Surely I cannot be the only one tired of hearing how it is so unfair to be a) female, b) an inexperienced graduate, or c) over 40 years old if your chosen profession is IT (Women feel the need to prove their IT skills, 29 January, Letters, 15, 22 March).
Why are you moaning to us? Talk to your boss, your union, your counsellor or your solicitor. If you actively do something, I for one would support you. But moaning just annoys me.
C Orton 37-year-old, non-graduate male

As a local authority security manager, I have followed the debate about online fraud (Lloyds TSB extends card fraud technology, 14 March, Letters, 22 March). I thought my personal precautions were adequate.
But I must commend the Co-operative Bank for preventing one of my Visa cards being used to withdraw at least £4,000 in Norway, the only Scandinavian country I have yet to visit.
The first I knew of it was when I tried to buy a Mothers' Day gift for my wife in the Body Shop and had to answer a few security questions before the transaction was authorised.
I had used the card infrequently over the past year in the UK and few times on holiday in Malta and Barcelona. I was always careful to conceal my Pin and other security information and used it only at trusted outlets, apart from perhaps abroad.
It just goes to show that no one is immune from this type of theft and the sooner a more secure system is introduced, the better for everyone.
Tony Hainsworth

Yogesh Raja’s suggestion that we use memory sticks to combat credit card fraud is a terrible idea (Lloyds TSB extends card fraud technology, 14 March, Letters, 22 March). If someone steals my card, they have to guess my PIN, with a memory stick all they have to do is remember to steal that as well.
How can I then prove a transaction was not made by me when it was authorised by my stick. Raja’s scheme would also involve massive investment to replace all the old ATMs to achieve less security than chip-and-PIN.
Standardisation would be a nightmare, no two banks would use the same system and ultimately this would fail because the skimmed info would bee-mailed abroad to be used in ATMs there.
But I would support the use of ID cards to replace e-wallets, cards and memory sticks. All I would need is a card reader for my PC and some software from the bank to heavily encrypt my details onto the card.
It would be really nice to be able to configure the ID card for different levels of security for different levels of transaction. For example, Pin for purchases under £30, but up to £50 if no finger print scanner is available. Ultimately I would like to leave my cards at home and only use my ID card, only breaking out cards for trips abroad.
Michael Pearce

You ask whether the government should use more open source software (computing.co.uk/2185470, Letters, 22 March). That is the wrong question.
You should really be asking whether the government knows enough about open source to make the right deployment decisions. Open source should be treated like any other potential solution. Define your needs, clarify your requirements, then measure all the alternatives against your requirements and budget.
To do this, you have to have enough knowledge of open source solutions to make sure that they match your requirements. Get the right tool for the right job.
Jason Simmonds

I am not convinced that the era of huge outsourcing deals is over (Is the outsourcing mega-deal dead? computing.co.uk/2184760). You say £7bn of outsourcing deals is up for renewal this year, but we should remember that this is spread over a number of contracts, which means that probably none of them is really that mega.
When customers multi-source they are pushing contract governance responsibility back in-house. A better, hybrid approach would be consortium contracting, which is common in the public sector. This places the governance risk on the prime contractor. Customers are still not geared up to manage a multitude of suppliers.
David Meredith SJ Berwin LLP

I was a C and C++ software engineer from 1993 to 2001. Then schizophrenia brought my life and career to a crashing halt. As an aside, I wrote some of my best work when psychotic – until the auditory hallucinations and delusions became too much to bear.
I work at a mental health charity in Morpeth called Contact as an IT volunteer so I am still using my skills. Between 2001 and 2003 I lurched between hospitalisations from one ill-advised job to another. Contact has a scheme where we solicit donations of unwanted computers and refurbish them and give them away to carers or cared for people. Eventually we shall have a small pool of people with mental health problems who will be seeking supported employment to make use of their recently acquired skills. I would like to see positive discrimination or supported employment for people with mental health problems become more established and would be grateful for any ideas on how to take this plan forward.
Name withheld on request

I fail to see the problem with sharing clinical information between suitably identified and authorised individuals using the NHS Spine (GP trial passes test, 22 March).
If I suffer a compound fracture of my leg in Devon and live in Cumbria I absolutely want the A&E staff treating me to know that I have an important pre-existing condition - allergy to penicillin, for example.
Are the people who instruct their GP not to release their details to other staff (Letters, 11, 18, 25 January) aware of the implications for future treatment?
People do not complain that staff at various branches of the same bank – and other undisclosed associated companies - may see credit history and payment details.
If I tried to prevent my bank doing this I would undoubtedly be asked to take my custom elsewhere. What would be the reaction of the public if the NHS adopted the same attitude I wonder?
Andrew Turner

