others.”
- At the Cato Institute’s Cato at Liberty blog, Ilya Shapiro argues that to resolve Carpenter v. United States, which asks whether the government must obtain a warrant before acquiring cell-site-location information from wireless carriers, the Supreme “Court should return to the text of the Fourth Amendment and recognize that data and digital communication are property that are protected by the papers and effects part of the Fourth Amendment.”
- At TeenVogue, Emma Sarran Webster marks Justice Ruth Bader Ginsburg’s 24th anniversary on the Supreme Court by looking at four of the justice’s opinions in major cases.
- In an op-ed at Forbes, Nick Sibilla urges the court to review a case that asks “whether or not the government has to pay entrepreneurs if it destroys their businesses with eminent domain.”
Remember, we rely exclusively on our readers to send us links for our round-up. If you have or know of a recent (published in the last two or three days) article, post, or op-ed relating to the Court that you’d like us to consider for inclusion in the round-up, please send it to roundup [at] scotusblog.com.
Via LLRX.com – Why Knowledge Management Is A Misnomer: Knowledge Management has many facets, applications and roles within organizations, large, small and solo. Ken Grady‘s interpretation of KM in this article represents the role of the “puzzle master,” one with which librarians, research analysts and infopros have demonstrated mastery.
Via LLRX.com – Even When Big Data Favors Your Clients, Doesn’t Mean You’ll Sleep at Night: Attorney Carolyn Elefant discusses what she has learned from her recent experience with data-driven decision making – specifically, although data improves the accuracy of predictions, it doesn’t remove all risk.
24/7 Wall St – “Adults working full-time in the United States spend about a third of their waking life at work — and often much more. Because work has such a central role in our lives, job satisfaction is crucial to our well-being. And given the ability to choose, many of us would prefer to work in a place that offers satisfying work, favorable conditions, and generous compensation. Job satisfaction is contingent on a multitude of factors — quantifiable and otherwise. In addition to the nature of the job itself, co-workers, bosses, salary, benefits, and other such factors can greatly boost or detract from job satisfaction. Many of these factors depend on the company and how it treats its employees. Based on employee reviews posted on Glassdoor, 24/7 Wall St. identified the best large companies to work for. Out of a universe of hundreds, only 34 sufficiently large companies received a score of 4 out of 5 stars or higher.”
Read more of this story at Slashdot.