[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips September 5, 2002

Clips September 5, 2002

ARTICLES

Anti-spam group almost sends some
A Story Of Piracy And Privacy
Air security fixes are slow to come
New 'entertainment' PCs restrict copying
Anti-terror tracking raises fears of racial profiling
Sept. 11 keeps disaster recovery in forefront
Another file-swapping site to fall silent
Businesses Draw Line On Security
University to challenge copyright laws
Web Freedom Eroded in Terror War
Taking cyber predators to task
Maine rings in a new school year with iBooks
Homeland bill veto threatened
DOD joint concepts in question
Most e-gov initiatives are ready to take off
Lack of cybersecurity specialists sparks concern
Critics protest anti-drug tactics [privacy]
Teenangels make cybersafety a number one priority

**************************
Houston Chronicle
Anti-spam group almost sends some
Associated Press

WASHINGTON -- A consumer group lobbying to outlaw unwanted spam e-mails opened its campaign Wednesday with a new Web site but quickly had to fix a technical glitch that suggested visitors might unwittingly be added to the group's own e-mail list.

The Telecommunications Research and Action Center said it never intended to send visitors unwanted e-mails and blamed the problem on an erroneous message created by the Web designer.

"The guy that put it up didn't understand it real well," said the group's chairman, Sam Simon.

Simon said the problem, which was brought to the group's attention by The Associated Press, was fixed quickly and that none of the visitors during the site's first day ever received unsolicited e-mails.

Only visitors who opt to receive the group's informational e-mails by checking a box on the Web page will receive e-mails, Simon said.

Before the error was fixed, an Internet user who visited the site but chose not to receive e-mail updates from the group was greeted with the message: "You are currently signed up for news and information."

The Web site, banthespam.com, encourages Internet users to share their spam horror stories and add their names to a petition asking federal regulators to crack down on spam e-mailers.

The group wants the Federal Trade Commission to sue marketers that send spam without authentic return addresses or send e-mails to someone who has opted out of receiving the messages.
**************************
Washington Post
A Story Of Piracy And Privacy
By Jonathan Krim


The recording industry and the nation's largest telephone company are crossing legal swords in what could be a test case of how far big record labels can go to track down computer users who swap music online.

The industry is seeking to force Verizon Communications Corp., which also provides customers with high-speed Internet access, to turn over the name of one of its users who the record labels claim has made copyrighted music available for download by others. The Recording Industry of America also demanded that Verizon block access to the user's music files.

The industry contends that it is losing millions of dollars in music sales because potential customers are instead downloading digital copies from others in violation of copyright law. The battle with Verizon is part of an aggressive campaign by the record labels on Capitol Hill, at the Justice Department and in the courts to crack down on the practice.

Among other tactics, the industry is using automated software agents -- called "bots," short for "robots" -- to patrol the Internet and identify computers with music available for download through a popular technology known as file sharing. Although the bot can detect the presence of music files available for download, it can identify only an Internet address code and the service provider, not the identity of the user.

The music industry sent a subpoena to Verizon for the name of one user but was rebuffed. It then went to the U.S. District Court in Washington, asking the court to enforce the subpoena.

Verizon and a coalition of Internet advocacy groups argue that if the recording industry prevails, the constitutional right to privacy of millions of Internet users would be compromised.

"RIAA proposes a dazzlingly broad subpoena power that would allow any person, without filing a complaint, to invoke the coercive power of a federal court to force disclosure of the identity of any user of the Internet, based on a mere assertion . . . that the user is engaged in infringing activity," Verizon's legal filing said.

Verizon does not defend piracy of copyrighted works, but Sarah Deutsch, Verizon's associate general counsel, said the record industry is seeking a legally "creative" way to require the Internet provider to violate its customer's privacy. She added that because the music files reside on the user's computer, not on Verizon's network, the only way to block access to them would be to terminate the user's Internet account.

Verizon argues that under the terms of the 1998 Digital Millennium Copyright Act, the provider of a user's Internet connection is not responsible for any action taken by that user. Deutsch said that the law was passed before file-sharing technology was even contemplated and that the record labels are now trying to retrofit it, in effect, to be applied to file sharing.

The industry takes a broader view of the federal law, arguing that its terms obligate owners of networks to comply with subpoenas in cases of copyright infringement.

RIAA President Cary Sherman said Verizon is trying to have it both ways: The telecommunications company says it is not responsible for policing file sharing, but it won't provide the the information that would allow the record industry to do so.

He added that the demand that Verizon block access to the user's files was only a formality to comply with the terms of the copyright act; the RIAA simply wants to warn the subscriber that he or she is violating the law.

Deutsch said the industry's motives in the case are particularly suspect because Verizon offered a simple alternative: The RIAA could sue the user, naming him or her as an unknown party, and then subpoena Verizon for the user's name. Under that scenario, Deutsch said, Verizon would comply because there would be a valid legal action pending.

But the labels "would like to be able to serve millions of these types of subpoenas and collect subscriber names, and then pick out the most favorable for a lawsuit against the user community," Deutsch said.

In briefs filed last night, the RIAA said that until Verizon's refusal to honor the subpoena, many Internet service providers had given it the identities of individuals accused of copyright violations.

"It's ironic that Verizon's position basically encourages us to sue their subscriber," he said.

Deutsch said the user has not been notified of the dispute because the company's view is that the subpoena is invalid. In other cases, in which potentially illegal material is hosted on Verizon's network, users receive notification and time to take the material off the system before Verizon does so, she said.

Despite mounting efforts by the recording industry -- including successfully shutting down the trailblazing Napster service -- file sharing continues to boom. According to the Web site of Kazaa, one of the leading providers of file-sharing software, nearly 14 million copies of its product have been downloaded by users, 2.6 million of them in the past month.

File-sharing software can be used for documents, media files or other data, and Kazaa warns its users against violating copyrights. But music swapping abounds.

In response, the music industry is pushing on a number of fronts. At the industry's behest, 19 members of Congress asked the Justice Department to aggressively enforce the law, and the agency has said it will do so.

Pending legislation sponsored by Reps. Howard L. Berman (D-Calif.) and Howard Coble (R-N.C.) would allow the industry to hack into offenders' computers to disrupt file sharing, while the industry is also putting out fake music files to try to discourage downloads.
************************
The Arizona Republic
Air security fixes are slow to come
Nation's skies remain vulnerable

By Tom Zoellner
The Arizona Republic
Sept. 05, 2002 12:00:00


The most remarkable thing about the changes to airport security is how little change has actually been accomplished.


After the suicide jet attacks of Sept. 11, the nation was braced to accept that flying would never be the same again, that airlines would undergo a sea change in their thinking and procedures.

But today, at Phoenix Sky Harbor International Airport and other major airports nationwide, the post-Sept. 11 reforms amount to a muscled-up version of the same basic security screen erected after a wave of hijackings to Cuba in 1969.

Passengers are still being led through 1970s-era magnetometers, security screeners are mostly private employees with minimal training, no real computer profiling system is in place, pilots are unarmed with anything but their fists, and most baggage is loaded without scrutiny.

What's more, the massive federal agency created to handle all of the promised changes, the Transportation Security Administration, is still searching for a staff, a clearly defined mission and a sense of rapport with the nation's 429 airports.

The Phoenix office of the agency has just six employees and no target date for federalizing the staff of 400 checkpoint monitors at Sky Harbor.

And although Phoenix airport officials successfully evicted Argenbright, a security-screening firm notorious for its incompetence, there has been virtually no change in staffing levels at checkpoints.

Confidence is lacking

"We are just as vulnerable," said Mike Boyd, an aviation security consultant based in Denver.

"Before 9/11, security screening was basically competent only from keeping a lovesick high-schooler from hijacking a jet to impress his girlfriend. That's still what we have today.

"If inconvenience and bureaucracy could prevent terrorism, we'd be the safest nation on Earth."

The federal government has, indeed, relaxed some of its post-Sept. 11 security directives. Curbside drop-offs were reinstated. A ban on taking paper coffee cups through the metal detectors was quietly rescinded.

Critics complain that meaningful security has been sacrificed in the name of keeping the airlines profitable; the Transit Administration responds that it is doing all it can to reshape a century-old aviation culture.

"It's a double-edged sword," acknowledged Robert Brown, director of security at Sky Harbor. "We have to make it safe and secure, but at the same time, it is a business."

The real substantial changes still lie in the future, federal and local officials say.

Much work to be done

The federal security director for Phoenix, Marcia Florian, said the Transit Administration is still working on a plan to redesign metal-detecting checkpoints at Sky Harbor, with the help of a team of consultants from Lockheed Martin.

The plan is to streamline the more intensive passenger screenings, including selective shoe removal and pat-downs, instituted after the terror attacks.

Construction could begin in October, she said.

There are still no clear answers on when all luggage will be electronically inspected for bombs. Phoenix airport Director David Krietor recently joined 132 other airport directors in urging Congress to move back a Dec. 31 deadline for installing bomb-detection systems in all airports.

Virtually nobody in the aviation industry thinks that high-quality Electronic Detection Systems that peer into luggage like a CAT scan will be online by the end of the year. There are only two at Sky Harbor now; at least 30 will be needed.

Inferior equipment

The Transit Administration has proposed meeting the deadline with the cheaper and less-reliable Electronic Trade Detection systems, which involve a chemical swipe that detects suspicious residue.

Meanwhile, field testing of an upgraded risk-analysis system for all passengers, known as the Computer Assisted Passenger Profiling System, or CAPPS II, is a year away.

The system would integrate a customer's flying and purchase patterns with a cross-list of police watch lists and other intelligence information. Airlines now use a far less-sophisticated computer system developed in the 1980s, known as CAPPS, to single out passengers for intensive pat-down searches.


