[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips March 18, 2003

To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;
Subject: Clips March 18, 2003
From: Lillie Coney <lillie.coney@xxxxxxx>
Date: Tue, 18 Mar 2003 16:19:19 -0500

ARTICLES

College Media Group Cautions That 2 Copyright Laws Could Collide [DMCA]
NIST rates facial recognition systems
Online security clearance system to debut in June
Microsoft Software Hole Leads to Computer Attacks
Grocery-Style Bar Codes to Spread to Hospitals
Open source advocate suggests incentive program
CIOs Feel Stress From Tighter Budgets
Justice IG says foreign student tracking system inadequate
Treasury loses IT staff to homeland efforts
United Nations employs 'eye-tech' solution
Sprint wins first round in Utah antispam law case
Brokerages face big IT bills to comply with USA Patriot Act

*******************************
Chronicle of Higher Education
College Media Group Cautions That 2 Copyright Laws Could Collide
By ANDREA L. FOSTER

A group representing college media centers is warning the U.S. Copyright Office about a possible conflict between two federal laws, one meant to limit electronic access to copyrighted material and the other designed to broaden access to the same material for online education.

At issue are the Technology Education and Copyright Harmonization Act and the Digital Millennium Copyright Act. The first measure is known as the Teach Act and was signed into law in November. It amended copyright law to allow college instructors to use nondramatic works, such as news articles and novels, and portions of dramatic works, such as movies, in online courses without paying fees and without seeking the copyright holder's permission.

The second law, which took effect in 1998, has a section that makes it illegal to bypass technologies that block access to copyrighted material. In a letter sent last month to the Copyright Office, the Consortium of College and University Media Centers says it wants clarification of that section of the digital-copyright law, known as the anti-circumvention provision.

What worries the media centers is that colleges might not be allowed to bypass copying protections even when they need to do so to use materials from CDs and DVDs for distance education, as permitted by the Teach Act in certain circumstances. The problem arises when digital materials are not also released in non-digital formats that the colleges can fall back on, such as print.

The group represents 312 college media centers, many of which are responsible for helping faculty members create online courses.

The group's letter was among dozens sent to the copyright office. It is considering exceptions to the anti-circumvention provision, as it is legally required to do every three years.

Noting that colleges have barely begun to apply the provisions of the Teach Act, the group says that given the law's "great promise and its expected wholesale adoption by nonprofit higher education ... we cannot wait another three years to deal with the impact of this conflict after the fact."

Jeff Clark, the chairman of the college media group's government regulations and public-policy committee, wrote the letter. He says he knows of no specific cases in which colleges have felt constrained from taking advantage of the Teach Act because of the anti-circumvention provision.

"It was more a proactive measure," he says.

Allan R. Adler, vice president for legal and governmental affairs for the Association of American Publishers, which helped draft the Teach Act, says the kind of conflict that Mr. Clark's letter describes would be "very rare." Publishers of books and journals almost always have analog versions of digital material. Those that do not often market digital material specifically for educational purposes, he says.

Later this year, the Copyright Office is expected to reveal its opinions on the comments it has received during hearings on the issue.
*******************************
Government Computer News
03/17/03
NIST rates facial recognition systems
By Wilson P. Dizard III

After testing 14 facial recognition products, the National Institute of Standards has identified software from Cognetic Networks Inc. of Houston, Eyematic of Los Angeles and Identix Inc. of Minnetonka, Minn., as the most reliable.

For its Face Recognition Vendor Test 2002, NIST evaluated facial recognition software by comparing 121,589 images of 37,437 people, an extremely large data set (Click here for GCN story).

The USA Patriot Act of 2001 mandated that NIST do the tests as part of a broader initiative to use biometric systems at border crossings. The agency ran the tests in July and August at the Naval Surface Warfare Center in Dahlgren, Va.

The test had three parts. First, NIST asked the systems to match a facial image against the database of images and find 10, 20 or 25 similar images. Next, the systems had to verify identities using the database of images. Finally, NIST checked each system?s reliability under different lighting conditions and monitored the speed of each application.

