[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips September 26, 2002

Clips September 26, 2002

ARTICLES

University bans controversial links
Amazon to revamp privacy policy
IMF and World Bank Gatherings Could Prompt Cyber Attacks - FBI
States keep IT programs on track
Undersea data network planned off Calif. coast
Sharing called key to cyber plan
Privacy battle seen as a 'gathering storm'
National Science Foundation Announces Grant Winners
Cyberattacks Reach All-Time High
Canada's Cyber-Snooping Plans Raise Ire


*****************
News.com
University bans controversial links
By Declan McCullagh
Staff Writer, CNET News.com
September 25, 2002, 4:13 PM PT


The University of California at San Diego has ordered a student organization to delete hyperlinks to an alleged terrorist Web site, citing the recently enacted USA Patriot Act.
School administrators have told the group, called the Che Cafe Collective, that linking to a site supporting the Revolutionary Armed Forces of Columbia (FARC) would not be permitted because it violated federal law.

In a letter to the Che Cafe Collective, UCSD University Centers Director Gary Ratcliff said the hyperlink violated a law that bans "providing material support to support terrorists." Ratcliff warned that the student organization would face disciplinary action if it did not immediately remove the link to FARC.



"The concern of the institution is that this could be interpreted as a violation of the law," Ratcliff said in an interview Wednesday. "What we're trying to be is pro-active here. If the FBI decided to pay attention to this matter, the repercussions would go way beyond their group because we're providing network services."

The law in question is one section of the USA Patriot Act, signed by President George W. Bush last October, which outlaws providing "material support or resources" to foreign terrorists who have been placed on a State Department list. Material support is defined as money, lodging, training or "communications equipment."

As of Wednesday, Che Cafe members had not removed the link from the Burn.ucsd.edu site, which is maintained by the organization. Che Cafe did not reply to interview requests, but said in a letter sent to Ratcliff last week that he does not "have the authority to unilaterally impose sanctions based on your opinion that we violated university policies."

The State Department calls Colombia's FARC a terrorist group because it has kidnapped and murdered U.S. citizens.

Because the FARC, also known by its Spanish name Fuerzas Armadas Revolucionarios de Colombia, appears on the State Department's August list of 34 terrorist organizations, the university says it has no choice but to ban hyperlinks. The law applies to "financial resources, personnel, communications facilities," Ratcliff said. "The information on the site, if you look at it, wasn't viewed as news by the institution, but information the site meant to build support for these organizations. It wasn't an impartial, balanced presentation with analysis or interpretation. These were sites that were trying to generate sympathy."

A taste for anarchy
Che Cafe is a medley of a vegan collective, a cafe that serves organic food, and a confederation of self-described radical students. Its mission is to advance "radical social change," and it keeps links endorsing anarchist sites including Raise the Fist, which the FBI raided in January.

The Foundation for Individual Rights in Education (FIRE) said UCSD's reading of the USA Patriot act was laughably censorious.

"I think their interpretation of materially supporting terrorism is dreadfully overbroad and a massive threat to freedom of speech," said Greg Lukianoff, FIRE's director of legal advocacy. Lukianoff said FIRE was willing to represent the Che Cafe against the university, which must abide by the First Amendment's guarantee of free speech because it is a government school.

"All you'd have to do is declare someone a terrorist organization to prevent someone from knowing who the enemy is or what they stand for," Lukianoff said. "That's not how democracy works."

When asked whether the university would prohibit a faculty member or the student newspaper from linking to an alleged terrorist group, UCSD's Ratcliff said he was not sure. "Those are good questions to ask," he said. "As it relates to this law, it would depend on a case-by-case situation." The UCSD university attorney did not immediately return phone calls.

In April, the Groundwork Books collective, another UCSD student organization, got in trouble for linking to a different terrorist group, the Kurdistan Workers Party (PKK), which is also on the State Department's list. It has removed the link.

Last week, Ratcliff sent the Groundwork Books collective a letter saying that its members must write an essay saying they understand they broke the law and would not do it again. "Groundwork Books will be placed on probation for the 2002-2003 academic year and may be suspended and deregistered as a student organization if during this time it posts material supporting a (foreign terrorist organization) on a Web site it maintains," Ratcliff wrote.

Che Cafe also hosts a collection of statements, including political platforms, relating to the Kurdistan Workers Party.

The Kurdistan Workers Party, according to the FBI, is a Marxist-Leninist group that hopes to overthrow the existing government in southeastern Turkey.
*********************
News.com
Amazon to revamp privacy policy
By Troy Wolverton
Staff Writer, CNET News.com
September 25, 2002, 5:18 PM PT

Online retail giant Amazon.com plans to revamp its privacy policy in an attempt to address concerns raised by customers, consumer advocates and state regulators.
As part of its revision of the policy, which it plans to post "in the next few weeks," Amazon plans to clarify the circumstances under which it might sell or share customer information, the company said in a letter sent to state regulators Monday. The company also plans to list the companies with which it offers joint or co-branded services and to provide more information on the types of customer information it collects from other sources, the company said in its letter.