Reach the reporter at tom.zoellner@xxxxxxxxxxxxxxxxxxx or (602) 444-2474.
*******************************
New 'entertainment' PCs restrict copying
By Joe Wilcox
Staff Writer, CNET News.com
September 3, 2002, 5:58 AM PT
http://news.com.com/2100-1040-956285.html


Microsoft and Hewlett-Packard on Tuesday released additional details about digital entertainment PCs coming for the holidays. But new anti-copying technology could hamper sales say analysts and potential buyers.


The new consumer computers run Windows XP Media Center Edition, a variation of Microsoft's flagship operating system. Besides normal PC functions, Windows Media Center PCs offer a second user interface through which people can access the operating systems' digital media features via a remote control. HP, as well as Samsung, will start offering the new systems sometime before the holiday-shopping season, with HP's models selling in the high $1,500 range to around $2,000.


Microsoft sees Windows Media Center PCs as ideal for college students or young urbanites living in cramped spaces where a combination computing and entertainment system might be more appealing than separate devices. Besides digital photo, music and movie features already available with Windows XP, the new PCs also would serve as TV tuners and digital video recorders (DVRs) for copying TV shows to the computer's hard drive.


But Microsoft has included copy-protection with the operating system that uses encryption to lock recorded TV shows to the PC. Already, consumers can legally record television programs to VHS tapes for personal use and view them on another VCR in the household. Microsoft has taken a more conservative approach by thwarting the sharing of programs recorded digitally. That strategy might make sense as Microsoft attempts to attract Hollywood movie studios with its digital rights management and anti-copying technologies. But consumers may not react favorably to the copy protection, say analysts.


"You have to applaud their efforts (on copyright protection). But this is not a mainstream product, particularly if you're going to limit it where consumers are not going to be able to share that digital media between their DVD players and other devices," said ARS analyst Toni
Duboise. "To take that (copying) flexibility away from consumers is a big mistake. There's no way consumers are going to like this proprietary way of doing business."


Von Ehman, a Windows user and an analyst for West Virginia state government in Charleston, also balked at the copy-protection mechanism.


"If you copy protect in any way, the kids will scream bloody murder," he said. "It's a young person's market, and that would be a suicide" for Microsoft in the marketplace. Ehman, who is a musician, said that "99 percent" of all the copying he has seen is for personal use or archiving purposes. "I believe it (copying/dubbing) is, for the most part, harmless and in a positive sense actually promotes the product for the artist or business, be it music or video."


Jodie Cadiuex, marketing manager of Windows Media Center, defends Microsoft's decision to copy protect TV programs recorded to the PC's hard drive.


"Microsoft is in a leadership position here where we've got an opportunity to help Hollywood feel comfortable with digital distribution and to help them develop (digital rights management) solutions so consumers can have content everywhere," she said. "We have two relationships we have to balance here: the consumer who wants the content and Hollywood so they feel comfortable with that process and don't clamp down and make that impossible."


Convergence computing Microsoft introduced the new version of Windows, code-named Freestyle, during January's Consumer Electronics Show in Las Vegas. The company released Window XP Media Center Edition to PC manufacturers last week, after the release of Service Pack 1--the first collection of Windows XP updates and bug fixes.


HP's version, dubbed Media Center PC, is expected to sell for $1,500 to $2,000 without a monitor, depending on the configuration. HP would not disclose final model details but said that each PC would come with at least a 2GHz Pentium 4 processor, 512MB of RAM, 100GB or more of storage, a DVD+R/RW drive, a CD-ROM drive, a 64MB Nvidia GeForce 4 graphics card, a Creative Labs Audigy sound card, five USB 2.0 and two FireWire ports, and 200-watt Klipsch speakers--Pro Media 2.1 on most models and the 5.1 version on the $2,000 PC.


The HP Media Center PC also will feature a 6-in-1 media reader, supporting Smart Media and Sony Memory Stick cards, among other portable storage options.

Besides access to the digital media features through the keyboard or remote control, the digital media user interface can be brought up by any one of five buttons on the front of the PC. These access the five main digital media features: music, pictures, photos, DVD and TV.


"Our target audience is anyone who sees a place anywhere in the home where there's a need for a PC and a TV or an entertainment center," said Mark Bony, HP's Pavilion PC product manager. "We're also targeting consumers--students or small apartment dwellers, where space is a premium."


While the features are compelling, analysts predict that the digital-entertainment PCs will be, at best, niche products for a number reasons.


"Everyone's been waiting for the great convergence product," Duboise said. "This is putting the PC as a replacement device for the television, but it's not there yet. People are not ready to replace their televisions with their PCs."


Duboise also questioned whether the audience is simply too small to begin with. "This is a young audience, maybe those who are starting out or high-techies. It's going to be a small audience. It certainly isn't going to be mainstream."


Microsoft and HP also face a challenge because of the system's pricing, despite the abundance of high-end hardware. Consumer craving for expensive PCs has not been great, given the economy and other factors. Year to date, the average selling price of retail PCs has been $824,
according to NPDTechworld. That is about half the price of the entry- level HP Media Center PC. PCs priced $1,500 and above accounted for only about 4.5 percent of the retail PC market. In that range, the average selling price is $1,577 so far this year.

"I think the numbers kind of speak for themselves," said NPDTechworld analyst Stephen Baker.


Overprotective options

Analysts and users see the built-in copy protection as a potential sales killer because it restricts the use of the built-in DVR, one of the most compelling features of the new PCs.


DVRs, which are sold as companion products for TVs by TiVo and Sonicblue's ReplayTV, are expected to become standard equipment on PCs over the next few years, say analysts.

Already Sony ships Vaio PCs with DVRs and most of the other features found on the HP Media Center PC. But Sony does not impose copy protection. So a consumer could use Sony's GigaPocket Personal Video Recorder software to record a TV show, convert the file to MPEG-2 video with another Sony application and burn the program to a DVD.


Don Simon, a Windows user from Seattle, Wash., recently bought a Vaio RX780G PC. The avid TiVo user has networked other PCs to the Vaio, so he can "seamlessly watch TV on any PC in my house. If Microsoft comes out with a product that does less than Sony's, I'd be skeptical of its success. I certainly wouldn't buy it."


Meta Group analyst Steve Kleynahans said that Microsoft made the decision to put in the copy protection fairly far along in the development of Windows XP Media Center Edition.


"I know this wasn't in the product all along," he said. "I think it was Microsoft being overcautious. I really think it's unfortunate because it does hamper the functionality and usability of the platform."

Cadiuex acknowledged Microsoft took the risk of alienating some customers with its copying restrictions.


"We don't make these decisions in a vacuum, not considering the potential responses from our consumers," she said. "They're difficult decisions to make, especially when you know somewhere down the line that certainly not the majority, but some, of the people aren't going to be thrilled."


Microsoft might have good reason to be cautious given, Hollywood's tough stance toward the computer industry and a ReplayTV lawsuit related to sharing content.


"You've got a company that itself depends on its own intellectual property not being copied taking technical steps to prevent the intellectual property of other companies from being illegally copied," said Rich Gray, a Menlo Park, Calif.-based intellectual property attorney. "There is good strong case law, mainly the Sony Betamax case, that you, a single user, can make a recording of a TV show for your own personal use. What Microsoft has done is allow that capability while imposing a technical fix that will prevent copies from being made that are clearly illegal or are at least in a gray area."


Matt Rosoff, a Directions on Microsoft analyst, sees another motivation at work and one that has more to do with future business prospects than concerns about customer dissatisfaction or potential legal problems.

"Microsoft generally believes that digital entertainment, digital media, is the thing that's going to drive the next cycle of PC upgrades," he said. "There's not that much more new you can do with your PC that you're not already doing."


Microsoft hopes to sell Hollywood its digital rights management technology. At the same time, the company doesn't want Hollywood to use its marketing or legal muscle to shut the PC out of digital entertainment.


"If the content owners look at the PC as this Wild West where the content and intellectual property is stolen, the content owners will try to get around the PC," Rosoff said. "That's something Microsoft wouldn't want to see happen."
*****************************
The Arizona Republic
Anti-terror tracking raises fears of racial profiling
By Sonni Efron
Los Angeles Times

WASHINGTON - A new anti-terrorist tracking system that will require fingerprinting and photographing tens of thousands of visitors to the United States is prompting an angry outpouring from Muslim nations.


The measures set to begin Sept. 11 have aroused concern inside the State Department that they could antagonize some of the very people whose backing the United States hopes to enlist in its ongoing war against terrorism.

State Department officials said the visitors most likely to be fingerprinted are males ages 16 to 45 from 26 nations where terrorism is deemed to be a concern.

The names of the 26 countries are classified, but they are widely believed to be mainly Muslim nations.

"It's going to create three lines at the airport: a U.S. citizen line, a non-U.S. citizen line, and a dark people/Arab line," said James Zogby, founder of the Arab American Institute in Washington.

A State Department official conceded that there had been "friction" with the Justice Department over the issue, adding, "The State Department is concerned with how this procedure will be perceived overseas, particularly in the Middle East."

In addition, there are growing concerns that tougher scrutiny of thousands of foreign visitors, if not performed quickly and discreetly, could depress tourism, trade and business.

Already, tougher visa regulations imposed since Sept. 11 are causing delays of six weeks or more in issuing U.S. visas.

A spokesman for the Justice Department, which has been battling the State Department over how to implement the tracking system, vigorously defended the new procedures, imposed under the Patriot Act enacted by Congress in the wake of Sept. 11, as essential for keeping tabs on foreigners who might do America harm.

Spokesman Jorge Martinez emphatically denied that the National Security Entry-Exit Registration System will discriminate against any particular group.