The three top-rated systems verified identities correctly 87 percent to 90 percent of the time with a false-alarm rate of 1 percent. When NIST specified a false-alarm rate of 0.1 percent, the success rate dropped to between 79 percent and 82 percent.

When checking facial images against a watch list of 25 images at a false-alarm rate of 1 percent, the top three systems were accurate about 80 percent of the time. The success rate fell to below 60 percent when NIST expanded the watch list to 3,000 images at the same false-alarm rate.

Based on the tests, NIST reached some general conclusions about facial recognition systems:

The systems recognize men more easily than women.

Younger people are harder to recognize than older people.

Recognition from video imagery is not much better than from still images.

Even topflight software is not sensitive to typical indoor lighting changes.

The technology has improved substantially over the past two years.

Click to link to the results of the NIST test
*******************************
Los Angeles Times
Kaiser Scrambles to Correct Prescription Mix-Up
By Lisa Richardson
Times Staff Writer

March 18, 2003

A computer glitch last week caused Kaiser Permanente in Northern California to issue thousands of prescriptions that were potentially erroneous to patients throughout the region.

So far, Kaiser officials say no patients have reported adverse reactions to a prescription because of the mix-up, which affected refills issued Thursday morning in the health-care giant's pharmacy system only in Northern California. A power outage reportedly triggered the computer trouble.

The problem may have involved as many as 13,700 prescriptions being prepared Thursday morning, according to state officials who said they are looking into the matter. About 9,000 of those had not yet been dispensed and were then reviewed and corrected if necessary.

Of the remaining 4,700 patients who received prescriptions, Kaiser officials said, all but about 140 had been contacted by Monday. Couriers notified the chronically ill.

Kaiser officials said Monday that they did not know exactly how many errors were made, but state officials said three possible types of mistakes had been discovered: a patient either received the wrong medication, the wrong dosage, or the right medicine with the wrong instructions.

"This is an extremely rare technical problem, but if anyone who picked up a prescription Thursday afternoon has not been contacted by us, they should immediately call their pharmacy," said Kaiser spokesman Jim Anderson

State officials praised the hospital giant's quick response, but said that the sheer scope of the mix-up could have been serious and that the glitch merits a thorough investigation.

The state Board of Pharmacy said that it has received no consumer complaints about the prescriptions, but that it, with the state Department of Managed Health Care, would closely monitor Kaiser's efforts to determine how the mistake happened.

"I've never heard of anything like this," said managed health care spokesman Steven Fisher. "We're looking into what happened and why it happened."

Daniel Zingale, the state's former HMO czar who is now secretary of the governor's Cabinet, said Monday: "No one wants to play lotto with prescription drugs, so we're taking a hard look at the timeliness of their response down to the last pill. We want to be sure there's a system for identifying this type of problem when it arises quickly."
*******************************
Government Executive
March 17, 2003
Online security clearance system to debut in June
By Amelia Gruber
agruber@xxxxxxxxxxx

An automated system to streamline security clearances and background checks for federal workers will be up and running by June, the Office of Personnel Management said Monday.

When complete, the e-clearance system will allow federal employees to update online the government form for national security positions. The online filing system will save workers time because it will let them use a two-page formthe SF-86Cto renew their applications, instead of a 13-page form every time their situation changes.

The SF-86C form has been designed, approved and is available for workers to use, but they cannot file the form electronically yet. Technology known as e-QIP, which is in its final testing phase, will make electronic filing possible. E-QIP will be ready for governmentwide use by June, according to Dan Blair, deputy director of OPM.

E-clearance, one of the 24 e-government initiatives supported by the president?s management agenda, also includes the Clearance Verification System, which will allow agencies to access the results of background investigations or view clearance forms by searching in a single database.

Until recently, most civilian agencies tracked employees? clearance histories in separate databases, said Norm Enger, project manager for human resources-related electronic government projects at OPM. The office is working on transferring all of those files into a single database. About 80 percent of the files have already been transferred and those remaining should be in the database by the summer, he said.

