The Risk Factor

Here at the Risk Factor blog, our focus is going to be on the risks and rewards of information systems and technology, or more broadly put, the social implications of IS&T. As moderator of this blog, my hope is that we can hold a conversation about what IS&T works and what doesn’t, what past, present and future IS&T trends portend, and, of course, why.

Joining me – Bob Charette – from time to time will be a number of guest bloggers from academia, industry and government who are involved in some of the more important IS&T risk and reward issues of the day. Joining me in this little endeavor are some pretty interesting folks.

There is Peter Ladkin, a Professor of Computer Networks and Distributed Systems in the Faculty of Technology at the University of Bielefeld. Peter specializes in the analysis of safety-related and safety-critical complex heterogeneous systems and their behavior, including accidents.

Next we have Phil Neches, who is one of America's leading technologists and a true database expert, among other things. Phil was Founder, Chief Scientist, and Vice President, of Teradata Corp, and is heavily involved in venture capital investment.

Then there is Peter Neumann, a senior scientist at the SRI International Computer Science Laboratory. Peter, who is the moderator of the ACM Risk Forum newsgroup, has been looking and discussing IS&T risks since nearly the inception of modern computing, is in my opinion the most thoughtful and insightful commentator on the subject.

There is also Martyn Thomas, an expert in large, real-time, safety-critical, software intensive systems. Martyn was the Founder of Praxis, the internationally recognized leader in the use of rigorous software engineering, including mathematically formal methods, is a visiting professor at Oxford University, and is the first person to receive Commander of the British Empire (CBE) award for “services to software engineering.”

Also joining us is John Stone, a Strategy Executive at the consulting firm Monroe Partners. John has worked in and written on all aspects of IS&T across a wide-variety of industries, and brings a wealth of practical knowledge and experience in what it takes to create successful large-scale IS&T projects and programs.

Finally, there is Ed Yourdan, a recognized expert witness and computer consultant who specializes in project management, software engineering methodologies, and Web 2.0 development. For the couple of you who don’t recognize the name, Ed is one of the most influential voices and keen observers of what is happening in the IS&T industry.

I think you’ll agree, the folks above provide a pretty good initial set of eyes on the risks & rewards that IS&T create. Over time, II will be asking more guest bloggers involved in different parts of the IS&T field to join us to continue to enrich the conversation.

An article that caught my eye a few weeks back was the announced acquisition of the Reuters Group by the Thomson Corporation for over $17 billion. The combined companies would create the largest financial news provider.

More interestingly to me than the acquisition itself is the potential impact on future stock market trading. About one-third of stock market trading is currently performed through program or automatic trading. During the week of 14 – 18 May, for example, the New York Stock Exchange reported that “program trading amounted to 35.3 percent average of NYSE daily volume of 3,233.2 million shares, or 1,142.9 million program shares traded per day. This included program trading associated with the May 18 monthly expiration of stock-index options and futures.”

Program trading is inherently “backward looking” in the sense that the trades are automatically made based on price fluctuations that meet certain criteria. The focus in recent years has been on increasing the speed of such trades.

However, both Reuters and Thomson have been working on what is generally called machine readable news, for instance, a “Reuters system will 'read' news articles and score how positive or negative they are. The system will enable customers to analyse news across thousands of companies, far more quickly than can be done by humans. This will enable trading machines to react to market moving news in milliseconds.” Not only are current news stories being made “machine readable,” but Reuters is making its archives machine readable as well.

The Financial Times reports that Thomson has developed software that can automatically “generate the stories work so fast an earnings story can be turned around within 0.3 seconds of a company making results public.” In addition, as noted in the FT story, program trading, “… is set to rise much further in the coming years as fund managers, along with brokers and exchanges, strive for ever-greater speed and control over the trading cycle amid heightened market competition and consolidation.”

The combination of incredibly fast automatic news generation along with historical data to create predictive market responses to such news may create some interesting program market trading impacts. It will be interesting to see, as machine readable news becomes more available, whether the market becomes more volatile as a result, or whether dangerous feed-forward loops are produced during boom times, or more likely, individuals or governments will make use of this capability to deliberately hoax financial markets for either personal or strategic gain.