But the Justice Department refused to say what the criteria will be for singling out which visitors deserve extra scrutiny. It would describe only the two main categories: any non-immigrant alien whom the State Department determines to pose an elevated national security risk, or any alien whom the Immigration and Naturalization Service deems to pose a national security threat, based on the latest intelligence about terrorists.

An INS spokeswoman said the agency did not expect delays at airports starting Sept. 11, contending that the beefed-up inspection process for certain visitors would take only about 10 minutes per person.

But diplomats and travel industry officials are worried about long lines and the reaction of foreign travelers. Some are concerned that other countries may retaliate and impose reciprocal fingerprinting and other restrictions on Americans who travel abroad.

Civil libertarians question whether U.S. intelligence is equipped to analyze all of the fingerprints and information it collects.

And some Arab-Americans fear the process could reinforce the perception that America doesn't want Muslim visitors and that the war on terrorism is being waged through racial profiling.

For security reasons, the Justice Department isn't saying which airports will be the first to implement the system. But Martinez said all ports of international entry will have it running by Oct. 1.
***************************
Sun Sentinel
Broward elections official assailed by GOP, still short of poll workers
By Buddy Nevins and Scott Wyman

State officials were asked Wednesday to rule on whether Broward County Supervisor of Elections Miriam Oliphant's plans for this year's elections violate Florida law.

The request for a state ruling came the same day the supervisor conceded she was in "dire need of a minimum of 112 volunteers" to staff next Tuesday's primary. The volunteers would staff 14 locations where votes will be transmitted via modems to the Broward County elections office's central computers.

The news that Oliphant still was short of workers, contained in a letter to city clerks, comes less than three weeks after she insisted she had enough people to run the election.

Oliphant remained upbeat Wednesday at a news conference called to reassure the public about the upcoming elections.

"I say to all the voters of Broward County that on Sept. 10, we will have a successful election," she said.

But at the same time she was talking to the news media, Oliphant faced a potentially bigger problem.

In a letter to state election officials, George LeMieux, chairman of the Broward Republican Party, asked for a ruling on whether Oliphant, a Democrat, must have both Republican or independent poll workers along with Democrats in each precinct.

Florida law states that no precinct can be staffed exclusively by members of one party.

"We are very concerned with this," LeMieux said. "You must have different parties represented at each polling place."

Oliphant has refused to comply with the law, LeMieux said. He said that she "refused to tell us how many Republican poll workers she had. I don't think she knew."

Her lawyer, Robert Buschel, disagreed with LeMieux's interpretation of the law, but conceded that Oliphant does not necessarily have Republican and Democratic poll workers at each precinct.

Buschel, who has been negotiating with the GOP, said Oliphant doesn't think she has to determine whether each poll has members of different parties, just that the entire group of 5,000 poll workers has enough Republicans and Democrats.

"Mrs. Oliphant has assured the Republicans that the workers will reflect the community and that no one will be targeted," Buschel said. "These people at the polls are sworn poll workers and will do what's right."

LeMieux was unmoved.

"The law is clear as a bell," LeMieux said. "She refused to address this and challenged us to find a contrary opinion to hers. That's what we are doing."

LeMieux said he wants the state to order Oliphant to comply with the law and shuffle her poll workers around, so that no poll is staffed only by members of one party. The GOP was particularly concerned that polls in the November general election for governor contain enough Republicans.

"If she doesn't do it, we could go to court before Nov. 5," LeMieux said. "If we don't have people from different parties as workers, you are open to fraud."

His letter was received Wednesday by Ed Kast, director of the state Division of Elections. Kast said only that he expected his lawyers to respond to it by today. Two other complaints LeMieux had with Oliphant's procedures for next week's elections were settled after talks with Buschel. LeMieux said he still wanted an agreement on these technical points in writing. This is not the first time that the Republican chief has clashed with the Democratic supervisor. A month ago, LeMieux pressured Oliphant into withdrawing a poll worker training tape that portrayed a GOP voter as verbally abusive to a black woman.

"These are not partisan issues," LeMieux said. "Everybody wants this election to run fairly and without a hitch Republicans and Democrats. She has been criticized by plenty of Democrats, too."

But Mitch Ceasar, the county's Democratic chairman, criticized LeMieux for "making this a partisan issue. There will be hitches in this election with the new machines. The problems need to be ironed out without his stirring the pot for publicity purposes for his party."

LeMieux denied he was complaining to gain publicity for the GOP.

Oliphant has been besieged by complaints in recent days.

More than a third of Broward's almost 1 million voters have had their polling locations switched, causing some to travel miles to vote. Many voters complained that they received two new voters cards in the mail telling them to vote in two different polling locations. Others said their dead relatives received cards. Still others said they have been told to vote in cities other than where they live. Meanwhile, other South Florida counties reported few of the problems that Broward was experiencing.

Miami-Dade County voters experienced some minor trouble in trying to cast early votes, a process allowed by the new election law passed this year.

U.S. Rep. Carrie Meek, D-Miami, was initially unable to vote at a Miami library. Meek was held up for more than 30 minutes after a county laptop computer failed to recognize the congresswoman as a registered voter, said Meek spokesman Tola Thompson.

Palm Beach County received the approval of the state's chief elections officer on Wednesday. Secretary of State Jim Smith declared that he had "not a lot of concern" after visiting the county elections office.

He is scheduled to visit Broward and Miami-Dade counties today.

Oliphant said the election will be reassessed after November to eliminate any problems found next week and in November.

Staff Writers David Cazares and Anthony Man contributed to this report.

Buddy Nevins can be reached at bnevins@xxxxxxxxxxxxxxxx or 954-356-4571.
****************************
Computerworld
Sept. 11 keeps disaster recovery in forefront
By Stacy Cowley, IDG News Service
09/03/02

In February 2001, Gartner Inc. published a white paper titled "How Will You Get Your Data Back After the [insert catastrophe here]?" Seven months later, the Sept. 11 terrorist attacks filled in that blank, stunning the U.S. and forcing businesses to consider disaster recovery on a previously unimagined scale.
By 9 a.m. that day, as hundreds of thousands of workers passed through lower Manhattan on their way to their jobs, smoke was billowing over the city from the first hijacked plane's crash into the World Trade Center's north tower (see story). Within hours, the entire complex was in ruins, throwing Manhattan's transportation and communications systems into turmoil and the nation into shock over the vicious attacks on New York and Washington.

"There was a sudden awareness: We could have not just a building, but a regional catastrophe," said Dianne McAdam, an analyst at Illuminata Inc. in Nashua, N.H. "What happened with Sept. 11 in Manhattan, it was a loss of the phone lines, the data lines, the transportation, of parts of the entire communications infrastructure."

Even a buildingwide catastrophe was more than CareerEngine Network Inc. was prepared to handle.

The small, 3-year-old Web developer was located on the 21st floor of the World Trade Center's south tower, which was hit by a hijacked plane soon after the crash into the north tower. Several of the company's dozen employees would normally have been at work by the time the attacks began, but a series of minor emergencies and delays -- a sick child, a broken train, an apartment problem -- conspired to keep the staff out of the office and unscathed. CareerEngine's infrastructure, however, was demolished.

"We lost all our information about our customers. In some cases, we didn't even know who owed us money and who didn't. We had to contact all of our clients and have them work with us to re-create our records," said George Benoit, the company's chairman and CEO.

CareerEngine creates customized career information and job listings Web sites for Web publishers. Those Web sites, hosted remotely, remained live without interruption. But the company's internal data was wiped out.

"We had been making backups. And then we left them in the same place, in a different area," Benoit said. "We figured maybe there would be a fire, something like that we'd have to deal with. We never thought the building would fall down."

The dramatic events of last Sept. 11 galvanized some planners into action in a way that natural, more routine calamities like earthquakes and storms haven't. U.S. companies are starting to take disaster recovery as seriously as their European counterparts, said Ken Boyd, director of advanced disaster recovery solutions at IBM.

The 1993 Trade Center bombing, coupled with last year's attacks, created an environment here that resembles what European companies have faced for years from terrorist threats, he said.

"Before Sept. 11, we had a few [disaster recovery planning] calls a week," he said. "Now we are getting a few calls a day."

That has also been the case at data replication vendor NSI Software Inc. (NSI) in Hoboken, N.J. "The visibility of data protection and availability has been raised to an all-time high," said Bob Guilbert, vice president of marketing. NSI has been expanding the staff of a services unit it launched in October, an offering that quickly attracted several dozen customers seeking help constructing a business continuity plan.

Businesses are increasingly considering the possibility of a disaster that paralyzes a large geographic area, according to analysts and vendors.

"One of the lessons that customers learned from Sept. 11 in one sense is that it was a regional disaster -- not just a floor or a building, but all of the infrastructure around the World Trade Center," Boyd said.

The scope of the disaster undermined some companies' disaster recovery plans, as workers couldn't reach buildings to handle manual tasks and organizing phone calls couldn't be made. Consequently, IBM now stresses to customers the importance of automating data backup, Boyd said.

"You have to ask, How automatic is your disaster recovery?" he said. "How much are you depending on people to make decisions? Because you may not have a scenario that lets that happen."

Since the attacks, IBM has set up a technical design council that examines the disaster recovery proposals the company makes to its clients, checking that they will work in real-world conditions. IBM engineers examine the bandwidth connecting primary and recovery sites, for example, and evaluate hardware products to ensure those will work together as well in practice as they do in theory.

Customers are also extending the distances between data centers, realizing that a backup in New Jersey for a network in Manhattan could be vulnerable, Illuminata's McAdam said.