"In sum, we believe the changes to our privacy notice will make our privacy practices and policies more transparent to customers and easier to understand," the company said in its letter.


Massachusetts Attorney General Tom Reilly hailed Amazon's decision, saying in a statement that the company had agreed to "wide-reaching changes" in its privacy policy.

"I'm really pleased that this company recognized our concerns and is taking actions to protect consumers," Reilly said in the statement.

But Amazon representatives emphasized that the company was not making any "material changes" in its policies or practices.

"There's no significant change here from what we did in September of 2000 except the wording," Amazon spokeswoman Patty Smith said.

Amazon ignited a firestorm of criticism when it last updated its privacy policy in September 2000. Under the current policy, Amazon warns customers that it might transfer their personal data "in the unlikely event" that the company or its assets are acquired. The company's previous policy said Amazon would not "sell, trade or rent your personal information to others" and did not make an exception for the case of a transfer of business control.

The change was protested by customers and consumer advocates. The Electronic Privacy Information Center (EPIC) charged that the change represented an unfair business practice and urged the Federal Trade Commission to investigate. The FTC later decided not to take action against Amazon.

After that decision, a group of state regulators, including the attorneys general of 12 states, began scrutinizing Amazon's privacy practices and has discussed them with the company.

The updates to Amazon's policy came as a result of these discussions, said Glenn Kaplan, an assistant attorney general with Massachusetts, which led the talks with Amazon. The agreement is not binding and has no enforcement mechanism, but the states expect Amazon will comply with it.

"The agreement promises that Amazon will make certain changes to its privacy policy," Kaplan said. "We're confident that they will carry through on their commitments. To the extent that they don't, we're back in a position of looking at their practices and policies to see if they fall under consumer protection laws."

By clarifying the companies with which it has marketing relationships and listing the ways that it collects data from outside sources, Amazon is doing a service for customers that goes beyond its obligations under federal law, said Chris Hoofnagle, legislative counsel for EPIC. But the company still hasn't addressed the issue that sparked the uproar about its initial privacy policy change: whether it should sell its customer lists in the case of an asset sale, Hoofnagle said.

"There are important reforms to their privacy policy, but the core issue here is Amazon should not be allowed to sell its customer data that it collected under the previous privacy policy," Hoofnagle said. "Amazon made an important guarantee in the area of intellectual freedom when comes to not selling book lists and that guarantee should be enforced."
****************************
Reuters
Canada Eyes Iris-Scanning for Airport Travelers
Wed Sep 25, 4:13 PM ET

VANCOUVER, British Columbia (Reuters) - Canada unveiled plans on Wednesday to let frequent international fliers use their eyes to avoid long airport customs and immigration lines.



Instead of presenting identification documents to a customs official when entering Canada, pre-screened travelers will be allowed, beginning next year, to use hi-tech equipment that can identify them by scanning their irises.

The iris has features unique to each individual, and iris scanning is considered more accurate than technologies such as finger-printing, retinal scanning and facial scanning, according to Canada's Customs and Revenue Agency.

Canada's border security came under scrutiny after the Sept 11 attacks, and Canada had to scrap programs aimed at easing the trip for frequent border crossers -- which a government press release on Wednesday called "our trusted clients."

"While security is obviously of utmost importance, the free flow of travel is essential to the vitality of this country, the majority of travelers are law-abiding citizens," Revenue Minister Elinor Caplan said.

The first iris-scanning equipment will be installed for testing in March 2003 at the international airports in Toronto and Vancouver.

The C$39 million program will initially only be available to Canadian citizens and residents, but officials hope to soon make it available to U.S. citizens and eventually to citizens of countries that have visa-exempt status with Canada.

Applicants to the CANPASS program will have to pay C$50 annually and undergo a security background check. Officials believe up to 200,000 people will eventually qualify.

An estimated 300,000 people enter and leave Canada each day through its airports, highway and rail crossings.

The CANPASS program was originally expected to have begun this fall, but was delayed as officials reviewed the different technologies for identifying people.

Canada and the United States in June introduced the NEXUS program to pre-screen travelers who make frequent border crossings at highway checkpoints.
**************************
Washington Post
IMF and World Bank Gatherings Could Prompt Cyber Attacks - FBI
By Brian Krebs
Tuesday, September 24, 2002; 3:32 PM

The FBI is urging network security experts to be on guard against cyber protests timed to coincide with planned demonstrations surrounding this week's meetings of the International Monetary Fund and World Bank in Washington, D.C.

In an alert sent to hundreds of companies that own and operate the nation's most vital information networks, the FBI's National Infrastructure Protection Center (NIPC) yesterday warned that "a small group that intends to disrupt the meetings with a physical attack may use cyber means to enhance the effects of the physical attack or to complicate the response by emergency services to the attack."

