Tech Law Journal Daily E-Mail Alert
September 13, 2001, 9:00 AM ET, Alert No. 267.
TLJ Home Page | Calendar | Back Issues
Senate Committee Examines Cyber Terrorism Threats
9/12. Since the events of September 11, almost all public hearings and meetings on Capitol Hill have been cancelled or postponed. The House and Senate both met to pass a joint resolution on September 12. One of the few previously scheduled events that did proceed on September 12 was a hearing of the Senate Governmental Affairs Committee on cyber terror threats to America's critical information infrastructure.
The events of September 11 were not an attack on information systems. However, the members of the Committee examined what terrorist threats exist to these systems, and what should be done to minimize the risks. The Committee has jurisdiction over information infrastructure of government agencies only. Nevertheless, the Senators addressed both government and private sector issues. The Senate Judiciary Committee's Technology, Terrorism, and Government Information Subcommittee had scheduled a hearing on another matter for September 12. But, it cancelled its hearing.
Sen. Joe Lieberman (D-CT), the Chairman of the Committee, presided. Sen. Fred Thompson (R-TN), the ranking Republican also participated. Sen. Bob Bennett (R-UT) was present throughout the two hour hearing. Sen. Jim Bunning (R-KY), Sen. Carl Levin (D-MI), Sen. Tom Carper (D-DE), and Sen. Mark Dayton (D-MN), also participated.
Sen. Lieberman said that the events of September 11 begin a new era for American national security, and that future attacks will also target critical information infrastructure. The primary witness, Joel Willemssen of the General Accounting Office, testified that "federal computer systems are riddled with weaknesses that continue to put critical operations and assets at risk." See, prepared testimony [PDF] of Willemssen.
Sen. Lieberman questioned Willemssen about the reasons for lack of preparedness in both the public and private sectors. Willemssen stated that Presidential Decision Directive 63 [PDF], dated May 1998, has not been adequately implemented. He also said that the problem is that agencies have not made this a priority. Willemssen testified that another problem is that "the private sector does not always want to share information."
Sen. Thompson suggested that the way to get the private sector to share information about cyber security with government is to give it the same sort of statutory protection that the Congress gave in The Y2K Act. Sen. Bennett interjected, "Have I got a bill for you," perhaps referring to HR 2435, the Cyber Security Information Act.) Willemssen agreed with them. Willemssen also testified later that he supports a proposal contained in a bill sponsored by Sen. Lieberman and Sen. Thompson that would create a new federal office of Chief Information Officer. (See, S 803, the E-Government Act of 2001.)
Sen. Dayton pressed Willemssen on specific types of cyber threats. He responded that these are "disruption and stoppages of operation",  "inappropriate disclosure of sensitive information", and that terrorists might "change or modify or destroy data ..." Sen. Carper asked Willemssen which sectors of the economy are most secure from cyberthreats, and which are most vulnerable. He responded that banking, finance, and electric power are in the best position, while the public health sector is weak.
Sept 11 Events Seen As an Attack Upon Infrastructure
9/12. Sen. Bennett made the point that the attacks of September 11 were not only attacks upon human life and symbols of America; they were also successful attacks upon American infrastructure. Moreover, said Sen. Bennett, they had some of the same sort of results as a major cyber attack upon information infrastructure. He noted that the attacks succeeded in completely shutting down both the air traffic system and the stock markets. He also noted that a significant amount of data was destroyed in the World Trade Center in law offices, brokerages, and other offices.
Sen. Bennett was the Senate's point man on ensuring that critical information systems of the federal government were not adversely affected as a result of failure to remedy Y2K conversion problems. He is now the Senate's leading authority on terrorist threats to the critical information infrastructure.
More Statements From Cyber Terrorism Hearing
More Money. Sen. Thompson stated that "we have to get more serious." He said this includes a larger military budget, more money for intelligence, and more money for infrastructure protection. Sen. Thompson also stated that the Governmental Affairs Committee has been active in promoting government information security. He cited hearings held by the Committee, reports prepared for it by the GAO, and bills passed. He also distributed a CYA memo which listed 17 of actions taken by the Committee.
