7/23. Four computer scientists released a paper [PDF] titled "Analysis of an Electronic Voting System". They analyzed the source code for a version of the software used in Diebold Inc.'s AccuVote-TS voting terminal. The four concluded that "we discovered significant and wide-reaching security vulnerabilities". More generally, the paper is a criticism of software based voting systems, as opposed to paper ballot systems.

Diebold released a statement in which it said that "We respectfully disagree with the researchers' fundamental conclusions". It also stated that "We currently have more than 50,000 electronic voting units installed throughout the United States". See also, Diebold's Technical Response To The Johns Hopkins Study On Voting Systems.

The four computer scientists found that "voters can easily program their own smartcards to simulate the behavior of valid smartcards used in the election. With such homebrew cards, a voter can cast multiple ballots without leaving any trace. A voter can also perform actions that normally require administrative privileges, including viewing partial results and terminating the election early. Similar undesirable modifications could be made by malevolent poll workers (or even maintenance staff) with access to the voting terminals before the start of an election."

They also found that "the protocols used when the voting terminals communicate with their home base, both to fetch election configuration information and to report final election results, do not use cryptographic techniques to authenticate the remote end of the connection nor do they check the integrity of the data in transit. Given that these voting terminals could communicate over insecure phone lines or even wireless Internet connections, even unsophisticated attackers can perform untraceable ``man-in-the-middle´´ attacks."

They also found that "Cryptography, when used at all, is used incorrectly. In many places where cryptography would seem obvious and necessary, none is used. More generally, we see no evidence of rigorous software engineering discipline." They added that "We also saw no evidence of any change-control process that might restrict a developer’s ability to insert arbitrary patches to the code. Absent such processes, a malevolent developer could easily make changes to the code that would create vulnerabilities to be later exploited on Election Day. We also note that the software is written entirely in C++. When programming in an unsafe language like C++, programmers must exercise tight discipline to prevent their programs from being vulnerable to buffer overflow attacks and other weaknesses. Indeed, buffer overflows caused real problems for AccuVote-TS systems in real elections."

Diebold offered several criticisms of the report. It stated that "the study did not use our current software code".

It stated that "The code was also analyzed without knowledge of the voting machine hardware in which it is used in actual elections, which caused them to draw many incorrect inferences."

Diebold also wrote that "It is also important to note that the clinical research focused almost solely on software code, and overlooked the total system of software, hardware, services and election processes that have made Diebold electronic voting systems so effective in real-world implementations. For example, the study cites Microsoft Windows communications weaknesses which have been widely publicized over the past several years. These weaknesses only apply if the voting terminals are connected to the Internet or some other public network. This is NEVER the case. As the terminals are not connected to such a network, there are no opportunities to exploit these weaknesses even if they exist. In addition, many of the published weaknesses have to do with Internet browsers, e-mail programs and other Internet related applications. No Diebold elections terminals use any of these applications."

The paper was written by Aviel Rubin (professor in the Department of Computer Science at Johns Hopkins University), Tadayoshi Kohno (Johns Hopkins University Information Security Institute), Adam Stubblefield (Johns Hopkins University Information Security Institute), and Dan Wallach (professor in the Department of Computer Science at Rice University).

Diebold is based in North Canton, Ohio. It provides ATMs and other self service solutions, physical and electronic security, electronic voting technologies, essential services and support, and card based systems.

7/24. The U.S. District Court (SDNY) issued an Opinion and Order [30 pages in PDF] Zubulake v. UBS Warburg, regarding which party should bear the costs of restoration and production of e-mail from backup tapes during pretrial discovery in civil litigation.

Laura Zubulake, who is now an unemployed equities trader, filed a complaint in U.S. District Court (SDNY) against UBS Warburg, her former employer, alleging gender discrimination in violation of federal, state and local law. In pre-trial discovery, Zubulake seeks from UBS e-mails that reference her.

The District Court previously ordered UBS to restore and produce certain e-mails from 5 of its 94 backup tapes. UBS had the restoration performed by an outside vendor at a price of over $11,000. The Court's earlier opinion articulated a seven part test for applying the proportionality test Rule 26(b)(2) in the context of inaccessible electronic data.