"The cyber portion of this attack can be executed by sympathetic hackers or by mercenary hackers seeking publicity," NIPC said.

Despite the urgency of the warning, the FBI "has no credible evidence" of an imminent threat, an agency spokesman said.

"This is really just to put companies on alert to be aware of the potential for such an attack," NIPC's Paul Bresson said. "In the days of post 9-11, we'd be remiss if we were aware of a potential threat and didn't at least put people on notice about it."

Chris Rouland, director of X-Force, the research and development arm of Atlanta-based Internet Security Systems, said there are no signs as yet that protesters have turned to "hacktivism," save for one Web site promoting the idea of a "protester scavenger hunt."

Rouland dismissed the notion that protesters might target the nation's communications networks or electric power grid.

"Too often, hacktivism is confused with cyberterrorism," he said. "These people are trying to send a message, not disrupt cyber infrastructure."

But he said hackers have shown a penchant for mischief during previous global finance meetings.

Last year, hackers broke into the Web site for the World Economic Forum and gained access to a confidential list of 27,000 names, including credit card and phone numbers for summit participants. In February, a cyber assault disabled the same site during the forum's meeting in New York.

"It's very easy to fault these alerts, but overall I think they are very valuable because they tend to raise awareness of weak spots," Rouland said.
***************************
Federal Computer Week
States keep IT programs on track
BY Dibya Sarkar
Sept. 25, 2002

Rather than make across-the-board spending cuts in programs, state governments are using alternative measures, such as dipping into "rainy day" funds and raising taxes, to grapple with a collective $22 billion revenue shortfall.

As a consequence, many state capital investments and information technology programs have not been impacted as greatly as expected, according to Input, a Chantilly, Va.-based marketing and research firm that recently surveyed officials in 50 states.

"In terms of information technology, we're not seeing major cuts being made," said Suzy Haleen, a state and local analyst for the firm. "In my opinion, the governors are aware that if they make a bunch of cuts now, several years down the road, they'll not be able to keep up." But she added that the situation is different in each state.

The Input survey found that, for fiscal 2002, only 10 states reported no shortfall and the total shortfall across all states was about $22 billion. But Haleen said several states have balanced-budget requirements and are in the middle of a biennial budget cycle, so determining a collective number is difficult.

However, in July, the National Conference of State Legislatures said that 43 states reported budget gaps totaling about $36 billion. For fiscal 2003, NCSL projects the collective budget shortfall will grow to nearly $58 billion. For 2002, the group said 26 states implemented targeted or across-the-board cuts, and 19 states drew from their rainy day funds. States also raised taxes by $6.7 billion, NCSL said.

In addition to these alternative measures, states also reduced aid to local governments and laid off employees, the Input survey found. Haleen said that while all states reduced spending across the board, it was not the primary way to reduce their gaps, but more of a last resort. Many used reserve funds and increased taxes.

Haleen said that IT vendors have to find ways to make their products more attractive to government officials by knowing and understanding and agency's needs and requirements and the state government's fiscal condition.
*************************
Computerworld
Undersea data network planned off Calif. coast
By Scarlet Pruitt, IDG News Service
SEPTEMBER 25, 2002

The tech industry is taking a dive, and not just in the stock market. The National Science Foundation (NSF) announced yesterday that it has awarded grants to build an underwater data network off the coast of Monterey, Calif., for oceanographic research.
The network, dubbed the Monterey Accelerated Research System (MARS), will consist of underground cables and docking stations that will be used to power and provide high-speed data links to oceanographic devices, the NSF said.

While data links and electrical power are plentiful aboveground, the NSF said doing underwater research has been no easy chore, since information could be gathered only during intermittent ship cruises or using temporary, battery-powered devices. With the MARS network in place, researchers hope to be able to use underwater plug-and-play devices.

The network will be built during the next three years by a team of oceanographers from the Monterey Bay Aquarium Research Institute, the University of Washington, the Jet Propulsion Laboratory and the Woods Hole Oceanographic Institution, all of which have received NSF awards to complete the project.

The first stage of the project will consist of 40 miles of submarine cable and a science node 4,000 feet below the ocean surface, the NSF said. The node will have four docking stations and will be able to provide oceanographic instruments with 10 kilowatts of power.

In addition to aiding oceanographic research in the area, MARS will also serve as a testing ground for a more ambitious project called Neptune, the NSF added. Neptune will entail thousands of miles of underground cables and dozens of monitoring stations, stretching from Northern California to Vancouver Island.

The large-scale network, which will cover an area where oceanic and continental plates collide, will be used to study earthquake and tsunami risks, as well as global tectonic processes.
***************************
Reuters
Wireless Phone Use Up 7.6 Percent - Study
Wed Sep 25, 7:07 PM ET

CHICAGO (Reuters) - The percentage of households that use wireless telephones in the biggest U.S. markets including New York, Chicago and Los Angeles rose 7.6 percent between 2001 and 2002, a study said on Wednesday.

