Annual Report of the
           ACM Committee on Computers and Public Policy (CCPP)
              For the Period 1 July 2016 to 30 June 2017
               Submitted by Peter G. Neumann, Chairman 

Date: June 30, 2017
To: Rosemary McGuinness
    ACM, 2 Penn Plaza, Suite 701 New York, NY 10121-0701

Purpose of CCPP

The ACM Committee on Computers and Public Policy (CCPP) seeks to

 * aid the ACM with respect to a variety of internationally relevant
   issues pertaining to computers and public policy, and
 * help make the ACM even more well recognized worldwide.

CCPP's most visible project is the ACM Forum on Risks to the Public in
Computers and Related Systems, established in August 1986 in response to
Adele Goldberg's ACM President's message in the February 1985 issue of the
Communications of the ACM (CACM).  It has also served as a hands-on review
board for the 241 Inside Risks articles in the CACM (now in the Viewpoints
section), since July 1990.

CCPP Committee Members

The Chairman of the ACM Committee on Computers and Public Policy (CCPP) is
Peter G. Neumann.  During the entire reporting year, the committee consisted
of Steve Bellovin, Peter Denning, Virgil Gligor, Kevin Fu, Nancy Leveson,
David Parnas, Jerry Saltzer, and Lauren Weinstein.  During June 2017, we
have added Zeynep Tufekci and Ben Zorn.  See the following section titled
Diversity of CCPP for more on their backgrounds and contributions.

CCPP acts as an expert advisory group rather than a general membership
organization.  It appears to have considerable impact worldwide, even though
it maintains a relatively low profile.  I am extraordinarily grateful to
those CCPPers with continued long-standing participation, and look forward
to the new additions.  Since 1990, CCPP has had an incisive role with
intensive reviewing of CACM Inside Risks columns and has also helped
resolving occasional potentially sticky issues relating to the ACM Risks
Forum.  The intellectual memory span and diversity of interests that the
CCPP group represents and is contributing is really extraordinary, and has
ensured the high quality of the Inside Risks content, as well as helping me
keep the ACM Risks Forum on a sound track.  I continue to value their
incisive contributions on many issues that require insight and wisdom.
Although their oversight efforts regarding Inside Risks are often not
visible to readers, some of the CACM columns have emerged only after intense
interactions with the authors, and in some cases escalated into
coauthorship.

CCPP internal interactions generally involve e-mail, with occasional
telephone calls and in-person discussions.  Many constructive interchanges
have occurred during the reporting year, as in the past.

There is some overlap with other ACM committees.  Although there is some
commonality of problem areas, the charters of CCPP and USACM are quite
different.  USACM has a specifically U.S.-centric focus, whereas CCPP tends
to consider problems more generally, with a broader scope of topics, and
with a truly global perspective.  Neumann remains active in USACM
committees, including risks related to election systems, which is a common
interest of USACM and CCPP -- with primary domestic and international
scopes, respectively.  Peter Denning has provided some coordination between
CCPP and ACM's Ubiquity.

Diversity of CCPP 

ACM President Vicki Hanson has requested that this year's annual report
should have a plan for recruiting a more diverse group.  

Our diversity plan for 2017-2018 is already underway.  In June 2017, we
invited Zeynep Tufekci and Ben Zorn to join CCPP, and both have accepted.
Each of them has been active in social issues, as well pursuing their own
technical strengths.  Zeynep is an Associate Professor in the School of
Information and Library Science at the University of North Carolina.  She is
the author of Twitter and Tear Gas: The Power and Fragility of Networked
Protest, and has recently become an incisive contributor to the Op-Ed pages
of The New York Times.  Ben Zorn works for Microsoft.  Extending his
contributions to computer science, programming languages, and memory
security, Ben has recently been actively involved in public policy.  In the
future, we hope to add others in non-U.S. venues (in addition to David
Parnas, who has had at least three other national affiliations before
settling on Canada, but is perhaps the most internationally connected of our
current CCPPers).

Many of the CCPP members have been with us for decades, with only a little
turnover.  (Jim Horning's passing was the most recent loss.)  Steve Bellovin
was added 10 years ago and Kevin Fu in 2013, each to continue bringing in
new blood and to increase diversity.  During most of the 2016-2017 ACM year,
David Parnas was the only non-US member, and Nancy Leveson the only woman.
Several of us have been on multiple National Academies study groups.  Having
previously been the Chief Technologist of the FTC, Steve Bellovin is now on
the NSA Advisory Council.  Nancy Leveson's ongoing work is having a major
impact on system safety.  Kevin Fu has been particularly active in bringing
concerns for security into the medical safety communities, which adds
significant expertise and breadth to CCPP.  He has received an award for
that work from the Association for the Advancement of Medical
Instrumentation.  Lauren Weinstein continues his active relevance to network
neutrality and privacy, among other areas.  David Parnas has been
particularly helpful in keeping us on point, and will once again be a
contributing author for the October 2017 Inside Risks article.  Even though
retired, Jerry Saltzer still makes incisive contributions based on his
extensive system and security experience.  Virgil Gligor has been relatively
busy on other efforts during the past year, but is still a vital
contributor.  Each of them has special interests and experience that is
vital to the overall charter of CCPP.