A government run news agency, for instance, could find it in its self-interest to plant a financial story, say involving some scarce resource – say petroleum – which could cause a panic in the market. By studying the conditions that caused market panics in the past, it might turn into a potential non-military but very effective weapon. Maybe governments (and the exchanges) may want to start thinking about how financial companies could use all this information for not only creating financial rewards, but how others could manipulate it to create major financial risks.

A nice little controversy concerning risk and IT systems has been brewing in the UK. As first reported by ComputerWeekly, government officials are ordering the destruction of what are called Gateway review reports. A Gateway review is “a ‘peer review’ in which independent practitioners from outside the programme/project use their experience and expertise to examine the progress and likelihood of successful delivery of the programme or project. They are used to provide a valuable additional perspective on the issues facing the internal team, and an external challenge to the robustness of plans and processes.” There are several “gateways” an individual UK government IT project is supposed to pass during its life, starting with Gateway 1 (Business Justification) to Gateway 5 (Operations Review & Benefits Realisation).

The reviews are meant for internal project consumption only, but there has been a long-standing demand by newspapers like ComputerWeekly and government critics to make the results of these reviews public. The Gateway reviews of two major UK IT projects in particular – the National Health Service electronic medical record project National Programme for IT (NPfIT) and the National Identity Scheme’s Identify Cards Programme – both of which are highly controversial, costly, and in trouble.

Supporting ComputerWeekly’s bid to have the Gateway Reports made public has been a ruling by the UK government’s Information Tribunal, an organization that hears appeals regarding whether government information should be publicly released or not, stating that the public interest trumps the desire of the government agencies to keep the reviews private. The UK Parliament’s Public Accounts Committee (PAC) also supported their disclosure.

However, the government – through the Office of Government Commerce (OGC) – which oversees the Gateway review process, insists that making these reports public would fundamentally undermine their use. The OGC claims that IT program management would not get open and honest appraisals of their programs if the people involved knew that there private opinions would be made public.

I can sympathize with that view. Having conducted hundreds of risk assessments over my career and many high profile government ones at that, there is something to be said for confidentiality. I promise confidentiality to programs as a matter of policy myself. Public disclosure will put people on their guard, and the tendency is for you to get optimistic, rather than realistic, estimates of the state of the project’s problems and risks.

When I was involved in the US DoD Tri-Service Assessment Initiative (TAI), program managers were the sole owners of the assessment reports. They could disclose them as them pleased. Our advice to program managers was they should disclose the reports as widely as possible, since for the most part, many of the probelms and risks they faced were created by events and situations outside of their control, and which they needed outside help to address. What we did do, however, was to take the results of every project assessment, sanitize the results, and conduct analysis on the aggregate to try to discover systemic issues that were plaguing most DoD programs.

On the other hand, the public does have a right to know of the technical, financial, and social risks being taken in their name. Both NPfIT and the Identity Card programs will affect every person in the UK, and both not only have seen major cost increases, but there are major issues of privacy protection involved.

Also undercutting the OGC’s arguments somewhat is that many IT projects ignore the results of the Gateway reviews, including some that should never have been initiated or should have been cancelled more than once. Further, a report yesterday by the PAC on Delivering Successful IT-enabled Business Change states that many senior managers responsible for major IT programs are inexperienced, don’t pay much attention to the programs they are responsible for, and don’t seem to care much about the Gateway review or other risk reviews of their programs.

Also, one can’t help wondering whether the real reason that the OGC is so adamant about not wanting to make Gateway review reports public is plain, old embarrassment. As the US FBI found out with its Virtual Case File (VCF) project, not taking the warnings of outside reviewers seriously can end up making you a poster child of poor judgment, an eternal business case study, and also a laughing stock to all your peers.

It will be interesting to watch how the little rhubarb in the UK ends up. But it does raise a set of questions about the public’s right to know about the risks posed by large, government IT projects. How much should be disclosed? How does a program or project manager get honest opinions on the state of their project if everything can be disclosed? And don’t most government program managers have too many backseat drivers and second guessers in trail already?

There were news reports that an air traffic control computer failure in Atlanta on Friday caused cancellations and flight delays along the US East Coast. The Atlanta FAA computer processes pilots' flights plans and sends them to air-traffic controllers – when it failed, the Salt Lake City center took over, but it became overloaded and temporarily failed as well.