According to an annual survey by market research firm J.D. Power and Associates, 56 percent of households in the 27 largest U.S. markets use wireless phone service, more than double the penetration rate in 1995, and up from 52 percent a year ago.

However, the study found that the growth rate has slowed compared with the 13 percent rate between 2000 and 2001. This confirms the slowdown in subscriber growth that wireless operators have seen during the same time period.

J.D. Power said only 5.8 percent of non-wireless users that it surveyed indicated that they intend to subscribe within the next year.

The Westlake Village, California-based firm based its results on a survey of 17,659 households in 27 U.S. markets.

J.D. Power also found that the average cost per minute has dropped to 11 cents today from 56 cents in 1995, making it more difficult for providers to generate the same amount of revenue per customer they once received.

"Providing superior customer satisfaction has become critical in the wireless industry to bolster customer retention and increase revenue potential," it said.

It named AT&T Wireless Services Inc. , the nation's No. 3 wireless operator, as the best performer in meeting customer satisfaction overall, scoring the highest in 15 markets. The company also ranked the highest a year ago in 13 of the 20 surveyed markets.

Verizon Wireless , the nation's largest winless telephone company, ranked highest in nine markets.

"They consistently offer service across a number of areas like billing, like customer service, offering a variety of price plans that fit my needs, things of that nature," Kirk Parsons, senior director of wireless services for J.D. Power, told Reuters.

T-Mobile , formerly known as VoiceStream Wireless, was the top performer in Metropolitan New York.

J.D. Power said operators with high overall satisfaction scores retain customers an average of two months longer and generate about $4 more in monthly revenue per customer.

Satisfied customers are 56 percent more likely to choose their current service provider again compared with customers of providers with below-average satisfaction scores, the study found.
***************************
Federal Computer Week
Sharing called key to cyber plan
BY Diane Frank
Sept. 25, 2002

The sharing information and responsibility is key to the success of the public/private partnership envisioned in the Bush administration's draft National Strategy to Secure Cyber Space, experts said Sept. 24.

Security experts came together at a forum sponsored by the Cato Institute to share their views on how government and industry should share responsibility for securing the Internet, information technology products, and networks across the country and around the world.

There is widespread agreement that government cannot be solely responsible for the cybersecurity of the critical infrastructure, such as the telecommunications and banking sectors. But, said Scott Charney, chief security strategist at Microsoft Corp., the question remains: How can government encourage companies to meet their responsibility to secure what they own and operate?

"The fact is, it's difficult for government and industry to figure out who is responsible for what," he said. Charney served as chief of the computer crime unit at the Justice Department until earlier this year.

Not all of the details are complete for the steps to promote the improvement of infrastructure security, and many people have criticized the cybersecurity strategy for leaving out important issues and means of enforcement.

That, however, is why the document is open for comment until Nov. 18, said Ken Silva, director of networks and security at VeriSign Inc. And if measures really need to be added or put back in and if the public pushes hard enough they will be included, he said.

One key step in improving security is for organizations to share information about vulnerabilities and threats. However, such sharing doesn't occur as much as it should, considering the many mechanisms created for that purpose in the public and private sectors, Silva said. Government and industry must focus on improving that poor record, he said.

In order for information sharing to progress, all parties must understand how it brings value to their mission or their business, said Andrew Purdy, senior adviser for IT security and privacy on the President's Critical Infrastructure Protection Board, which led the development of the cybersecurity strategy.

But information sharing will not really be able to help until government and industry develop the ability to analyze the information, detect patterns, and act to prevent and recover from attacks, Purdy said.
****************************
Computerworld
Privacy battle seen as a 'gathering storm'
By PATRICK THIBODEAU
SEPTEMBER 25, 2002

CLEVELAND -- When corporate privacy officers and legal experts get together for privacy conferences they typically worry and warn about how legislative actions by Congress, the states and local municipalities will affect systems and bottom lines. There's never a shortage of dire, worst-case predictions.
But at this year's Privacy 2002 Conference, they're really worried.

Things are lining up for real legislative battles next year in Congress and in the states, triggered by the impending expiration of a provision of the Fair Credit Reporting Act (FCRA) that blocks states from imposing their own data privacy rules.

Once that exemption expires in early 2004, states will be free to set privacy rules that exceed federal standards. The states, for instance, could limit affiliate sharing of customer data -- a serious threat to financial services firms that often set different lines of businesses as affiliates, entities that exist only on paper. Systems that now freely exchange information could be in for a major redesign.

"There is a gathering storm," said Michael Beresik, who heads PricewaterhouseCoopers' national privacy practice. He sees the expiration of the FRCA preemption provision as the vehicle leading to much larger debate on financial privacy, including a revisiting of the privacy provisions in the Gramm-Leach-Bliley Act.

