Slashdot Mirror

← Back to Stories (view on slashdot.org)

Databases and Privacy

Posted by michael on from the bonfire-of-the-privacies dept.

A couple of stories made an interesting juxtaposition today. First read this story about information marketers scouring public records to compile personal information. Note the emphasis on cross-linking data from various sources to provide more information than any one source did - databases are synergistic. Now read this column about David Nelson, and its follow-up.

2 of 173 comments (clear)

  1. DMV by RightInTheNeck · · Score: 5, Interesting

    It was just last year that myself and the other people of Missouri were shocked to find out that the local DMV was selling our personal information to the private sector. Unbelievable, a state goverment run institution that essential everyone who wants to drive and own a car has to deal with. Thats what I call being forced to opt-in.

  2. Re:I work for a "Risk Management" company.. by TrackDaddy · · Score: 5, Interesting
    Not to offend, but... GIVE ME A FSCKING BREAK

    Now, lets talk about how it works in the real world. I wanted a copy of my credit report, so I tried using www.freecreditreport.com (it's not really free, but hey, good marketing). When I submitted my request and tried to set up my account, I was given an error that my password was incorrect. Now, never having set up an account, I thought "hey, this is odd". So I called their 800 number and promptly found out that I did indeed have an account. After about 5 minutes of social engineering, I had the e-mail address that was associated with "my" account. Low and behold, it belonged to a guy that had received a copy of my rental application (yes it is legal for him to get a credit report, but not by impersonating me).

    So, I said to the helpful young man on the phone "you've given my information to someone impersonating me". His response, and that of his supervisor was to tell me I should go file a police report. When I asked if they would take any action, the answer was a very resounding "NO".

    So, I called back a few minutes later, with my new-found e-mail address and talked to another helpful gentleman whom I convinced to change the password and e-mail address on the account so that the previous dirt-bag would be locked out.

    That is how things work in the real world. The companies who compile/manage/sell this information do not give a flying-frig about access control as long as money changes hands along with the data. If someone wants your info, and they have your name and a few other facts... they can get all the juicy stuff w/in about half an hour. Your only protection is the sheer volume of bio-mass that makes up the target group.

    --
    Run! There's a lobster loose!