Several CCPPers are academics who have had extensive experience in industry.
Overall, we represent significant topical breadth and depth, and yet seek
further diversity.  The basic criterion for the committee is that it should
span a long intellectual history going back to the early days of the ACM,
while also being able to go with the flow in terms of continual advances in
technology and social implications -- albeit with a relatively broad scope
of what might be relevant to computers and public policy issues that are
global and not just U.S.-centric.

CCPP Efforts

CCPP has several primary manifestations, including

  * RISKS online: The ACM Forum on Risks to the Public in Computers as a
    newsgroup (a digest by e-mail, and distributed as comp.risks via
    USENET).  See Item 1 below.
  * RISKS highlights in ACM Software Engineering Notes (SEN), edited
    and distilled from the online ACM Risks Forum.  See Item 2 below.
  * The CACM Inside Risks, now with scheduled tri-yearly columns.  
    See Item 3 below.
  * RISKS: The Book, Computer-Related Risks.  See Item 4 below.

Neumann has been highly visible in those efforts, but other CCPP members
have also been active participants.  Additionally, some other efforts have
been undertaken, and CCPP members have continued to be active in ACM
advisory roles and in computer policy issues, either directly related to
CCPP or otherwise.

Neumann contributes many hours each week pro bono, moderating RISKS,
commissioning and editing CACM Inside Risks articles, responding to queries,
engaging in individual dialogues with readers, and distilling the RISKS
highlights for SIGSOFT's Software Engineering Notes (SEN).  From the
feedback we receive, RISKS appears to be one of the most widely read and
most useful of the moderated on-line digests relating to computer
technology.  It serves a vital educational purpose.  Despite its high
profile and occasionally controversial nature of some of the material, RISKS
has been a relatively noninflammatory operation; this reflects the fact that
Neumann takes his moderator's role quite seriously.  The advisory members
of CCPP are invoked as informal reviewers whenever a potentially
controversial contribution must be considered, and they are consistently
cautious in representing ACM's interests -- as I believe am I.  In addition,
each member of the committee has typically played an advisory role during
the year on various sensitive issues.  

Overall, CCPP represents an extraordinary collection of creative thinking
ability and resources for ACM, and its members are invoked as appropriate.

Relevant Activities During the Reporting Year

Following is a list of CCPP-relevant activities.  Almost all were done
essentially pro-bono, and in my case with the considerable blessing and
computer support of SRI International's Computer Science Lab -- for which I
am hugely grateful, and with external pro bono support from Lindsay Marshall
at Newcastle (see Item 1).

Items of Immediate Relevance to CCPP 

1.  The on-line ACM Forum on Risks to the Public in Computers and Related
    Systems.  In addition to various unofficial mirrored sites on the
    Internet, including a feed at panix.com for comp.risks on USENET as of
    the official archives are available by anonymous ftp in the U.S. at 
    ftp://ftp.sri.com/risks/ , and in a nicely formatted searchable
    site in the U.K., courtesy of Lindsay Marshall:
http://catless.ncl.ac.uk/Risks/
    which is also accessible (without the search facility) as
http://www.risks.org

    The ACM Risks Forum activity involves many tens or even hundreds of
    thousands of people around the world, some of whom are contributing to
    the CCPP effort through their RISKS submissions.  There are always many
    new first-time contributors each year.

    The ACM Risks Forum continues as an institution.  Since its first issue
    on August 1, 1985, its readership continues to expand, with a steady
    flow of new direct subscribers, via USENET newsgroups as comp.risks, and
    through redistribution centers and mirrored websites throughout the
    Internet.  It reaches essentially every country that does not censor the
    Internet.

    During the 2016-2017 ACM reporting year, 72 issues of the ACM Risks
    Digest appeared (RISKS-29.60 to 29.96 and RISKS-30.01 to 30.35).  The
    number of submissions for consideration continues to be considerable,
    and the primarily limitation on the frequency of issues is the scarcity
    of my time.  (Sometimes as much as 90% of all mail that arrives in my
    RISKS mailbox at risks@csl.sri.com is spam, *after* pre-filtering.
    However, that is not a problem, because regular readers have been
    trained to include a magic string in the subject line of genuine
    submissions, almost all of which are generally considered for inclusion.
    Inclusion rates vary with the relevance of the topic.)

2.  Highlights from the on-line RISKS Forum now appear four times each year
    in the ACM SIGSOFT Software Engineering Notes.  (In 2017, SEN has been
    transformed to a quarterly instead of a bi-monthly.)  Neumann was SEN's
    founding editor in 1976.  After Will Tracz took over as Editor in 1995,
    Neumann continued to contribute a RISKS section to every regular issue,
    which now continues under SEN's fourth editor, John Georgas
    .  (SEN's circulation is one of the larger among
    SIGs.)

3. P.G. Neumann (ed).  Inside Risks began in July 1990 as a monthly one-page
   article, originally inside the back cover of the CACM for 18 years.  It
   became slated for three longer articles each year in 2009.