In the year since the attacks, customers in the New York metropolitan area have been adding "heavy lifting" data centers outside the New York, New Jersey and Connecticut area as an extra safeguard, said David Palermo, vice president of marketing for Wayne, Pa.-based SunGard Data Systems Inc., one of the industry's major providers of disaster recovery and business continuity protection services.

By the end of the week of the attacks, which killed three SunGard employees who were visiting clients at the World Trade Center, nearly 100 of SunGard's customers had placed the company on alert, and 30 had declared disasters (see story). The disaster declaration number was close to what the company fielded during the entire prior year. After SunGard bought the disaster recovery business of Comdisco Inc. last November and acquired its customers, those figures rose to 226 alerts, with 77 declared disasters (see story).

The severity of the Sept. 11 attacks prompted some businesses to escalate plans to implement or improve their protection plans, but, as is always the case, action lagged behind talk, Palermo said.

"It's the same thing as with Hurricane Floyd, with earthquakes, with any other disaster. It has the ability to make people say, 'Wow, we've been thinking about this forever.' But after any of those events, many more businesses think about it than actually end up doing something about it," he said.

For large enterprises, particularly those in heavily regulated industries, such as the financial services firms that fill lower Manhattan, fairly extensive emergency planning is a routine part and cost of doing business. Small and medium-size businesses are less likely to have plans in place, but even those that do face daunting obstacles in recovering from a catastrophe. Gartner estimates that two out of five companies that experience a disaster go out of business within five years.

Having a complete plan for both data backup and an off-site emergency work location for its employees allowed the New York Shipping Association Inc. (NYSA) to be fully operational two days after the Sept. 11 attacks destroyed its World Trade Center office. The 70-year-old organization, which coordinates cargo operations in the New York and New Jersey ports, drafted detailed plans after scrambling to recover from the 1993 World Trade Center bombing, said NYSA President Frank McDonough.

A SunGard customer, NYSA evacuated all of its employees safely on Sept. 11 and relocated approximately 100 of them to several temporary SunGard facilities in the region. Within the day, its staff had fully wired temporary workspaces, and data retrieval efforts were under way.

"I don't think there's a darn thing that we would have done differently. I've talked to the tech people a few times about this, and there's no second-guessing," McDonough said. After several temporary relocations, the company found a permanent new headquarters in March in Iselin, N.J., and considers itself fully recovered from the attacks.

But plans as comprehensive as NYSA's are expensive. SunGard has 15,000 recovery workspace positions throughout North America and Europe, but keeping such a physical office backup on tap carries a price tag that starts at several hundred dollars per month, per seat. Data backup can be less expensive -- low-end prices for a single server are a "couple hundred per month," estimates SunGard's Palermo -- but even those costs can be hard to fit into the budget for a small business.

"There was a lot of interest [after Sept. 11] and a lot of projects in planning phases, but many businesses have no appreciation of how difficult it's going to be to do," McAdam said. "This is not just throwing another backup at a remote location. The [small and medium businesses], some of them had a bit of sticker shock."

Sticker shock has so far kept CareerEngine Network from creating more extensive emergency plans, even though Benoit says he regrets not having a strategy in place before Sept. 11. While insurance and a $117,000 relief grant covered some of the company's losses, he estimates that his business lost $1.5 million because of the attacks. That financial hit, along with the depressed business climate of the past year, has forced CareerEngine Network to trim its staff from 12 to seven, and left it even less able to set aside money for disaster planning.

"One thing we emphasize to people is that disaster recovery is about recovering from an unplanned outage, while business continuity is having an infrastructure in place that supports running 24/7," McAdam said. "That's a very expensive infrastructure to build, but once you get it built, you really get disaster recovery for free. What we have to do is work with customers and get them to elevate their thinking, to think less about disaster recovery and more about keeping their business up and running 24/7."

Demand for high-availability products is soaring as companies realize their IT dependency, SunGard's Palermo said.

Ten years ago, disaster recovery was about retrieving mainframe tapes and rebuilding data centers. A 48-hour window emerged as the time a typical enterprise could expect to spend regrouping. But now, many businesses "can't go more than several minutes" without sustaining major damage, he said, and online storage systems and other new technologies are aiding them in creating failover systems and other backups to minimize downtown.

Tape will continue to serve long-term archival needs, but ever-dropping hardware prices allow customers to consider electronic storage strategies that would previously have been prohibitively costly, Guilbert said. He sees that trend, coupled with the increased awareness, as among the biggest post-Sept. 11 changes for the market.

"A year and a half ago, NSI would spend a lot of time [at shows] educating prospects. They'd say, 'What is replication? What does it mean?' That has clearly changed," he said. "Now we're definitely seeing a more educated CIO. I ask what sort of replication they're using now, and the answer is, 'We're not.' But they're trying to get educated on all the technology and solutions available because now they know they should be using something."

Ashlee Vance in San Francisco contributed to this report.
********************
News.com
Another file-swapping site to fall silent
By John Borland

An Illinois federal judge said Wednesday that he would order the Madster file-trading system, formerly known as Aimster, to halt song-swapping in the next few days.
The decision marks the Recording Industry Association of America's (RIAA) second substantial court victory against a file-trading company, just a day after the RIAA's legal victory in bankruptcy court shut Napster's doors for what appears to be the last time.

In a detailed and often pointed opinion, Judge Marvin Aspen said that Aimster, which played a brief but colorful role on the file-trading stage not long after Napster's appearance, was clearly responsible for large-scale copyright infringement.



"Defendants manage to do everything but actually steal the music off the store shelf and hand it to Aimster's users," Aspen wrote.

As with Napster's final loss Tuesday, the immediate result of the Madster-Aimster case will have little impact on the file-swapping world. The owner of the service, an entrepreneur named John Deep, and the several companies associated with him that were connected with Aimster, all declared bankruptcy in March. The vast majority of file-traders have migrated to other platforms such as Kazaa, StreamCast Networks' Morpheus, or iMesh.

But because, like Napster, it is one of the only full court opinions rendering a verdict on the file-swapping companies' legality, the Aimster case continues to hold the interest of recording industry and technology insiders.

The RIAA welcomed Aspen's ruling as a complete victory.

"This unequivocal ruling today underscores that companies and individuals will not be permitted to build a business on music they do not own and will be held responsible for their actions," said RIAA Chief Executive Officer Hilary Rosen, in a statement. "This decision helps to support the continued development of the legitimate online music market for fans, which is, of course, our goal in all of our online enforcement activities."

In his opinion, Aspen called on the RIAA to propose language for an injunction blocking Madster from illegal activity. Deep said the RIAA would be hard-pressed to do that in a way that didn't block legal uses of the system, such as instant messaging.

"This is going to be where they are going to be caught making misrepresentations to the court," Deep said. "On the face of it, it isn't possible to do."

In the ruling, Aspen dismantled many of the arguments typically used in defense of file-swapping services. "Ongoing, massive, and unauthorized distribution and copying" of music through the service is something very different from "personal use," an activity protected by law, he said. It didn't matter that Aimster didn't know of individual, specific files being transferred, because it had "constructive" knowledge that copyright infringement was happening on a wide scale, he added.

Moreover, the circumstances of Aimster's case made matters far worse for the company. Although it claimed it couldn't have knowledge of infringements because of an encrypted network, Aspen wrote that it was "disingenuous...to suggest that they lack the requisite level of knowledge when their putative ignorance is due entirely to an encryption scheme that they themselves put in place."

Worse, the company actively encouraged people to download copyrighted works on its Web site, and through a paid "Club Aimster" program, the judge said.

"Indeed, our factual findings demonstrate that Aimster actually goes to great lengths to both influence and encourage the direct infringement among its users," Aspen wrote.

The judge gave record industry attorneys five days to suggest language for a preliminary injunction that would block Madster's operations, advising them to look closely at the language that was used for Napster. Madster will have two days to reply, and the injunction will go into place shortly afterwards, barring a successful appeal.
****************************
Wired News
FBI Says Hotmail Hard to Find
Associated Press Win a 50" HDTV or a Xerox Printer!

ALEXANDRIA, Va. -- The government said Wednesday that a vigorous investigation of Zacarias Moussaoui's computer activity turned up no sign of an e-mail account the accused Sept. 11 conspirator said he used.

In response to a judge's questions, prosecutors and an FBI computer expert said "xdesertman@xxxxxxxxxxx" was not found because Microsoft's free Hotmail service does not verify an account user's identity.

The Hotmail service also is unable to provide the account of a particular user on a particular computer at a specific date and time, according to the government's written motion.

U.S. District Judge Leonie Brinkema last week ordered the FBI to explain how it examined the computers Moussaoui said he used prior to the Sept. 11 attacks, and to tell her why it could not find the account.

Some computer experts disagreed with the government's conclusions, saying indications of Hotmail usage would automatically show up in a number of locations on a user's computer.

"Speaking generally, if a computer is used to access Hotmail, it's generally very easy to prove," said Kevin Mandia, a former Air Force computer investigator who now trains FBI agents as a consultant for Foundstone.

Mandia said, however, that a user could take deliberate steps to remove evidence that a Hotmail account was used.

Matthew Yarborough, a former U.S. prosecutor in Dallas who specialized in computer crimes, added, "If he was using his laptop to access that account, it should have telltale signs."

Moussaoui, charged with conspiring with the 19 hijackers to commit terrorism, had asked the judge to force prosecutors to turn over any information they uncovered about the account.

"The FBI conducted an aggressive and responsible investigation into Moussaoui's computer and e-mail activity, particularly given the great demands placed on the FBI's computer investigation capabilities in the wake of the Sept. 11 terrorist attacks," the government said.

The pleading contended:

It is extremely difficult, if not impossible, to find Hotmail account names from a computer unless the user downloaded account information to the computer or to an electronic storage system. The United States found no evidence Moussaoui did so.

