Ellison says that making the calls to the families of the Oracle men who died on September 11 was the hardest thing he’s ever done. Two days later, he sent out an emotional e-mail to the victims’ colleagues at Oracle:
Everyone,
It is with indescribable sadness that I inform you that several of our people lost their lives in the terrorist attack on the United States. Todd Beamer lost his life when United Flight 93 crashed in Western Pennsylvania. Seven more are missing in the rubble that was the World Trade Center. We pray that some may be found alive.
We know that Todd Beamer is dead. We believe he died when he and other passengers aboard Flight 93 tried to recover the hijacked airplane from the terrorists. In the struggle, the plane crashed. Todd’s courageous actions may not have saved the lives of his fellow passengers, but he helped prevent the airplane reaching its target—our nation’s Capitol. Considering the devastation wrought by the other aircraft, it is unquestionable that Todd’s brave actions, and that of his fellow passengers, saved countless lives on the ground. We are very proud of Todd. We will miss him. Our heart goes out to Todd’s wife, and his two young children.
Seven other Oracle people are missing. Six of them are consultants that were working on the 97th floor of the South Tower of the World Trade Center. We have not given up hope. Rescue workers are still searching, so we will not reveal their names at this time. I will tell you that two of the missing consultants were from the United States, three were from India, and one from the United Kingdom. This terror and tragedy is reaching families around the globe. The entire civilized world is in mourning.
The last Oracle person missing was trained as an emergency medical technician. He was near the World Trade Center when the first airplane hit. When everyone else was running out of the building, he ran in. Like the police and fire fighters, he risked his own life trying to save others. We will never know how many people he helped, or if he was able to save any lives. We do know he ran into the building and tried. In trying, he risked—and perhaps lost—his own life. Nothing is more heroic than giving your own life in an attempt to save another.
Several Oracle people are lost. Some we knew. Some we didn’t. Some were heroes. All were family.
Larry
I talked to Ellison on September 12. He was deeply distressed, but he was clear that Oracle had to go on working. Oracle’s first-quarter earnings call was due later in the week, and he didn’t want to postpone it unless the markets remained closed: “Our people were in a state of shock. It was really hard to focus on work. But there was no time for a break. Most emergency services—police, fire departments, hospitals—depend on our systems working twenty-four hours a day, every day.” What effect the atrocity would have on the economy or Oracle’s fortunes, he had no idea. “I really can’t think about the stock market at a time like this—except to say that eventually it will recover. And our economy will recover. We always recover. The American people are very resilient. We’ll recover from this attack. We’ll learn from it, and we’ll be stronger because of it.”
Apart from anything else, all the government agencies and departments that dealt with the aftermath of the attacks and hunted for the terrorists depended on Oracle databases. He had already made arrangements with the army for more than two hundred technical staff from the damaged Pentagon to be accommodated in Oracle’s Washington offices. A secure Special Response Center had been quickly established to provide support for government agencies needing security-cleared communications channels. Ellison said that in New York a similar effort was under way, including the creation of an “emergency office locator” to help identify the temporary office locations of thousands of displaced workers.
As the provider of the software that powered nearly all their databases, Ellison knew better than almost anyone that the U.S. security agencies were technologically ill prepared to protect the United States from further terrorist outrages. There were two major deficiencies. The first was the ease with which potential terrorists could enter the United States and disappear, thanks to a combination of lax rules for the issuing of visas and the lack of a standardized ID card system. Most of the hijackers had multiple stolen identities. The second was the difficulty of creating an effective and cross-checkable watch list, without which monitoring suspicious behavior was impossible. And just as the root cause of poor information management in the private sector almost always turned out to be fragmented data caused by information being dumped into too many small databases that couldn’t easily communicate with one another, the same was true in spades of government in general and the security services in particular. Making the problem even worse were long-standing inter-agency rivalries, especially between the FBI and the CIA, which reinforced the chronic data fragmentation with a cultural bias against sharing intelligence.
Ellison’s remedy was the introduction of a national standard for government ID cards using biometric authorization technology linked to a single, consolidated national security database. He knew that while what he was proposing was technically not difficult for Oracle to do, both ideas would be deeply controversial on both civil libertarian and political grounds. But he had been impressed when the secretary of defense, Donald Rumsfeld,1 had remarked that the difference between the war against terrorism and more conventional conflicts was that this was a war that would be won not by cruise missiles or bombers but by some scrap of vital information. Within a few days of the terror attacks, Ellison had decided that it was his public duty to campaign for both national standards for government ID cards and a national security database and that Oracle would donate the software to make it possible.
The first stage of the campaign was to start talking and writing about it. Ellison spent several days sweating over an op-ed piece that he hoped to place in The New York Times. The Times declined to take the article,2 but The Wall Street Journal offered it a home, albeit in greatly shortened form. This is what Ellison wrote:
DIGITAL IDS CAN HELP PREVENT TERRORISM
by Larry Ellison
10/08/2001
Since the September 11 attacks, our country has been thrust into a debate over how to root out terrorists while also maintaining our civil liberties. One of the suggestions proposed, though not yet fully debated, is that of national identification cards.