A security accreditation scheme such as Crest is definitely a good idea (Ethical hackers face new test, 22 March). But it needs to go further than Check, the public sector equivalent.
The Check system was not especially relevant to non-government organisations, apart from giving them a general sense of trustworthiness. Even that had little practical effect because most clients would want contracts or non-disclosure agreements signed regardless.
It would be good if Crest could provide more specific certification. For example, someone who is a great web application tester could be certified specifically in that area and would not necessarily be certified for database security or firewall security testing.
This would give clients the reassurance that the people doing the work have the right level of specialist knowledge.
Rory McCune

In your report on skills shortages (IT recruitment companies feel skills pinch, computing.co.uk/2185325), you quote Jane Binner of recruitment agency Computer People saying companies need to look at cross-training people, accepting compromised skillsets and offering incentives to retain people longer.
Thank you, Jane Binner. Employers are saving money by not training and seem reluctant even to redeploy existing staff to new projects. There is no mystery about the skills shortage - just bad leadership at the top.
Mark Brady

Surely the London Underground is just about the capital’s only refuge from annoying and pervasive mobile technology (Mobile phone services to be tested on Tube, 15 March).
Like Tony Wood (Letters, 22 March), I think encouraging people to use mobiles on the London Underground is unacceptable in the social sense. Although I am a mobile user - for convenience rather than just because I can – I always think twice before I make or take calls.
Does this development not also present other security issues yet to emerge? Of course, mobile technology could have helped greatly with some of the tragic events on the underground in recent years, but this could be achieved using private networks instead.
Gordon Dale

I run the risk of being branded a Luddite, but the Tube has for me always been a sanctuary from mobiles - certainly in central London (Mobile phone services to be tested on Tube, 15 March).
But do we know the true cost of enabling this technology for the general public in the confines of the underground? It occurs to me that all these radio frequency signals are going to be absorbed by flesh and bone - and the reflected signals too.
Will London underground be insuring itself for the future in decades to come when millions of passengers - some no doubt considering themselves high net worth - for claims that manifest themselves in the same way that smoking, asbestosis and silicosis have?
By all means test and implement a system for use by railway staff, emergency services and contractors, which hopefully would have to handle far lower volumes.
Tony Wood by email

The idea of moving public sector systems to open source has some merit and will save money in the long term (Should the government use more open source, computing.co.uk/2185470).
But how much will have to be spent in the short term? Open source software is not free software. You still need the skills and software base to make the systems run.
Name withheld on request

There are good reasons why the state should use more open source (Should the government use more open source, computing.co.uk/2185470). For example, Oracle runs on Linux and can be clustered. It is scalable, robust and reliable, just as much as under Windows. But whether Linux can compete with Unix or mainframe operating systems is open to debate.
But when you turn to applications and writing software for open source the arguments become more muddied. Software needs to be engineered. Well-supported commercial development and design tools are required.
If open source can offer enterprise-class source code control, design, development and testing tools, then fine. But it must adhere to standards and be robust and reliable.
Pete Best

You ask whether we agree with Conservative party plans to use more open source technology if it wins the next general election (Should the government use more open source, computing.co.uk/2185470). The government has a duty to make best use of tax-payers’ money and get best value for it.
Open source and free software alternatives represent a chance for any organisation to get best value for money. Open source does not necessarily provide the cheapest option but it can offer better value.
Free and open source software is a service-based model - customers cannot be locked into a product so any money made has to come from services such as support, management and customisation, rather than the software itself. Ultimately an organisation is free to provide all these services themselves internally.
Free and open source alternatives provide better standards compliance because the standards exist for a purpose, better quality and more innovative products.
The time when people had to justify using open source software has long passed. People - and especially governments - should now be required to justify the continued use of proprietary solutions.
Mark Curtis

You report that a man has won damages of £750 from an internet company after he was sent a single unsolicited email (Spam victim wins court case, computing.co.uk/ 2184942).
I am frequently contacted by Chief Nigel Precious Ogulugu of Lagos, Nigeria, who is kind enough to send me regular notes reminding me that my long-lost millionaire uncle has been killed in a plane crash. Entirely understandably, Chief Nigel wants my bank details and password so he can transfer my late uncle's fortune to my account.
This decision by the Edinburgh court is very welcome, but how do you enforce such an order against Chief Nigel?
Robert McChord