The FBI learned after Sept. 11 that Moussaoui had used a computer at Kinko's in Eagan, Minn., to connect to the Internet, but was informed by employees that data from the relevant time period had been erased in accordance with company policy.

Earlier court papers indicated Moussaoui was carrying a Kinko's receipt from Aug. 12, 2001, four days before he was arrested on immigration charges.

The account did not turn up in searches of two computers: one from the apartment Moussaoui shared with another man, Mukkarum Ali, in Norman, Okla.; and a second owned by the University of Oklahoma.

The FBI executed a search warrant Sept. 11 for Moussaoui's laptop computer and a floppy diskette, and discovered he used an e-mail account, pilotz123@xxxxxxxxxxx, to communicate with flight schools. Information from that account will be used at trial, the pleading said.
**************************
Washington Post
Businesses Draw Line On Security
Firms Resist New Rules For Warding Off Terror
By Eric Pianin and Bill Miller

While the Bush administration has waged its campaign to strengthen homeland security since the Sept. 11 terrorist attacks, many of the nation's largest and most influential businesses have quietly but persistently resisted new rules that would require them to make long-term security improvements.

Most major companies and industries swiftly upgraded their security systems in the wake of the attacks, just as the federal government increased security at borders, airports, tunnels and bridges. But corporate chiefs and lobbyists from industries -- including banking, retail sales, chemical manufacturing and nuclear power -- are bridling at government efforts to impose even tougher safeguards. For example:

? Lobbyists for retailers and manufacturers are balking at a requirement that their ocean carriers give 24-hour notice before loading products bound for U.S. ports. Customs officials want more time to check whether terrorists have stashed explosives in big cargo containers, but the companies view it as an unnecessary obstacle that will slow business and increase costs.

? Banks are fighting proposed Treasury Department requirements for new steps to guard against money laundering by foreign financial institutions setting up U.S. accounts.

? Representatives of Dow Chemical Co., Dupont Co., ExxonMobil Chemical Co. and other major chemical manufacturers are lobbying against proposed rules and laws that would force them to enhance security well beyond the steps they have already taken.

Many corporate officials contend they already are doing everything feasible to protect against renewed terrorist attacks. In some cases, industry lobbyists have been able to kill outright or water down proposed security measures, while others are battling proposals by Congress or the administration.

The private sector's resistance is no small matter. By taking a business-as-usual approach, some industries remain riddled with security problems and are highly vulnerable to terrorism, according to some lawmakers, terrorism experts and industry watchdogs.

Nearly 90 percent of the nation's critical infrastructure -- from shipping and banking to nuclear power production, food processing and chemical manufacturing -- is privately owned. Corporate leaders' decisions will largely determine how the nation, as a whole, responds to calls for greater protections against further terrorist strikes.

"In the end, the business of business is not to make the country secure," said Ivo H. Daalder, a Brookings Institution scholar who has analyzed terrorist risks. "The business of business is to make the shareholders rich. That's the dilemma we face."

Business leaders often cite the high costs associated with new government initiatives, including the anti-bioterrorism and airport security legislation approved by Congress last year and the new restrictions on border crossings and international shipments of goods. Still reeling from the economic downturn, corporate America is unwilling to spend the billions of dollars required to meet many of the new standards being proposed by lawmakers and bureaucrats.

Private business spent an estimated $55 billion a year on private security before Sept. 11, according to the Council of Economic Advisers. In the post-9/11 era of heightened security concerns, corporate America may have to increase that spending by 50 percent to 100 percent, according to some experts.

"We are the industry driving the U.S. economy," said Jonathan Gold, director of international trade policy for the International Mass Retail Association, a trade alliance whose members generate more than $1 trillion in annual sales. "Any increased delays or costs would really impact not only our industry but hurt the U.S. economy and consumers."

Food Rules
Food processors, for one, have lobbied aggressively to kill or dilute government proposals to expand the federal role in protecting against the possible sabotage of the nation's food industry. Counterterrorism experts have warned that agricultural and food processing operations -- regulated by a hodgepodge of federal agencies -- are vulnerable to biological attacks that could kill Americans and severely damage the industry.

However, industry groups including the National Food Processors Association and the National Grocers Association say that they could accomplish far more through voluntary information-sharing and planning arrangements with the FBI and other agencies.

"Frankly, I think we're a model for the rest of the economy," said Kelly Johnston, executive vice president of the food processors group. Carol Tucker Foreman of the Consumer Federation of America said that while lawmakers have provided agencies with additional manpower and funding for food inspection, neither Congress nor the administration has addressed the underlying problems of a decentralized and chaotic food inspection system.

"Nothing has been done to address this lack of focus, so I think we remain more vulnerable than we need to be," she said. "Some parts of the industry have worked very hard to make sure the threat of terrorism does not result in any additional regulatory authority for the federal government."

Nuclear, Chemical Security
Nuclear power and chemical industry executives have also fended off scores of proposals that would have saddled them with potentially costly security requirements.

The Nuclear Regulatory Commission (NRC) and industry officials blocked efforts this year to federalize the security forces at 103 commercial nuclear power plants. The chemical industry, meantime, has vigorously fought legislative and regulatory efforts to tighten security at its facilities. In both cases, industry officials said federal intervention would complicate voluntary programs and improvements already underway.

"It's our belief that the nuclear power plants are probably the best-defended civilian facilities in the United States," said William Beecher, a spokesman for the Nuclear Regulatory Commission. "We've taken security seriously for more than 25 years."

But some lawmakers and independent experts say that "gaping holes" remain in the defenses of the nuclear and chemical industries, and that a more comprehensive approach is essential to guard against potentially catastrophic attacks on plants near populated areas.

"The state of security before 9/11 was pitiful," said Edwin Lyman, scientific director of the Nuclear Control Institute, a watchdog group. "Now it is a little better [because of] additional ad hoc measures. But there is no way to know how effective they are because the NRC isn't running tests to challenge the effectiveness of them."

For nearly a year, nuclear power plants have operated at the highest state of readiness in response to a series of chilling government warnings that international terrorists planned to seize a nuclear power plant or crash a hijacked aircraft into a reactor. Yet as public concern about the safety of these plants mounted, the NRC and the Nuclear Energy Institute (NEI), the main industry lobbyist, argued that Congress should play only a minor role in addressing security issues.

The industry's biggest concern was a proposal by Senate Majority Whip Harry M. Reid (D-Nev.) calling for profound changes in security. Reid's original bill would have required fundamental changes in nuclear industry contingency planning and training for dealing with worst-case scenarios, as well as federalizing all security personnel under the control of the NRC.

Scott Peterson, vice president of the NEI, dismissed Reid's proposal as a "non-starter" that would throw the industry's security program into disarray. Industry officials intensely lobbied -- and won over -- many members of the Senate Environment and Public Works Committee during meetings and tours of nuclear power plants.

Reid abandoned his proposal this summer and instead worked out a bipartisan compromise approved by the committee that includes several provisions long sought by industry -- such as authorizing guards at all nuclear plants to carry automatic weapons and to arrest suspected terrorists.

The chemical industry has been even more adamant in opposing mandatory federal regulations. The Environmental Protection Agency and the White House's Office of Homeland Security for months have tried to craft new security standards for chemical plants that produce and store hazardous materials. But industry lobbyists and their congressional allies have exploited rifts in the administration to keep the proposals bottled up.

The American Chemistry Council, which represents the nation's largest manufacturers, including Dow Chemical and Dupont, says companies are already doing all that is necessary, including building fences, hiring more guards and eliminating stockpiles of deadly liquid chlorine. But the industry group represents a small fraction of the chemical, water and waste treatment plants that handle large quantities of hazardous chemicals, and some lawmakers say an industry-wide approach is needed to close security gaps.

The Senate environment committee in late July approved a bipartisan bill crafted by Sen. Jon S. Corzine (D-N.J.) that would give plant operators 18 months to certify their compliance with new prevention-and-response plans developed under the aegis of the EPA. The chemical industry, the American Petroleum Institute, the National Association of Manufacturers, the U.S. Chamber of Commerce and others have joined forces to try to kill the bill if it reaches the Senate floor this fall.

Shipments by Sea
Retailers and manufacturers are also fighting new screening procedures for U.S.-bound cargo, despite repeated warnings from Customs Commissioner Robert C. Bonner that terrorists could stash nuclear, chemical or other weapons in one of the 5.7 million containers that arrive at U.S. ports each year.

Ocean carriers are not required to provide copies of their cargo manifests until they arrive. Most carriers voluntarily provide the information electronically two days or more before arrival. But Customs officials want it 24 hours before goods are even loaded overseas.

"To us, 24 hours just doesn't make sense," said Gold, the official from the International Mass Retail Association, whose members operate more than 100,000 stores, manufacturing facilities and distribution centers nationwide. International retailers say the new regulations would disrupt companies that rely on "just-in-time" shipments, and would add unnecessary time and costs to retailers dependent on steady overseas shipments.

The retail association also contends that providing information so far in advance to the ocean carriers could increase the risk of theft. They say that the information could wind up in the hands of competitors. Gold said his members believe that they -- not the carriers -- should provide information about the shipments directly to Customs in secure communications.

Objection From Banks
There is also tension between the Treasury and U.S. banking and trade officials over how far to go in verifying customers' identities and uncovering suspicious activities, to comply with the USA Patriot Act, the anti-terrorism legislation that Congress passed after Sept. 11.

In July, the American Bankers Association, the Securities Industry Association and nine other financial trade associations formally objected to a proposed regulation that would force them to gather more information on foreign institutions that open "correspondent accounts" in U.S. banks.