Many Americans instinctively fear that a national ID card would sacrifice basic freedoms and compromise personal privacy. They suspect our government would build Big Brother databases that would be better at snooping on law-abiding citizens than catching terrorists. They rightly agree that if we lose our liberty, the terrorists will have won.
On the face of it, issuing ID cards does seem a significant step. Trusting government to maintain a database with our names, addresses, places of work, amounts and sources of income, assets, purchases, travel destinations, and more, seems a huge leap of faith. But we should remember that these databases already exist, and that we willingly helped in their creation. For years, companies like American Express and Visa have been issuing cards and building up information on millions of Americans. The databases they maintain are searched and sold on a daily basis.
We should remember, too, that the government already tracks things—lots of things. Federal, state and local agencies issue Social Security cards, driver’s licenses, pilot’s licenses, passports and visas. They maintain thousands of databases to keep track of everyone from taxpayers and voters to suspected terrorists.
And so the question is not whether the government should issue ID cards and maintain databases; they already do. The question is whether the ones we have can be made more effective, especially when it comes to finding criminals.
Do we need one national ID card? No. But the IDs that the government issues—such as Social Security cards—should use modern credit card technology. Do we need more databases? No, just the opposite. The biggest problem today is that we have too many. The single thing we could do to make life tougher for terrorists would be to ensure that all the inf
ormation in myriad government databases was integrated into a single, comprehensive national security file.
Today, every federal intelligence and law enforcement agency—the Central Intelligence Agency, the Federal Bureau of Investigation, the Immigration and Naturalization Service, the National Security Agency—and all manner of state and local bodies maintain their own separate databases on suspected criminals. All these separate databases make it difficult for one agency to know about and apprehend someone wanted by another agency.
That’s why one of the September 11 hijackers made it through U.S. passport control, even though he had an outstanding arrest warrant in Broward County, Florida. The FBI was searching for several other of the terrorists, because CIA intelligence revealed they had ties to Osama bin Laden. Four more were sought by the Immigration and Naturalization Service because they were in the country illegally.
Such a national database, though a large undertaking, is possible. My company, for example, has already offered to provide the necessary software for free, and I’m sure other companies would pitch in with hardware and support. It’s important these donations be made with no strings attached: The database would be maintained and run by the government alone, with no question of corporations benefiting.
The uses of such a database would be significant. Airlines, for example, could cross-check the names of passengers with names on a watch list. If this had been done, many of the September 11 terrorists would have been caught before they boarded their flights. Mandatory checks could be supplemented with voluntary checks. Companies, for example, might elect to submit the names of [job] applicants as a part of their reference-checking process. If the submitted name were on the watch list, the FBI (not the company) would be notified.
Another challenge is tracking people with multiple or stolen identities. The good news is that a national database combined with biometrics, thumb prints, hand prints, iris scans, or other new technology could detect false identities. Gaining entry to an airport or other secure location would require people to present a photo ID, put their thumb on a fingerprint scanner and tell the guard their Social Security number. This information would be cross-checked with the database.
The government could phase in digital ID cards to replace existing Social Security cards and driver’s licenses. These new IDs should be based on a uniform standard such as credit card technology, which is harder to counterfeit than existing government IDs, or on smart-card technology, which is better but more expensive.
There is no need to compel any American to have a digital ID. Some Americans may choose to apply for a digital ID card to speed the airport security check-in process. Some states might use digital IDs for their next generation of driver’s licenses. Companies might want to replace their current hodgepodge of IDs with the new system. In fact, a voluntary system of standardized IDs issued by government agencies and private companies could prove more effective than a mandatory system.
We don’t need to trade our liberties for our lives. By law, Fourth Amendment protections against unreasonable search and seizure would govern access to the national security database. The “probable cause” standard will still have to be met.
Two hundred years ago, Thomas Jefferson warned us that our liberties were at risk unless we exercised “eternal vigilance.” Jefferson lived in an age of aristocrats and monarchs. We live with the threat of terrorists getting their hands on weapons with the capacity to destroy entire cities. Only by giving our intelligence and law enforcement agencies better tools can we expect to save life and liberty together.
As well as writing the article, Ellison was preparing for a visit to Washington, D.C. Meetings had been scheduled with the heads of the NSA, the CIA, and the FBI. He was also hoping to see the attorney general, John Ashcroft, and Vice President Dick Cheney. While finding out what the law-and-order agencies needed in order to do a better job of analyzing the huge quantities of information they were now feverishly gathering on the bin Laden global terrorist network, it would be an opportunity to evangelize the proposals in his article to the people who could actually make it happen. Afterward, he would fly to New York for TV interviews to publicize his ideas and, more prosaically, a CEO roundtable to sell software.
Arriving late in the evening of October 9 at the Ritz-Carlton in Tysons Corner, Virginia (an unattractive hotel catering for conferences some twelve miles from Washington, supposedly chosen by Jay Nussbaum because of its closeness to the CIA) Ellison’s first meeting the following day is one that he would rather not have been having at such a time. The “digital hospital” project that had been launched with such fanfare at HealthSouth’s Birmingham campus some six months earlier is in trouble, and HealthSouth’s CEO, Richard Scrushy, is determined to grab Ellison while he’s relatively nearby.