The complete database of civilian clearance histories will connect to the Defense Department?s Joint Personnel Adjudication System, so that for the first time, one search will pull up investigative and clearance information for both civilian and defense employees.

Digital images of investigative files will also be available under the e-clearance system. This is a daunting task, but will allow OPM to process its annual workload of about 2 million new background investigations more efficiently, Enger said. The technology for the imaging will be in place by June, but the actual imaging process will go on indefinitely as new investigation files arrive. The old files will remain on paper.

?It would be difficult to overstate the importance of e-clearance,? said OPM Director Kay Coles James in a statement marking the system?s official kickoff. ?With threats to our homeland and to our national interests overseas, providing accurate, thorough, and timely clearances to the workforce is crucial.?

OPM estimates that the e-clearance system will save taxpayers more than $258 million over the next 10 years, as the new system will process forms in one-tenth of the time currently needed. Workers who have to file clearance forms, some as frequently as every few months, will also save time using the shortened SF-86C form.

Officials did not have cost estimates for the new system readily available, but said that OPM?s background investigations unit would foot less than $10 million of the bill for the project. Officials could not estimate the cost of the digital imaging component of the project because OPM has not yet purchased the equipment needed to create the images.

The new Homeland Security Department looks forward to using the new e-clearance technology, according to Ann Tursic, chief of the department?s personnel security division. She said she sees the system as a ?smart way of doing business.? Homeland Security has already started using the new SF-86C form to allow workers entering the department to reapply for clearances without going through the hassle of filling out an entire SF-86 form, she said.

Contractors are also happy to see the new system deployed, OPM officials said. The shortened SF-86C clearance renewal forms will save contractors time when their employees switch contracts, requiring them to complete new forms. Peter Grau, a special security officer for Lockheed Martin Data and Management Services, said e-clearance will be a huge benefit to industry, especially in the long run. ?It?s something that many of us thought was long overdue,? he said.
*******************************
Reuters
Microsoft Software Hole Leads to Computer Attacks
Mon Mar 17, 7:37 PM ET

SAN FRANCISCO (Reuters) - A new security hole in Windows 2000 (news - web sites) operating system when used with Microsoft Corp.'s (Nasdaq:MSFT - news) Web server software has allowed computer attackers to compromise machines, including a U.S. Army server, a security expert said on Monday.

Microsoft said it had released a patch and information for a workaround to protect computers from becoming so vulnerable an attacker could gain complete control over a machine.

The Army server was successfully attacked about one week ago, but was not connected to any critical systems, said Russ Cooper of research and security services firm TruSecure Corp. based in Herndon, Virginia.

An Army Network Command center spokeswoman did not immediately return a call seeking comment.

The incident is rare in that software companies usually are able to release a fix for a security vulnerability before it becomes public.

This particular case is dubbed a "zero day vulnerability," and is even more serious because someone was able to develop a software tool to exploit the hole and attack computers a week before anyone had any warning, Cooper said.

The attack is known as a "buffer overflow," in which too much information is sent to a victim machine, overwhelming it, so that an attacker can sneak in.

"They're extremely rare and extremely dangerous because people don't have time to patch before they may get attacked," he said. "The attack against the U.S. Army suggests a level of sophistication and daring on the part of the attacker."

The Army cleansed the computer, but it was attacked again later, Cooper said.

Information about the patch and other fixes is available at: http://www.microsoft.com/technet/treeview/default.asp?url=/tech net/security/bulletin/MS03-007.asp

*******************************
Reuters
Grocery-Style Bar Codes to Spread to Hospitals
Mon Mar 17,12:35 PM ET
By Wei Gu

NEW YORK (Reuters) - The same bar code technology that supermarkets use to check out groceries is likely to be a standard tool for U.S. hospitals to prevent errors in medicating patients, perhaps saving thousands of lives a year.

The U.S. Food and Drug Administration (news - web sites) said last week that bar codes will be required on all prescriptions, some over-the-counter drugs and vaccines to help improve patient safety.