You report that the court IT system has come under renewed attack from Britain's magistrates in an unprecedented protest letter to prime minister Tony Blair (Fresh concerns raised over Magistrate's IT system, computing.co.uk/2173242).
The simple fact is that the Libra system - and Mass before it - is failing at basic levels. IT staff, who are working on outdated equipment, are left having to patch systems as best they can, pinning their hopes on the promise of a system that so far has shown little or no progress.
R Davies

I see that Lloyds TSB is to expand automated phone alerts for suspicious card activity to include debit cards (Lloyds TSB extends card fraud technology, 14 March).
But fraud will continue to grow until banks start to use memory stick systems. These can be used to stop fraudulent ATM use. An ATM would only be activated by the personalised code stored on the stick. Why would anyone be tempted to use stolen or skimmed cards when they know that ATMs will not work without the key?
The sticks can also be used to activate printers to print out small stickers with the individual's image and name on it. These can be attached to documents and countersigned.
Anyone misusing the system for criminal purposes would also be providing the authorities with their identity.
Yogesh Raja

This is such a disappointing result yet again for national IT in the police service (Budget threat to police, 8 March). Once again, huge quantities of public money - £30m-plus - have been wasted over the past two and a half years on a programme that has seen the Crisp core interim system abandoned due to technical issues with its scalability, when many members of the police IT community have been stating this for the past 12 months.
Why, when there are pockets of good practice in terms of data sharing and implemented large-scale solutions that already share information and intelligence within the service, are we blindly spending money and the centre on large-scale developments that never work or deliver value for money? NSPIS Case & Custody being a prime example.
Surely it is time that the whole area of IT ambitions from the centre is reformed.
Jerry Wise

I recently heard an interesting story that underlines that security is only as good as the people who use it (Businesses fail to educate staff on security, computing.co.uk /2185087).
A UK penetration tester simply followed smokers through an unlocked and unsecured door into the building after a smoking break. The tester then hooked his laptop up to the network and, doubtless, congratulated himself on a job well done.
The tester - who skirted past other employees by saying the IT department had sent him - made his way to a meeting room, where he hooked up his laptop to the company’s VoIP network.
Is there a wider lesson to be drawn from this? Yes, and it is not to stop people going outside for a smoking break. If you do not know what is going on, you cannot enforce security policies. That applies to information security just as much as physical security.
I am sure the company had a perfectly good door entry system. It just was not used on that particular door. Likewise, I bet they have a good firewall and other IT perimeter security too.
Geoff Webb FutureSoft

Peter Grace suggests that recent IT graduates who cannot find a job in IT because of a lack of experience could take unpaid work experience (Letters, 25 January).
I seem to recall that the government takes the view that unpaid work is work, and therefore all benefits are cancelled. So much for doing charity work to improve experience.
Mark Wall

What extra security does David Barnes think that Active X, which has full access to your machine, gives over Java applets, which run in a restricted environment (Letters, 1 March).
It is not signing that is at issue here because Java applets are signed too. Not that signing is worth much. Even trusted web site certificates are frequently out of date or not recognised and people just ignore the warnings.
Stephen Baynes

You report that women working in IT still feel they need to outperform their male counterparts to achieve the same level of success (Women feel the need to prove their IT skills, 29 January). I totally agree.
I am the only woman in a team of four and am the lowest paid even though I do the same job as my colleagues. The excuse has always been they have more qualifications, yet they have never used these skills.
T James

I have no issue with employing foreign IT staff if this is really expedient (We should welcome overseas IT staff, 1 March).
But what irritates me is the reluctance to spend money on training existing skilled workers and the development IT, which is still perceived as a money-hungry part of their business.
Why not invest in quality IT systems, in-house developed and with all the benefits of having a specialist staff, dedicated to the company – people who will still be there to maintain and enhance the systems in years to come? In short, staff with the experience to support the most important aspect of any company's business.
Remember – if your system crashes, your company will be dead within a week, if you cannot get it back. If you never spent another penny on marketing and advertising, you would still be in business, provided your company product is a good one.
There are many who would provide quality IT service given half a chance. Unfortunately, like other industry sectors, fashionable views prevail. I fear that fashion-slavishness will eventually kill British business.
Paul Kemp