HealthSouth personnel have turned up in force, but so have Oracle’s, with key members from Nussbaum’s team (known within Oracle as “Jay Inc.”) and John Wookey, a high-ranking developer who built large parts of the services version of Oracle’s ERP suite. Although Ellison is more than half an hour late, he and Scrushy seem quite happy to waste the first five minutes chatting about airplanes. But when Scrushy gets going, it’s clear he’s livid, accusing Oracle of falling down on the undertakings it made when the project was announced. Ellison starts off by recapping what his understanding of Oracle’s commitment is. Oracle, he says, is responsible for creating an architecture, an “information heart,” for the hospital’s clinical and administrative systems—a central repository for applications to place and retrieve information. The idea is for Oracle to establish a common data model that all the other vendors involved in the project can easily write to. “We want to make the integration trivial,” says Ellison. “Has anything changed?” He implies that if there is a problem, it must be because other vendors are not cooperating.
After protracted attempts at negotiating the HealthSouth contract, Ellison decides he’s had enough of the whole sorry mess.3 The health care initiative that means so much to Oracle now has its own momentum thanks to the relationships that John Wookey has built with other partners. And Ellison will be very happy not to spend any more time with his fellow flying enthusiast Richard Scrushy. Even when the digital hospital project was in its promising infancy, there was something about Scrushy that troubled him, but now he can’t stand the sight of the man.
• • •
The postmaster general’s large office faces south with views across the Potomac and to the Pentagon beyond. From where we’re sitting, it’s not difficult to see where the American Airlines Boeing 757 plowed into Washington’s most formidable building. Although Ellison, Jay Nussbaum, and Kevin Fitzgerald (the sales executive Oracle recently poached from archrival Siebel) have come to sell software, everyone seems uncomfortable about raising the subject. Ellison asks Jack Potter, a large, rather shambling veteran of the postal service who has been in the top job for five months, how September 11 has affected his business. Potter reckons that he’s already suffered a $500 million loss of revenue, but he’s relieved that, miraculously, given the number of postal workers in lower Manhattan, he didn’t lose any people. Now he’s worried about the envelopes containing anthrax powder that have turned up in Washington, D.C., and New York. (He could not know that the next fatality in the terror campaign would be a worker in a Washington, D.C., sorting office.)
Ellison’s pitch is the best and simplest there is: Your biggest commercial rival is UPS, and we’ve transformed its business with software called Advanced Planning and Scheduling. UPS, says Ellison, has achieved huge cost savings. With more than 250,000 vehicles to manage and dispatch, making the postal service the biggest logistics business in the United States, the potential for efficiencies is staggering, but only as long as there is enough flexibility within the organization to allow the new systems to work. Although the issues facing Potter are very different from those of the security agencies, Potter says that because of the crisis the time for doing something ambitious is right. It
’s not the only time we’ll hear that sentiment while we’re in Washington.
In a recent interview in Catalyst magazine, Health and Human Services Secretary Tommy Thompson painted a picture of IT chaos within the department with the biggest budget—$436 billion—in the federal government: “We have over 3,000 different servers and 2,900 IT staff. We have 1,200 different computer systems with different e-mail capabilities, some of which do not communicate with each other. We have 63,000 employees but 83,000 workstations. We have 12 operating divisions, all of which set their own IT systems, their own bookkeeping systems, their own budget, their own lobbying and PR systems. They go their own ways on human resources, grants management, acquisitions, and logistics. We have 2,000 Web sites with 800,000 pages and 981 toll-free numbers. In one division, I found we had 5 financial systems, 13 grant management systems, 6 acquisition systems, 6 personnel systems, and 13 separate e-mail systems. Now, how do you run a department like that?” It will be interesting to see whether Thompson’s appetite for radical reform has survived the journey from the governor’s mansion in Madison, Wisconsin, to HHS’s vast neo-Stalinist fortress at 200 Independence Avenue. It’s also Ellison’s chance to float his Other Big Idea, the one about a single national medical records database.
Jack Kemp, onetime Republican vice presidential candidate and an Oracle board member, has helped to fix the meeting with Thompson and is there to meet us under a bust of Hubert Humphrey, a politician of a very different stripe. Kemp is an affable man with a disconcertingly loud voice and a mop of carefully sculpted white hair.
When we arrive in Thompson’s office, he seems genuinely thrilled to meet Ellison and insists on going through a rather ridiculous performance, seating a slightly embarrassed Ellison at his desk and having him pose for a photographer as “acting secretary.” With these jollities out of the way, Thompson, a small man with rather florid features, opens the conversation with a statistic that could have come straight from Ellison’s own mouth: “As many as ninety-eight thousand individuals allegedly died last year from medical mistakes. Most of those deaths were caused by the administration of drugs and drug interactions.” The cause, says Thompson, is the antiquated way in which prescriptions are made out and drugs distributed. “The lack of technology in our hospitals,” he says, “is an absolute disgrace.”
Softwar Page 55