FDA intends to make it mandatory for all drug manufacturers to put bar codes on their labels three years after it publishes a final rule. Only a handful of hospitals and clinics now have bar code scanners in place to track medications, but the number is expected to surge in the coming months.

"Today's FDA ruling inspires other health-care providers who are still watching and waiting," said Karen Garner, spokesperson at Sutter Health.

FDA Commissioner Dr. Mark McClellan said he expected most hospitals would put in the needed technology as soon as they could, despite the expense.

The regulation is also certain to be a shot in the arm for equipment makers grappling with weak demand in other areas.

The FDA estimates that it will cost manufacturers $50 million to add the bar codes to packaging and will cost the hospital industry $7.2 billion to put in bar code readers and other technology. "It is priceless for a hospital to stay out of the headlines," said Jeffrey Schou, director of health care at Symbol Technologies Inc. ., which makes bar code scanners. "Hospitals are now looking at bar code systems as cost-cutters rather than cost-raisers."

WRIST BANDS

Among those already working with bar code systems is Sutter Roseville Medical Center in Roseville, California, where nurses use mobile devices to scan the bands on their own wrists, the patient's wrist and on the packaging of the patient's medication. A computer will confirm whether the three codes match, thus ensuring the right nurse gives the appropriate drug to every patient at the right time.

"Nurses are saying it's like having someone looking over your shoulder, making sure everything is correct," said Jane Pratt, clerical manager at the hospital.

Sutter expects to see a major decrease in medication errors due to bar coding. The University of Wisconsin Hospital in Madison said it had reduced such mistakes by 87 percent.

The incidence of patients getting too much or too little medication -- or even the wrong medication altogether -- is much higher than many people realize.

Research done by Auburn University in Auburn, Alabama showed that medication errors now occur in nearly one out of every five doses, mostly due to wrong timing and omission of doses.

The Institute of Medicine (news - web sites), a research panel affiliated with the National Academy of Sciences (news - web sites), shocked the industry in 1999 when it released a study saying as many as 98,000 Americans died each year because of preventable medical mistakes.

The FDA says the bar code system may cut the number of errors in half.

Now only about 5 percent of U.S. hospitals have bar code devices in place, but the number is expected to surge to 70 to 80 percent in five years because of the FDA proposal, said Rusty Lewis, chief operating officer at Bridge Medical, a Solana Beach, Calif., company that makes patient safety software.

Sutter Health plans to spend $50 million before 2005 on the bar code technology. Some hospitals say it is worth the cost because the additional minutes of scanning bar codes save a nurse an hour's work of manually documenting every medication and reconciling drug sheets, said Sutter's Pratt. Improving staff efficiency is important because the country faces a shortage of nurses.

The relatively recent proliferation of drugs also makes a busy nurse's job harder. In the last decade, the number of drugs has grown five-fold to more than 17,000 in the United States.

Now only 35 percent of all drugs given at the bedside are packaged with a bar code, said the National Alliance for Health Information Technology. A few pharmaceutical companies, including Pfizer Inc., have started putting bar codes on their drugs.

WINDFALL FOR BAR CODE COMPANIES

The health care industry's needs spell good fortune for bar code makers. "Last year, sales to health care companies ramped up; this year we are seeing tremendous opportunities from major health care companies," said Symbol's Schou.

Symbol's chief executive Richard Bravman said in an interview that while the outlook for technology spending remained unclear, health care, which now accounts for less than 5 percent of its business, will bring more growth than the company as a whole, as drug makers and hospitals start to put bar codes on drugs. Symbol expects total sales to grow at 15 percent to 20 percent this year.

Bridge Medical, which makes bar code devices for hospitals, said it now works with 75 hospitals, compared with just eight a year ago. Bridge is also targeting children's hospitals because medical errors are three times more likely to happen with infants than adults, said Bridge's Lewis.
*******************************
Government Computer News
03/17/03
Open source advocate suggests incentive program
By Patricia Daukantas

An open-source software advocate is proposing an incentive program to encourage developers to release their source code after it has earned a certain amount of money.

