Senator Gorton dares mention Net privacy

And other election-season miracles

  • alert
  • submit to reddit

SANS - Survey on application security programs

Washington Roundup As of Saturday, the 106th Congress' legislative session remains hopelessly bogged down in after-hours wrangling, with no more than six of thirteen appropriations bills passed for FY 2001, which began on 1 October. Tuesday is now the target date for a final cleanup session, which will break a record by carrying legislative business further into the election season than any previous Congress has allowed.

One of the more entertaining struggles involves a spin-off from the H-1B bill, successfully passed and signed by the President, which dramatically increases grants of high-tech visas for each of the next three years. To get the bill passed, Democrats agreed to scratch a more generous White-House-inspired measure called the Latino and Immigrant Fairness Act, which would increase grants of amnesty to illegal immigrants and offer permanent residency to more political refugees from Central America and the Caribbean. Republicans very much wanted to pass the H-1B bill, but were loath to sign off on its more expansive rider. According to the compromise, the Latino measure was to be transferred later to the mammoth appropriations bill for the Departments of Commerce, Justice, and State, but Republicans, predictably, have since blocked its addition. The appropriations bill passed the House this week, but has yet to reach the Senate floor. The President has announced that he will veto it if his Latino measure doesn't find its way onto it. Obviously, someone is going to have to flinch; and that's a fair toss-up. Politically speaking, either side can afford to cave in and cover themselves by blaming the other for its outrageous intransigence.

But that's not all. The same appropriations bill is playing host to a particularly loathsome piece of so-called

'privacy' legislation

by US Senator Judd Gregg (Republican, New Hampshire), purporting to restrict on-line trafficking in Social Security numbers in an effort to curb identity theft and to thwart stalkers. But the measure is full of loopholes enabling data merchants, financial institutions and private detectives to exchange Social Security numbers among themselves and permitting local governments to sell personal records which contain them. In a rare display of interest in protecting citizen privacy and individual rights, the President has cited the presence of the Gregg measure as a second reason to veto the appropriations bill.

The US Senator from Microsoft, Slade Gorton (Republican, Washington State), has been talking out of both sides of his mouth about Internet privacy. Not saying enough to spook any of the big industry players on whose courtship he has learned to thrive, he's just been putting out some false scent to voters who might think it an important issue for a Senator to care about.

"I and....a substantial number of my colleagues have come to agree that we must act on this issue in the not-too-distant future," Gorton warbled. "Consumers who use the Internet should be given more information about what data is being gathered about them, and they should be given greater control over how this data is used."

"Though I know that I support federal legislation regarding the online collection and use of consumer information, I confess to not knowing at this time exactly what should be legislated." he continued. "At the last hearing in the Senate Commerce Committee we considered three different bills, and additional, and more varied, bills have been introduced in the House of Representatives."

Gorton's race against Democrat opponent and former RealNetworks executive Maria Cantwell is very tight; a bit of privacy burbling certainly can't do him any harm.

The US Senate is sneaking two very Draconian cyber-crime measures onto a creampuff bill establishing a pseudo-military decoration called the national medal of valour for public safety officers. The first nasty bit is the Computer Crime Enforcement Act, which establishes a $25 million grant programme for state and local police struggling to cope with computer crimes, sponsored by Senate Judiciary Committee Ranking Member Patrick Leahy (Democrat, Vermont) and Judiciary Antitrust Subcommittee Chairman Michael DeWine (Republican, Ohio). The grants programme is to be administered by the US Department of Justice, and has the backing of both the Information Technology Association of America (ITAA) and the Fraternal Order of Police -- so you just know you're going to hate it.

The other nasty bit is the Internet Integrity and Critical Infrastructure Protection Act, sponsored by Senator Leahy and his partner in anti-crime, Judiciary Committee Chairman Orrin Hatch (Republican, Utah). The act permits the federal prosecution of juvenile malicious hackers, greatly expands law-enforcement wiretap powers, increases criminal penalties for those using cryptography in the commission of a crime, and imposes a minimum sentence of six months in the slam for even small-fry malefactors. However, it does a grand job of protecting the computer industry, specifically blocking consumers from using the bill to sue tech companies for 'negligent' designs, and protecting ISPs and communications companies from liability if their products should be used to commit a crime. And you thought it would be nice to give public safety officers a ribbon to pin on their chests.....

The House of Representatives this week passed the Computer Security Enhancement Act, introduced by House Science Committee Chairman James Sensenbrenner (Republican, Wisconsin), to address popular concerns about lax network security among federal agencies. The bill would put the National Institute of Science and Technology (NIST) in the driver's seat as official consultant to the other civilian federal agencies. The Senate has yet to vote on it, and considering all the unfinished business piled up already, we can expect the bill not to pass but to return for consideration by the 107th Congress.

The US Copyright Office disappointed many detractors of the Digital Millennium Copyright Act (DMCA) this week by upholding nearly all provisions making it illegal to circumvent technical access controls on media content and Web sites. A lengthy period involving the perfunctory entertainment of public comments has resulted in nothing more than the usual pretences to receptiveness. The rule, which will remain in place for three years, confirms the public's worst fears of losing their right to fair use at the hands of greedy media giants. Disappointing, if not surprising.

The US Federal Trade Commission (FTC) this week issued a

staff report

on business-to-business (B2B) 'electronic marketplaces' called "Competition Policy in the World of B2B Electronic Marketplaces." While praising the obvious efficiencies inherent in such schemes, the Commission also fretted about the anti-competitive potential arising from collusion by industry heavy hitters. "High levels of industry ownership or substantial minimum purchase requirements will likely draw a closer look," the FTC notes. The 'M-word' is not often used, but no one should have any illusions about they mean here. ®

3 Big data security analytics techniques

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story


Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.