[Federal Register Volume 59, Number 224 (Tuesday, November 22, 1994)]
[Unknown Section]
[Page 0]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 94-28820]


[[Page Unknown]]

[Federal Register: November 22, 1994]


_______________________________________________________________________

Part X





Office of Management and Budget





_______________________________________________________________________




Notice of Public Meeting; National Information Infrastructure
OFFICE OF MANAGEMENT AND BUDGET

 
Notice of Public Meeting; National Information Infrastructure

AGENCY: Office of Management and Budget.

ACTION: Notice of public meeting and request for public comments.

-----------------------------------------------------------------------

SUMMARY: The Clinton Administration has announced two public meetings 
to continue a dialogue between government and the private and public 
interest sectors on issues related to the security of information on 
the National Information Infrastructure (NII). Interested parties--
especially those representing subjects, users, or creators of health, 
education, financial, or insurance information networks--are invited to 
submit a 1-2 page position statement and request to testify.
    The meetings are sponsored by the NII Security Issues Forum of the 
Information Infrastructure Task Force and Mega-Project III of the U.S. 
Advisory Council on the NII.

DATES: The public meeting, ``Security for Financial and Insurance 
Information in the NII,'' will be held Wednesday, December 7, 1994, 
from 9:00 a.m. to 12:30 p.m. The public meeting, ``Security for 
Education and Health Information in the NII,'' will be held Thursday, 
December 8, 1994, from 9:00 a.m. to 12:30 p.m.
    Those wishing to testify should submit a 1-2 page position 
statement and request to participate by Wednesday, November 30, 1994. 
Written comments preferably should be submitted in ASCII format and 
will be accepted until January 20, 1995. Individuals wishing to offer 
general comments or present questions may request to do so during the 
meeting.

addresses: The December 7 meeting will be held at the Commerce 
Department Auditorium at 14th and Constitution Avenue N.W., Washington, 
D.C. The December 8 meeting will be held at 1849 C Street N.W., 
Department of Interior Room 5160, Washington, D.C.
    Position statements and requests to appear for the meeting, 
``Security for Financial and Insurance Information in the NII,'' should 
be sent to the Federal Deposit Insurance Corporation, marked to the 
attention of Ms. Carmen Sullivan, at 3501 Fairfax Drive, Arlington, VA 
22226-3500. Position statements may also be submitted via fax to (703) 
516-5441 or through electronic mail to ``[email protected]''. 
Electronic mail should be submitted as unencoded, unformatted, ASCII 
text.
    Position statements and requests to appear for the meeting, 
``Security for Health and Education Information in the NII,'' should be 
sent to the Department of Health and Human Services, marked to the 
attention of Sam Shekar, M.D., at Room 310G, HHH Building, 200 
Independence Avenue S.W., Washington, D.C. 20201. Position statements 
may also be submitted to Dr. Shekar vai fax to (202) 690-6262. They may 
also be submitted through electronic mail to ``Alex--
[email protected]''. Electronic mail should be submitted as unencoded, 
unformatted, ASCII text.
    Parties offering testimony are asked to provide them on paper, and 
where possible, in machine-readable format. Machine-readable 
submissions may be provided through electronic mail messages sent over 
the Internet, or on a 3.5'' floppy disk formatted for use in an MS-DOS 
based computer. Machine-readable submissions should be provided as 
unencoded, unformatted ASCII text.
    Written comments should include the following information:
     Name and organizational affiliation, if any, of the 
individual responding;
     An indication of whether comments offered represent views 
of the respondent's organization or are the respondent's personal 
views; and
     If applicable, information on the respondent's 
organization, including the type of organization (e.g., trade 
association, private corporation, non-profit organization) and general 
areas of interest.

for further information contact: For further information relating to 
finance information issues, contact Ms. Carmen Sullivan, Director of 
Information Resources Management at the Federal Deposit Insurance 
Corporation, by telephone at (703) 516-5414. For further information 
relating to insurance information issues, contact Mr. Ken Tucker of the 
Federal Housing Administration by telephone at (202) 708-4758.
    For further information relating to health information issues, 
contact Sam Shekar, M.D., at the Department of Health and Human 
Services, by telephone at (202) 690-5727. For further information 
relating to education information issues, contact by Mr. Alex Poliakoff 
at the Department of Education by telephone at (202) 708-5210.

