Today I checked on the status of a couple of the “blunt instruments” I’m using on Pacific Northwest National Laboratory. Since I hadn’t heard back on them for weeks I sort of guessed they had been dropped and I wasn’t going to get anywhere with them. I was wrong.
The first person I talked to said the issue was still VERY much alive it was just that he had been buried in stuff and was reluctant to share the work load with others. He has a couple of hard deadlines to meet and couldn’t work on it this minute. My project had received some attention a couple days ago and would be getting more attention soon. I felt pretty good about things. He asked a few more good questions which I gave short answers to and then followed up with detailed email answers.
The second person I talked to said I had gone about things in the wrong manner. No big deal–the person in the appropriate channel will be contacting me soon. I got the feeling that it wouldn’t have happened if I hadn’t called back twice to find out the story. I was very pleased with this. I was afraid I would just be told to “go away.” That could still happen but at least I believe I will get a chance to present my findings and have a reasonable chance of convincing them to take action.
One “blunt instrument” should be in there hands by now. That is the appeal of their denial of my Privacy Act request on all the information they have in their files, email, etc. about the “investigation” they did on me. I hired a lawyer in D.C. that specializes in FOIA/Privacy Act requests. They claimed the Privacy Act didn’t apply to them, but both my and the lawyer’s read of the Act is that it specifically says it applies to contractors that perform a government agency function–so “hand it over!” Nothing back on the appeal yet.
And since PNNL has received the FOIA request I talked about the other day by now I might as well reveal it here. I asked for:
A list of all Pacific Northwest National Laboratory computer programs that use the FlashTek software library or rely on derivations of the FlashTek software library and/or it’s source code.
A list, complete with contact information, of all PNNL customers and contacts that have copies of those programs.
Most, perhaps all, of these programs will have been produced in the Cyber Security Group at PNNL. The source code can be easily identified by a copyright notice similar to the following:
// Copyright FlashTek
// Joe Huffman
In case the name “FlashTek” doesn’t mean anything to you, that is the name I use for all my private business stuff. From software to explosives FlashTek is my dba (Doing Business As) name. To speed up development of several projects at PNNL my coworkers and I used some of my previously developed code. PNNL never bothered to obtain a written license for that and I never bothered to ask for one. The implied threat with the FOIA request is that I will now ask for a license and/or demand they and all their customers stop using my previously developed software. This is a really nasty thing to do and I don’t really want to do it. If they would give me all the information I asked for via the Privacy Act request then I, almost for certain, would not bring up the software license issue.
There is one more “blunt instrument” that I haven’t checked up on. I’ll just wait a while for that one.