The Open-Source Threshold Escrow Program, or O-STEP, would give government agencies access to competitively priced e-government applications without proprietary lock-ins, said Tony Stanco, associate director of the Cybersecurity Policy and Research Institute at George Washington University.

Stanco spoke today at a Washington conference co-sponsored by the institute.

Under O-STEP, vendors would put their source code in escrow for open-source licensing only after purchases had reached the vendors? own sales thresholds.

Government agencies and private-sector users would have an incentive to buy the escrowed O-STEP software, Stanco said, because each purchase would bring their applications closer to open-source status.

He said he has talked to several agencies about the concept but has not yet approached software vendors about participation in O-STEP.
*******************************
TechWeb
CIOs Feel Stress From Tighter Budgets
Mon Mar 17, 4:21 PM ET
Antone Gonsalves, TechWeb News, InformationWeek

The job of CIO is getting tougher

CIOs are being asked to increase innovation and security while cutting costs to meet tighter budgets, according to a survey released Monday by IT advisory firm Gartner.

The survey of 620 CIOs during the last four months of 2002 finds that for the third consecutive year, cutting costs is the No. 1 concern for CIOs, whose jobs have been made more challenging by business managers' demands to reduce security risks and innovate faster.

"Being more cost-effective, reducing business risk, and innovating faster are extremely difficult to achieve concurrently," Ellen Kitzis, group VP for Gartner's executive program unit, said in a statement. "Together, they risk breaking the budget."

"Must-do initiatives" include those that support ongoing business objectives and increase data security and privacy. These initiatives have taken precedence over "want-to-do" projects such as customer-relationship management, knowledge management, and E-enablement.

The top technology priorities include securing systems from internal and external threats. No. 2 is application integration to get more out of legacy systems and provide greater data availability to everyone in the business. Enterprise portal deployment is another cost-effective approach to making data more easily available to employees, business partners, and customers.

CIOs say business-operating budgets are growing faster than IT budgets, which some Gartner analysts say may indicate business skepticism around the effectiveness of IT investments.

The top management priority for CIOs in 2003 is providing guidance for the board and executives, which ranked No. 6 last year.

"CIOs are providing guidance to these key executives, while continuing to demonstrate the business value of IS and IT," Kitzis says. "They are also spending time on a new focus area this year: IT governance. As companies become more complex and IT a big-budget item, the role of IT governance is becoming critical."

*******************************
Government Executive
March 17, 2003
Justice IG says foreign student tracking system inadequate
From National Journal's Technology Daily

The Internet-based system for tracking foreign students studying in the United States has "significant deficiencies," according to a report released Monday by the Justice Department's Office of the Inspector General.

The report found that the Immigration and Naturalization Service (INS) processes for certifying schools and training employees on the Student and Exchange Visitor Information System (SEVIS) are inadequate. Particular problems lie in INS' oversight of contractors hired to review the schools and in the reviews of schools' record-keeping and internal controls.

It also noted that the SEVIS database will not include information on all foreign students until Aug. 1. Schools were required to begin using SEVIS for new foreign students first by Jan. 30 and later by Feb. 15, but have until August to enter information about continuing foreign students. "Until then, the INS will continue to operate its inadequate, paper-based system to monitor continuing foreign students," the report said.

In addition, INS has not established procedures to use SEVIS to identify potential fraud. The report includes eight recommendations to improve the system.

On March 1, the INS merged with the Homeland Security Department. The Bureau of Immigration and Customs Enforcement in the department's Border and Transportation Security Directorate is now responsible for SEVIS.

In response to the IG report, Michael Garcia, acting assistant secretary of the Bureau of Immigration and Customs Enforcement, disagreed that the agency had delayed implementation of SEVIS. Garcia also said the agency conducted two extensive training sessions for adjudicators and inspectors and provided detailed guidance on the system to 107 sites.

Garcia agreed with the IG report that the Bureau of Immigration and Customs Enforcement needs more resources to properly manage SEVIS.
*******************************
Federal Computer Week
Treasury loses IT staff to homeland efforts
BY Diane Frank
March 17, 2003

While the Homeland Security Department (DHS) is coming together, other federal departments are falling apart, including the Treasury Department, which is saying goodbye to more than 50 people from its information technology staff as part of the governmentwide reorganization.

Last month, Treasury started the process by transferring more than 30 employees from the chief information officer's office to DHS, said Patrick Hargett, Treasury's director of enterprise IT planning and operations, last month at the Federal Networks 2003 conference in Vienna, Va., sponsored by TeleStrategies Inc.

Many others also will leave, but there is still just as much work to do at Treasury for daily operations and modernization efforts, particularly as officials work to make sure the transition goes smoothly, Hargett said.

"I have to find ways of literally doing more with less folks," he said.

As part of the homeland security realignment, Treasury is transitioning several of its largest bureaus to other agencies, including moving the Secret Service and Customs Service to DHS, and moving the majority of the Bureau of Alcohol, Tobacco, Firearms and Explosives to the Justice Department.

DHS is facing the task of melding those bureaus and at least 20 other organizations into a single department, and it's drawing a lot of the attention from public- and private-sector leaders. "But we shouldn't be forgetting the agencies that are left behind," said Max Stier, president and chief executive officer of the Partnership for Public Service.

Many good workers are moving to DHS as part of the transition, and Treasury's IT staff and the department as a whole will definitely feel the loss, said Fred Thompson, director of e-government projects at Unisys Corp. and former assistant director for consulting and marketing in Treasury's CIO office.

But there are still employees who know what needs to be done and are committed to juggling changing needs, such as the Internal Revenue Service's increasing prominence in Treasury's future technology requirements, Thompson said.

The department's IT staff was shrinking even before these changes. Last year, then-acting CIO Mayi Canales announced a goal to streamline IT operations at the department. At that time, it was estimated that 75 positions would be eliminated.

Treasury's IT leadership has also recently undergone major changes, with Canales, former CIO Jim Flyzik and other officials leaving in the last months of 2002. And the department's new CIO Drew Ladner, a newcomer to government started March 10.

Treasury could not provide any additional details, but a search found that in 1999 and 2000 Ladner co-founded two technology start-ups, Clique.com and Ripcord Systems Inc., in Seattle.

Having a new CIO, when so many other personnel changes are happening, might actually be a good thing, Thompson said.

"It's probably apt that [Ladner is] coming in now because he has no preconceptions" about where people should be and what they should be doing, he said.

The key for Treasury and its leaders will be to determine what the transformed department's mission needs are. Once those needs are established, officials will be able to tell what the IT staff will be doing and whether the reduced staff and other resources are sufficient for Treasury's mission, Stier said.
*******************************
USA Today
United Nations employs 'eye-tech' solution

KABUL, Afghanistan (AP) In the wilderness along Afghanistan's mountainous frontier with Pakistan, it isn't always easy to figure out who's a refugee and who's just pretending.

Now the United Nations is employing a new high-tech weapon iris scanning in a battle against refugee fraud that last year saw 300,000 Afghans return home and then, forging documents and falsifying identities, return again for a second helping of humanitarian aid.

"Basically the idea was that we have to be accountable to donors," Maki Shinohara, spokeswoman for the U.N. refugee agency in Afghanistan, said Tuesday.

"We raise funds for use by genuine refugees ... and we came to the conclusion that iris scanning is a highly effective way to avoid the misuse of that aid."

Iris recognition technology has been used for years in airports and high-security compounds, but this is believed to be the first time it's been used in the low-tech refugee world.

Aid groups have used other techniques in places like Africa to verify who's received assistance and who hasn't, namely marking refugees with invisible ink or wristbands.

The 20-second iris scanning process is simple. A photo is taken of the eye, converted into digital code and registered in a database, said Machiel van der Harst, who heads BioID Technologies, a Swiss-based company that helped develop the application used by the United Nations.

"If somebody has registered before, the database will say, 'Hey, this person has already been through here,' " Harst said. "It's much more accurate, and much quicker than fingerprinting."