New Leadership. Sen. Bennett said that the U.S. must reform the way the federal government is organized to protect against attacks on America's information infrastructure. He stated that it was a mistake in PDD 63 to put the leadership of this effort at the FBI's National Infrastructure Protection Center. He reasoned that the FBI and Department of Justice are law enforcement agencies focused on investigating and prosecuting past crimes. He said that what is needed is leadership that focuses of prospective threats, and strategically seeks to prevent them from being realized. However, he did not say who this should be.
GAO Criticizes Lack of Computer Security at Education Department
9/12. The GAO released a report [PDF] titled "Education Information Security: Improvements Made But Control Weaknesses Remain." The GAO concluded that the Department of Education "has made progress in correcting security weaknesses identified by Education’s IG, and that the department has taken other actions to improve security. However, we identified weaknesses that place critical financial and sensitive grant information at risk of unauthorized access and disclosure, and key operations at risk of disruption. Specifically, Education did not sufficiently protect its network from unauthorized users, effectively manage user IDs and passwords, appropriately limit access to authorized users, effectively maintain system software controls, or routinely monitor user access activity. Further, Education was not providing adequate physical security for its computer resources ..." The report was prepared for Rep. Peter Hoekstra (R-MI) and Rep. Charlie Norwood (R-GA).
Cancellations and Postponements
9/13. The House Judiciary Committee cancelled its meeting to mark up HR 1552, the "Internet Tax Nondiscrimination Act", and other bills. The meeting had been scheduled for Thursday morning, September 13. HR 1552 extends the existing Internet tax moratorium.
9/12. The House Commerce Committee's Subcommittee on Telecommunications and the Internet postponed its hearing titled "Transition to Digital Television: Progress on Broadcaster Buildout and Proposals to Expedite Return to Spectrum", which had been scheduled for September 12.
9/12. The Senate Judiciary Committee's Technology, Terrorism, and Government Information Subcommittee postponed its hearing on S 1055, which had been scheduled for Wednesday afternoon, September 12. The bill is sponsored by Sen. Dianne Feinstein (D-CA). It would require the consent of an individual prior to the sale and marketing of such individual's personally identifiable information. No new date for the hearing has yet been set.
9/11. The Computer System Security and Privacy Advisory Board (CSSPAB) had been scheduled to hold three days of meetings on September 11-13. The CSSPAB advises the Secretary of Commerce and the Director of NIST on security and privacy issues pertaining to federal computer systems. The meeting was cancelled just after it began early on the morning of September 11. The CSSPAB meets quarterly. This meeting will not be rescheduled. The next quarterly meeting will be in early December. See, original notice in Federal Register, August 27, 2001, Vol. 66, No. 166, at Pages 45009 - 45010.
5th Circuit Rules on Jurisdiction in Patent Related Appeals
9/12. The U.S. Court of Appeals (5thCir) issued its opinion in James Logan v. Burgers Ozark Country Cured Hams, a case involving several issues, including when the U.S. Court of Appeals for the Federal Circuit has jurisdiction over appeals from judgments of U.S. District Courts in disputes which implicate patents. The Fifth Circuit held that it had jurisdiction, and affirmed the District Court on substantive issues.
New USPTO Rules
9/12. The USPTO published a notice [PDF] in the Federal Register regarding its new rules relating to civil actions and claims involving the USPTO. These rules provide procedures for service of process, obtaining USPTO documents and employee testimony, indemnifying employees, and making a claim against the USPTO under the Federal Tort Claims Act. See, notice in Federal Register, Vol. 66, No. 177, September 12, 2001, at pages 47387 - 47392.
FCC News
9/12. The FCC announced that the meeting of the Commission set for September 13 at 9:30 AM will proceed as scheduled. The agenda remains unchanged.
9/12. The FCC announced that the meetings its Public Safety National Coordination Committee scheduled for September 13 and 14 have been postponed. The FCC has not yet rescheduled these meetings. See, FCC release [PDF].
