Chaffetz wants to rein in stingrays, GSA hits OASIS milestone and more

Chaffetz wants to rein in stingray use by feds

Rep. Jason Chaffetz (R-Utah) wants more restrictions on how federal law enforcement agencies use cell-site simulators known as "stingrays," which collect information from nearby mobile devices. Chaffetz, chairman of the House Oversight and Government Reform Committee, warned of the stingrays' potential for "gross violations of privacy" because the devices can extract data from bystanders' cell phones.

The lawmaker released draft legislation that would require agencies to get warrants before using stingrays in most cases, although the bill contains broad exceptions for emergency law enforcement and foreign intelligence surveillance use.

The departments of Justice and Homeland Security have defended agency guidelines on stingray use to Congress. Whether those guidelines govern how other agencies, including the IRS, use stingrays remains an open question.

"The fact that law enforcement agencies and non-law enforcement agencies such as the IRS have invested in these devices raises serious questions about who is using this technology and why," Chaffetz said. "These questions demonstrate the need for strict guidelines that carry the weight of the law."

OASIS gains traction with federal buyers

The General Services Administration has a solid sign that its One Acquisition Solution for Integrated Services contracts for professional services are gaining traction among federal customers.

GSA officials said the 1,020 delegation of procurement authorities they have issued to federal agencies have paved the way for thousands of federal employees in U.S. facilities worldwide to buy professional services, including IT services, through OASIS.

Additionally, the unrestricted and small-business OASIS contracts have a total of $586 million in obligated sales under 209 task orders, according to GSA's OASIS dashboard.

The 10-year, $60 billion OASIS -- which GSA took two years to develop with input from federal customers and industry -- faced some initial protests before contracts were finally awarded in the winter and spring of 2014. Since then, GSA said it has given DPA training to more than 3,400 contracting professionals. The 1,020 DPAs GSA has issued are spread among approximately 300 contracting offices at 143 subordinate commands or bureaus at 32 federal agencies in Asia, Africa, Central America, Europe, Guam and the United States.

U.S., China defense chiefs talk cyber

In a Nov. 3 meeting with Chinese Minister of Defense Gen. Chang Wanquan, U.S. Defense Secretary Ashton Carter said cybersecurity and tensions in the South China Sea are two ongoing security issues affecting the bilateral relationship, according to a Pentagon summary of the meeting.

Carter "expressed U.S. concerns about cyberthreats to companies and citizens," the summary states. Chinese perpetrators are suspected in a string of hacks of American companies and the Office of Personnel Management. Chinese government officials have called the OPM accusation irresponsible.

Carter reiterated U.S. support for the modest cyber accord reached recently by the leaders of the U.S. and China, the summary states. Carter plans to visit China next spring.

Hurd introduces bill to boost state, local cybersecurity

Rep. Will Hurd (R-Texas) introduced a bill on Nov. 2 to give state and local governments access to federal cybersecurity resources.

Under the proposed State and Local Cyber Protection Act of 2015, the Department of Homeland Security's National Cybersecurity and Communications Integration Center would work with state and local governments on information security. The center would help those agencies identify system vulnerabilities and would provide technical and privacy training for cybersecurity analysts, according to a press release issued by Hurd's office.

"State and local governments often do not have access to adequate personnel or technical cybersecurity resources," Hurd said in a statement.

The National Association of State CIOs backs the bill.

Day exits GSA

General Services Administration deputy assistant commissioner Mark Day, who worked in the agency’s Office of Integrated Technology Services within the Federal Acquisition Service has officially retired from federal service, GSA officials confirmed to FCW.

Before joining ITS in 2011, Day had been CTO at the U.S. Department of Housing and Urban Development and had  served nine years as deputy CIO, CTO, and Director of the Office of Technology Operations and Planning at the Environmental Protection Agency  where he was the senior executive for that agency’s IT operations.

New of Day's departure was first reported by Federal News Radio.

AT&T will network Census devices

AT&T will be supporting the Census Bureau's push to go mobile.

This week, the telecom giant said it signed a five-year contract with the bureau in July to provide flexible network support for demographic surveys -- Census conducts more than 100 every year -- and cost-saving billing based on data use rather than number of users. The company will also furnish the AT&T Control Center platform, which will give Census officials centralized management of as many as 20,000 devices.

Whether AT&T directly supports the decennial census in 2020 remains an open question, a company spokesman said.

Former NSA chief: U.S. unprepared for nation-state cyberattacks

The United States is unprepared to defend against cyberattacks from Russia, Iran and other potentially adversarial states, former National Security Agency Director and retired Gen. Keith Alexander told Congress Nov. 3.

"I expect these countries will come back at us with cyberattacks" in response to geopolitical events, Alexander told the Senate Armed Services Committee, adding, "Our nation is not ready for these types of attacks, across the board."

To address the challenge of helping the government better defend the private sector from cyberthreats, Alexander floated the idea of a radar system that instantly alerts the government when a company's networks are being hit.