SUPPLEMENTARY INFORMATION:

I. Issues for Public Comment

A. Background

    The public meetings are part of an ongoing dialogue with the 
Administration to assess the security needs and concerns of users of 
the National Information Infrastructure (NII). The NII is a system of 
high-speed telecommunications networks, databases, and advanced 
computer systems that will make electronic information--such as 
insurance and financial products, health and educational records, and 
communication of both a commercial and non-commercial nature--more 
widely available and accessible than ever before. This increased 
availability and accessibility will dramatically affect the way in 
which information and information services are created, used, and 
delivered throughout the world.
    Consequently, broad public and commercial use of the NII hinges 
upon implementing technologies, policies, and practices that not only 
ensure that users of information systems have access to information 
when and where they need it, but that subjects of information records 
are able to protect themselves from unauthorized or inappropriate use 
of information.
    ``Americans will not use the NII to its full potential unless they 
trust that information will go where and when they want it and nowhere 
else,'' declared Sally Katzen, Administrator of the Office of 
Information Regulatory Affairs at OMB and chair of the Forum. ``The 
Federal government is a primary user of the NII and thus a catalyst for 
change. Yet the NII will be designed, built, owned, operated, and used 
primarily by the private sector, making it essential that security on 
the NII be considered in partnership with the public.''
    To address these critical issues, the Vice President formed the 
Information Infrastructure Task Force (IITF). The IITF is chaired by 
Secretary of Commerce Ron Brown and is comprised of senior 
Administration officials having expertise in technical, legal, and 
policy areas pertinent to the NII. The mission of the IITF is to 
articulate and implement the Administration's vision for the NII.
    The NII Security Issues Forum was established within the IITF to 
address the cross-cutting issue of security in the NII. The Forum is 
chaired by Sally Katzen, Administrator of the Office of Information and 
Regulatory Affairs in the Office of Management and Budget.
    In addition to the IITF, the President has established the U.S. 
Advisory Council on the National Information Infrastructure. The 
Advisory Council represents industry, labor, and public interest 
groups, and advises the Secretary of Commerce on issues relating to the 
NII. Mega-Project III, one of three work groups of the Advisory 
Council, is responsible for addressing security, intellectual property, 
and privacy issues as they relate to the NII.