9/12. The FCC issued a statement regarding the effect of its closure on September 11 on filing and fee payment deadlines. It stated: "Due to the national emergency that occurred yesterday, September 11, the Federal Communications Commission closed its offices early in the morning. According to section 1.4(e)(1) of the Commission's rules, 47 C.F.R. Section 1.4(e)(1), all filings, paper and electronic, that were due on September 11, 2001, are due today, September 12, 2001, the Commission's next official work day after early closing. In addition, September 11th does not count in computing filing periods that are less than seven days. See 47 C.F.R. Section 1.4(g)."
9/12. FCC Chairman Michael Powell praised the "tireless and heroic efforts of those in the telecommunications industry who are working hard to keep our most fundamental communications systems – such as telephone service, wireless phone service and television service – operating efficiently under the circumstances." See, FCC release.
Verizon Assesses Damage to its New York City Facilities
9/12. Verizon stated that it "began work to restore phone service to a major switching center that was damaged as a result of yesterday's attacks on the World Trade Center." See, Verizon release. On September 11, Verizon stated "Two facilities at the World Trade Center that handled calls to and from the complex were destroyed in the building collapse." It also stated that "Verizon has as many as 10 wireless cell cites in New York City that are not operating." See, Verizon release.
California Upholds Conviction for Removing Battery from Cordless Phone
9/12. The Court of Appeal of California (4/2) issued its opinion [PDF] in People v. Tafoya, affirming a criminal conviction of a California man for removing a battery from a cordless telephone. This is a domestic abuse case. However, in addition to abuse related charges, the defendant was charged with violation of California Penal Code, Section 591, which makes it a crime unlawfully and maliciously to injure or obstruct a telephone line "or appurtenances or apparatus connected therewith". The Court of Appeal held that "the jury could properly find defendant Michael Martin Tafoya guilty under section 591 based on the evidence that, during an argument with his estranged wife, he removed the battery from her cordless phone. This is true even though she was still able to call the police from another phone." However, the Court of Appeal reasoned that "it does not make it a crime to leave a phone off the hook either negligently or accidentally."
9th Circuit Affirms in FTC v. Gill
9/12. The U.S. Court of Appeals (9thCir) issued its opinion in FTC v. Gill, affirming a District Court judgment in an FTC civil enforcement action brought under the Credit Repair Organizations Act (15 U.S.C. §§ 1679-1679j). The FTC is a federal agency with authority to bring enforcement actions to stop a wide range of deceptive business practices that harm consumers. In recent years, it has been involved in shutting down Internet fraud.
This is not an Internet fraud case. Rather, the defendants operated a credit repair scam. The FTC filed a complaint in the U.S. District Court (CDCal) seeking a permanent injunction from participating in the credit repair business, and monetary relief in the form of consumer redress, restitution and disgorgement. Defendant Keith Gill is an attorney in California. The defendants fought the action. The FTC won in the District Court (including a $1,335,912.14 money judgment). The Appeals Court affirmed.
Thursday, Sept 13
POSTPONED. Meetings of the FCC's Public Safety National Coordination Committee scheduled for September 13 and 14. See, FCC notice of postponement.
CANCELLED. 7:30 AM. The Northern Virginia Technology Council's Finance Committee will hold an event titled "Meet the Capital Players". The program will run from 8:00 - 9:30 AM. The event is sponsored by Ernst & Young and the law firm of Wilmer Cutler & Pickering. See, brochure. Location: Ernst & Young Solutions Center, 8381 Old Courthouse Road, Vienna, Virginia.
CANCELLED. 9:00 AM - 2:00 PM. The Computer System Security and Privacy Advisory Board (CSSPAB) will hold the third session of a three day meeting. The CSSPAB advises the Secretary of Commerce and the Director of NIST on security and privacy issues pertaining to federal computer systems. See, notice in Federal Register, August 27, 2001, Vol. 66, No. 166, at Pages 45009 - 45010. Location: National Security Agency's National Cryptologic Museum, Colony 7 Road, Annapolis Junction, Maryland.