David D. Aufhauser, general counsel for the Treasury Department, said the banks should comply for the sake of public safety. "The financial institutions are the gateway to America for capital that could be intended to injure people," he said. "I recognize they say this is an added burden. But the return is exponentially more than the cost."
**************************
News.com
University to challenge copyright laws
By Declan McCullagh

Duke University's law school has received an anonymous $1 million gift to fund advocacy and research aimed at curtailing the recent expansion of copyright law.
The school, which plans to announce the gift at a conference in Washington on Thursday, is using the money to fund a center focused on finding "the correct balance" between intellectual property rights and material that should be in the public domain.

James Boyle, a Duke law professor and co-director of the school's Center for the Study of the Public Domain, says that the center is likely to look skeptically at recent laws like the Digital Millennium Copyright Act (DMCA) and a measure that extended duration of copyrights by 20 years.


"This is an attempt to figure out the balance between intellectual property and the public domain," Boyle said. "How much protection do we need?...If you want to have a rich culture and an innovative society, you have to leave a large amount of material freely available for all to use."

By using the term public domain, Boyle is talking about creative works such as movies, books and music that are not covered by copyright law. A work enters the public domain when the creator voluntarily relinquishes copyright protection, or, as in the case of Shakespeare's writings, when the copyright term expires.

Boyle says he is not a copyright abolitionist. He agrees that some legal protection is necessary. But, he added, "the burden of proof should be on those who say we need to have property rights in this situation. Why will this work? Why is this necessary? We see the system getting out of control, out of balance. This is a way to restore the balance."

Recent debates in Congress have started from the viewpoint of the Recording Industry Association of America and the Motion Picture Association of America, rather than from what's good for consumers, Boyle said.

Kate Bartlett, the law school's dean, said she could not reveal the name of the donor. The person "wants to keep even the general background information confidential," Bartlett said.

Eight movie studios have successfully wielded the DMCA to force 2600 magazine to delete a copy of a DVD-decoding utility from its Web site, and the U.S. government last year arrested a Russian programmer on charges of creating and selling a program to rip the copy-protection technology away from Adobe Systems' electronic books.

More recently, Reps. Howard Berman, D-Calif., and Howard Coble, R-N.C., have introduced a bill designed to limit peer-to-peer piracy. It would rewrite federal law to permit nearly unchecked electronic disruptions if a copyright holder has a "reasonable basis" to believe that piracy is occurring on peer-to-peer networks.

On Thursday, the National Academy of Sciences is convening a two-day conference in Washington titled, "The Role of Scientific and Technical Data and Information in the Public Domain."
**************************
Associated Press
Web Freedom Eroded in Terror War
By JOHN LEICESTER, Associated Press Writer

PARIS (AP) - Several Western democracies have become "predators of digital freedoms," using the fight against terrorism to increase surveillance on the Internet, an international media-rights group said Thursday.



Reporters Without Borders criticized not only authoritarian states such as China that tightly police Internet use, but also Western governments including the United States, Britain, France, Germany, Spain, Italy and Denmark and the European Parliament.

"A year after the tragic events in New York and Washington, the Internet can be included on the list of 'collateral damage,'" the Paris-based group said in a report. "Cyber-liberty has been undermined and fundamental digital freedoms have been amputated."

The report accused China, Vietnam and other countries hostile to dissent of using the international counterterrorism campaign "to strengthen their police mechanisms and legal frameworks relating to the Web and to increase pressure on cyber-dissidents."

Among cases cited was that of Li Dawei, a former policeman sentenced in July to 11 years in prison on charges of using the Internet to subvert the Chinese government.

But even among Western democracies, "many countries have adopted laws, measures and actions that are poised to put the Internet under the tutelage of security services," Reporters Without Borders said.

It said measures to record information about Web sites visited and e-mails sent and received risk turning Internet providers and telecommunications firms "into potential branches of the police."

Since Sept. 11, many governments have sought to respond to concerns that terrorists can use the speed, ease of communication and relative anonymity of the Internet to plan attacks, swap information, transfer funds and publicize their ideas.

Critics fear the measures will erode users' privacy and freedom of speech, cause them to trust the Internet less and ultimately hurt the Internet's value as a new communications medium.

Two other advocacy groups, the Electronic Privacy Information Center and Privacy International, also said in a report this week that governments worldwide have made it easier for authorities to eavesdrop on telephone and online conversations in order to fight terror.

Reporters Without Borders cited dozens of measures adopted or proposed by governments to expand police powers on the Web, including:

_A Canadian anti-terrorist law adopted last December "clearly undermines the confidentiality of exchanges of electronic mail," the group said.

_"Magic Lantern" technology being developed by the FBI ( news - web sites) will allow investigators to secretly install over the Internet powerful eavesdropping software to record every keystroke on a person's computer.

_A new French law requires Internet providers to keep records of e-mail exchanges for one year and make it easier for authorities to decode messages protected by encryption software.
*****************************
Federal Computer Week
Taking cyber predators to task


Whether it's soliciting sex from minors or distributing child pornography, crimes against children have risen as Internet usage has soared.

To keep pace with the problem, the federal government, in conjunction with state and local law enforcement agencies, has established task forces geared toward investigating crimes, training personnel and reaching out to the community.

That effort, coupled with advances in technology, such as a secure portal to exchange extremely sensitive information, may help stem the increasing tide of such incidents, officials said.

Leading the high-tech crackdown are the Internet Crimes Against Children (ICAC) task forces, regional programs funded by the Justice Department.

Justice launched the task force project after then-FBI Director Louis Freeh and Ernest Allen, president of the National Center for Missing and Exploited Children (NCMEC), testified in Congress that state and local law enforcement agencies needed to be enlisted in the fight.

Congress provided $2.3 million in special appropriations to create what amounted to "law enforcement cyber units," said Ron Laney, director of the child protection division at the Office of Juvenile Justice and Delinquency Programs, which oversees the ICAC task force program.

Every year since then, the government has increased funding to create and sustain the ICAC task forces. This year, funding grew to $6.5 million, Laney said, adding that the Bush administration's proposal for the next fiscal year is $12.5 million. Thirty task forces have been set up nationwide. Another six have been proposed for development by the end of the year and possibly another four or five next spring, he added.

The task forces not only investigate Internet crimes but also help train and provide technical assistance to other state and local law enforcement agencies.

"The issues of child exploitation are exploding and getting bigger," said Ruben Rodriguez, director of NCMEC's exploited child unit. "More individuals are using the Internet to entice children to disseminate illegal content, child pornography. Obviously, this communication medium is facilitating the exploitation of the world's children."

The exploited child unit acts as a resource center and provides leads for federal agencies, such as the FBI, the Customs Service and the U.S. Postal Service, state and local task forces and other agencies through a cyber hot line.

The ICAC board of directors, which is composed of the leaders of each of the task forces and other participating groups, recently began testing a new secure Web portal called the Law Enforcement Data Exchange, or LEDX.

LEDX is designed to enable task forces and other agencies to securely share sensitive information about investigations, training practices and educational tools for parents and children. The system also has a high-level search engine that can provide law enforcement officers with excerpts or specific information on an individual, such as aliases.

Integrated Digital Systems/ScanAmerica Inc. is absorbing ongoing expenses, including design fees, to keep the site running. The company also provides LEDX members with Incident Document Management Software Edge 3.0, a case file management system and a way for agencies to transfer paper records and files to LEDX.

Besides ease of use and better information sharing, the system can eliminate the mishandling of extremely sensitive and graphic case material.

"We had people go ahead and FedEx us cases, which is pretty standard," said Capt. Rick Wiita of the Bedford County Sheriff's Office in Virginia. "And the next thing you know, the secretary two doors down gets the package, opens it on up. They open up images of child pornography and our evidence. OK, so what happens to our chain of evidence now? It's contaminated. It happened one time. It was a nightmare. We didn't want it ever to happen [again]."
***************************
Government Computer News
Maine rings in a new school year with iBooks
By Wilson P. Dizard III

The 18,000 seventh-graders in Maine will begin class this year with new Apple iBook notebook computers, as the Maine Learning and Technology Initiative begins its first full year of providing the systems to students.

Maine Gov. Angus King has pressed for the program since 2000. Last winter, prospects for the initiative dimmed as state legislators called for a raid on the program's trust fund to defray a looming state budget deficit. But backers of the program prevailed and the state's Education Department in January awarded a four-year, $37 million contract to Apple Computer Inc. to provide the notebooks as well as training for teachers and other services [www.gcn.com/vol1_no1/daily-updates/17738-1.html].

The initiative's fund is now about $25 million, said King's spokesman, Tony Sprague. Under King's plan, regular appropriations will support the program after the trust fund is exhausted in four years.

The project will supply 239 schools, some of which opened in mid-August; all the schools will be open by the end of this week, Sprague said. Next year, the Education Department plans to extend the program to the eighth grade, with the purchase of 18,000 more notebooks. The department has made sure that about 1,000 notebooks will be bought each year for teachers.

Sprague said schools that participated in a pilot program involving about 700 students in the spring semester reported reduced absenteeism and fewer discipline problems. Teachers in the pilot reported that the notebooks helped students become engaged in their studies, Sprague said.
**************************
Federal Computer Week
Homeland bill veto threatened

The White House on Sept. 3 threatened to veto the Senate's homeland security bill unless certain restrictions are taken out and the administration's requested management flexibilities are added back in.

This is the latest action in the increasingly heated debate between the Bush administration and the Senate over the creation of the proposed Homeland Security Department and other functions designed to combat terrorism.

