Implications of Electronic Mail and Message Systems for the U.S. Postal Service Page: 96

96 Implications of Electronic Mail and Message Systems for the U.S. Postal Service

USPS has already established a separate Of-
fice of E COM Operations and implemented
detailed cost accounting procedures which, ac
cording to USPS, are more stringent than any
where else in the organization. USPS has in
itiated a complete review of E COM costs to
date, recognizing that some costs have been
higher than initially estimated and that rate

adjustments may be necessary so that costs
are fully covered over a given period of opera
tion and projected volume. However, Congress
may wish to consider stronger safeguards (e.g.,
outside audit) and a greater degree of organiza
tional separation to prevent cross subsidiza
tion and allay private sector fears.

Privacy Protection

Privacy protection in a USPS EMS service
is a continuing issue. First raised in the
original PRC consideration of the E-COM pro
posal, a 1982 National Research Council (NRC)
report6 has amplified the privacy and securi
ty concerns discussed in chapter 7. To quote
from the NRC report: "Electronic mail pre
sents potentially serious problems of securi
ty and privacy protection. The processing,
storage, and transmission of large amounts of
data, which are functions central to electronic
mail, offer an attractive target for anyone
seeking access to individual and corporate
information. '27
OTA has not conducted a thorough review
of E-COM security and privacy. However, pre
liminary discussions with USPS indicate that
while some protections are in place, additional
security measures appear to be necessary. The
E COM equipment is apparently physically
secure, but the technical configuration makes
it possible for the operator to read the hard
copy printouts before being enveloped. Oper
ators are instructed not to read the contents,
and unauthorized personnel are not permitted
in the E COM facilities when printers are in
operation. Nonetheless, the potential for secu
rity breaches does exist.
A second potential problem is that the user
(carrier or mailer) account numbers are printed
on the outside of E-COM envelopes, thus guar
"National Research Council, Assembly of Engineering, Comn
mittee on Review of U.S. Postal Service Planning for Electronic
Mail Service Systems, Review of Electronic Mail Service
Systems Planning for the U.S. Postal Service, National
Academy Press, Washington, D. C., 1981.
"Ibid., p. xi.

anteeing dissemination in a physically visible
manner of one of the two pieces of informa
tion needed to use E-COM. The account num
ber, together with an access code and familiari
ty with the E COM technical interconnection
standards, would permit unauthorized use of
E COM. A third potential problem is that all
incoming messages are stored for 1 week in
computer memory or on magnetic tape in the
E COM computers. While this archiving may
be necessary in case of errors in message con
version or transmission, it also could present
another target for security violations. This
security risk is heightened by the fact that
computers at each of the 25 E-COM locations
are interconnected electronically to the USPS
management operations center in Wilkes
Barre, Pa. The purpose of the management in
formation system is to validate account num
bers and access codes and keep track of
message volume by account. However, it may
be technically possible to tap the archived
messages via the management information
system which apparently uses dedicated, but
not otherwise secure, leased telephone lines.
Congress may wish to mandate an independ
ent review of E COM security to ensure that
the necessary security measures are either in
place or implemented shortly. Since it appears
that the postal statutes do not at present ex
tend to the electronic transmission portion of
Generation II EMS, or at least it is not clear
that the statutes apply, Congress may wish
to consider the possibility of amending the
Postal Act and/or Communications Act to pro
vide additional statutory protection, and con
sider the use of data encryption to provide ad
ditional technical protection.