Zubulake then moved for an order compelling UBS to produce e-mails from all remaining backup tapes at its expense. UBS argued that the cost, which it asserts will be about $273,000, should be shifted to Zubulake.

Rule 26(b), Federal Rules of Civil Procedure, provides, in part, that "Parties may obtain discovery regarding any matter, not privileged, that is relevant to the claim or defense of any party, including the existence, description, nature, custody, condition, and location of any books, documents, or other tangible things and the identity and location of persons having knowledge of any discoverable matter."

However, Rule 26(b) further provides that "The frequency or extent of use of the discovery methods otherwise permitted under these rules and by any local rule shall be limited by the court if it determines that: (i) the discovery sought is unreasonably cumulative or duplicative, or is obtainable from some other source that is more convenient, less burdensome, or less expensive; (ii) the party seeking discovery has had ample opportunity by discovery in the action to obtain the information sought; or (iii) the burden or expense of the proposed discovery outweighs its likely benefit, taking into account the needs of the case, the amount in controversy, the parties' resources, the importance of the issues at stake in the litigation, and the importance of the proposed discovery in resolving the issues."

The Court wrote that "the presumption is that the responding party must bear the expense of complying with discovery requests", but that "requests that run afoul of the Rule 26(b)(2) proportionality test may subject the requesting party to protective orders under Rule 26(c)", including shifting the costs of discovery.

The Court issued an Opinion and Order [39 pages in PDF] on May 13, 2003, that listed seven factors to be considered by the Court:

"1. The extent to which the request is specifically tailored to discover relevant information;
2. The availability of such information from other sources;
3. The total cost of production, compared to the amount in controversy;
4. The total cost of production, compared to the resources available to each party;
5. The relative ability of each party to control costs and its incentive to do so;
6. The importance of the issues at stake in the litigation; and
7. The relative benefits to the parties obtaining the information."

In the present order, the Court applied this seven part test, and concluded that UBS should bear 75% of the cost of restoration, and all of the other costs, such as searching and reviewing the restored e-mails.

This is D.C. No. 02 Civ. 1243 (SAS), Judge Shira Scheindlin presiding.

7/25. The U.S. Court of Appeals (DCCir) issued its opinion [15 pages in PDF] in Transportation Intelligence v. FCC, affirming the FCC.

Petitioner, Transportation Intelligence (TransIntel), and intervenor, Highway Information Systems (Highway), both make and sell highway advisory radio systems, which use low power AM radio transmitters to broadcast traffic, emergency, and other information to drivers. Respondent, Federal Communications Commission (FCC), regulates radio frequency devices.

TransIntel filed a complaint with the FCC alleging that Highway made substantial modifications to a low power AM transmitter that the FCC had originally authorized in 1979, without seeking a new equipment certification. TransIntel further alleged that Highway's transmitter caused interference.

Highway then modified its transmitter, and submitted an application to the FCC for a new certification. The FCC's Office of Engineering and Technology (OET) granted the application. TransIntel filed a petition for reconsideration with the OET in which it also asked that Highway's new certification be rescinded. The OET denied this petition. Then, TransIntel petitioned the full FCC for review of the OET's denial. The FCC issued the order, which is the subject of the present Appeals Court opinion, upholding the OET's denial.

The Appeals Court affirmed, "because the FCC's order rested not on a factual dispute but rather on the Commission’s estimation of the relative insignificance of Highway’s infraction, and because that policy judgment was neither arbitrary nor capricious, we have no basis for overturning the decision of the Commission."

7/23. The Senate confirmed Pamela Harbour to be a Commissioner of the Federal Trade Commissioner (FTC) for the term of seven years from September 26, 2002.

7/25.President Bush nominated Brett Kavanaugh to be a Judge of the U.S. Court of Appeals for the District of Columbia. See, White House release.

7/25.President Bush nominated Janice Brown to be a Judge of the U.S. Court of Appeals for the District of Columbia. See, White House release.

7/25. Emily Willeford, Special Assistant for Legislative and Public Affairs for Federal Communicatons Commission (FCC) Commissioner Kevin Martin, will go to work in the White House Office. She worked at the National Economic Council in the White House Office before joining Martin's staff in November of 2001. Before that, she worked on the Bush Cheney election campaign.