And the threat that states could impose their own more stringent rules is a real fear. According to the National Business Coalition on E-Commerce and Privacy, a Washington-based group that represents large financial services firms and retailers, 548 privacy bills were introduced in state legislatures this year. Some have already been enacted: San Mateo County in California recently set restrictions on data sharing and is now facing a court battle with the state's large banks, and North Dakota residents recently voted for restrictions.

"State legislatures are becoming more and more aggressive every year in terms of going their own way on privacy," Beresik said at the conference, sponsored by Ohio State University's Technology Policy Group.

To survive and keep the federal preemption in place, Kirk Hearth, chief privacy officer at Nationwide Financial Services Inc. in Columbus, Ohio, said he believes "financial services industries are going to be forced to compromise very strongly" in Congress.

Financial service firms aren't the only ones facing trouble.

While Congress isn't expected to pass a broad, commercial privacy bill this year, next year has potential. "A lot of the developments this session will be the launching point for what happens next session," said Stuart Ingis, an attorney at Piper Rudnick LLP in Washington.

Bills in the U.S. House and Senate could impose a number of requirements on companies regarding the use of data and customer consent. Both would restrict a state's ability to adopt its own rules to some extent.

These bills could impose a number of practices on IT. The leading privacy bill in the House, the Consumer Privacy Protection Act, a bill sponsored by Clifford Stearns (R-Fla.), stands a good chance of winning backing by the House Committee on Energy and Commerce. It would require companies to participate in some kind of threat-warning service and to have a written security policy that has the knowledge of a company's top executive.

The Bush administration has generally opposed requiring companies to take specific action, although it is seeking comment during the next months on its cybersecurity protection draft proposal, which examines some of those issues.

Andy Purdy, senior adviser on the president's Critical Infrastructure Protection Board, said that his personal reaction "is that it is probably not too much to ask that CEOs and boards and directors are aware" of their company's security or privacy policies.

But while the White House would also recommend independent audits on a periodic basis, "I'm not suggesting that we require it," said Purdy.
*************************
Washington Post
Stars Come Out Against Net Music Piracy in New Ads


By Frank Ahrens
Washington Post Staff Writer
Thursday, September 26, 2002; Page A22


The music industry is launching a star-studded advertising campaign, using artists such as Britney Spears and Stevie Wonder to tout its most recent anti-piracy effort.

Full-page ads are scheduled to appear in newspapers today and will be followed by television and radio spots, urging consumers to stop downloading songs from illegal file-sharing sites on the Internet. The multimillion-dollar campaign coincides with hearings today before the House Judiciary Committee's subcommittee on courts, the Internet and intellectual property.

At issue in the House is a bill introduced in July by Rep. Howard L. Berman (D-Calif.). If it passes, it would protect copyright holders -- such as artists and record labels -- from liability for any damage they may cause while using software to disrupt file-sharing services and search public files on consumers' computers for illegal reproductions of copyrighted music.

The movie industry uses a similar technology, called Ranger, that travels through the Internet, looking for illegally downloaded movies on home computers.

The ad campaign is sponsored by several organizations, including the Recording Industry Association of America, the music industry lobby; copyright groups, such as the American Society of Composers, Authors and Publishers and Broadcast Music Inc.; and the American Federation of Television & Radio Artists union. The major record labels are footing the campaign's bill.

The music industry attributes a decline in CD sales -- a 5 percent drop in 2001 from 2000 and a 7 percent drop in the first half of this year -- to music pirated over the Internet via popular file-sharing services.

At its height in February 2001, the Napster file-sharing service had 13.6 million U.S. users. Napster eventually shut down in the face of legal action. Now Kazaa Media Desktop is the most popular file-sharing service, with 8.3 million U.S. users in June, according to ComScore Media Metrix, which tracks Internet use.

Nearly 90 singers and songwriters have signed the newspaper ad, and several have lent quotes to the campaign. The group is diverse, including opera tenor Luciano Pavarotti, hip-hop superstar Eminem, country music's Dixie Chicks and former Beach Boy Brian Wilson.

Pop diva Spears, who will appear in the television ads, offers: "Would you go into a CD store and steal a CD? It's the same thing, people going into the computers and logging on and stealing our music."

Hilary B. Rosen, chief executive of the RIAA, said that illegal song downloading is not only against the law, "it also hurts the very artists and songwriters most downloaders profess to love."

Moving the artists out in front of the music industry's fight against piracy is a new strategy. The sentiment among many who illegally download songs is that their actions amount to justifiable theft -- that they are taking from a corporate monolith that is overcharging for CDs and fails to provide songs on an à la carte basis, which consumers increasingly desire.

The RIAA hopes this campaign will avoid the fan backlash that was inflicted on the heavy-metal group Metallica, which was the first major name to come out against Napster and online piracy. The band members were depicted as corporate stooges and anti-fan.

