There is plenty of incentive for companies to meet the new regulations by installing new software. They can avoid not only federal fines but also the stigma of being associated with shady transactions. Western Union and eBay's PayPal are two of the higher-profile cases so far of companies falling afoul of the PATRIOT Act.

Its vague yet sweeping requirements have made the PATRIOT Act a marketing opportunity for a slew of companies, including Mantas, SearchSpace, NetEconomy, ACI Worldwide, HNC Software, Prime Associates, and Sybase, among others. Prices for their software offerings, when consulting and installation fees are added in, range from the low five figures into the millions. Entire technical conferences are being thrown for "compliance officers" to find out about the latest anti-money-laundering solutions.

Financial organizations aren't the only institutions with a USA PATRIOT compliance to-do list that means business for software companies. Universities are also required to report regularly on the status of foreign students, directly to the federal Immigration and Naturalization Service.

PeopleSoft's PATRIOT Act Student and Exchange Visitor Information System Solution helps educational institutions comply with the new requirement for colleges and universities to inform the INS when foreign students go from full to part time, get married, or change their address.

"The concept of tracking foreign students was not new," says Kimberly Williams, the director of strategy for education and government for PeopleSoft, "but the PATRIOT Act required that they track more information than they had before and that they physically enter it into the INS system." PeopleSoft gives away the new code that helps its university clients communicate with the INS, as an upgrade to its Student Administration product.

Then there's the whole range of products that software companies are now selling directly to the government to help it monitor citizens. The Electronic Privacy Information Center, a public interest research group sued the Department of Defense under the Freedom of Information Act to obtain access to documents detailing which software companies, universities and research institutes had won contracts to create the virtual dragnet.

"We wanted to find out how these systems are being developed, who the developers are, what technology they propose to use, are they effective technologies and what the public can expect out of such a system," said Mihir Kshirsagar, a policy analyst with the Electronic Privacy Information Center.

The documents released so far list 23 entities -- including the consulting company Booz Allen Hamilton, Lockheed Martin Information Systems and the University of Southern California -- that stand to profit from the Total Information Awareness program by providing technology to the Department of Defense to carry out electronic surveillance projects.

But even the watchdog group that's monitoring the contracts has a difficult time interpreting just what the jargon in those documents -- a mishmash of buzzwords describing storage, collaboration and integration software -- adds up to. "It's actually hard to say what exactly these software vendors are supplying to the Total Information Awareness project," says Kshirsagar.

It's hard to fault software companies for looking for new markets, but some observers still find the spectacle of firms rushing to deliver spy software distasteful.

"Companies climbing all over each to be the first to sell the tools of surveillance to the government and to other companies is unseemly," says Cindy Cohn, an attorney for the Electronic Frontier Foundation. While the software companies enjoy the new demand for their PATRIOT-inspired solutions, the EFF has another solution in mind for the act; it's currently leading a letter-writing campaign in support of two members of the House who are calling for congressional hearings on the act.

Recent Stories