7/23. John Thornton was elected to Intel's Board of Directors. On July 1 he retired as President and Co-Chief Operating Officer of Goldman Sachs Group Inc., and as a member of that firm's Board of Directors. See, Intel release.

7/24. MCI WorldCom filed a motion with the U.S. Bankruptcy Court (SDNY) regarding its acquisition of Digex. It stated in a release that it is "seeking authorization to purchase all outstanding publicly traded common stock of Digex, Incorporated for a total of approximately $18 million dollars." Digex, which is based in Laurel, Maryland, is a provider of enterprise hosting services.

7/24. The Department of Commerce's (DOC) Bureau of Industry and Security (BIS), which is also still known as the Bureau of Export Administration (BXA), updated its website titled "Commercial Encryption Export Controls" to reflect recent changes to its regulations. See also, story titled "BIS Amends EAR Regarding Encryption Products" in TLJ Daily E-Mail Alert No. 683, June 18, 2003, and notice in the Federal Register, June 17, 2003, Vol. 68, No. 116, at Pages 35783 - 35787.

7/24. The Department of Commerce's (DOC) Bureau of Industry and Security (BIS), which is also still known as the Bureau of Export Administration (BXA), published in its website an updated version of its Denied Persons List.

7/26. President Bush used his Saturday radio address to discuss the 13th anniversary of the passage of the Americans with Disabilities Act (ADA). He stated that "we are making government websites more accessible to people with disabilities so that they can more easily find information about services and programs of the federal government."

7/24. The Department of Commerce (DOC) held a technology exhibition titled "Technology for all Americans". Phil Bond, Under Secretary for Technology, gave a speech in which he announced Secretary of Commerce Donald Evans' new departmental initiatives to support the development of assistive technologies. He also addressed the National Medal of Technology, which is administered by the DOC. He stated that "IBM, also a National Medal company winner, is here today with their web browser for the blind. Medallist Ray Kurzweil's software is also on display. It is designed to help individuals with learning disabilities read. One last note of pride, in my own Technology Administration, at the National Institute of Standards, NIST has brought their amazing Braille reader, which is actually a tactile display that allows the blind to ``feel´´ electronic images."

7/23. Federal Reserve Board (FRB) Governor Ben Bernanke gave a speech titled "An Unwelcome Fall in Inflation?" at the University of California at San Diego. He stated, among other things, that "during the late 1990s, economists worked hard to explain the combination of an unusually low unemployment rate and stable inflation". He cited as one of several possible contributing factors the "improved matching between workers and jobs, facilitated by increased access to the Internet". He added that "Many of these forces continue to operate in today's economy, conceivably with greater force than in the late 1990s. In addition, measured labor productivity has continued to increase rapidly since early 2001 -- remarkably so, considering that productivity tends to be strongly procyclical -- raising the possibility that we have underestimated the degree to which innovation and better use of existing resources have increased potential output."

7/15. The Securities and Exchange Commission (SEC) filed a complaint in U.S. District Court (DNev) against Investment Technology, Inc. and others alleging an fraudulent scheme involving the company's stock and its purported online gambling casino. The complaint names Investment Technology, Thomas D. Vidmar (its Chairman and CEO), Ulysses "Thomas" Ware (securities counsel), the law firm of Rosenfeld Goldman & Ware, and Small Cap Research Group, Inc. and Centennial Advisors (both of which touted the stock in "analyst reports"). See, SEC release.

7/23. The House passed HR 2799, the "Departments of Commerce, Justice, and State, the Judiciary, and Related Agencies Appropriations Act for Fiscal Year 2004", by a vote of 400-21. See, Roll Call No. 422.

This bill contains appropriations for many of the technology related executive branch entities, including the Federal Communications Commission (FCC), Federal Trade Commission (FTC), U.S. Patent and Trademark Office (USPTO), Office of the U.S. Trade Representative (USTR), National Telecommunications and Information Administration (NTIA), and National Institute of Standards and Technology (NIST). See, story titled "House to Consider CJS Appropriation Bill" in TLJ Daily E-Mail Alert No. 703, July 22, 2003, for a summary of the funding levels of the various technology related entities covered by the bill. See also, story titled "House Begins Consideration of CJS Bill" in TLJ Daily E-Mail Alert No. 704, July 23, 2003.

