I cannot tell you exactly what the readership of this Blog is but I can tell you it has grown dramatically over the past few months. Hopefully, some credit goes to content and the fact we are trying to deal with an issue of importance to all of you: Your privacy. Particularly when it comes to your name and personal data.
My grass-roots movement believes you should have control over this private information and be paid each time it is sold. The goal is to pass federal legislation that will give individuals this control, but we are dealing with an unusually high level of complacency in the country today due to a number of reasons which include busy schedules and other priorities. I understand, but that does not alleviate the problem.
George Orwell did predict today’s identity crisis in his classic novel, 1984. Go to Jackie Jura’s site, “Orwell Today,” for some fascinating reading about Big Brother’s Surveillance activities. Anything the main character, Winston, did was being observed by the Party. It doesn’t take a rocket scientist to see the stark similarity between this and Bush’s use of spying techniques at the National Security Administration (NSA).
If you look up the word complacency in the dictionary, it is defined as a “quiet satisfaction; contentment; often self-satisfaction, or smugness.” I like the last one, smugness, because many of us are smug in our feeling that there’s no way we could “really” lose our privacy rights in this great country. And then came the Patriot Act, followed by the massive personal data breaches of 2005, and most recently, the NSA spying.
I received a comment recently that expresses Orwell’s hopelessness in 1984. The responder said: “Jack it will not get any better.” This was a reflection on the greed of the merchants of your name and personal data, and how money is the only object. There was another bit of pessimism I share, the fact your data will never be secure. Your protection and privacy will always play second fiddle to the bottom line. Unless…we all join together to take control over this private information.
Maybe it is time for an independent political party based on individual privacy, with a platform of all citizens taking control over their names and personal data, and at the same time getting a piece of the action. Something to rev up the masses and get some action on this issue! We could combine the stand on privacy with other topics of concern like animal rights, environmentalism and political reform, to name a few.
I would really like to hear your comments on this idea, since the general attitude toward politics today is that we need drastic changes from the top down. Based on the unsatisfactory track record of the Republican and Democratic Congressional leaders, and, certainly, the incompetence of the current administration, people are ready for change. So, please send your comments re. whether you are open to an independent party concept that would include the protection of your privacy.
You might be interested in the fact that fifty years ago, when party identification was a badge of honor, only 23 percent of the population was registered as independent. Today it is 40 percent, which reflects the enormous dissatisfaction level Americans have with the two major parties. We need to develop a new kind of politics, constitutionally rooted, and with a return to the values promised all of us by the 4th Amendment: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated…”
However, we can’t do it with a complacency level that far outweighs the commandeering of our privacy on a daily basis by government and business. You be the judge and let me know.
Sunday, February 26, 2006
Sunday, February 19, 2006
And the Breach Goes On...53 Million and Counting
As if to the sound of trumpets and a rapid drum roll, the data breaches march on. Fifteen since the first of the year, according to the Privacy Rights Clearinghouse, bringing it to a total of over 53 million consumer names, since the ChoicePoint incident in February of 2005. A record to be proud of, if you are an ID thief. If you aren’t…appalling.
Let’s start with Ameriprise Financial, a late December 2005 happening, reported in ’06. A stolen laptop with data including 158,000 names, account and Social Security numbers. The Atlantis Resort in the Bahamas had 55,000 customer ID’s stolen; credit card and bank account numbers were involved. People’sBank of Connecticut lost a tape with data on 90,000 customers that included names, addresses, SS#’s, and checking account numbers. The Boston Globe newspaper says it accidentally released sensitive data on up to 227,000 subscribers, composed of names and credit card numbers.
But here’s one for the books. Providence Home Services, a medical services provider in Oregon, was relieved of tapes and disks holding confidential data on 365,000 patients, and, you probably guessed that it was Social Security numbers, some financial records, but this time…also clinical information. And here’s the stupid trick of the century. The data was stolen from a Providence employee’s car, because the company is apparently too cheap to maintain a backup in a secure location, like most large firms do. Providence gave the data to designated employees to take home nightly, instead. Now I’ve heard it all.