We continue to seek diversity among the authors and the content.  The
following articles appeared (or were written) during the reporting year, as
Inside Risks Viewpoints:

  * Oct 2016,239  Risks of Automation: A Cautionary Total-System Perspective
    of Our Cyberfuture, PGN

  * Feb 2017.240, Risks in the Emerging Internet of Things: The IoT can
    can become ubiquitous worldwide -- if the pursuit of systemic
    trustworthiness can overcome the potential risks, Ulf Lindqvist and PGN

  * Jun 2017.241, Trustworthiness and Truthfulness are Essential.  Their
  absence can introduce huge risks, PGN

  * Oct 2017.242, The Real Risks of Artificial Intelligence, David Parnas

  All Inside Risks articles since December 1997 (and a few selected popular
  earlier ones) are available online at
http://www.CSL.sri.com/neumann/insiderisks.html

4.  Neumann's RISKS BOOK ("Computer-Related Risks", ACM Press and
    Addison-Wesley, 1995), having transcended its fifth printing, is now
    being printed "on demand", and is available online as well.
    It is also available in a Japanese translation.  More recent source
    material is online in the ACM Risks Forum. 
http://www.risks.org
    culled, excerpted, and to some extent indexed in a topically relevant
    form bimonthly in SEN (item 2).  As noted last year, the thought of
    producing a second edition was dispelled after the retirement of Peter
    Gordon, as the online Risks Forum and the online RISKS highlights in
    Software Engineering Notes are widely accessible.

    What is to me most frustrating is that most of the content of the 1995
    book is still valid today.  Many of the problems discussed there are
    still recurring, and many of the recommendations for doing better seem
    to have been widely ignored.  (NOTE: Used copies are available for as
    little as one cent on Amazon.)

5.  PGN's Illustrative Risks document provides a topical index for
    SEN and RISKS.  It used to be updated periodically, but is fairly
    complete up to a point.  It is available online:
http://www.CSL.sri.com/neumann/illustrative.html
http://www.CSL.sri.com/neumann/illustrative.pdf
http://www.CSL.sri.com/neumann/illustrative.ps
    The task of maintaining the currency of this resource has become more
    daunting over time, and this index is not up to date -- except for
    recent items on election integrity.  However, the search engine at
    risks.org tends to compensate for that, and the accessible information
    in item 5 makes that less necessary.  However, it is still valuable as a
    source of references for earlier RISKS material prior to the Internet.
    More recent quasi-indices can be found in the RISKS highlights in 
    each issue of Software Engineering Notes (Item 2).

6.  Numerous additional activities of PGN are enumerated in Appendix I
    below.

7.  Lauren Weinstein continues his operation of the PRIVACY Forum and
    the Network Neutrality Squad under the partial aegis of CCPP.
      

PRIVACY FORUM: http://www.vortex.com/privacy
NETWORK NEUTRALITY SQUAD: http://www.nnsquad.org
 

    The Privacy Forum and related services from People For Internet
    Responsibility (PFIR, which he co-founded with PGN), and his other
    outreach efforts continue to provide discussions, information, and other
    services that include the many areas of privacy -- which intersect
    virtually every aspect of our lives.  The PRIVACY Forum, Network
    Neutrality Squad, and his other archives are continually referenced
    around the world, and have been listed as major network resources in the
    links of many private, commercial, and governmental entities globally.
 
    As is the case with PGN, Lauren receives numerous e-mail and telephone
    contacts from all manner of media points, and continues to participate
    in newspaper and magazine articles, local and network radio and
    television interviews, and similar discussions on privacy and related
    technology topics.  He has also been a commentator for National Public
    Radio's ``Morning Edition'' and for "Wired News" regarding technology
    and society.

8.  Other CCPP members have also interacted with various ACM people on ACM
    and CCPP-related issues, reviewed drafts, refereed papers, etc.  See
    their websites, listed in Appendix II.

9.  Other CCPP members wrote papers and gave talks that bear on computers
    and public policy.

10. This CCPP annual report is (or will be) accessible from the acm.org
    pages, via a link to my CCPP Web page: 
THIS FILE: http://www.CSL.sri.com/neumann/ccpp.html

11. I wrote the preface to one of the most powerful risks-related books I
    have ever read, Earl Boebert and James M. Blossom, Deepwater Horizon: A
    Systems Analysis of the Macondo Disaster. Harvard University Press,
    which was published in the fall of 2016.
    
12. Peter G. Neumann, Automated Car Woes -- Whoa There! ACM Ubiquity (online
    refereed online journal), July 2016.  
(Peter G. Neumann) pneumann@acm.org (and Neumann@CSL.sri.com for SRI-related e-mail)
(Steve Bellovin) smb@columbia.cs.edu
(Peter J. Denning) pjd@nps.edu
(Virgil Gligor) virgil@andrew.cmu.edu
(Kevin Fu) and (Kevin Fu's group) kevinfu@umich.edu
(Nancy Leveson) leveson@mit.edu
(David Parnas) parnas@mcmaster.ca
(Jerry Saltzer) saltzer@mit.edu
(Lauren Weinstein) lauren@vortex.com