The bill also provides, at Section 624, that "None of the funds in this Act may be used to grant, transfer or assign a license for a commercial TV broadcast station to any party (including all parties under common control) if the grant, transfer or assignment of such license would result in such party or any of its stockholders, partners, members, officers or directors, directly or indirectly, owning, operating or controlling, or having a cognizable interest in TV stations which have an aggregate national audience reach, as defined in 47 C.F.R. 73.3555, exceeding thirty-five (35) percent." (Parentheses in original.)

This section has the effect of preventing the FCC from fully implementing, during FY 2004, the national TV ownership provisions of its June 2, 2003 Report and Order and Notice of Proposed Rulemaking [257 pages in PDF] amending its media ownership rules. See, story titled "FCC Announces Revisions to Media Ownership Rules" in TLJ Daily E-Mail Alert No. 672, June 3, 2003.

On July 23, FCC Chairman Michael Powell released a statement [PDF] in which he advocated the merits of the FCC's Report and Order. He stated that "We created enforceable rules that reflect the realities of today’s media marketplace. The rules will benefit Americans by protecting localism, competition and diversity." He added that "It would be irresponsible to ignore the diversity of viewpoints provided by cable, satellite and the Internet."

On July 23 the Senate Commerce Committee held a hearing to examine the "public interest and localism". See, opening statement of Sen. John McCain (R-AZ), prepared testimony of FCC Commissioner Michael Copps, prepared testimony of Robert Corn-Revere (Davis Wright Tremaine), prepared testimony [PDF] of Barry Faber (Sinclair Broadcasting Group), prepared testimony of Dave Davis (WPVI-DT), prepared testimony of Martin Kaplan (Annenberg School for Communication), and prepared testimony of Brent Bozell (Media Research Center).

On July 22, FCC Commissioner Jonathan Adelstein gave a speech titled "The Impact of Media Ownership Rules on Minority Broadcasting". He stated that "I believe the recent changes to the FCC’s media ownership rules are a disaster for smaller and new entrants. Small and start-up broadcasters are the big losers -- and that spells trouble for minority ownership. It is no exaggeration to say that the ruling reduces the free and full exchange of diverse ideas and opinions on which a healthy democracy depends."

7/23. The House passed HR 2739, the "United States Singapore Free Trade Agreement Implementation Act",  by a vote of 272-155. See, Roll Call No. 432. The House also passed HR 2738, the "United States Chile Free Trade Agreement Implementation Act", by a vote of 270-156. See, Roll Call No. 436.

Rep. Jim Moran (D-VA) stated that "In my congressional district, for example, and there are many such suburban technology oriented districts like mine across the country, it is going to have a very significant positive impact for the high-tech community. High technology trade between the United States and Singapore represents about half of the total two-way trade. In 2002, the U.S. exported nearly $6 billion in high-tech goods to Singapore. The technology sector is the largest merchandise exporter in the United States, and that is the sector that is going to benefit most from the free trade agreement with Singapore."

Rep. Moran continued that "With respect to intellectual property rights, the U.S.-Singapore Free Trade Agreement contains protections to ensure that a rich, diverse, and competitive marketplace will be maintained throughout Asia. Singapore is our key gateway to the rest of Asia; so it is very important that they are going to grant our inventors, our writers, our artists, our business people strong enforceable property rights over the fruits of their creations." See, Congressional Record, July 23, 2003, at H7497-8.

Rep. Jennifer Dunn (R-WA) stated that "For our high tech firms, this FTA means strengthening intellectual property standards. I represent Microsoft's corporate campus and the software industry loses $12 billion annually due to counterfeiting and piracy. In this FTA, the Singaporean government will implement tough penalties against piracy and counterfeiting." See, Congressional Record, July 23, 2003, at H7508.

U.S. Trade Representative (USTR) Robert Zoellick stated in a release that "The Trade Act of 2002 renewed presidential Trade Promotion Authority after an eight-year lapse, and today's vote demonstrates that President Bush and Congress will work together to make good use of TPA to open markets around the world for American businesses, workers, and farmers."