The Atlanta system failure lasted only from 0657 to just before 1100, but the effects, coupled with the effects of the thunder storms that moved from the Midwest to the East Coast, compounded the trouble. Residual effects were still being felt into this morning.

This is the third major computer problem in the past several months. On Friday, 25 May, at the start of the Memorial Day holiday weekend, the mapping software in the San Diego Terminal Radar Approach Control (TRACON) facility used by controllers to guide flights for 21 airports in the Southern California region, failed for about an hour when staff attempted to update the maps.

Then on early Monday morning 5 March, there was a software failure in the ATOP (Advanced Technologies and Ocean Procedures) system that air traffic controllers in New York use to guide aircraft over the Atlantic Ocean. About two dozen flights were affected.

Until the FAA’s latest air traffic control (ATC) modernization effort called NextGen is complete – and that is not scheduled until 2025 according to current projects (and hopes) – and the current fragility of the current ATC computer and radar systems, one can expect more and more of these failures to occur. A complete system meltdown is probable in the next few years if there is a major computer or radar failure on a major travel weekend that happens during a spate of bad weather spanning several regions of the US. Just hope you aren’t flying when that happens.

The controversy over the drug-resistant TB patient Mr. Andrew Speaker who flew back to the US from Europe over his doctors’ objections, and his ability to enter the US even though he was on a travelers’ watch list, illustrates the very old IS&T designer admonition to users that, “It may be the system design you specified, but it isn’t what you wanted or needed.”

As you may recall, Mr. Speaker flew to Montreal from Prague and then drove into the US at the Champlain, New York border as a deliberate means to by-pass the likelihood that would be kept from flying directly back to the US from Europe because he would be on the US “no fly list.” Although the US Customs and Border Protection inspector saw that there was an alert on Mr. Speaker stating that if he should try to re-enter the US, Speaker should be detained and isolated, and public health officials immediately contacted. Instead, the inspector ignored the warning and waved Speaker through because, according to reports, “he didn’t look sick.”

As additionally described in a Washington Post story, US Custom and Border Protection “ … officials testified that they caught the inspector's error only by a mix of caution and luck, because starting May 22 they had ordered a special, twice-a-day check of a database of airline reservations to see if Speaker had changed his expected June 5 return to the United States.

As it turns out, the database is linked to records that also show when a passport flagged by authorities has been swiped at a border crossing, as Speaker's did when he reentered at 6:18 p.m. on May 24.”

The Post story goes on to quote US Customs and Border Protection Commissioner W. Ralph Basham, as saying, “I'm not going to sit here and say the system worked. It may have worked the way it was designed, but it was not good enough.” No kidding.

To reduce the possibility of something like this happening again, US Custom and Border Protection officials are now saying they are putting new procedures in place. Of course, this won’t keep highly infectious and multi drug-resistant TB out of the US, which Nils Daulaire, president of the Global Health Council argues, requires a more active risk management approach to attack TB at its source.

To me, the risk of a single point of failure like a Border official ignoring a warning is symptomatic of what happens in many information system designs. Few IT systems are ever examined in depth after they are deployed for their operational limitations until after an incident like the one occurs. And in my experience, most limits turn out to be, as described by Harvard Business School professor Max H. Bazerman and INSEAD professor Michael D. Watkins, “predictable surprises.”

I'll be interested in seeing whether this event will trigger a wider review of the limitations of the Custom and Border system as well as its systemic role in being able to manage the risks of travelers having infectious diseases, but my expectations are not high for this happening any time soon.

There is an interesting paper written by Dan Geer appearing on the ACM Queue website titled, “The Evolution of Security” concerning the management of IS&T security risks. In 2003, you may remember, Geer published a controversial paper about the potential security problems of computing monocultures and Microsoft in particular as an example, which got Geer fired from his job at @stake.

Geer makes a number of good points in his paper but the one I especially liked was his spelling out the clear differences between cost benefit and cost effectiveness, to wit:

“…. where cost-benefit asks whether you would rather have the money or the benefit, cost effectiveness assumes that you will, indeed, spend the money and thus your interest is in how much benefit you can get for your money, not whether you would rather keep your money in the first place. This means asking questions such as, ‘Would you save more lives by spending the $10 billion on safer cars or on law enforcement?’ ‘Would you get better availability by spending the $1 million on 10 percent uptime or on instant recovery?’ ‘Would your own pursuit of happiness lead you to spend $100 on one fine dinner or on 20 lunches?’

