MessageFrom: Hoogstra, Kenneth [khoogstra@thelenreid.com] Sent: Thursday, April 01, 2004 11:26 AM To: rule-comments@sec.gov Subject: File No. S7-14-04 As an employee in the Word Processing department of a law firm, I have a couple specific concerns with the new Form ID process (based on a reading of the Draft 8.7 Filer Manual): 1. What exactly is required as "authentication documentation" for a Form ID? Is a signed and notarized copy of the form, printed after completion on the website, enough? Or does there have to be a separate cover letter with a signature? 2. Many companies use filing agents and never access any EDGAR website using their own access codes, so they would never create a passphrase and often do not update company information. But there are situations where we, as their filing agent, are asked to perform certain tasks for them. For example: We were recently asked to create a Form ID (under a client company's signature) to apply for new access codes for the client company, an existing electronic filer who changed law firms and whose access codes were either unknown or unavailable. As I understand the new procedure, according to Section K.6.1, we could not apply to generate new codes without a passphrase for the client company. We could not create a passphrase for the client company as we had done for our own CIK (using the Create Passphrase page) because we do not know the company's current password. I assume we would then have to create a passphrase for the company using Update Passphrase on the EFMW, and the client company would have to fax an authentication document. Section K.6.2.2 requires that the authentication document "includes the information contained in the filer's Form ID," but we are not filing a Form ID (and indeed can no longer use a Form ID to request new access codes), only trying to create a passphrase so that we can then generate new access codes. Our next problem would be receiving notification that the passphrase was accepted. Section K.6.2.3 states that "A notification message stating the SEC's disposition of the request will be sent to the e-mail address provided in the request." However, according to Figure K- 34, there is no place to specify an e-mail address in an Update Passphrase request. Later, in Section K.7, it is stated with regard to notification messages that "These messages will be sent to [1] the e-mail address specified by the requestor or to [2] the filer's e-mail address of record. If they are associated with a valid CIK, [3] they will also be posted to the EDGAR Filing and OnlineForms websites." However, it is likely that none of these three notification methods would work in this case: (1) there is no place for the requestor to specify an e-mail address on the Update Passphrase form; (2) the "filer's e-mail address of record" could easily be a departed employee of our client company or an employee of their previous law firm -- if the company doesn't know its current access codes, it has probably not kept its company information current; and (3) we could not access the posted notification on either of the websites because we do not have the current access codes that we are applying to change. How would this work?