Over his career, Professor Spafford's work in information security and public policy, as well as his lecturing style, have resulted in requests for him to provide testimony before various Congressional committees and to advise agencies in the Executive Branch. This page contains links to those sessions and testimony, in reverse chronological order within governmental unit.
If you are going to be providing your own testimony, you might find this advice helpful.
Congress
House of Representatives
4 May 2011, 112th Congress
Testimony on behalf of USACM before the House Subcommittee on Commerce, Manufacturing and Trade, Committee on Energy and Commerce Hearing on "The Threat of Data Theft to American Consumers."
Subsequent to the hearing, I was asked three questions for the record. These were my responses.
6 May 2008, 110th Congress
Testimony on behalf of USACM before the House Subcommittee on Social Security, Committee on Ways and Means Hearing on "Employment Eligibility Verification Systems and the Potential Impacts on the Social Security Administration's (SSA's) Ability to Serve Retirees, People with Disabilities, and Workers."
22 June, 2006, 109th Congress
This is testimony before the House Veterans' Affairs Committee on the topic of "Oversight Hearing on the Academic and Legal Implications of VA's Data Loss."
27 October, 2005, 109th Congress
This is testimony before the House Armed Services Committee. The topic is on "Cyber Security, Information Assurance and Information Superiority."
17 September 2003, 108th Congress
This was testimony before the House Government Reform Committee Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census. The topic was on certification of software, and the role it should play in governmental acquisitions.
24 July 2003, 108th Congress
Testimony before the House Armed Services Committee Subcommittee on Terrorism, Unconventional Threats and Capabilities. My testimony was on Cyber Terrorism: The New Asymmetric Threat.
10 October 2001, 107th Congress
This was testimony before the House Science Committee. The topic was Cyber Security — How Can We Protect American Computer Networks From Attack? My testimony and the official House transcript are available online.
11 February 1997, 105th Congress
This was testimony before the House Science Committee. The hearing was on Secure Communications, and my testimony was entitled One View of a Critical National Need: Support for Information Security Education and Research. My written testimony is available in both HTML and PDF.
Senate
19 March 2009, 111th Congress
This was testimony before the Senate Commerce Committee in a hearing on "Cybersecurity -- Assessing Our Vulnerabilities and Developing An Effective Defense." My Testimony is online.
General Accountability Office
Spaf serves on the GAO's Executive Council on Information Management and Technology (ECMIT). This committee of experts advises GAO management on upcoming trends and issues, concerns about IT issues, and other items to assist GAO in its duties of ensuring accountability of government.
Executive Branch
Office of the President
PITAC
Spaf was as a member of the President's Information Technology Advisory Committee (PITAC) for 2003-2005. They looked at issues related to health care informatics, funding for basic cybersecurity research, and Federal support for supercomputing.
February 2000, 42nd President
As a result of a significant distributed denial of service attack (DDOS), I was one of a group of people invited to the White House to meet with President Clinton. Afterwards, I wrote an account of that meeting that was reprinted in several venues. It is also available here.
Department of Defense
US Air Force Scientific Advisory Board
Spaf was a member of the the Air Force Scientific Advisory Board in 1999-2003. This group provides expert scientific advice to the Chief of Staff of the Air Force regarding current and future technology issues. During his time on the AFSAB, Spaf participated in studies on next-generation database systems, on asymmetric terrorist threats, and he chaired a review of part of the Air Force Research Laboratory. For his service, he was awarded an Air Force medal for "Meritorious Civilian Service."
He returned to the Board as a consultant/advisor for studies conducted in 2007 and 2008.
U.S. Air Force Air University Board of Visitors
Spaf is a member of the U.S. Air Force Air University Board of Visitors from 2009-2011. The Board is composed of members who are eminent authorities in the field of air power, defense, management, leadership, and academia. Members provide the Secretary of the Air Force, through the Commander, Air University and the Commander, Air Education and Training Command, independent advice and recommendations on matters pertaining to the educational, doctrinal, and research policies and activities of Air University.
Federal Bureau of Investigation
Spaf was member of the national steering committee of the FBI's Regional Computer Forensics Laboratories (RCFL) program from 2003-2006. The RCFLs are equipped with the latest forensic equipement and trained personnel to help investigate information crimes and the use of computers in traditional crimes.
National Science Foundation
Spaf spent the 2003-2004 academic year at the National Science Foundation as a senior advisor to the Assistant Director of CISE, Dr. Peter Freeman. In this role he assisted in formulating general plans for programs such as the Cyber Trust solicitation, and increasing awareness of the interdisciplinary aspects of cyber security, privacy and forensics.
Judicial Branch
Over the years, I have been asked to sign on to amicus curiae (friend of the court) briefs -- essays submitted to courts presenting an opinion by experts about a pending case. I am uncertain if any of these have actually made a difference in the cases at issue, but each time it has been an interesting experience for me.
Most of the briefs I have signed onto (or helped author) have gone to courts of appeal -- including the Supreme Court. I have not saved copies of these briefs, so I have provided links to the ones I can find. Note that on none of these was I the sole (or primary) author. Some are in support of one of the parties in the case, and other times they are effectively neutral. I was not compensated for any of these.
- 1997, brief in the case of Daniel J. Bernstein vs. U.S. Department Of Commerce et al. in the Court of Appeals for the 9th Circuit
- 2001, brief in the case of Universal City Studios, Inc., et al. vs. Eric Corley, a/k/a Emmanuel Goldstein and 2600 Enterprises, Inc., et al. in the Court of Appeals for the 2nd Circuit
- 2005, brief in the case of Metro-Goldwyn-Mayer Studios, Inc., et al., vs. Grokster, Ltd., et al. in the Supreme Court.
- 2013, brief in case of Oracle America, Inc vs. Google, Inc. in the Federal Circuit Court of Appeals.
- 2013, brief in the case of Authors League Fund, Inc. vs. Hathitrust, Cornell University, et al. in the Court of Appeals for the 2nd Circuit
- 2014, brief in the case of <Under Seal> vs. Eric Holder, et al. in the Court of Appeals for the 9th Circuit
- 2014, brief in the case of Riley vs. State of California, in the Supreme Court
- 2016, brief in the case of Apple vs. US in the Central District Court.
- 2017, brief in the case of Oracle America, Inc vs. Google, Inc. in the Federal Circuit Court of Appeals.
- 2018, brief in the case of United States of America vs. Microsoft Corporation in the Supreme Court.
- 2019, brief in the case of Shelby Advocates for Valid Elections vs. Tre Hargett, et al. in the Court of Appeals for the 6th Circuit.
- 2020, brief in the case of Google LLC vs. Oracle America Inc, in the Supreme Court of the United States.
- 2020, brief in the case of Nathan van Buren vs. United States, in the Supreme Court of the United States.
- 2020, brief in support of a petition for writ of certiorari to the Supreme Court of the United States, in Shelby Advocates for Valid Elections, et al. vs. Tre Hargett, et al.
- 2022, brief in the case of Apple, Inc. vs. Corellium, LLC, in the Court of Appeals for the 11th Circuit.
Other
Some other activities and experience are listed here.