CE is always tractable; CB is tractable only when the conversions of benefits to dollars are stable and noncontentious. To be blunt, CE is worth doing and CB is not. CE is decision support; CB is self-congratulation. If we are doing risk management rather than contemplating our navel or pandering to the electorate, then we must make decisions about allocating scarcity. We must remember that the purpose of risk management is to improve the future, not to explain the past.” Geer attributes this last sentence to Daniel Borge in his book, The Book of Risk.

Geer’s article is a good reprise of some of the fundamental issues of investing in risk management, and should be read. Once you have read it, you may want to look at yesterday’s column by Cindy Skrzycki in the Washington Post titled, “Does Cost-Benefit Matter?” Her column is on a recent report by AEI-Brookings Joint Center for Regulatory Studies on the use of cost benefit by the US government to determine whether governmental regulations should or should not be put into place. As she notes, “The practice of estimating the costs and benefits of U.S. government regulations is ‘frequently done poorly,’ with scant evidence that it makes a difference on policymaking.” You can download the AEI-Brookings report which is titled, Has Economic Analysis Improved Regulatory Decisions?, here. This report, together with Geer’s article, give a good sense of why cost benefit is difficult to do, and may not be the best measure for managing risk.

It looks like the six German-made, Russian programmed computers on the International Space Station (ISS) are back up and running after a few days of tense troubleshooting trying to discover the reason why they wouldn’t reboot properly. The computers which control the ISS’s navigation and command and control systems shut down last Wednesday, and there was trouble rebooting them. ( A good time line and incident details can be found at CBS News Space Place.)

These problems had been preceded by problems on Tuesday, where a computer crash prevented the ISS from immediately taking over gyroscopic control as planned from the docked shuttle Atlantis. During the computer rebooting sequence, a false fire alarm on the Russian segment of the ISS was sounded. Later Tuesday night, gyroscopic control was handed back to the ISS computers, although the reason for the computer crash on was not understood. However, only one out of the three navigation and one out of the three command and control computers were working after the successful reboot.

Early Wednesday morning, while astronauts were outside working on retracting a solar array wing, the two remaining computers crashed, and none of the computers would reboot – a first in ISS history. If the computers could not be rebooted, the ISS would potentially have to be abandoned. Making the troubleshooting a bit harder was that the Russian Federal Space Agency Roskosmos does not have its own satellites which can communicate with the ISS, forcing Russian space engineers to wait until the ISS is within line-of-site of Russian ground stations to downlink the needed telemetry to perform troubleshooting.

By yesterday afternoon, the computers were back up and working. There was a belief that there was a problem with the quality of power supply to the computers, possibly caused by the addition of new solar arrays. Russian astronauts used jumper cables to by-pass the computers’ surge protectors, and lo and behold, the computers booted up as normal. While this solution points to the source of the problem, the reasons why remain a mystery. NASA’s space station program manager Michael Suffredini probably summed it up best when he said, “As the station gets bigger, this potential [for problems] continues to grow. I think we’re going to find system sensitivities as we change the space station.”

There are a number of interesting aspects to this story. First, while the computers (and software) were designed to be redundant and independent, the power supplies to them don’t appear to be so. I bet that this issue is going to get a hard look in the next few weeks by NASA and Roskosmos.

Second, this episode will likely mean more consideration for possible unintended consequences to not only the computers but other systems and their interfaces aboard the ISS as it continues to be constructed. Even after all these years in space, surprises can still occur and nothing up there can be seen as ever being easy.

Third, the folks who are working on the Mars program are likely trying to figure out whether there is something they now need to be worried about. A mission to Mars could last well over two years, and any computer problems on that little voyage could spell big trouble.

Fourth, reliable computers are really, really important in space. This crash was not by any means the first, nor will it likely be the last. In 2001, during the shuttle Endeavour’s visit to the ISS, all three of the ISS command and control computers shut down, which was apparently caused by a bad hard drive.