I would challenge Emma Nash’s assertion that no one is complaining about the quality of the work carried out by overseas IT workers (We should welcome overseas IT staff, 1 March).
Many of them have been raised under a bureaucratic Raj. They do not challenge or query customer requirements – they are often order-takers, and would build a concrete life jacket if someone asked them to.
I have sometimes had opt against offering jobs to UK and EU nationals with such strong accents that I could not understand them. But if I have difficulty understanding some Indian contractors when they are speaking my native tongue, how much more difficult must it be for my clients in France and Italy for whom English is not their first language? If I tried to replace these Indian staff I run the risk of being called racist.
Stories abound of employers who laid off UK nationals to bring in cheaper Indian staff, who do not take work back to India, but have been resident here in UK ever since – an abuse of the work permit system that our government fails to supervise.
Name withheld on request

Perhaps Emma Nash's column (We should welcome overseas IT staff, 1 March) would have been more aptly headed, 'We should welcome cheap Indian IT staff'.
Does she think that the extra 47 per cent arrived without displacing local staff? Would she welcome a huge increase in working visas for journalist and writers?
A friend of mine who works at BT has just recently been offered voluntary redundancy because his skills no longer meet the business needs of the company. This is despite him being a competent youngish developer with Oracle and Business Objects skills. I use the word ‘youngish’ because this will be all too relevant when he starts looking for another job.
Having worked in IT for many years, I have noticed that while many Indian workers are very competent, a not insignificant percentage are pretty poor. Good or bad, the level of integration with local staff is almost non-existent.
Neil Baxter

I am afraid you have been misled by Lloyds TSB’s spin (Lloyds TSB closes Indian call centre, computing.co.uk/2184651). To suggest Mumbai was for overflow calls is a recent invention.
If there is now a significantly reduced demand for telephony staff, why is the bank offering high levels of overtime at its UK call centres where it has acknowledged it has significantly increased levels of recruitment?
The interactive voice recognition software that is being introduced is an attempt to save face over the closure. Offshoring has met with substantial customer hostility and this is the real reason for the closure.
Steve Tatlow Lloyds TSB Group Union

I commend Lloyds TSB on its brave decision (Lloyds TSB closes Indian call centre, computing.co.uk/2184651).
This was an arrangement that was not working for Lloyds, so bringing the work back to the UK was a sensible move. Originally many firms decided to offshore because of cost reductions, but are realising that the reputation of a company is crucial, a factor beyond cost.
Offshoring customer contact is potentially dagerous, as this is an area of cultural sensitivity. Customers can often feel alienated by being transferred to a voice away from the UK.
Outsourcing and offshoring still have a place in Lloyds’ sourcing strategies, and rightly so. But costs need to be balanced against perceptions of customers and shareholders.
Martyn Hart National Outsourcing Association

More needs to be done to promote reuse within the UK, and the imminent WEEE Directive is the push this country needs (Vista upgrades trigger surge of e-waste, 22 February, Letters, 1 March).
The WEEE Directive is a major step forward to ensure the UK becomes a greener country, and while it is extremely worthwhile to help developing countries, we should not be too quick to ship too much hardware overseas.
If the UK has taken so long to clean up its act, how will developing countries and the charities that provide help deal with the recycling overload that will surely follow?
Terry Maguire

I completely disagree with Emma Nash (We should welcome overseas IT staff, 1 March). There is no shortage of IT skills in the UK. Where I work, nearly 100 professionals were made redundant when the whole IT department was outsourced. Did those individuals, and thousands of others like them, just evaporate?
She also cites a report from recruitment body Atsco that suggests low-skilled IT jobs go to India and highly-skilled Indian professionals come to here to take up the managerial roles. This definition of low and high skills is nonsense. It is folly to suggest that programming jobs are low-skilled and by implication that managerial jobs are high-skilled.
One thing is certain: if the outsourcing continues the dole queues will grow and UK technology will be doomed.
Lam Tran

I read a lot about the skills shortage (We should welcome overseas IT staff, 1 March), but I have yet to see a list of the particular skills the country is short of.
I am quite willing to retrain, but having just hit the 40 barrier and not knowing where to concentrate my efforts, it is difficult to choose the right direction. If we were told, perhaps people such as me could fill the gaps.
Adrian Birkett