The statement of administration policy released by the Office of Management and Budget lists three steps that the Senate must take before President Bush will sign the bill. The White House is calling for the Senate to:

n Remove new restrictions on the president's existing national security authorities, particularly the section restricting the president's ability to exempt agencies involved in national security matters from the Federal Labor Relations Management Act.

n Eliminate the call for a new statutory homeland security office within the Executive Office of the President to be headed by a Senate-confirmed director.

n Provide the proposed Homeland Security Department's secretary with increased flexibility to reorganize people and functions, and transfer funding between organizations.

Last week Sen. Joe Lieberman (D-Conn.), chairman of the Senate Governmental Affairs Committee, sent a letter to his colleagues outlining his objections to these same portions of the administration's plans and requests.

And at a meeting of the President's Homeland Security Advisory Council last week, experts from government and the private sector said the homeland security effort would most likely not be successful unless the management flexibilities called for by the Bush administration are in place.

Those advisers also suggested several additional steps that could be taken to make the changes in the federal system fully effective, including requiring senior executives and managers slated to join the proposed department to apply for the new positions they would hold.
****************************
Federal Computer Week
DOD joint concepts in question

The Defense Department's Joint Forces Command lacks some key management elements, and that makes it unclear whether its recommendations on joint experimentation will have an impact on military transformation, according to a General Accounting Office report released last week.

The Joint Forces Command has been the DOD's executive agent for joint concept development and experimentation for four years. In that time, the command has made progress in increasing joint participation in military exercises and experimentation. It also recently wrapped up Millennium Challenge 2002, the largest joint military experiment designed to see how well the critical systems of the individual services link with one another.

However, no recommendations from joint experimentation have ever been approved or implemented, according to the GAO report released Aug. 29, "Military Transformation: Actions Needed to Better Manage DOD's Joint Experimentation Program."

The Joint Forces Command issued three recommendations last year, but they were not approved by the Joint Requirements Oversight Council (JROC) due to confusion among the Joint Staff and the Joint Forces Command about a proposed change in guidance requiring additional cost and timeline data to be included in the submissions.

"As a result, it is not clear when these recommendations will contribute to military transformation," according to the GAO report, which noted that the command plans to resubmit the recommendations this year. However, "several DOD officials expressed concern that the resource allocation process may be too slow to provide rapid and timely funding for the implementation of new concepts merging from joint experimentation and that other, more rapid resource mechanisms may be needed."

The GAO report made four recommendations to aid the command:

* Approve and issue guidance that clearly defines the information required to accompany joint experimentation recommendations for the JROC's review and approval.

* Require the commander in chief of the Joint Forces Command to develop strategic planning tools to use in managing and periodically assessing the progress of its joint experimentation program.

* Require that the Defense secretary develop quantitative and qualitative performance measures for joint experimentation in DOD's annual performance report to provide a better assessment of the program's contribution to advancing military transformation.

* Clarify the role of the Office of Force Transformation and its relationship to the chairman of the Joint Chiefs of Staff, the Joint Forces Command and other key stakeholders in the joint experimentation program.

The report was not entirely critical. It found that the command has increased participation of key military and non-DOD stakeholders, such as civilian agencies, academia, industry and foreign allies, in experimentation activities. The report also noted that the command had embraced videoconferencing, e-mail and the Internet to obtain input and integrated the results of military operations, technology efforts and other DOD organizations' experiments into its activities.

To further improve communications and participation in joint experimentation planning, Joint Forces Command will soon launch a virtual planning center on its intranet to provide DOD stakeholders with weekly updates on pertinent information. Requirements for the site will be developed this fall, and the project will be started soon after.

DOD received a draft copy of the GAO report, and the department concurred with its recommendations in an Aug. 8 letter from Christopher Lamb, acting deputy assistant secretary of Defense for plans and resources. Lamb's letter also said that DOD guidance documents will "address and clarify" the issues raised in the report.
*************************
Federal Computer Week
Letter to the editor
Protect notebooks, networks
Sept. 3, 2002

We all should be alarmed about the loss of laptop computers at government agencies ["Laptops lost, stolen at Justice"]. But this is nothing new.

In 2000, a laptop was stolen from a State Department conference room by a stranger who simply walked into the building. Since then, laptop thefts nationwide have increased more than 50 percent. Based on estimates I've seen, about 1,600 units are stolen each day in this country.

But theft of the physical device is only part of the problem. Protecting the data stored on notebooks is the real issue. Also, a notebook can be used to gain access to networks because laptops sometimes contain remote-access log-in scripts, e-mail addresses and passwords. So protecting notebooks also means protecting networks.

What makes data theft insidious and frightening is that we may never know that someone has gained unauthorized access to sensitive information. Remember: If a person can steal a laptop, that same person can probably download information from a laptop without ever stealing the hardware. Think about it. Who is watching your laptop at the office when you go out to lunch? Who is guarding your data when you're on a road trip and you leave your computer in your hotel room?

The range of techniques available to protect computers and data is very broad and surprisingly simple. Security cables, alarms (motion-sensor alarms are available, to answer a letter to the editor dated Aug. 21), equipment tagging, data encryption software and access control technologies are a few.

But the important point is that more than one technology should be used.

For instance, use a physical lock, which is easily displayed. That will slow down or turn away the opportunistic thief. However, spies undeterred by locks and other devices will be thwarted by strong data encryption software and computer access control programs.

We've written a monograph on this subject and would be happy to send it to any interested person. Feel free to contact PC Guardian at info@xxxxxxxxxxxxxxx In the subject line, write "Notebook Theft Monograph."

Steven Lerner-Wright
PC Guardian
*************************
Government Computer News
Most e-gov initiatives are ready to take off
By Jason Miller

Mark Forman and his colleagues at the Office of Management and Budget expect to be busy over the next four months with the launch of up to 21 first or second iterations of the 24 Quicksilver e-government initiatives.

OMB's associate director for IT and e-government yesterday discussed how he sees agency projects moving over the next six to eight months at the Interagency Resources Management Council conference in Hershey, Pa.

"The first cycle was getting up Web sites, simple tools to show that the government can provide integrated customer-centric focus," Forman said. "Virtually all the projects will have that first iteration done with some neat tool. Now we are about to start or, in some cases are already into, the second iteration. It is all about re-engineering; it is all about changing the way we do work, fixing the management problems to make it simpler."

Forman said the first version of the Transportation Department's Online Rulemaking system and the second iteration of the Interior Department's Recreaction.gov Web site will be unveiled in late September. The General Services Administration's E-Authentication prototype will launch in mid-September, letting citizens perform transactions with three or four projects, including some that are not among the 24 e-government initiatives, Forman said.

The Small Business Administration is planning to release the second version of its Business Compliance One-Stop by early November, Forman said.

Two other projects came online earlier this summer, Forman said. The Health and Human Services Department put an E-Grants portal prototype online, and the Treasury Department's Simplified and Unified Tax and Wage Reporting project put the 94x series of forms on the Web.

Forman said Disasterhelp.gov moved past its initial problems after Joe Allbaugh, director of the Federal Emergency Management Agency, the agency leading the effort, sorted out several obstacles to the project with the head of another agency, which Forman declined to name. Forman said the site should be up in the next two months.

The Defense Department is working with the State and Commerce departments to launch an e-government project outside of the 24 Quicksilver initiatives. Forman said U.S. Export, a joint business case the three agencies will submit later this month, will let agencies conduct complicated paper processes for some licenses online.

"I'm very happy with the change we are seeing," Forman said. "We have to continue to focus on the Web. This is the fundamental way we are dealing with the public."

Forman said that by next summer OMB will give the projects' managing partners the choice of two Web service platforms that will let the initiatives more easily share similar transactional processes. He said the platforms will be the IBM Grid Computing Platform and Microsoft .Net.

"Not every organization that does that transaction will have to own a piece of software to do that," he said. "This is one of big reasons we focused on enterprise architectures so we can sync this up across agencies. This is a revolution in IT industry that we have to be in the forefront of and free up resources to focus on it."
************************
Government Computer News
Homeland Security Office will set up a videoconferencing system
By Jason Miller

The Homeland Security Office is setting up a secure videoconferencing system to let director Tom Ridge communicate more easily with state governors.

James Flyzik, a senior adviser to Ridge, discussed the office's progress on a variety of projects during the opening ceremony of the Interagency Resources Management Council conference.

The videoconferencing system will be in place by the end of the year, Flyzik said. It will use Integrated Services Digital Network and other types of fast connections.

"It will start with portable devices and over time merge into a permanent system," he said. "We want to be able to set it up and take it down quickly."
************************
Government Executive
Lack of cybersecurity specialists sparks concern
By Molly M. Peterson, National Journal's Technology Daily

The United States is facing an alarming shortage in skilled workers to protect the nation's critical infrastructures from cyberterrorism and other threats, several homeland security and high-tech experts said Wednesday.

"There is going to be more demand ... for people with [information technology] skills," Harris Miller, president of the Information Technology Association of America, said during a cybersecurity conference in Washington sponsored by the MIS Training Institute. "It is a huge problem we have in this countrynot having enough people with adequate skills and training."

Stressing the need to make information security second nature, Mark Holman, deputy assistant to the president for the White House Office of Homeland Security, said the president's forthcoming national strategy for cybersecuritydue to be released Sept. 18will address the need for skilled workers to help defend computer networks.

Holman said the strategy aims to be a "living document" that will grow and change as the technology changes. The document will contain sections that address home users' security and network security issues, Holman said. It also will categorize critical infrastructure issues by industry, such as water filtration, electricity or telecommunications.

Government and industry also must educate each other about infrastructure vulnerabilities and threats through information-sharing analysis centers (ISACs) and other partnerships, according to Ronald Dick, director of the FBI's National Infrastructure Protection Center.