Finally, having a really good tool kit around with lots of patch, jumper cables and spare parts about is priceless. While it often appears to be, not every computer problem is a software problem

While the information systems and related technology problems on the ISS dominated the news this week, there were several other IS&T problems being reported as well. In Marin County, California, their new $15.8 million computer system called MERIT (Marin Enterprise Resource Integration Technology) continued to cause problems. In January, problems with the MERIT system some 310 employees received their paychecks late. Now it seems the system is not to be able to interface well with the accounting program used by the Marin County Employees Retirement Association.

Then Central Train System commuters in Adelaide, Australia were delayed once again by on-going computer problems. TransAdelaide announced that an audit was already underway to look into recurring instances of computer delays.

In addition, what appears to have been a software problem at the Japanese Social Insurance Agency kept its staff at 130 of its pension insurance offices across Japan from responding to inquiries from people seeking conformation or advice about their accounts. This incident did nothing to enhance the agency's status, which has been struggling to explain why it failed to record properly premium payments into the public pension system, which also seem to be IS&T related.

The most interesting IS&T related incident was took place at court - or more accurately, was debated at court. At the trial of polygamous sect leader Warren S. Jeffs' last August, the judge gave attonery's until 25 June to submit briefs on the legality of the long traffic stop Jeffs had been subjected to.

When Jeffs was pulled over by a Nevada Highway Patrol Trooper because of a partial obscured rear license plate, the trooper was not able to access an information system that links into a national criminal database to check on the validity of licenses and registrations. According to Jeffs' lawyers, if the trooper had been able to access the database, then Jeffs' license and registration would have been shown to have been valid, and Jeffs would likely have been let go probably with only a ticket.

However, the trooper ended up questioning Jeffs for two hours. Another trooper who joined the stop thought that maybe Jeffs was a fugitive wanted by the FBI - which Jeffs admitted to when an FBI agent later joined the scene.

So here we have a situation where the lack of access to a operational and reliable information system might be a benefit to a criminal defendant. I don't know whether this plows new legal grounds, but I have never heard of anything similar. If anyone knows, please let me know.

Late last week, US Secretary Defense Robert Gates discussed (subscription) with other NATO defense ministers the possibility of invoking NATO's Article 5 in case of a cyber attack on any NATO country. Article 5 states that, “The Parties agree that an armed attack against one or more of them in Europe or North America shall be considered an attack against them all and consequently they agree that, if such an armed attack occurs, each of them, in exercise of the right of individual or collective self-defence recognised by Article 51 of the Charter of the United Nations, will assist the Party or Parties so attacked by taking forthwith, individually and in concert with the other Parties, such action as it deems necessary, including the use of armed force, to restore and maintain the security of the North Atlantic area.”

The reason for the discussions was the coordinated cyber attacks that NATO member Estonia suffered during April and May. The cyber attacks against Estonia, one of if not the most wired country in Europe (its nickname is E-stonia), started soon after the Estonian government decided to move a Soviet-era World War II memorial. Estonia strongly suggested that the Russian government was behind the attacks, but the Russian government denied the charge and blamed “hooligans.”

Back in 2001, a similar incident occurred after the collision of a US surveillance aircraft with a Chinese jet fighter, leading to the US plane making an emergency landing in China and the Chinese fighter pilot being killed. Chinese and US hackers went at it for a few weeks defacing or bringing down websites in each other’s country.

While Gates was talking with NATO ministers, US Air Force Lt. Gen. Robert Elder was explaining how China is actively seeking to increase its cyber war capability, as is the US. Elder is to head up the new cyber war command established last July at Barksdale Air Force Base in Louisiana. According to Elder, the US needs to maintain cyber domain dominance, just as the US seeks to maintain air dominance in conventional warfare.

As cyber war becomes an ever increasing reality, it natural that parallels to conventional warfare are going to or have already emerged, such as countries secretly funding cyber war proxies, mercenaries and or privateers to carry out their wishes. These proxies could also become involved in the manipulation of news which could have major financial consequences, something that I have already written about.

While Gen. Elder may have the task to deal with these new threats from a US perspective, how NATO proposes to deal with the political issues involved this type of indirectly sponsored cyber warfare will be interesting to watch.

As warfare moves to the Net with active governmental support, I wonder what the new term for “collateral damage” will be in cyber space.