Emma Nash observes that low-skilled IT jobs are being shipped to India and highly-skilled Indian IT professionals are coming to the UK to take up managerial roles (We should welcome overseas IT staff, 1 March). She then says, ‘Quite frankly, who cares?’
As a matter of fact I care - very deeply. I started in IT in the 1980s after a career change and I am still in the same job after one outsourcing and one takeover so that I have had three different employers without moving desk.
It is very difficult indeed to get my employer to give me training and when I have been trained I have been given little or no opportunity to put it to use. My job is now little more than that of a glorified clerk.
If there is such a desperate skills shortage why do IT managers not train and use existing staff while those people still have an interest in IT and a desire to stay in the industry?
Name withheld on request

Why is there a 40 per cent fall in students opting for IT (IT skills decline puts UK research at risk, 15 February)? It is simply because the UK IT jobs market is characterised by high levels of unemployment for graduates and older workers.
The 2005 graduate employment survey revealed that IT was the worst subject you could study at university in terms of getting a job after graduation. It used to be art.
Despite a good track record as a developer, I have been unemployed for several years. There was a time when the phone rang regularly with job offers. Given the skills shortage, where are the job offers, and why are so many of my former colleagues either unemployed or no longer in the industry? The skills shortage is a myth; there is a wealth of unemployed indigenous talent. Long term, yes there will be a serious skill shortage since students wisely opt not to study a subject with few job prospects and older experienced IT workers are forced to leave the industry because of unemployment and the industries ageism policies.
Paul Sladen

It is true that instant messaging is considered mission critical in financial services but a distraction elsewhere (What the experts say about instant messaging, 1 March). 
I am old enough - just - to remember a time when email was in a similar position.  People would say: ‘I don't have time to email. Why don't you just pick up the phone?’
I hear the same today about instant messaging - though less and less all the time. It will break through to the mainstream enterprise – it is a matter of when not if.
Graham Lawlor

You report that the GSM-Railway (GSM-R) communications system has been further delayed (Further testing delays rail system arrival time, 1 March). You also explain that the European safety system that requires GSM-R uses transponders that record a train’s position and automatically apply the brakes when necessary.
It is worth noting that the Great Western Railway had a similar system called Automatic Train Control (ATC). This system continued in use with little alteration until the 1980s. By the way, ATC was introduced almost 100 years ago.
Before some apologist for our current shambles of a railway system claims that things are different now, the train service provided by Great Western Railway was faster, more frequent and more reliable - and just as safe.
Jeremy Sellick

It is great to see contributors making such good commonsense observations (Letters, 8 February). As Simon Wilson suggest, we see advertising campaigns telling us 'Speed kills' and 'Smoking kills'; why not, 'Phishing empties your bank account'?
We may know not to reply to phishing attacks, but it is the non-technical public who are getting ripped off and they are the ones who need to be warned.
Robert Farmer

Timothy Gilson suggests that an easy way to avoid an upgrade to Vista and a glut of redundant hardware is to move to Linux (Vista upgrades trigger surge of e-waste, 22 February, Letters, 1 March). He says most users would notice little difference.
While I could use Open Office and a Linux email client, I would be scuppered when I tried program in VB.Net, VFP or VB6, or manage my SQL servers at work. At home my CAD package, my engine simulation software and none of my games would work.
So I cannot agree that a move to Linux would be easy. Some of us use more than just Microsoft Office on our PCs. My way of avoiding the upgrade to Vista is to stick with XP, which runs all my applications perfectly well on a four-year-old PC.
Ric Naylor

You report that the present drop in IT students will damage UK IT research and that schools need courses that teach the deep aspects of computing rather than ICT skills (IT skills decline puts UK research at risk, 15 February).
But surely schools are the proper place for ICT skills to be taught. Universities are where you find out who is capable and interested in research.
Also, a drop in university students by 40 per cent might have little impact on the number entering research. Having taught at a university I have seen that although student numbers have risen, the average quality of those students has fallen.
There are only so many technical high-flyers. Whether you send a large number of less able people to university or not will make little difference to the higher ability students.
The investment of resources and finances is the real factor that will affect how much research the UK continues to do.
Jonathan Howell

Reusing hardware in developing countries is not as green as you might think (Vista upgrades trigger surge of e-waste, 22 February). Your report contains the suggestion that by doubling the lifespan of a PC, the environmental footprint is halved. But the extended use is by people who would not otherwise have access to IT. This does not stack up.
If the extended use was by someone who would otherwise have bought a new PC that would indeed halve the environmental footprint. But if it is being used by someone who otherwise would not use a PC at all, then the only difference between reuse and non-reuse is that an additional 6,000 hours of power will be consumed in the reuse case. The PC will be discarded eventually anyway.
I am not suggesting it would be morally right to deprive developing countries of IT resources that they could obtain inexpensively. But we should not deceive ourselves that shipping old PCs abroad is good for the environment.
Good for the environment would be to extend the UK PC lifespan from the current three or four years. Who needs Vista?
Ian Troughton