Somewhere in the middle of the debate are groups that do not necessarily encourage music piracy but do believe efforts to thwart it may be a smoke screen thrown up by a record industry that's been slow to come up with viable, legal alternatives to online piracy.

"I'm excited to see musicians take a more active role regarding piracy, accounting practices, radio consolidation, contract reform and other structures that impact their livelihood," said Jennifer Toomey, executive director of Washington's Future of Music Coalition and a singer-songwriter. "We hope that piracy [will] not be used as a code word to cover up the recording industry's slow adoption and licensing of new technologies -- technologies that may create a more efficient and equitable industry for musicians and citizens."
****************************
New York Times
National Science Foundation Announces Grant Winners
By JOHN MARKOFF

he National Science Foundation announced a series of awards yesterday as part of its three-year-old information technology research program, which is intended to advance computer science by focusing on a wide range of scientific and engineering problems.

The projects that won awards include explorations in technologies needed to build a computer based on quantum physics principles, the development of new scientific tools for ecologists working at universities in the Southwest and Midwest, and a modular computer tied together by fiber optics that will stretch from the University of California at San Diego to the University of Illinois at Chicago.
**************************
Mercury News
H-1B issues going to court
U.S. WORKERS SAY THEY ARE FEELING BETRAYED
By Jennifer Bjorhus
Mercury News

For years U.S. engineers have grumbled that foreign engineers on work visas were getting their jobs. Now, for the first time, U.S. workers are filing formal complaints with the government and in court, charging that foreign guest workers are replacing them during the downturn.

The complaints contend that citizens were either laid off or not hired in favor of foreign workers on temporary H-1B visas. H-1B workers are supposed to fill only those jobs left vacant by a shortage of skilled U.S. workers.

While the previous griping was often dismissed as racial backlash, the new complaints spring from across the tech workforce -- from men and women, white and non-white, native-born Americans and naturalized citizens. And labor lawyers researching the cases are finding something that stuns them: The H-1B rules give citizens almost no protection from being replaced by a foreign worker.

Such complaints have prompted the Department of Justice to examine Sun Microsystems' use of the program. And they've led the General Accounting Office, an investigative arm of Congress, to study how the H-1B program is affecting U.S. workers.

``Betrayal is the word that would come to mind,'' said Allan Masri, a 52-year-old San Jose engineer who was laid off from his quality assurance engineering job at Netscape a year ago. His colleague, an H-1B worker with the same job title, stayed on. Masri said he spent weeks training him on things such as the XML programming language. Masri said he feels he was replaced; Netscape said he was not.

When Congress expanded the H-1B program in 1998, under intense pressure from the tech industry to increase the number of H-1B visas, it left truck-size holes in the rules.

As a result, most employers don't have to hire U.S. citizens first or lay them off last. And it's perfectly legal for most companies to fill U.S. jobs with H-1B workers.

Tech leaders insist companies use the program only if they can't find qualified U.S. engineers. Harris Miller, president of the Information Technology Association of America, calls the protections for U.S. jobs ``more than adequate.''

Miller said H-1B wage requirements ensure that employers don't undercut U.S. workers; companies must post notices when they file H-1B applications. If the rules are broken, anyone can file a complaint, he said. The fact that the number of H-1B visa applications dropped this year indicates employers are using the program appropriately.

The H-1B program expanded swiftly during the tech boom when employers complained of a shortage of engineers. But with record-high unemployment among U.S. engineers, it's hard to argue there's a shortage now.

``One recruiter flatly told me they have 50 H-1Bs willing to work cheap ahead of me in line,'' said James Stakelum, a Dallas database administrator.

While Stakelum didn't file a complaint, others have.

Jenlih Hsieh, a 50-year-old U.S. citizen from Taiwan with a master's degree and more than 12 years of experience in Unix systems administration, filed a complaint with the Equal Employment Opportunity Commission, the U.S. Department of Justice and in Santa Clara County Superior Court. Hsieh alleges that SwitchOn Networks of Milpitas fired him after six months and replaced him with an H-1B worker.

According to the complaint, filed by attorney Phillip Griego, the H-1B worker was earning $30,000 less a year, had only a bachelor's degree and much less experience. An attorney for the company said Hsieh was fired in a layoff and that his dismissal had nothing to do with being a U.S. citizen.

Some immigrants are astonished that being a U.S. citizen doesn't help them beat H-1B workers in the job market.

``It's just so upsetting,'' said Jayashree, 40, a Sunnyvale engineer who asked that her last name not be used. A U.S. citizen from India with a master's degree in computer engineering and hot skills such as C++ and Java, Jayashree filed a complaint with the EEOC after a start-up told her that an H-1B worker from India got the software job she wanted. Unemployed with a son headed to college, she worries about her future.

``What are we supposed to do?'' she said. ``We came here in the 1980s and we worked very hard to come this far.''