The UK NHS director-general of IT Richard Granger, announced his resignation late last week. Granger, who has lead what is called the largest non-defense IT project in the world for almost five years, cited his desire to return to the private sector.

Granger has been a controversial figure during his Connecting for Health tenure, and the results decidedly mixed. Granger, who did not like criticism, late last year tried to suppress a critical report by the British Computer Society on the implementation of the electronic medical record program, which has seen costs increase dramatically over the past several years. Recently, it was reported that while addressing an IT conference in London, Granger said: "I think with a bit less whingeing and more support we might have got the programme done quicker."

It is a bit early to tell whether Granger's departure will have any significant impact on the roll-out of electronic health records, which is scheduled to begin in earnest next year with every patient in England supposedly having a Summary Care Record by the end of 2008. I suspect that once he departs, there will be a re-examination of the overall strategy, some Granger vehemently opposed, but which the overall record shows, is sorely needed.

Yesterday morning, United Airlines flight and maintenance dispatch system operating at O'Hare in Chicago went down for about two hours grounding all flights world-wide. United, the world's second largest airline, said that 268 domestic and international flights were delayed, and 24 domestic flights were canceled. According to reports, the Unimatic dispatch system that shut down dispatches flight crews,determines the weight and balance of an aircraft, relays flight plans and weather to pilots and confirms that maintenance checks have been carried out as required.

More interesting is that not only does United not know what caused the malfunction, but that the dispatch system's back-up also failed for unknown reasons. Apparently a major hardware upgrade was made on the 18th of May, but it is not known whether this had anything to do with the problems experienced.

Last month, on the 27th of May, All Nippon Airways' (ANA) integrated computer system that controls reservations, boarding procedures and luggage flows for domestic flights and delivers the information to computer terminals at airports across Japan malfunctioned which led to the cancellation of 131 flights and affected over 70,000 passengers. As in the United case above, back-up systems didn't seem to kick in properly. Problems continued into the next day, with another flight canceled and another nine delayed. ANA blamed the problem on the installation of three new computers the previous week.

You may also remember that in March of this year, US Airways had extensive trouble rolling out an integrated reservation system as well.

I am waiting for the perfect storm to occur in the US: one airline loses its dispatch system while another loses its dispatch system while the FAA loses its radar systems, all on a Friday afternoon with bad weather across the nation. Should be a sight to behold. Given the increased complexity of these types of systems, and the overall fragility of the air traffic control system, this should not be unexpected.

The FBI announced last week that it had deployed the first phase of Sentinel, the FBI’s next-generation information management system. The $425 million Sentinel project is the follow-on program to the failed Trilogy effort which included the infamous Virtual Case File (VCF) system, which was written about in gory detail by IEEE Spectrum’s Senior Associate Editor Harry Goldstein in September 2005. The deployment was about a month behind schedule due to “unexpected problems.”

As FBI Mueller stated in testimony to the Senate Committee on Appropriations, Subcommittee on Commerce, Justice, Science, and Related Agencies on 26 April 2007 that Phase II of the Sentinel roll-out, which was more important than Phase I because it “addresses more of our business practices, would take from one year to 18-months to occur, but he could not say when that would be completed. The four phases of the planned Sentinel roll-out is scheduled to be completed by 2009.

While the current roll-out is some good news for the FBI, there are still storm warnings in the air. Sen. Patrick Leahy (D-Vt), said at the April hearings that, “Since the FBI announced the VCF’s successor, the Sentinel program, I have seen nothing to boost my confidence in the Bureau’s ability to manage the status and cost of this project. While the FBI estimates that Sentinel will ultimately cost the American taxpayers $425 million, a December 2006 OIG audit report questioned the reliability of the total estimated costs for the program…. By my calculations, at least $253 million has been invested in Sentinel alone from FY05 to FY07 between reprogramming dollars and Congressional appropriations. The President’s FY08 Budget proposes no funding for the project. … Director Mueller, this committee has to ask: Is this déjà vu all over again?”

While criticism of the FBI from Leahy is expected, Sen. Richard Shelby (R-Ala), a strong supporter of the FBI, also told Mueller at the hearing that, “As I stated last year, given your Trilogy failure, I will not support unlimited and unchecked resources and will not tolerate broken promises for results for IT projects that are not fulfilled or delivered.”