It is for the combination of data brokers’ faulty security, dishonest employees and just dumb moves like the above, that I started my grass-roots movement to pass federal legislation giving consumers control over their names and personal data. It is the only way to stop this madness.
All of these 2006 breaches occurred around the time the Federal Trade Commission (FTC) was levying a fine of $15 million against ChoicePoint, because its record-handling procedures violated consumers’ privacy rights and federal laws. ChoicePoint had three breaches in 2005, losing a total of 171,903 personal records. Throwing more fuel on the fire, the SEC is looking at stock trades made by Derek Smith, CP’s CEO, and Doug Curling, COO, due to a combined $16.6 million in profit they made after the first breach, but before making this public.
In the Golden State Blog, Michael Hiltzik reports on ChoicePoint’s move to get California’s 30 million vehicle registration records for their client, the U.S. Department of Homeland Security. This, after the state of Pennsylvania terminated this arrangement with CP in 2000, fining the company $1.4 million for selling some records to unauthorized purchasers. Hiltzik also talks about the awarding of an $845,500 contract to CP by California Attorney General Bill Lockyer at the same time he was investigating the company.
Your “friendly” Internal Revenue Service has apparently determined that ChoicePoint is OK, inaccurate data and all. The Government Computer News, in an article by Doug Beizer, notes that the IRS has awarded CP a contract to call up information such as your current and former address, property ownership records, bankruptcy, and liens or judgments against you. Based on my experience in junk mail, I know something about the transfer of data, based on the client’s needs. The IRS will have to supply CP with something to validate that they are receiving data on the correct individuals, and that would include a minimum of name and address and probably a Social Security number.
Back in March of 2005, Democratic Senator John Conyers, Jr. from Michigan requested an investigation of ChoicePoint contracts. I have “Googled” this subject from every angle and can find no action, which isn’t surprising, with the GOP’s emphasis on business interests, not the consumer. But Senator Conyers was on the right path. From the Electronic Privacy Information Center (EPIC), Pam Dixon of the World Privacy Forum states that ChoicePoint’s information reports have a very high error rate. Try 90 percent, and some of them are serious.
One breach victim, Elizabeth Rosen, caught errors on five of her six-page report. Richard Smith, a privacy expert, said his report contained more inaccurate than accurate data. Deborah Pierce was falsely listed with a “possible Texas criminal history.” So, are we agreed that our personal data is constantly in harm’s way and that ChoicePoint is only one of several data brokers that have it warehoused?
If your answer is yes, here’s another reason why you made the right choice. John Ashcroft, Bush’s former Attorney General who was barely confirmed by Congress for the job, is lobbying for ChoicePoint. Apparently Ashcroft’s incompetence makes no difference, since his alma mater, the Justice Department, awarded a multibillion-dollar contract to Oracle Corp. only a month after they hired Ashcroft. Most say the ex-AG is trivializing the office since he is the first in thirty years to take advantage of his former position. I say it’s purely greed, and ChoicePoint will also reap similar benefits to those of Oracle.
George Orwell’s 1984 did predict the present-day identity crisis. The current consumer mood that we can allow the use of our personal data by business and government in return for favors, but still maintain even a minimum of our privacy, is “doublethink” at its best. I am not asking for the moon. If I should not be in control of my name and personal data, who should? In the United Kingdom, it is the government. In the U.S. it is big business, and that should scare all of us right out of our complacency.
Let’s start with Ameriprise Financial, a late December 2005 happening, reported in ’06. A stolen laptop with data including 158,000 names, account and Social Security numbers. The Atlantis Resort in the Bahamas had 55,000 customer ID’s stolen; credit card and bank account numbers were involved. People’sBank of Connecticut lost a tape with data on 90,000 customers that included names, addresses, SS#’s, and checking account numbers. The Boston Globe newspaper says it accidentally released sensitive data on up to 227,000 subscribers, composed of names and credit card numbers.
But here’s one for the books. Providence Home Services, a medical services provider in Oregon, was relieved of tapes and disks holding confidential data on 365,000 patients, and, you probably guessed that it was Social Security numbers, some financial records, but this time…also clinical information. And here’s the stupid trick of the century. The data was stolen from a Providence employee’s car, because the company is apparently too cheap to maintain a backup in a secure location, like most large firms do. Providence gave the data to designated employees to take home nightly, instead. Now I’ve heard it all.