No one knows how many U.S. workers are reporting this problem. Complaints made to the federal government are not public until they are resolved, and few have been. The Mercury News has found scores of complaints at attorneys' offices and government agencies nationwide, from the EEOC to the Department of Justice and Department of Labor, the top enforcer of the H-1B program.

None of the agencies responsible for investigating complaints tracks them.

What's clear is that employers continued hiring H-1B workers during a period of mass layoffs. Silicon Valley's top 10 tech companies alone hired at least 2,000 H-1B workers last year -- when they shed more than 41,000 jobs.

Some valley companies say they have reduced H-1B hiring dramatically. Intel, which said that it hired somewhere between 65 and 584 H-1B workers last year when it cut 5,000 jobs, added it applies for H-1B visas only when it can't find qualified U.S. workers.

``The real issue here is the shortage of highly educated, qualified U.S. candidates for the jobs for which we experience skill shortages,'' said Intel spokeswoman Gail Dundas.

Critics charge some employers prefer foreign workers because they are cheaper and more pliable. Three university studies and H-1B salary data from the Immigration and Naturalization Service indicate that H-1B engineers and programmers are paid 15 to 30 percent less.

Some H-1B workers acknowledge tremendous pressure to toe the line and work long hours for employers who hold unusual power over their lives. If they are let go, H-1B workers must leave the country unless another employer steps in as a sponsor.

``The younger guys, they'll work 15-hour days easily,'' said Mohammed Shaikh, a 26-year-old H-1B accountant in Hayward who works at a financial services company.

The H-1B rules leave it up to employers to determine whether there's a shortage of qualified workers. Labor officials aren't out with clipboards checking for shortages. Nor do they check if employers are paying H-1B workers what they pay others, unless there is a complaint.

``There is no system of checks,'' said B. Lindsay Lowell, director of research at the Pew Hispanic Center and an expert on H-1B issues. ``It is completely a complaint-driven process and it's very difficult often to bring a viable legal case against employers.''

The U.S. Department of Justice has been investigating complaints for violations of the Immigration and Nationality Act, which forbids discrimination against employees or job seekers on the basis of their citizenship. It's currently investigating Sun Microsystems after a laid-off engineer complained in April about widespread displacement of U.S. citizens. But most such cases haven't been successful.

``They're very tough cases to prove,'' said a justice official who spoke on condition of anonymity.

But not impossible.

Richard Schramm, an employment lawyer in San Jose, has settled six cases out of court under state and federal laws that make it illegal to discriminate against a job seeker or employee based on their national origin. Schramm's cases involved a variety of tech companies and engineers from various ethnic backgrounds who are U.S. citizens. All said their employer booted them for an H-1B worker with less education and less expertise.

``Most companies are too embarrassed to let this go public, to let it be known that you're abandoning American workers in favor of foreign-based workers,'' Schramm said. ``It's the embarrassment factor that we use in order to settle these cases.''

For every formal complaint, there are many more workers who feel shortchanged but don't speak out. Many signed away rights to challenge their former employer in order to get severance packages.

Bob Simoni did not.

Simoni, 39, lost his consulting job at Toshiba American Electronics Components in Irvine in March.

Simoni, who has an MBA from the University of California-Los Angeles, had worked at Toshiba as a contract engineer for two years installing software in the company's information technology division. He came to work in February to find everyone packing their boxes. Toshiba was outsourcing the division to an India-based technology services company, Infosys, which employs H-1B workers in the United States.

Simoni said Toshiba asked him to stay for three weeks to do ``knowledge transfer'' with Infosys employee Rakesh Gollapalli, who told him he had an H-1B visa. It hurt to be training someone who for all practical purposes was replacing him, and it felt wrong, Simoni said.

Toshiba wouldn't discuss Simoni's situation. A vice president, Stephen Marlow, said the company decided to outsource some jobs to streamline its business in the face of a challenging global market for electronic components.

But Simoni said, ``I don't know how they can justify it. They didn't offer us the opportunity to interview for these positions.''
*****************************
Mercury News
Digital TV mandate harshly criticized
By Edmund Sanders
Los Angeles Times

WASHINGTON - A controversial proposal to jump-start digital television by making most existing TVs obsolete by 2007 was panned Wednesday by lawmakers and industry officials, strongly suggesting the idea will not make it into the final bill.

Draft legislation, circulated last week by staff for Rep. W.J. ``Billy'' Tauzin, R-La., recommended that the government order TV broadcasters to stop sending analog signals -- the current norm -- and shift to digital TV transmissions by Dec. 31, 2006. If adopted, millions of Americans would have to buy new TVs or expensive equipment to receive the digital signals, which won't work on analog sets.

``The end of analog signals in 2006 would also be the end of most of our political careers,'' said Rep. Eliot Engel, D-N.Y., adding that consumer outrage over such a plan would be immense.