The United Nations doesn't fingerprint refugees, but determines their identities instead with photographs and interviews that record what village they're from, their family makeup, why they fled and when.

Beating the system means winning extra supplies of wheat, plastic sheeting, soap and cash grants of up to $30 for transportation home.

Afghanistan has been devastated by 23 years of war and untold numbers of returnees squat in ruins with little access to food, water and jobs. Their poor state increases their incentive to score additional aid.

"It's more out of need than anything else," Shinohara said. "Out of desperation, they'll try to get as much (aid) as they can before going back to what is likely to be a destroyed village."

The U.N. High Commissioner for Refugees first set up iris scanning machines in the Pakistani town of Takhta Baig between October and December.

About 15,000 refugees were registered with the system and some 200 who turned up matches in the U.N. database because they had already registered were rejected.

"The testing proved to be very effective so we decided to deploy it full-scale this year," Shinohara said.

Before the Taliban fell in 2001, about four to five million Afghans fled into exile. In 2002, roughly 1.8 million returned.

About 300,000 others tried to register as refugees again but were rejected, mainly by U.N. staff who'd seen them before. A few were Pakistanis pretending to be refugees.

This month, the United Nations is setting up iris scanning facilities in three main crossing points in Pakistan Takhta Baig, Ali-Zai and Chaman. A fourth will be established in the Afghan city of Khost.

Some 1.2 million refugees are expected to return in 2003.

Shinohara said one woman who had been forced by her husband to register with the U.N. agency repeatedly "was actually happy to have gone through that so she won't have to cross the border anymore."

But in this conservative region of the world, not everyone is so keen.

At a U.N. repatriation center in Takhta Baig on Tuesday, 18-year-old Samina stood in line wearing an all-encompassing burqa with about 75 other men and women. Her family fled Afghanistan 22 years ago, before she was born.

"We don't want to show our face to strangers, it's against our tradition and culture," said Samina, who like many Afghans uses one name.

"But we have to go home and this is the only way."
*******************************
Computerworld
Sprint wins first round in Utah antispam law case
By TODD R. WEISS
MARCH 18, 2003

A lawsuit filed by a Utah man against telecommunications provider Sprint Corp. over spam e-mails he received last year has been dismissed by a Utah judge.
In his lawsuit last May (see story), Terry Gillman of Murray, Utah, charged that Sprint had sent him unsolicited commercial e-mail in violation of a state law that prohibited such spam.

But late last month, Utah Third Judicial District Court Judge Denise Posse-Blanco Lindberg ruled in favor of Sprint's summary judgment motion to dismiss the case because Gillman had previously registered with a Web site and agreed to receive promotional e-mails. The decision can be appealed.

Utah's "Unsolicited Commercial E-mail Act," which bans businesses from sending unsolicited e-mail, known as spam, went into effect May 6. The law says that commercial e-mail may be sent legally as an advertisement if it includes the characters "ADV:" at the beginning of the subject line in the e-mail. Such labeling lets a recipient choose not to view the message or to set up e-mail filtering software to automatically delete such messages.

According to the court, Gillman registered his e-mail address and name with the Audio Galaxy Web site on April 14, 2002. Audio Galaxy then sold its e-mail addresses to promotional e-mail business Traffix Inc.

On May 14, eight days after Utah's law went into effect, Traffix's subsidiary, GroupLotto, began a commercial e-mail campaign to advertise Sprint's Nickel Nights long-distance telephone service. Gillman requested removal from GroupLotto's e-mail list that same day.

His name and address were removed from the GroupLotto mailing list the next day, according to the court, but his name remained on some e-mails that had already been processed and were ready to go out. On May 16, he received an e-mail for Sprint's long-distance services. Soon after, he filed a class-action suit in connection with the incident.

Although Gillman argued he has already opted out of receiving additional e-mails, the court ruled that one provision of the new law -- that the e-mails were lawful because he already had a relationship with the sender and agreed to receive such e-mails -- made his case moot.