Director Mueller testified that Sentinel is under budget at this time, and he expects it to complete under budget. He said that he meets with the Sentinel team every week, and I have been told that Lockheed Martin, the prime contractor, has daily discussions with the FBI CIO Zalmai Azmi to review progress and outstanding program risks. Mueller also said that they provide bi-weekly briefings to Congress on the status of Sentinel in an effort to keep everyone informed. "No surprises" seem to be his desire.

At the hearing, Mueller said that Phase II is in a re-planning stage, which should be complete by the end of the summer or early fall. If things continue to go as planned, the Sentinel project at least may keep from doing any further damage to the FBI's reputation. However, if there are any unexpected hiccups, watch out. The Senate is definitely ready and armed for bear.

There was an interesting article on cyber warfare in today's New York Times titled, "When Computers Attack," (subscription may be required). It fills in some areas in my earlier post, as well as discusses the testimony of Richard Lawless, deputy undersecretary of defense for Asia about China's cyber warfare capability before the House Armed Services Committee on the 13th of June.

The article also includes a comment by Kevin Poulsen of Wired News about his skepticism of the threat: "“They unleash their deadly viruses and then they land on the beaches and sweep across our country without resistance because we're rebooting our P.C.'s?" Nice question - creates another useful frame of thought.

The American Medical Association’s (AMA) Council on Ethical and Judicial Affairs reportedly announced on Monday a policy that implantable radio frequency identification (RFID) devices that may promote the timely identification of patients and expedite access to their medical information. While I cannot find the actual wording of the policy voted on, the ideas are spelled out here and here.

It has been reported that less than 250 patients have agreed to implanted RFID chips, mostly likely because of privacy concern, but as noted by the FDA in its 2004 rule on implantable radiofrequency transponder system, "The potential risks to health associated with the device are adverse tissue reaction, migration of implanted transponder, compromised information security, failure of implanted transponder, failure of inserter, failure of electronic scanner, electromagnetic interference, electrical hazards, magnetic resonance imaging incompatibility, and needle stick."

Even though the AMA claims that it is concerned about the potential social consequences - e.g., government or private surveillance - it is not apparently concerned enough not to not recommend their use until these consequences are fully thought out. Currently, the FDA has approved only passive RFID chips, but active RFID chip use is likely not too far behind. It will be interesting to see whether, given the rush of the technology imperative, the AMA ethics folks approve that specific use, given the far greater ease of bio-surveillance.

I doubt very much that Monday's AMA recommendation will make much of a difference in the short or medium term. But it does mark an important point in the debate on the ethics of these types of implantable devices - one that seems to have gone generally unnoticed in the mainstream press.

On Wednesday, the American Medical Association (AMA) rejected listing excessive video-game playing a formal psychiatric addiction. Instead, voted for a directive encouraging more research on whether video gaming can be classified as a mental disorder. The AMA tabled any further possible classification until 2012, when the next update is scheduled for the American Diagnostic and Statistical Manual of Mental Disorders. This is used by the American Psychiatric Association (APA)to diagnose mental illnesses, while insurance companies, pharmaceutical companies and government policy makers use it as a decision making guide. The APA released a statement outlining its position on the issue last week.

While this was going on, there appeared an interesting little article in the Wall Street Journal on the same day of the AMA vote by Lee Gomes titled, "Computer Scientists Pull a Tom Sawyer To Finish Grunt Work," (subscription required). The story is about "Elite computer scientists are using highly addictive computer games to trick unsuspecting Web users -- possibly including children -- into toiling without pay for some of the world's richest companies on stupefyingly dull grunt work." It describes the ESP Game which connects two random players via the web, and according to Gomes, "Both are shown the same picture, then have to type in possible keywords to describe what they see. If the keywords match, points are awarded; people have been known to play for hours."

I wonder how long it will be before the ESP game and ones similar that are being created by other university computer scientists who are looking to emulate its success will attract the attention of university research ethicists. Even though the AMA has rejected the notion - for now - that excessive video game play is a mental disorder, it does express concern about the possible deleterious effects of long term game play. Is the ESP game exploiting those who are susceptible to excessive game play for profit?