9:30 AM. The U.S. Court of Appeals for the District of Columbia Circuit is scheduled to hear oral argument in Grid Radio v. FCC, No. 99-1463. This is a petition for review of a final order of the FCC against an unlicensed radio broadcaster. Judges Williams, Tatel and Garland are assigned. Location: 333 Constitution Ave., NW, Washington DC.
9:30 AM. The FCC will hold its previously scheduled meeting, with its full original agenda. Location: FCC, 445 12th Street, SW, Washington DC.
POSTPONED. 10:00 AM. The House Judiciary Committee will hold a meeting to mark up several bills, including HR 1552, the "Internet Tax Nondiscrimination Act." Location: Room 2141, Rayburn Building.
10:30 AM. The Senate Judiciary Committee may hold an executive business meeting to consider several bills. The Committee may mark, S1319 / HR 2215, a bill to authorize FY 2002 appropriations for the Department of Justice, and several non tech related bills: S 754, S1140, and S 1315. The times and agendas of this Committee are unpredictable even under normal circumstances. Room 226, Dirksen Building.
2:00 PM. The Senate Commerce Committee's Science, Technology, and Space Subcommittee is scheduled to hold a hearing on digital divide issues. Location: Room 253, Russell Building.
2:00 PM. The Senate Judiciary Committee will likely hold a hearing on the pending nominations of Barrington Parker (to be U.S. Circuit Judge for the Second Circuit), Laurie Camp (to be a U.S. District Court Judge for the District of Nebraska), Michael Mills (to be a U.S. District Court Judge for the Northern District of Mississippi), and John Gillis (to be Director of the Office of Victims of Crime). The times and agendas of this Committee are unpredictable even under normal circumstances. Room 226, Dirksen Building.
2:30 PM. The Senate Armed Services Committee is scheduled to hold hearings on the nomination of General Richard Myers to be Chairman of the Joint Chiefs of Staff. Location: Room 216, Hart Building.
FCC Meeting Agenda, Sept 13
A Notice Proposed Rule Making (NPRM) to reexamine the FCC's rule that establishes safeguards for the provision of in-region, interexchange services by incumbent independent local exchange carriers. CC Docket No. 00-175.
A NPRM to modify its rule and/or waiver policies relating to common ownership of broadcast stations and newspaper in the same geographic area.
A Further Notice of Proposed Rule Making concerning its cable horizontal and vertical ownership limits and certain aspects of its attribution rules as affected by the opinion of the U.S. Court of Appeals (DCCir) in Time Warner Entertainment v. FCC, 240 F.3d 1126 (D.C. Cir. 2001, No. 94-1035, March 2, 2001).
A First Report and Order to streamline the equipment authorization procedures for software defined radios. ET Docket No. 00-47.
Friday, Sept 14
2:00 - 5:00 PM. National Science Foundation's (NSF) Advisory Committee for Cyberinfrastructure will hold a meeting to develop a plan for the preparation of a report to the NSF regarding advanced cyberinfrastructure and the evaluation of the existing Partnerships for Advanced Computational Infrastructure. See, notice in Federal Register, September 4, 2001, Vol. 66, No. 171, at Page 46293. Location: Room 1150, National Science Foundation, 4201 Wilson Boulevard, Arlington, Virginia.
Monday, Sept 17
9:30 AM. The U.S. Court of Appeals for the District of Columbia Circuit will hear oral argument in Sprint v. FCC, No. 01-1076. Judges Williams, Tatel and Silberman will preside. Location: 333 Constitution Ave., NW, Washington DC.
12:00 NOON. The Federal Communications Bar Association (FCBA) will host a lunch featuring FCC Commissioner Kathleen Abernathy.
About Tech Law Journal
Tech Law Journal is a free access web site and e-mail alert that provides news, records, and analysis of legislation, litigation, and regulation affecting the computer and Internet industry. This e-mail service is offered free of charge to anyone who requests it. Just provide TLJ an e-mail address.

Number of subscribers: 2,037.

Contact: 202-364-8882; E-mail.
P.O. Box 15186, Washington DC, 20003.

Privacy Policy

Notices & Disclaimers

Copyright 1998 - 2001 David Carney, dba Tech Law Journal. All rights reserved.