How Congress May Upset IT Executives
Modernizing Authentication — What It Takes to Transform Secure Access
One benefit of the U.S. legislative process, which requires passage by the House and the Senate and approval by the President, is that poorly conceived and ill-advised laws often disappear along the way.
But not always. As Congress resumes work this month, there are plenty of punch-drunk bits of pending legislation IT executives have reason to fear. Consider these three examples:
Patent Reform Act--Passed by the House in September, the Patent Reform Act was unveiled in both chambers in April. The legislation makes a few significant changes, including a new administrative process for challenging a patent after it has been granted, and adjustments to the way damages are calculated that arguably favor established technology companies over start-ups.
But most problematic about the bill is what it doesn't do: address any of the real problems in the very broken patent system. These include the granting of software and business process patents, the lack of any real IT expertise in the patent office, and the pooling and cross-licensing of dubious patents and "trolling" (enforcing patent infringements with no intent of manufacturing products), which together discourage the kinds of innovation the system is supposed to midwife.
PRO IP Act--The Prioritizing Resources and Organization for Intellectual Property Act, introduced in the House in December, would mean a giant step backward for users in the continuing battle over intellectual property rights. Recall that the Recording Industry Association of America won the first of its thousands of lawsuits that went to trial, leaving the defendant owing more than $200,000 for sharing 24 songs on a peer-to-peer network. But, at the lobbying request of content owners, this bill actually increases the penalties for copyright infringement.
In addition, the PRO IP Act would allow the federal government to sue for forfeiture of any property and, in some cases, property owned by third parties used or intended to be used to commit infringement. It also would establish an intellectual property enforcement representative in the White House, who would serve as the administration's worldwide ambassador and policy head for IP matters.
SAFE Act--The Securing Adolescents from Exploitation-Online Act, passed by the House in December, imposes on operators of "electronic communication services" and "remote computing services" the duty to report violations of child pornography laws that occur on their networks. That sounds reasonable until you learn that the definition of these "services," borrowed from the Patriot Act, includes not only your company network but even home WiFi connections.
And the definition of what constitutes child pornography, borrowed from last year's embattled Adam Walsh Act, is broad enough to cover images that are entirely computer-generated. Access providers who obtain "actual knowledge of any facts or circumstances" involving child pornography are required to report the details (along with any data or other "commingled" files), or face fines up to $300,000 per incident.
Some of these bills may not pass, and the worst mistakes in those that do pass may be corrected or nullified in time. Then again, even with all the legal system's checks and balances, these and other turkeys could become law. It's happened before.