Computer Aid does an excellent job in taking redundant hardware from businesses and shipping it to schools and charities in developing countries (Vista upgrades trigger surge of e-waste, 22 February), but quite rightly has minimum specifications for the equipment it can use.
This can be a disincentive for small businesses and individual users, as can the need to transport donated equipment to the organisation's premises. Under these circumstances Freecycle.org is invaluable. Conceived as a means of keeping usable products out of landfill sites, Freecycle is a worldwide network of regional Yahoo groups where members can post details of any goods they want to give away.
Interested parties respond and the donor simply selects and informs the chosen recipient who then collects the goods from the donor. The UK alone has 400 such groups and a total of over half a million members.
These groups are home to plenty of tinkerers, so the stuff does not even have to work or be intact. I have found that takers are often after a single secondary computer for home use, so it does no harm in local PR terms either.
Roger Thomas

There is an easy way to avoid both an upgrade to Vista and the recycling issues surrounding obsolete PCs that are incapable of running it (Vista upgrades trigger surge of e-waste, 22 February).
Switch to using Linux.
Apart from an improvement, most users will not notice much difference.
Timothy Gilson

The Home Office has been using biometric passports for years to disguise the cost of the identity card scheme (MPs argue over ID card pricing, 22 February). It is simply creative accounting.
Passports now comply with standards set by civil aviation body ICAO. Nothing more need be done - though it would be nice if the standards could be revised to rank security of the holder above official convenience.
The entire intrusive data-collection programme has no other purpose than to build the structures for the planned National Identity Management Scheme and to force most of the population onto it.
Of course no workings have been disclosed, but the figures look suspiciously like the government has observed that 70 per cent of the population gets a passport over 10 years and so has allocated the notional costs of numbering and fingerprinting the entire population between passports and stand-alone ID cards on that basis.
Guy Herbert NO2ID

You report that Arsenal is using new disaster-recovery software to protect against hardware failure on match days (Arsenal kicks IT failure into touch, 22 February).
Could this disaster-recovery system be configured to kick in during home games to Blackburn Rovers and away games at PSV Eindhoven when the main older systems appear to be malfunctioning?
Name withheld on request

Timothy Gilson suggests that rather than concentrating on tightening security at the organisational level or by educating the public, people should reply to phishing emails with false information, ideally provided by banks (Letters, 22 February).
Banks cannot encourage customers to give false responses to phishing, since this would require people to access the phishing web sites and expose their PCs to malicious viruses and Trojans through browser vulnerabilities.
As for attacking and identifying phishers by spamming their databases, this is a good idea. But such services are already commercial available, and are widely used.
The problem with these measures is that they are invisible, and so do nothing to build consumer confidence.
Jonathan Tuliani

I was interested to see that police are testing online tools to help small firms combat e-crime (Police pilot system to improve e-crime handling, 15 February).
But on their web site, yorkshire-safe.org, I saw a note saying, ‘To use some extra options you need to have JavaScript enabled’, together with a link to an article ‘Drive-by web attack could hit home routers’, which explains how dangerous Java is.
All client-side scripting, whether JavaScript, VBScript or Java applet, is dangerous. Every web site you visit with these enabled can invisibly use your browser session to do anything to other machines on your network.
This can include reprogramming your router. In a worst-case scenario your web session can connect to your server and extract Hipa or DPA protected data and upload it.
The quicker we go back to Authenticode-signed ActiveX the better. If a site needs some clever client-side stuff then it will need to be signed. At least then you have a verified identity and somewhere to send the police if it hacks your system.
David Barnes

Previous laws were inadequate at protecting consumers, the very people they were designed to help (ID theft law could incriminate innocent people, 15 February).
Do I care if this law makes it a little harder for a debt collector to collect a debt? No. You report that the Institute of Credit Management is complaining that innocent credit managers could be prosecuted. So many of these laws and regulations would not even be needed if the companies that the ICM represents had done the right things to protect consumer data in the first place.
Do not let them fool you. This law is a great leap forward for consumer data protection.
Evan Francen