However, lawmakers said they would continue to push various industries to accelerate the rollout of digital TV, largely because the government wants to reclaim billions of dollars worth of analog spectrum.
*************************
Information Week
Cyberattacks Reach All-Time High
By George V. Hulme

Cyberattacks have reached an all-time high this month, digital risk-management company mi2g Ltd. says. The company, which has tracked attacks since 1995, says it has spotted 9,011 overt digital attacks so far this month, a sharp increase from the 5,830 attacks spotted in August and 4,904 in July. [for the complete story, see: http://www.informationweek.com/story/IWK20020925S0005]
**************************
Reuters Internet Report
Canada's Cyber-Snooping Plans Raise Ire
Wed Sep 25,12:22 PM ET
By Rina Chandarana

TORONTO (Reuters) - Proposed amendments to Canadian laws that would allow police to monitor e-mail is worrying privacy experts and leaving Internet service providers wondering who will pay for the probing of their customers' Internet activity.



A key part of the amendments would require all wireless and Internet service providers (ISPs) to provide the technology to enable law enforcement agencies to monitor the Internet activity of their customers, once a court order has been obtained.

The government wants wire-tapping laws updated because tech-savvy terrorists and criminals are increasing using the Internet.

Canadian police warn, for instance, that the Internet is increasingly used by drug traffickers, smugglers, scam artists and child pornographers.

Similar or tougher laws that regulate the Internet have been passed in China, Denmark, France, Germany, Italy, Spain, the United Kingdom, the United States and Vietnam.

A consultation process with ISPs privacy groups and law enforcement agencies is taking place until Nov. 15 to discuss the proposed changes to lawful access laws and the criminal code, said Patrick Harette, spokesperson for the Department of Justice ( news - web sites).

The amendments are expected to be brought before Parliament late this year or early next year.

Yet some warn that citizens' privacy is at stake.

"Some of these ideas are downright scary and I think that every Canadian should be quaking in their shoes right now at the thought of where this might lead," said Rick Broadhead, an Internet expert and author.

"I was stunned that this was even being proposed," he added, comparing the proposal to China's policy of blocking access to certain Web sites that go against the government. "We're in danger of becoming a police state."

No one knows how much the new technology will cost. Broadhead said putting the enabling technology in place would be very expensive. But, he added, "the cost is really not the issue, it's the privacy issue."

LAWS MUST BE UPDATED

Canada's solicitor-general, Lawrence MacAulay, has said law enforcement agencies need updated tools to deal with increasing use of the Internet by terrorists and criminals. The original laws to allow police to wiretap telephone conversations was passed in 1974, when rotary phones were used.

The United States passed the U.S.A. Patriot Act last October to give the government access to Web activity without having to get a warrant. To do this, the FBI ( news - web sites) is creating new technology called "Magic Lantern" to install over the Internet to enable investigators to monitor Web and computer activity without users' knowledge by sending a virus through the Internet.

At the moment, the FBI uses a less-sophisticated technology called Carnivore that also allows them to intercept e-mail and online activities of suspected criminals. But this can be done only by first gaining physical access to the computer.

The United Kingdom already requires ISPs to keep records of e-mail, Web site and text messaging of their clients under the Regulation of Investigatory Powers Act, enacted after Sept 11.

France recently passed a law that calls for ISPs to maintain records of e-mail activity for one year.

Jay Thomson, president of the Canadian Association of Internet Providers, said he does not have a problem with amending access laws in principle, but is worried because it is still unclear who will cover the costs of putting new monitoring technology in place.

Technology that would enable law enforcement agencies to monitor Internet activity already exists and the government wants to make sure that all ISPs have it.

Harette said that ISPs would be responsible for covering the costs.

A DELICATE BALANCE

Philippa Lawson of the Public Interest Advocacy Center, a nonprofit organization that says it represents the views on government policy of ordinary Canadians, said there is a delicate balance between the government's desire for security and the individual's right to privacy.

She said the court warrants that will be required to allow police to monitor Internet activity are "a key safeguard against abuse by law enforcement agencies."

She added the warrants would hold the agencies accountable because they would have to justify the need to obtain records of Internet activity before a judge, ensuring civil rights are maintained.

Amy Jarrette, spokesperson for the Solicitor-General's office, said law-abiding citizens would not have to worry about having their Internet activity monitored or archived because court orders would be granted only in criminal cases.

Doug Stead, director of the International Society for the Policing of Cyberspace and several anti-child pornography organizations, argues that ISPs should be made to keep archives of Internet activity to help detect criminal activity.

"I am in full support of ISPs being required to keep records for six months on their clients log-in and log-out times," he said.

Jarrette said 100 arrests were made and 13 murder cases were solved last year because of lawful access laws that allows wiretapping and seizure of information. In 2000, $64 million of illegal drugs were seized and several related arrests made with the assistance of wiretaps, she said.

Last year the government pledged to provide tools to protect Canadians from cyber-crimes after joining 33 other countries in signing the Council of Europe's Convention on Cyber-Crime, which requires countries to criminalize the use of computer systems to commit certain crimes.
****************************



Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx