My back office suggestion is that the master user id and password be held by 
the back office.  The master user has the ability to open and close sub-user 
(i.e. individual trader) user ids and passwords.  So if a trader leaves, the 
back office master user can immediately turn off the user id for that trader. 
 They can react much more quickly than we can and certainly faster than 5 
days.  I suppose the remaining risk there is that the back office person is 
the disgruntled employee.



	Leslie Hansen
	07/20/2000 02:23 PM
		
		 To: Mark Taylor/HOU/ECT@ECT
		 cc: 
		 Subject: Re: Kennecott ETA

I agree that it's their responsibility for dealing with rogues.  However, 
Kennecott's position is that all they can do is notify us and rely on us to 
cut off access once they terminate an employee.  They cannot ensure that the 
employee doesn't write the password on his or her palm to take it with them.  
Apparently, they have had some bad experiences with disgruntled traders.  
Thus, their proposal that their notice must be by certified mail and the 
proviso that we have 5 days to act on the notice.

I have a question regarding the back office suggestion -- are you suggesting 
that no individual trader be given an id but rather you give the id to 
someone in the back office and the trader has to call that individual to 
actually submit a trade.  If that's not what you intend, even if the back 
office or control group holds the password, if the trader knows the password 
to get into EOL, what's to stop him or her from continuing to access EOL 
after leaving the company.  The back office can notify EOL that the password 
should be cancelled, but if we don't act on the notice, what is left for the 
CP to do.

Who should be my EOL contact on this issue and other ETA issues?

Leslie



	Mark Taylor
	07/20/2000 01:55 PM
		
		 To: Leslie Hansen/HOU/ECT@ECT
		 cc: 
		 Subject: Re: Kennecott ETA

You're right, we have not agreed to the final sentence with any of our other 
counterparties.  I doubt that the EOL people will let us do it (though we can 
always ask).  I have sometimes gotten counterparties comfortable with this 
issue by suggesting that the master user id and password should be held by 
someone in the back office, the control group or even the legal department so 
that when a trader leaves the master user can immediately shut them off.  It 
seems to me that this puts the risk and responsibility for dealing with 
rogues where it belongs - why should we be at risk if one of their traders 
decides to damage the company?  Having said that, I think that even without 
the last sentence requested we are probably in that position - if we have 
actually received the notice and request for termination of the password and 
don't do it, it would be very hard to defend if we kept doing trades and they 
can show they weren't authorized.



	Leslie Hansen
	07/20/2000 12:25 PM
		 
		 To: Mark Taylor/HOU/ECT@ECT
		 cc: 
		 Subject: Kennecott ETA

Mark:

As I mentioned in my voice mail, Kennecott Coal Sales has requested the 
following modification to the ETA:

Section 6(a) shall be revised to provide that Enron shall use reasonable 
efforts to cancel CP's master user password and/or user IDs upon receipt of 
notice from CP.  Notwithstanding anything in Section 6(e) to the contrary, 
all such notices must be sent by certified mail to Enron at the following 
address:   [TO COME], or such other address as may be specified by Enron from 
time to time.  The notice shall be deemed effective five (5) days after its 
receipt by Enron.  After the effective date of the notice, the Counterparty 
shall have no liability to Enron for any Transaction initiated with the use 
of the master user password and/or user ID identified in the notice.

Please advise.

Leslie