It is for the combination of data brokers’ faulty security, dishonest employees and just dumb moves like the above, that I started my grass-roots movement to pass federal legislation giving consumers control over their names and personal data. It is the only way to stop this madness.
All of these 2006 breaches occurred around the time the Federal Trade Commission (FTC) was levying a fine of $15 million against ChoicePoint, because its record-handling procedures violated consumers’ privacy rights and federal laws. ChoicePoint had three breaches in 2005, losing a total of 171,903 personal records. Throwing more fuel on the fire, the SEC is looking at stock trades made by Derek Smith, CP’s CEO, and Doug Curling, COO, due to a combined $16.6 million in profit they made after the first breach, but before making this public.
In the Golden State Blog, Michael Hiltzik reports on ChoicePoint’s move to get California’s 30 million vehicle registration records for their client, the U.S. Department of Homeland Security. This, after the state of Pennsylvania terminated this arrangement with CP in 2000, fining the company $1.4 million for selling some records to unauthorized purchasers. Hiltzik also talks about the awarding of an $845,500 contract to CP by California Attorney General Bill Lockyer at the same time he was investigating the company.
Your “friendly” Internal Revenue Service has apparently determined that ChoicePoint is OK, inaccurate data and all. The Government Computer News, in an article by Doug Beizer, notes that the IRS has awarded CP a contract to call up information such as your current and former address, property ownership records, bankruptcy, and liens or judgments against you. Based on my experience in junk mail, I know something about the transfer of data, based on the client’s needs. The IRS will have to supply CP with something to validate that they are receiving data on the correct individuals, and that would include a minimum of name and address and probably a Social Security number.
Back in March of 2005, Democratic Senator John Conyers, Jr. from Michigan requested an investigation of ChoicePoint contracts. I have “Googled” this subject from every angle and can find no action, which isn’t surprising, with the GOP’s emphasis on business interests, not the consumer. But Senator Conyers was on the right path. From the Electronic Privacy Information Center (EPIC), Pam Dixon of the World Privacy Forum states that ChoicePoint’s information reports have a very high error rate. Try 90 percent, and some of them are serious.
One breach victim, Elizabeth Rosen, caught errors on five of her six-page report. Richard Smith, a privacy expert, said his report contained more inaccurate than accurate data. Deborah Pierce was falsely listed with a “possible Texas criminal history.” So, are we agreed that our personal data is constantly in harm’s way and that ChoicePoint is only one of several data brokers that have it warehoused?
If your answer is yes, here’s another reason why you made the right choice. John Ashcroft, Bush’s former Attorney General who was barely confirmed by Congress for the job, is lobbying for ChoicePoint. Apparently Ashcroft’s incompetence makes no difference, since his alma mater, the Justice Department, awarded a multibillion-dollar contract to Oracle Corp. only a month after they hired Ashcroft. Most say the ex-AG is trivializing the office since he is the first in thirty years to take advantage of his former position. I say it’s purely greed, and ChoicePoint will also reap similar benefits to those of Oracle.
George Orwell’s 1984 did predict the present-day identity crisis. The current consumer mood that we can allow the use of our personal data by business and government in return for favors, but still maintain even a minimum of our privacy, is “doublethink” at its best. I am not asking for the moon. If I should not be in control of my name and personal data, who should? In the United Kingdom, it is the government. In the U.S. it is big business, and that should scare all of us right out of our complacency.
Friday, February 10, 2006
Alberto Gonzales, the "People's" Attorney General, Just Confirmed Bush's Ascension to BIG BROTHER
Attorney General Gonzales “testified” before the Senate Judiciary Committee this past Monday, “…refusing to answer even the simplest questions about the government’s illegal spying on Americans,” reports the American Civil Liberties Union. Still maintaining, lamely, as Bush has done repeatedly over the last few months, that the president already had the power to spy.