B. Structure and Content of Public Meeting

    Security is linked inextricably to broad public use of the NII. The 
technologies, policies, and procedures used to ensure the 
confidentiality, availability, and integrity of digitally produced and 
transmitted information, information products, and services on the NII 
will determine whether, how, and to what extent digitally linked 
information services will be broadly used in such critical sectors as 
health, education, finance, and insurance.
    Development of policies and procedures that will ensure the 
security of commercial and non-commercial information and 
communications on the NII requires study from different perspectives, 
whether that of the subject of the information, the user of the 
information, or the creator of the information. The Forum and Mega-
Project III seek input from parties who represent these views in the 
areas of health, education, finance, and insurance.
    Solutions to these concerns will come vita technical solutions, as 
well as legal and policy mechanisms. The Forum and Mega-Project III 
seek input in this area as well. Specifically, what legal measures, 
policy mechanisms, and technological solutions, or combinations 
thereof, can be used to effectively protect the security of health, 
education, financial, and insurance information delivered or made 
accessible on the NII?
    A panel of witnesses drawn from the public will be assembled to 
discuss the following topics with a panel of senior Administration 
officials, members of the Security Issues Forum, and members of the 
Advisory Council, and to field questions and comments from other 
members of the public.
    Position statements for the meeting, ``Security for Financial and 
Insurance Information in the NII,'' should address four principal 
questions:
    1. How do you envision the NII being used by the finance and 
insurance industries to provide enhanced products and services to 
customers or to improve operations?
    Specifically, what types of products and services are you 
contemplating delivering or making available, or would you like to see 
delivered or made available on the NII?
    2. What threats do you foresee in making products and services 
available via the NII? Such threats might include fraud, unauthorized 
access, breach of confidentiality or privacy, breach of integrity, and 
lack of reliability.
    3. What legal, policy, and ethical issues do you foresee affecting 
usage of the NII? Such issues may include liability, information/
property rights, equal access, document/records management, legal 
admissibility/evidentiary requirements, and auditability.
    4. What kinds of administrative or technical solutions are you 
aware of, or would you like to see developed, to address security, 
legal, and ethical concerns? Such solutions may include international 
agreements, criminal laws, public key encryption, and digital 
signatures.
    Position statements for the meeting, ``Security for Health and 
Education Information in the NII,'' should address five principal 
questions:
    1. What enhancements in electronic data transmission, storage, and 
retrieval are needed to protect the confidentiality of personal health 
and education information?
    2. What enhancements in electronic data transmission, storage, and 
retrieval are needed to improve data users' access to individual health 
and education information?
    3. How can the NII be constructed to address and satisfy both of 
these needs simultaneously?
    4. What safeguards need to be developed to limit children's access 
to inappropriate material through the NII?
    5. What technical solutions are available, or can be developed, in 
order to address these data security concerns?

II. Guidelines for Participation in the Public Hearing

    Individuals who would like to participate on a panel must request 
an opportunity to do so no later than November 30, 1994 by submitting a 
brief, 1-2 page summary position statement. If approved, each 
participant will be allowed to present brief opening remarks. Primary 
participating, however, shall be during the general discussion to 
follow, according to the format described above.
    Participants in the public meeting will testify before and 
participate in discussions with a panel consisting of members of the 
Advisory Council, members of the Security Issues Forum, and other 
Administration officials.
    Individuals not selected as panel participants may offer comments 
or ask questions of the witnesses by requesting an opportunity to do so 
and being recognized during the meeting by the chairs of the meetings. 
Oral remarks offered in this fashion may not exceed three minutes. No 
advance approval is required to attend the public meetings, offer 
comments, or present questions.
    The public meeting on ``Security of Financial and Insurance 
Information in the NII'' will be co-chaired by Ms. Carmen Sullivan, 
Director of Information Resources Management of the Federal Deposit 
Insurance Corporation, Ms. Marta Angueira, Controller of the Federal 
Housing Administration, and Mr. Stephen Malphrus, Director of 
Information Resources Management at the Board of Governors of the 
Federal Reserve Board.
    The public meeting on ``Security of Health and Education 
Information in the NII'' will be co-chaired by Dr. Helen Smits, Deputy 
Administrator of the Health Care Financing Administration, and Ms. 
Linda Roberts, Special Advisor to the Secretary of Education for 
Technology.
    More information about the Clinton Administration's National 
Information Infrastructure initiative can be obtained from the IITF 
Secretariat. Inquiries may be directed to Yvette Barrett at (202) 482-
1835, by e-mail to [email protected], or by mail to U.S. Department 
of Commerce, IITF Secretariat, NTIA, Room 4892, Washington, D.C., 
20230.
    For inquiries over the Internet to the IITF Gopher Server, gopher, 
telnet (login=gopher), or anonymous ftp to iitf.doc.gov. Access is also 
available over the World-Wide-Web. Questions may be addressed to 
[email protected].
    For access by modem, dial (202) 501-1920 and set modem 
communication parameters at no parity, 8 data bits, and one stop 
(N,8,1). Modem speeds of up to 14,400 baud are supported.
Sally Katzen,
Administrator, Office of Information and Regulatory Affairs.
[FR Doc. 94-28820 Filed 11-21-94; 8:45 am]
BILLING CODE 3110-01-M