The court ruled that the new state law doesn't differentiate between an ongoing relationship and a severed relationship, since in either case there had been a relationship beforehand.

"The [law] is silent as to how a recipient like Gillman, who indisputably had a pre-existing business relationship with the commercial e-mail sender, can effectively terminate that relationship in order to claim the protection of the Act," the judge wrote in her decision. Lindberg said it will be up to the state legislature, not the courts, to better define the law's intent.

Paul Drecksel, an attorney for Sprint, had no comment on the court's ruling. Some 1,600 similar antispam law cases are pending in Salt Lake County court against various defendants, he said.

Jesse Riddle, one of the attorneys representing Gillman, said his client may appeal the court's decision. "There's a good possibility that we will," Riddle said. "The judge obviously struggled with the new statute. [It] does need some clarification."

Under Utah's law, violations are punishable by fines of $10 per illegal commercial e-mail sent, up to a maximum of $25,000 per day as the violations occur. The fines or actual damages must be awarded to the plaintiffs, according to the law.
*******************************
Computerworld
Brokerages face big IT bills to comply with USA Patriot Act
By LUCAS MEARIAN
MARCH 17, 2003

A report released last week estimates that the U.S. brokerage industry will spend as much as $700 million through 2005 on technology and outsourcing services in order to comply with the antiterrorism and anti-money-laundering regulations of the USA Patriot Act.
The report by Needham, Mass.-based TowerGroup says brokerages spent $117 million on Patriot Act compliance measures last year and will invest about $404 million this year, when most of the Patriot Act's provisions become law. The report also indicates that some large brokerages expect to spend up to $30 million each. But after that, budgeting for compliance initiatives drops off sharply.

"I don't want to say they're not taking it seriously, but of 5,500 registered [securities] dealers in the country, I'd estimate that 1,000 or less are actively building or buying solutions," said Bob Iati, a research director at TowerGroup.

The Patriot Act, which was signed by President Bush in October 2001 in response to the Sept. 11 terrorist attacks, requires financial services companies to develop improved capabilities to identify customers and flag suspicious transactions.

Where the Money Goes

According to TowerGroup, about 39% of compliance budgets is being spent on integrating back-end systems, and 35% is going toward new software. Another 24% of the money is being used to upgrade IT infrastructures, such as hardware and storage, the report says. The remaining 2% is paying for outsourcing services with operators of customer databases, such as Regulatory DataCorp International LLC (RDC) in New York.

RDC was launched in July by The Goldman Sachs Group Inc. and other firms to develop a database for screening suspected criminals. Companies use a secure Web portal to send individual names or lists of customers to RDC, which then runs the names through an Oracle database installed on Unix servers.

Bill Catucci, CEO and president of RDC, said the company has about 25 clients in addition to its 20 original investors, who included Merrill Lynch & Co. and Citigroup Inc. But he noted that the stipulations of the Patriot Act are fuzzy at best.

"When [federal regulators] say you should have a compliance system that meets due diligence, you don't know what that means," Catucci said. "The issue is that if you don't meet the requirements, they'll sanction you."

Regulators are first checking to make sure that companies have established the required anti-money-laundering and antiterrorism programs, and then they're examining the actual compliance procedures, said Breffni McGuire, a TowerGroup analyst. "And after that, they're looking to see if you have the technology in place and are using it effectively," McGuire said.

Eric Friedberg is a former federal regulator who is now executive vice president and general counsel at Stroz Friedberg LLC, an IT services and consulting firm in New York. Friedberg said that although most large banks and brokerages are on their way to Patriot Act compliance, many smaller companies don't intend to get there because they don't think it's worth the cost.

"I think the biggest roadblock is budgetary," he said. "The technologies exist to meet whatever high standard of due diligence the government requires. It's just that there has to be commitment by the organization to do it."
*******************************

Prev by Date: Clips March 17, 2003
Next by Date: Clips March 19, 2003
Previous by thread: Clips March 17, 2003
Next by thread: Clips March 19, 2003
Index(es):
- Date
- Thread