Responding to questions re. why the administration did not seek approval from the Foreign Intelligence Surveillance Act (FISA), “The short answer is: We didn’t think we had to, quite simply,” Gonzales said.
If you want an excellent guide to this fiasco, go to Tom Curry’s February article, “What is the NSA spying furor all about?” on MSNBC. There are 18 questions with answers that probe the very depths of this issue.
In a Slate February article, “Tapped Out,” by Patrick Keefe, he comments on the Justice Department’s refusal to furnish the Senate Judiciary Committee documents re. the legality of Bush’s warrantless eavesdropping. He goes on to compare the confrontation with the 1975 Church committee investigating the same issue code-named Shamrock, where the NSA enlisted the cooperation of then telecommunications giants RCA Global, ITT World Communications and Western Union.
When Church asked the telecom CEO’s to come to the committee and discuss Shamrock, they refused. The committee countered with subpoenas and they complied. Keefe makes the statement that Senator Arlen Specter, chairman of the investigating committee, should “invite” the CEO’s of AT&T and Verizon—why not all of them?—but thinks that probably won’t happen. Right now big business is very cozy with this administration’s position of cutting everyone out of the information loop but Bush loyalists.
Well, I think that Senator Specter had better consider talking to these companies, because they are the ones that control the mysterious “switches” that move telephone and e-mail traffic in and out of the U.S. Specter has even indicated his skepticism over Bush’s contention that he had the legal right to spy in another MSNBC article from the Associated Press in February, “GOP senator calls spying reasons ‘unrealistic”.
Exactly how much of our personal data is being filtered through these switches, and just how secure are they? Are there federal regulations that set minimum standards for protection? Are we sitting on another ChoicePoint/LexisNexis powder keg? Probably, and here’s why.
There are 113 mailing lists on the market under the general term “telecommunications.” They cover a broad range of lifestyles, some with your private information available, so I narrowed it to a few. They are all based on your land line telephone/cell phone number or your Internet address (ISP), and include all the major providers from AOL to Verizon. The personal data they collect varies from list to list, so reference to this will be general.
Among the lists I selected, they sell your age, ethnicity, phone number, income, occupation, education, how many long distance calls you made in and out of the U.S., medication taken and for what ailments, what you read and whether you gamble, where you travel, and more. This is, of course, only the data they sell, and does not include other private information you might have given up to get your telephones or Internet address. The point is, it’s all out there, winging through these secret switches, and grist for the ID thievery mill.
Common sense tells us that we have to make adjustments for immediate access to certain data by the government in national security cases involving individual privacy. My plan to pass federal legislation giving consumers control over their names and personal data makes this provision, but only with approval from the Foreign Intelligence Surveillance Act (FISA), which Bush conveniently skirted.
A little Congressional oversight might also be appropriate, along with individual notification. In other words, if everybody is checking everybody else, we just might be able to keep everybody honest.
Responding to questions re. why the administration did not seek approval from the Foreign Intelligence Surveillance Act (FISA), “The short answer is: We didn’t think we had to, quite simply,” Gonzales said.
If you want an excellent guide to this fiasco, go to Tom Curry’s February article, “What is the NSA spying furor all about?” on MSNBC. There are 18 questions with answers that probe the very depths of this issue.
In a Slate February article, “Tapped Out,” by Patrick Keefe, he comments on the Justice Department’s refusal to furnish the Senate Judiciary Committee documents re. the legality of Bush’s warrantless eavesdropping. He goes on to compare the confrontation with the 1975 Church committee investigating the same issue code-named Shamrock, where the NSA enlisted the cooperation of then telecommunications giants RCA Global, ITT World Communications and Western Union.
When Church asked the telecom CEO’s to come to the committee and discuss Shamrock, they refused. The committee countered with subpoenas and they complied. Keefe makes the statement that Senator Arlen Specter, chairman of the investigating committee, should “invite” the CEO’s of AT&T and Verizon—why not all of them?—but thinks that probably won’t happen. Right now big business is very cozy with this administration’s position of cutting everyone out of the information loop but Bush loyalists.
