In this Capitol Report:
This Capitol Report is brought to you by:
State Policy News
Department of Revenue Holds Stakeholder Meeting on Taxation of Digital Goods
Please be advised that the Colorado Department of Revenue will be holding a stakeholder meeting on October 18, 2017, to discuss the taxation of digital goods. Details regarding this meeting are provided below:
Date: October 18th
Time: 9:00 a.m.
Location: 1313 Sherman Street, Room # 220
***Please note that the location is at a different address than previous DOR meetings.
Goal of Meeting:
The DOR is seeking input from stakeholders on how sales and use tax may apply to digital goods. The input received through this group may be used for developing a regulation that will determine the application, if any, of sales and use taxes to digital goods sold or used in Colorado.
Stakeholders can attend in person or participate by telephone. Please contact either Loren Furman at firstname.lastname@example.org or Neil Tillquist at email@example.com if you would like to participate in this working group. Additionally, you may sign up for this meeting and future meetings at https://www.colorado.gov/pacific/tax/tax-regulations.
Thank you and please feel free to contact Loren Furman at firstname.lastname@example.org with any additional questions regarding this matter.
Federal Policy News
Sen. Gardner Champions Bipartisan “Internet-of-Things” Cybersecurity Legislation
Proposed changes would set minimum cybersecurity requirements for Internet-connected devices purchased by the federal government.
As Co-Chairs of the Senate Cybersecurity Caucus, U.S. Senators Cory Gardner (R-CO) and Mark Warner (D-VA), worked with Sens. Ron Wyden (D-WA) and Steve Daines (R-MT) to introduce legislation setting a benchmark for improving the cybersecurity of products purchased by the federal government. In light of recent, exponential growth of the Internet-of-Things (IoT), experts are predicting the IoT will include over 20 billion devices by 2020 – barely two years from today.
“As devices continue to transform our society and add countless new entry points into our networks, we need to make sure they are secure from malicious cyber-attacks. This bipartisan, commonsense legislation will ensure the federal government leads by example and purchases devices that meet basic requirements to prevent hackers from penetrating our government systems without halting the life-changing innovations that continue to develop in the IoT space.” – Senator Cory Gardner
What this means for CACI members: This proposed legislation could be both an opportunity and challenge to member companies to develop, market and fine-tune certain security products and connected devices. This legislation could potentially create a conduit for using industry’s cutting-edge expertise to reach one of the country’s largest consumer markets: the federal government.
Products must certify that:
- Devices/services are patchable;
- Rely on industry standards;
- Any hardcoded passwords must be changeable; and,
- Products be free of known security vulnerabilities.
“This bill is designed to let researchers look for critical vulnerabilities in devices purchased by the government without fear of prosecution of being dragged to court by an irritated company. Enacting this bill would also help stop botnets that take advantage of internet-connected devices that are easy prey for criminals.” – Sen. Ron Wyden
Other legislation provisions for the Internet of Things Cybersecurity Improvement Act of 2017:
- Directs the Office of Management & Budget (OMB) to develop ‘alternative network-level security requirements for devices with limited data processing and software functionality’;
- Directs Homeland Security to issue guidelines re: ‘cybersecurity coordinated vulnerability disclosure policies’ required for contractors to the federal government;
- Exempts cybersecurity researchers engaging in good-faith research, a.k.a. white-hat hacking; and,
- Requires every executive agency to inventory all Internet-connected devices used by each agency.
This bipartisan legislation was drafted after consulting leading cybersecurity experts, including the Atlantic Council, Harvard University’s Berklett Cybersecurity Project, and in conjunction with federal contractors and researchers to develop coordinated vulnerability protections. Cybersecurity Co-Chairs Gardner and Warner celebrated this legislation as a key, important step in advancing our nation’s cybersecurity defenses. CACI will continue to track the progress of this legislation and how it might change the landscape for Colorado’s role in the Internet of Things.
Have questions about this legislation or other federal issues? Contact CACI Federal Policy Director Leah Curtsinger by email or at (303) 866-9641.