Zoellick added that "These cutting-edge agreements eliminate tariffs, tackle non-tariff barriers, open services markets, strengthen the intellectual property protections for our knowledge industries, and enhance labor and environmental protections".

On July 17, the Senate Finance Committee unanimously approved legislation implementing the Chile FTA (S 1416) and the Singapore FTA (S 1417). The Senate Judiciary Committee, which has jurisdiction over the visa provisions, also approved the bills on July 17. These bills still require approval by the full Senate.

See also, texts of the U.S. Singapore Free Trade Agreement and the U.S. Chile Free Trade Agreement.

7/24. Rep. Michael Michaud (D-ME) and others introduced HR 2879, a bill to repeal the Bipartisan Trade Promotion Authority Act of 2002. It was referred to the House Ways and Means Committee, where it is not likely to see any action.

7/23. The U.S. International Trade Commission (ITC) determined that "a U.S. industry is materially injured or threatened with material injury by reason of imports of DRAMs and DRAM Modules from Korea that the U.S. Department of Commerce has determined are subsidized. ... As a result of the Commission's affirmative determination, the U.S. Department of Commerce will issue a countervailing duty order on imports of DRAMs and DRAM Modules from Korea." See, USITC release.

7/25. The House adjourned until September. The Senate remains in session.

7/24. The House Armed Services Committee's (HASC) Subcommittee on Terrorism, Unconventional Threats and Capabilities Subcommittee held a hearing titled "Cyber Terrorism: The New Asymmetric Threat". See, prepared testimony [36 pages in PDF] of the General Accounting Office, prepared testimony of Robert Lentz (Information Assurance, Department of Defense), prepared testimony of Scott Charney (Microsoft), and prepared testimony [PDF] of Eugene Spafford (Purdue University).

7/24. The House Judiciary Committee's Subcommittee on Courts the Internet and Intellectual Property (CIIP) held a hearing titled "Patent Quality Improvement". See, prepared testimony of Charles Van Horn (Finnegan Henderson, on behalf of the American Intellectual Property Law Association), prepared testimony of Mark Kesslen (J.P. Morgan Chase, on behalf of the Financial Services Roundtable), prepared testimony [PDF] of David Simon (Intel), and prepared testimony of John Thomas (Georgetown University).

7/22. The House Judiciary Committee's Subcommittee on Courts the Internet and Intellectual Property (CIIP) amended and approved HR 2391, the "Cooperative Research and Technology Enhancement (CREATE) Act of 2003". Rep. Lamar Smith (R-TX) and others introduced the bill on June 9. The CIIP Subcommittee held a hearing on June 10. See, story titled "Representatives Introduce Patent Bill to Encourage Collaborative Research" in TLJ Daily E-Mail Alert No. 680, June 13, 2003.

7/24. The The House Judiciary Committee held a hearing titled "Antitrust Enforcement Agencies: The Antitrust Division of the Department of Justice and the Bureau of Competition of the Federal Trade Commission". See, prepared statement of the Federal Trade Commission (FTC), and prepared testimony of Hewitt Pate, Assistant Attorney General in charge of the Department of Justice's Antitrust Division.

7/22. The House Judiciary Committee's Subcommittee on Commercial and Administrative Law, and Subcommittee on the Constitution, held a hearing on HR 338, the "Defense of Privacy Act". This bill would amend Title 5 to require that when federal agencies promulgate rules, that they take into consideration the impact of such rules on the privacy of individuals. See, opening statement of Rep. Chris Cannon (R-UT), opening statement of Rep. Steve Chabot (R-OH), and prepared testimony of Sen. Charles Grassley (R-IA). See also, prepared testimony of Bob Barr (American Conservative Union), prepared testimony of Jim Dempsey (Center for Democracy & Technology), and prepared testimony of Laura Murphy (American Civil Liberties Union).

7/24. The House Committee on Financial Services (HFSC) amended and approved HR 2622, the "Fair and Accurate Credit Transactions Act", or FACT Act. The bill addresses identity theft protections and establishes permanent national credit reporting standards. See, HFSC release. Wayne Abernathy, Assistant Secretary of the Treasury for Financial Institutions, stated in a release that "This legislation is timely. Virtually every day brings news of the growing scope of identity theft. New estimates suggest that as many as 7 million Americans may have become victims of this crime in the last year. But the real tragedy is the way this crime disrupts the life of each one of its victims. The tools in this legislation will strengthen the fight against identity theft." He added that "We look forward to continuing to work with the Congress in the legislative refinement process as the bill moves on to consideration by the full House of Representatives and by the Senate."

The House is in recess until September.

The Senate will meet at 11:00 AM. It will resume consideration of S 14, the "Energy Policy Act of 2003".

9:30 AM. The Senate Governmental Affairs Committee will hold a hearing on several nominations, including Penrose Albright to be Assistant Secretary of Homeland Security for Plans, Programs and Budgets, and Joel Kaplan to be Deputy Director of the Office of Management and Budget (OMB). Location: Room 342, Dirksen Building.

? 9:30 AM. The Senate Judiciary Committee might hold an executive business meeting. The agenda includes consideration of several judicial nominations, including Henry Saad (U.S. Court of Appeals for the 6th Circuit), Larry Alan Burns (Southern District of California), Glen Conrad (Western District of Virginia), Henry Floyd (District of South Carolina), Kim Gibson (Western District of Pennsylvania), Michael Mosman (District of Oregon), and Dana Sabraw (Southern District of California). Press contact: Margarita Tapia at 202 224-5225 or David Carle (Leahy) at 202 224-4242. This Committee frequently changes the time and agenda of its meetings without notice. Location: Room 226, Dirksen Building.

2:30 PM. The Senate Judiciary Committee's Subcommittee on Immigration, Border Security and Citizenship will hold a hearing on the L1 visa program, under which an alien who has specialized knowledge or holds a managerial or executive position in a business may obtain a visa to work temporarily in the U.S. to work for an affiliate or subsidiary business. Press contact: Margarita Tapia at 202 224-5225. Location: Room 226, Dirksen Building.

9:30 AM. The Senate Foreign Relations Committee will hold a hearing on pending nominations. The agenda includes the nomination of former Rep. Connie Morella (R-MD) to be the U.S. representative to the Organization for Economic Cooperation and Development (OECD). See, notice. Location: Room 419, Dirksen Building.

12:15 PM. The Federal Communications Bar Association's (FCBA) Young Lawyers Committee will host a brown bag lunch. The topic will be Voice Over Internet Protocol (VOIP). The speakers will include Thomas Navin (Deputy Division Chief of the Competition Policy Division of the Wireline Competition Bureau of the FCC). For more information, contact Patrick Sullivan at psullivan@willkie.com or 202 303-1164, or Ryan Wallach at rwallach@willkie.com or 202 303-1159. Location: Willkie Farr & Gallagher, 1875 K Street, NW, Second Floor.

9:30 AM. The Senate Commerce Committee will hold a business meeting. See, notice. Press contact: Rebecca Hanks (McCain) 202 224-2670 or Andy Davis (Hollings) at 202 224-6654. Location: Room 253, Russell Building.

10:00 AM. The President's Export Council subcommittee on Export Administration (PECSEA) will hold a meeting. See, notice in the Federal Register: July 15, 2003, Vol. 68, No. 135, at Page 41782. Location: Room 3884, Department of Commerce, 14th Street between Pennsylvania and Constitution Avenues, NW.

Deadline to submit applications for loans or combination loans and grants to the Rural Utilities Service (RUS) under its FY2003 Distance Learning and Telemedicine Program. See, notice in Federal Register, March 3, 2003, Vol. 68, No. 41, at Page 9973.

2:30 PM. The Senate Commerce Committee's Communications Subcommittee will hold a hearing on the Internet Corporation for Assigned Names and Numbers (ICANN). The witnesses will be Nancy Victory (National Telecommunications and Information Administration), Paul Twomey (P/CEO of ICANN), Ari Balough (SVP of VeriSign), Alan Davidson (Center for Democracy and Technology), and Paul Stahura (CEO of eNom). Sen. Conrad Burns (R-MT) will preside. See, notice. Press contact: Rebecca Hanks (McCain) 202 224-2670 or Andy Davis (Hollings) at 202 224-6654. Location: Room 253, Russell Building.