Well, I think that Senator Specter had better consider talking to these companies, because they are the ones that control the mysterious “switches” that move telephone and e-mail traffic in and out of the U.S. Specter has even indicated his skepticism over Bush’s contention that he had the legal right to spy in another MSNBC article from the Associated Press in February, “GOP senator calls spying reasons ‘unrealistic”.
Exactly how much of our personal data is being filtered through these switches, and just how secure are they? Are there federal regulations that set minimum standards for protection? Are we sitting on another ChoicePoint/LexisNexis powder keg? Probably, and here’s why.
There are 113 mailing lists on the market under the general term “telecommunications.” They cover a broad range of lifestyles, some with your private information available, so I narrowed it to a few. They are all based on your land line telephone/cell phone number or your Internet address (ISP), and include all the major providers from AOL to Verizon. The personal data they collect varies from list to list, so reference to this will be general.
Among the lists I selected, they sell your age, ethnicity, phone number, income, occupation, education, how many long distance calls you made in and out of the U.S., medication taken and for what ailments, what you read and whether you gamble, where you travel, and more. This is, of course, only the data they sell, and does not include other private information you might have given up to get your telephones or Internet address. The point is, it’s all out there, winging through these secret switches, and grist for the ID thievery mill.
Common sense tells us that we have to make adjustments for immediate access to certain data by the government in national security cases involving individual privacy. My plan to pass federal legislation giving consumers control over their names and personal data makes this provision, but only with approval from the Foreign Intelligence Surveillance Act (FISA), which Bush conveniently skirted.
A little Congressional oversight might also be appropriate, along with individual notification. In other words, if everybody is checking everybody else, we just might be able to keep everybody honest.
Thursday, February 02, 2006
This Administration Could Use Some Artificial Intelligence IV
I can’t seem to get off this subject. You might remember that the title stems from earlier articles that reveal this administration’s recent spying foray that was carried out by the National Security Administration. I reported that in their data mining for terrorist activity, they must have used an approach called artificial intelligence. It’s a form of predictive modeling we used in the junk mail industry to determine the habits of your everyday life, a technology that is just short of the human brain in its ability to reason.
I was ready to fight other dragons, until I heard Bush’s State of the Union message. It convinced me that he, thus the NSA, does not plan to back off from the steam-rolling collision course with the average citizen’s privacy. I repeat…average citizen.
Several polls have been taken re. whether the spying is right or wrong. Some count a majority for, some against. But it isn’t the international telephone call or e-mail to a terrorist that most citizens object to. It’s when innocent people get bundled into the NSA’s data mining operation that makes it wrong…and illegal. James Risen of the New York Times reported over 700 thousand people spied on over four years. Russell Tice, former NSA employee, says the eavesdropping could include millions of Americans.
Dan Eggan of The Washington Post wrote in a January 27 article, “Eavesdropping bill was abandoned in 2003,” that the Justice department was drafting legislation in 2003 to strengthen the USA Patriot Act, that would have provided legal justification for the current NSA spying. Bush, of course, had already issued the order to eavesdrop, but officials deny any connection. Sure. Why pass a law allowing you to do it if you’re already doing it?
To further confirm the wide sweep of spying activity, I refer to Risen’s December article in the New York Times that states: “…NSA technicians…have combed through large volumes of phone and Internet traffic in search of patterns that might point to terrorism suspects.” What this means is that the NSA data mining (artificial intelligence) gathers data on thousands, even millions of individuals, and puts this through the computer model.
But, in the modeling procedure, it is necessary to identify those individuals in which you are not interested, in order to find the ones you are targeting: the terrorists. In layman’s language, this is simply a matter of making comparisons for elimination. Therefore, innocent citizens are bundled into this enormous effort, with their personal data laid bare, just like the bad guys.
Back in December, the National Security Agency was caught placing persistent cookies on the computers of individuals visiting their Web site. “Persistent” means they hang around for a while, in this case until 2035. NSA did cease the practice once it was made known, but retained the use of temporary cookies that close when exiting the site. In a December 2005 Associated Press article, “Spy Agency Removes Illegal Tracking Files,” privacy advocates point out that cookies can also track Web surfing.