Dick noted that although about 90 percent of the nation's infrastructures are owned and operated by the private sector, "the scale at which the private sector looks at vulnerability assessments is very narrow from a national infrastructure-protection standpoint."

Finding and retaining skilled workers to protect the military's critical infrastructures also must be a priority, according to Pennsylvania Republican Curt Weldon, who chairs the House Armed Services Procurement Subcommittee.

Weldon said the military is facing a crucial shortage in information security specialists, in part because workers with those skills can earn more money in the private sector. "It's been a challenge to keep that level of competence in the military," Weldon said. "We're still on the cutting edge, but ... it's extremely difficult."

Weldon said he plans to propose a new scholarship program in which the federal government would pay the undergraduate and graduate tuitions of students seeking careers in information security. Those students in turn would spend several years as "cyber warriors" in the military.

Weldon said "information dominance" will be a military buzzword in the coming years because terrorist networks and enemy states that could never match U.S. strength on the battlefield are looking to cyber warfare as a central strategy.

"All that smart technology that allows us to dominate any battlefield at any time is all computer-dependent," Weldon said. "We've never fought this kind of threat before."

A failure to protect the nation's critical infrastructures could have disastrous consequences, both at home and on battlefields abroad, Weldon said. "We don't know when or where the next attack will occur," he said. "But I can tell you this: It will involve information systems."


Maureen Sirhal contributed to this report.
***************************
USA Today
Critics protest anti-drug tactics
By Donna Leinwand, USA TODAY

In drug-plagued neighborhoods of Wilmington, Del., it's become a nighttime routine: Police "jump out" squads descend on a street corner, round up a few suspected dealers and cart them off to jail.

But then the cops go a step further: They detain others in the area for up to two hours, take digital photographs of them, get their names and other details, and then put the information in a database to use in future investigations.

The new database is part of an increasingly aggressive anti-crime effort in Wilmington that has drawn criticism from civil liberties groups. It also has thrust the city of 73,000 to the forefront of a national debate over whether law enforcement's use of such technology violates citizens' privacy.

Like several cities, Wilmington has embraced a range of surveillance techniques to try to make its streets safer. Video cameras monitor downtown corridors, and cameras at intersections photograph the license plates of red-light runners.

In troubled neighborhoods, police have asked residents to sign affidavits waiving their Fourth Amendment right to refuse a search of their property, so officers without search warrants can nab drug dealers who hide on front porches, in laundry rooms and in apartment buildings.

The affidavit plan did not raise many objections or much interest when it was introduced in June. Only two residents have signed such forms.

But the camera-toting squads that began that month quickly drew fire. Critics say spying on residents and keeping a database of "potential criminals" invades privacy and tramples the presumption of innocence.

"The 'jump out' squads are the tactic of rounding up the usual suspects," says Barry Steinhardt, director of the technology and liberty program for the national American Civil Liberties Union in New York City. "They are stopping, searching and putting into a database photographs of people whose only crime is being in the wrong place at the wrong time. It's bad law enforcement, and it's bad for civil liberties."

Wilmington City Councilman Theo Gregory, a public defender who opposes the tactic, says the brief detentions amount to "guilt by association."

City officials who support the database program and other surveillance techniques say they have helped to lower Wilmington's crime rate at a time when many cities are seeing crime rise. The officials also say police dragnets in high-crime areas rarely snag innocent people.

Wilmington Mayor James Baker and Police Chief Michael Szczerba, who oversees 289 officers, say the approach has contributed to an 8% drop in major crimes such as homicides, burglaries, robberies, rapes and assaults this year, compared with 2001. Shootings, however, were up 40% during the first six months of this year. Through June, there were 49 shootings, compared with 35 at the same time in 2001.

Szczerba says the people who are detained almost always are involved in the drug trade, perhaps as "touters" who stand in the street to drum up business, or as lookouts for dealers. Officers may not arrest such people if they do not catch them doing anything illegal, but the officers may detain them for up to two hours to gather intelligence.

The mayor's office says police have detained 588 people since the corner deployments began in June. Of those, 471 have been arrested.

The other 117 were not arrested but, like those who were, had their names and photos put into the police database. City officials say 84 of those who were not arrested had at least three felony convictions.

"If you come into our city to take in a ballgame or dine at a restaurant or go to a theater, you likely won't know about these corner patrols," Szczerba says. "But if you come to sell drugs or drink alcohol on the corner or just be a general nuisance, you're going to see us."

U.S. courts have held that people in public places have no reasonable expectation of privacy and may be photographed without their knowledge. Innovations such as the digital-photo databases could bring a new round of legal challenges, Steinhardt says.

Wilmington's database represents the latest turn in a national movement in which cities, after nearly a decade of historically low crime rates, are turning to advances in surveillance technology to try to curb what many officials view as inevitable increases in crime.

More than a dozen U.S. cities use surveillance cameras. Los Angeles has motion-sensitive cameras in high-crime areas to discourage dumping, graffiti and crime. When a sensor is triggered, the camera takes a picture and plays a recording: "We will use this photograph to prosecute you. Leave now."

Virginia Beach and Tampa monitor public areas with video cameras linked to sophisticated software that allows authorities to quickly compare the facial features of those who are taped. Federal police in Washington have put surveillance cameras on national monuments. Pittsburgh monitors its city pools with digital video cameras that provide live feeds that can be monitored remotely by computer.

In Wilmington, more than 100 surveillance cameras have scanned downtown streets since April 2001. Most of the cameras were installed by private businesses and corporations, but they are linked to a network of 13 cameras on public land that can send live video feeds to police dispatchers.

A private security company monitors the cameras for 16 hours a day to track suspicious activity, Szczerba says.

City officials say the cameras have had some success in tracking criminals. Officials from a merchants' group that helped to sponsor the cameras held a news conference in April 2001 to show video of two men who allegedly stole newspapers from a vending machine. The cameras tracked the suspects as they carried off the papers in a shopping cart until police drove up to arrest them, the local newspaper reported.

Earlier last year, the city put 10 cameras at intersections to catch red-light runners. By May 2002, the cameras had been responsible for 25,000 tickets.

The affidavit program took effect June 1. Homeowners who sign the agreement give police advance permission to enter their property without a search warrant.

Gregory fears such moves will lead to illegal interrogations of residents. He says he hasn't received any complaints from constituents. But he adds that he is concerned that many people might be unaware of their right not to answer questions from police, or that they could be afraid to complain.

Wilmington's police chief says his officers are operating within the law. "Any time you are progressive and assertive in the way you police," Szczerba says, "you're going to draw attention."
**************************
USA Today
Teenangels make cybersafety a number one priority

PALO ALTO, Calif. (Reuters) As if sexual predators and computer viruses weren't enough for the youngest set of Web surfers to worry about, they also have to be on the lookout for their peers.

That's the view of one teenaged expert on security issues involving younger computer users. Hackers and predators are considered the biggest threats, but some dangers are to be found closer to home, this expert says.

"Parents always think it's pornography. Actually it's other people," said 17-year-old Tyler of Hortonville, Wis., who asked that his last name not be used.

Tyler is one of about 60 active Teenangels, a group of volunteers who work to ensure the safety of children and teenagers on the Web by producing educational videos, teaching kids about anti-virus software and compiling tips on how to avoid predators.

Tyler has received six weeks of specialized online safety instruction from the Federal Bureau of Investigation, the Department of Justice, local law enforcement, librarians, educators and others.

In working on the problem, Tyler has discovered that not all of the dangers are posed by adults ââ?¬â?? something that parents and computer security professionals tend to overlook. While predatory adults and experienced hackers clearly put teens and children ââ?¬â?? or their computers ââ?¬â?? in serious danger, other kids may also inflict major damage. As anyone who has survived their teens knows, a friend today may be an enemy tomorrow.

"Kids can harass each other; you have to watch out and not give out too much information," Tyler advised.

Some kids send computer worms for kicks. Others use personal information to change someone's passwords, and then send trouble-making Internet messages from that account. Still others build hate sites targeting certain people or groups.

Tyler said he protects himself with anti-virus software and by limiting what he reveals when online. It also helps that his friends aren't "computer people."

"They're sports people, they like to hang out at the mall or do other things," said Tyler.

"These kids are Internet safety experts. I'd put them up against anyone else," said Parry Aftab, who started Teenangels four years ago in New Jersey. The group falls under an umbrella Internet safety and education organization called WiredSafety.org. Affiliated groups include WiredKids.org, WiredPatrol.org and WiredCops.org.

Aftab hopes to expand Teenangels, which now has two active chapters, with the help of committed local sponsors.

Kids are eligible for Teenangels when they turn 13 and can remain in the group through their college years, said Aftab, an Internet security and privacy lawyer who also penned The Parent's Guide to Protecting Your Children in Cyberspace.

Teenangels works because kids listen to other kids, Tyler and Aftab said.

"I've given up on parents. Parents just aren't doing it," said Aftab. "They're not talking to their kids about protected sex. They're not talking to their kids about drugs. They're not talking to their kids about the Internet."

That being the case, she got kids talking ââ?¬â?? then started listening and learning.

"We catch the newest trends on how predators are trying to lure them ... the latest things they're doing. They've helped us enormously," she said.

While WiredSafety leaves the hands-on fight against child pornography and cyberstalking to adults, Aftab stressed that kids have a big role to play in awareness and education.

And, as a recent case showed, Internet-inspired meetings between teens also can have deadly consequences.

Last month, a 17-year-old boy in New York was accused of killing a 14-year-old girl he met in an Internet chat room.

The two had spent lots of time talking on the telephone, but just hours into their first face-to-face meeting, the boy stabbed and beat the girl to death. He then torched her house in an effort to cover the crime.

Police later learned that she was home alone and had told the boy that she, too, was 17.
*****************************


Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx