Last year, the Internal Revenue Service left its e-filing system all but open to hackers, according to a report released Thursday by the General Accounting Office. Worse yet, the IRS had no way of telling whether its systems actually had been broken into, according to the GAO, the investigative arm of Congress.

"IRS did not adequately secure access to its electronic filing systems or to the electronically transmitted tax return data those systems contained," the GAO said in its report. "We demonstrated that unauthorized individuals, both internal and external to IRS, could have viewed and modified taxpayer data."

IRS officials did not immediately return calls seeking comment. But in a letter to the GAO, IRS Commissioner Charles Rossotti said the agency had addressed many of the problems.

Only many of the problems? Why not all?

ZDNet - U.S. bailing out of safe harbor deal? The future of the safe harbour data protection agreement between the EU and the US looks uncertain, after US senators complained that implementation would cost consumers billions of dollars. The agreement is designed to ensure consumer data exported to U.S. firms is protected as required under EU law.

If the agreement is abandoned, UK firms will have to set up contracts with all U.S. companies to which they send consumer data or clear it with the individuals concerned, in order to comply with EU law.

Economist.comThe Perils of Cloning People .

The team's flamboyant scheme, which is long on secrecy but short on substance, has been condemned from all quarters and on a variety of counts. Many oppose the whole notion of cloning humans as an affront to human dignity. Bioethicists are troubled by concerns for the clone's welfare, the viability of his or her family and the implications for wider society. Lawyers fret about the legality of such science, given regulations governing human cloning and embryo research in various countries. More surprisingly, strong arguments against the initiative come not just from those opposed to the principle of reproductive cloning, but also from researchers at the forefront of the technology.

Veterans, such as Alan Trounson at Monash University in Melbourne, Australia, have succeeded in cloning several species of mammal. But they are appalled at the prospect of trying the technique in humans when its problems have yet to be worked out in experimental animals. Dr Trounson, like many leading practitioners, is certain that human cloning can and will be done. Some of his colleagues, indeed, look forward to that day. What worries them is not the end, a cloned baby. Rather, they have serious doubts about the means, which will involve stillbirths and sudden deaths for as long as cloning remains a mysterious process.

New York Times - free registration required Free-Speech Advocates Hail John Doe Decision

Wired News Radio (mp3 audio) - Trade Chief: Regulate Thyself. FTC Commissioner Orson Swindle recounts his talks with privacy pundits this week and defends his term-long stance that the technology industry can regulate consumer privacy and security issues better than the government. Declan McCullagh hosts the inaugural political interview for Wired News Radio. Today's MP3 file is 9:10 min.

Yahoo News - Personal Data Privacy Issues Hindering E-Business In UK.

The report, from BindView, the IT security software firm, is not independent, but makes the interesting point that there is a growing nervousness among people in the UK about the security of their personal information.

Seventy eight percent of respondents to the research expressed concern about the security of information held about them on corporate databases with over two thirds of respondents saying that they would consider legal action against negligent organizations.

Counterpane Internet Security, Inc - Crypto-Gram -- March 15, 2001.

In this issue:

• The Security Patch Treadmill
• Crypto-Gram Reprints
• Insurance and the Future of Network Security
• News
• Counterpane Internet Security News
• Harvard's "Uncrackable" Crypto
• TCP/IP Initial Sequence Number Flaw
• The Doghouse: iBallot.com
• The "Death" of IDS?
• 802.11 Security
• Comments from Readers

Planet IT Security TechCenter: Nader Calls For Protection Of Online Privacy.

Ralph Nader has taken up a new cause: Guarding Internet users from online fraud and invasion of privacy. And he's proposed a bill of rights that would guarantee their protection.

Tuesday, Nader endorsed the proposal in Santa Monica, Calif. The proposal's aim is "to provide across-the-board protection for all e-commerce transactions and rigid prohibitions against sharing personal information," according to a statement. It originated from opposition to the Third Millennium Digital Commerce Act passed by the U.S. House of Representives in late 1999.

InformationWeek > News > Topic > Pan For Gold In The Clickstream . Companies face many challenges as they extend the functionality of their data-mining systems to analyze E-commerce data. It's worth the effort, though, because the business benefits of customer intelligence can be enormous. This is a more complete version of the Techweb article below.

Techweb > News > E-Commerce > Digging For Gold In Data.

The business benefits of this customer intelligence are potentially enormous. The number of people who come to a site and purchase will increase, and the average amount per purchase will rise, resulting in a dramatic increase in profitability--that's the dream, at least.

The reality is that achieving this goal is difficult and expensive--but it's not impossible. First, to be of any use at all, clickstream data requires enormous amounts of labor-intensive pre-processing. Even then, extracting meaning is still difficult. Second, many customers are reluctant to have vendors track what they do. Their concern is so great that the government is actively considering privacy regulation to limit Web tracking.

PR Newswire.com - AFSCME Suit Stops Release of State Correction's and Probation & Parole's Employees' Personal Information .

AMA - ArticleDeveloping Customer Databases. Pharmaceutical companies are taking a customer-specific approach by identifying, profiling, and communicating with customers. To view the full text of this article, you must be an @ama subscriber. The Executive Highlights are available

SiliconValley.com - Senate OKs measure to keep dot-coms from selling personal customer data.

Bankrupt dot-coms seeking to raise a quick buck may have to forgo selling one of their most valuable assets: their customer database.

The U.S. Senate approved legislation Thursday that would forbid companies from selling their customers' personal information to outside parties if they had promised they wouldn't, or unless a judge weighed the privacy implications and allowed the sale to go forward.

The measure, tucked into a much broader bill that would reform the nation's bankruptcy laws, is aimed specifically at financially failing dot-coms. The vulnerability of consumers' personal information online was highlighted last summer when bankrupt Toysmart.com, majority-owned by Walt Disney Co., announced its plans to sell its database of customer information as a way to raise money.

Well that makes one provision in the new Bankruptcy bill that I like, Its unfortunate that this got tagged onto such a rotten bill.