In 2003, the White House Office of Management and Budget prohibited any federal agency from using “persistent” cookies on their Web sites. Which makes this illegal, too. So, why isn’t Attorney General Gonzales at least looking into the possibility that someone is running amok at NSA? Or, was this whole mission of intrigue carefully planned from the beginning and approved right from the top?
CNN reported on December 19 in a piece titled, “Democrats call for investigation of NSA wiretaps,” that two prominent U.S. Senators, one a Republican, Arlen Specter, from Pennsylvania, the other Russ Feingold, Democrat from Wisconsin, have called for an independent panel to investigate the legality of Bush’s spying tactics. They are joined by House Minority Leader Nancy Pelosi; Minority Whip Steny Hoyer; Democratic Rep. John Conyers, the ranking member on the House Judiciary Committee; and Democratic Rep. Henry Waxman, ranking member on the House Committee on Government Reform.
Seems I remember reading somewhere that Bush welcomes the investigation. Either he’s mellowing out or Karl Rove has another spin cycle up his sleeve.
I was ready to fight other dragons, until I heard Bush’s State of the Union message. It convinced me that he, thus the NSA, does not plan to back off from the steam-rolling collision course with the average citizen’s privacy. I repeat…average citizen.
Several polls have been taken re. whether the spying is right or wrong. Some count a majority for, some against. But it isn’t the international telephone call or e-mail to a terrorist that most citizens object to. It’s when innocent people get bundled into the NSA’s data mining operation that makes it wrong…and illegal. James Risen of the New York Times reported over 700 thousand people spied on over four years. Russell Tice, former NSA employee, says the eavesdropping could include millions of Americans.
Dan Eggan of The Washington Post wrote in a January 27 article, “Eavesdropping bill was abandoned in 2003,” that the Justice department was drafting legislation in 2003 to strengthen the USA Patriot Act, that would have provided legal justification for the current NSA spying. Bush, of course, had already issued the order to eavesdrop, but officials deny any connection. Sure. Why pass a law allowing you to do it if you’re already doing it?
To further confirm the wide sweep of spying activity, I refer to Risen’s December article in the New York Times that states: “…NSA technicians…have combed through large volumes of phone and Internet traffic in search of patterns that might point to terrorism suspects.” What this means is that the NSA data mining (artificial intelligence) gathers data on thousands, even millions of individuals, and puts this through the computer model.
But, in the modeling procedure, it is necessary to identify those individuals in which you are not interested, in order to find the ones you are targeting: the terrorists. In layman’s language, this is simply a matter of making comparisons for elimination. Therefore, innocent citizens are bundled into this enormous effort, with their personal data laid bare, just like the bad guys.
Back in December, the National Security Agency was caught placing persistent cookies on the computers of individuals visiting their Web site. “Persistent” means they hang around for a while, in this case until 2035. NSA did cease the practice once it was made known, but retained the use of temporary cookies that close when exiting the site. In a December 2005 Associated Press article, “Spy Agency Removes Illegal Tracking Files,” privacy advocates point out that cookies can also track Web surfing.
In 2003, the White House Office of Management and Budget prohibited any federal agency from using “persistent” cookies on their Web sites. Which makes this illegal, too. So, why isn’t Attorney General Gonzales at least looking into the possibility that someone is running amok at NSA? Or, was this whole mission of intrigue carefully planned from the beginning and approved right from the top?
CNN reported on December 19 in a piece titled, “Democrats call for investigation of NSA wiretaps,” that two prominent U.S. Senators, one a Republican, Arlen Specter, from Pennsylvania, the other Russ Feingold, Democrat from Wisconsin, have called for an independent panel to investigate the legality of Bush’s spying tactics. They are joined by House Minority Leader Nancy Pelosi; Minority Whip Steny Hoyer; Democratic Rep. John Conyers, the ranking member on the House Judiciary Committee; and Democratic Rep. Henry Waxman, ranking member on the House Committee on Government Reform.
Seems I remember reading somewhere that Bush welcomes the investigation. Either he’s mellowing out or Karl Rove has another spin cycle up his sleeve.
Subscribe to:
Posts (Atom)