Skip to Content

Notice

Multistakeholder Process To Promote Collaboration on Vulnerability Research Disclosure

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

National Telecommunications and Information Administration, U.S. Department of Commerce.

ACTION:

Notice of open meeting.

SUMMARY:

The National Telecommunications and Information Administration (NTIA) will convene a meeting of a multistakeholder process concerning the collaboration between security researchers and software and system developers and owners to address security vulnerability disclosure on April 8, 2016.

DATES:

The meeting will be held on April 8, 2016 from 10:00 a.m. to 4:00 p.m., Central Time. See SUPPLEMENTARY INFORMATION for details.

ADDRESSES:

The meeting will be held at the Westin Chicago River North, 320 North Dearborn Street, Chicago, IL 60654.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Allan Friedman, National Telecommunications and Information Administration, U.S. Department of Commerce, 1401 Constitution Avenue NW., Room 4725, Washington, DC 20230; telephone (202) 482-4281; email; afriedman@ntia.doc.gov. Please direct media inquiries to NTIA's Office of Public Affairs, (202) 482-7002; email press@ntia.doc.gov.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

Background: On March 19, 2015, the National Telecommunications and Information Administration, working with the Department of Commerce's Internet Policy Task Force (IPTF), issued a Request for Comment to “identify substantive cybersecurity issues that affect the digital ecosystem and digital economic growth where broad consensus, coordinated action, and the development of best practices could substantially improve security for organizations and consumers.” [1] This Request built on earlier work from the Department, including the 2011 Green Paper Cybersecurity, Innovation, and the Internet Economy,[2] as well as comments the Department had received on related issues.[3] On July 9, 2015, after reviewing the comments, NTIA announced that the first issue to be addressed would be “collaboration on vulnerability research disclosure,” [4] and subsequently announced that the first meeting of a multistakeholder process on this topic would be held on September 29, 2015. A second meeting was convened on December 2, 2015.[5]

Matters to Be Considered: The April 8, 2016 meeting is a continuation of a series of NTIA-convened multistakeholder discussions concerning collaboration on vulnerability disclosure. Stakeholders will engage in an open, transparent, consensus-driven process to develop voluntary principles guiding the collaboration between vendors and researchers about vulnerability information. The April 8, 2016 meeting will build on stakeholders' previous work. More information about stakeholders' work is available at: http://www.ntia.doc.gov/​other-publication/​2015/​multistakeholder-process-cybersecurity-vulnerabilities.

Time and Date: NTIA will convene a meeting of the multistakeholder process to promote collaboration on vulnerability research disclosure on April 8, 2016, from 10:00 a.m. to 4:00 p.m., Central Time. The meeting date and time are subject to change. Please refer to NTIA's Web site, http://www.ntia.doc.gov/​other-publication/​2015/​multistakeholder-process-cybersecurity-vulnerabilities, for the most current information.

Place: The meeting will be held at the Westin Chicago River North, 320 North Dearborn Street, Chicago, IL 60654. The location of the meeting is subject to change. Please refer to NTIA's Web site, http://www.ntia.doc.gov/​other-publication/​2015/​multistakeholder-process-cybersecurity-vulnerabilities, for the most current information.

Other Information: The meeting is open to the public and the press. The meeting is physically accessible to people with disabilities. Requests for sign language interpretation or other auxiliary aids should be directed to Allan Friedman at (202) 482-4281 or afriedman@ntia.doc.gov at least seven (7) business days prior to the meeting. The meeting will also be webcast. Requests for real-time captioning of the webcast or other auxiliary aids should be directed to Allan Friedman at (202) 482-4281 or afriedman@ntia.doc.gov at least seven (7) business days prior to the meeting. There will be an opportunity for stakeholders viewing the webcast to participate remotely in the meeting through a moderated conference bridge, including polling functionality. Access details for the meeting are subject to change. Please refer to NTIA's Web site, http://www.ntia.doc.gov/​other-publication/​2015/​multistakeholder-process-cybersecurity-vulnerabilities, for the most current information.

Start Signature

Dated: March 23, 2016.

Kathy D. Smith,

Chief Counsel, National Telecommunications and Information Administration.

End Signature End Supplemental Information

Footnotes

1.  U.S. Department of Commerce, Internet Policy Task Force, Request for Public Comment, Stakeholder Engagement on Cybersecurity in the Digital Ecosystem, 80 FR 14360, Docket No. 150312253-5253-01 (Mar. 19, 2015), available at: http://www.ntia.doc.gov/​files/​ntia/​publications/​cybersecurity_​rfc_​03192015.pdf.

Back to Citation

2.  U.S. Department of Commerce, Internet Policy Task Force, Cybersecurity, Innovation, and the Internet Economy (June 2011) (Green Paper), available at: http://www.nist.gov/​itl/​upload/​Cybersecurity_​Green-Paper_​FinalVersion.pdf.

Back to Citation

3.  See Comments Received in Response to Federal Register Notice Developing a Framework for Improving Critical Infrastructure Cybersecurity, Docket No. 140721609-4609-01, available at: http://csrc.nist.gov/​cyberframework/​rfi_​comments_​10_​2014.html.

Back to Citation

4.  NTIA, Enhancing the Digital Economy Through Collaboration on Vulnerability Research Disclosure (July 9, 2015), available at: http://www.ntia.doc.gov/​blog/​2015/​enhancing-digital-economy-through-collaboration-vulnerability-research-disclosure.

Back to Citation

[FR Doc. 2016-06966 Filed 3-25-16; 8:45 am]

BILLING CODE 3510-60-P