Databases and Privacy

A couple of stories made an interesting juxtaposition today. First read this story about information marketers scouring public records to compile personal information. Note the emphasis on cross-linking data from various sources to provide more information than any one source did - databases are synergistic. Now read this column about David Nelson, and its follow-up.

Some comfort

[rgmoore]

From the Courant article:

While infoUSA allows access to virtually anybody who logs onto its website, ChoicePoint screens subscribers.

I'm not sure which is scarier, the idea that these databases are being opened to anyone who has a credit card and a willingness to snoop on their neighbors, or the idea that they should be restricted so that only "legitimate" businesses like telemarketers can get it. One way you don't know what kind of lowlives are going to use the data to ruin other people's lives. The other way, many potentially legitimate users will be shut out but some slimy people will still have access because the companies selling the data don't have the same views as ordinary people about which businesses really ought to see it. I guess that's the general problem with data like this; it's tough to know who is going to misuse it until it's already too late, so it's almost impossible to make it available without it causing problems.

DARPA

[anaesthetica]

Looks like we don't even need to worry about Total Information Awareness, Carnivore or our FBI files. The corporations are going to do all the work towards the police state, at the low low rate of $8 a record!!! They gather our information, they push for laws to restrict our freedom and extend the control of a few over cultural symbols, means of communication, and ideas themselves.

"Fascism should more properly be called corporatism, since it is the merger of state and corporate power"-- Mussolini (I think)

Good thing databases are perfect!

[plopez]

Seriously, I spend a large amount of my time working with gov't. and private databases and info sources. Reconciling different views of the universe is nearly impossible. WHen I read about people cross referencing databases the amount of checking, QA and scrubbing required to have any confidence in the results iis horrendous.

Example: person A gives you a download from thier database into a SS, person B (who may actually work for the same agency or company) supposedly gives you the same information but the 2 version do not match.

And this is assuming that there are other areas where they may or may not be in alignment (e.g. abbreviations, type of info gathered, spelling variations etc.).

Now take the combinatorics of tens of thousands of gov't and private DB's, and you will understand that:
1) A good clean DB is horrendously expensive.
2) Driven by the profit motive, most compaies are unwilling to take the time and spend the money to properly QA and scrub thier data.
3) Much of the cross matching is therefore useless due to noise.
4) TIA is totally bogus. See above.
5) Having some anonymous DB of information tracking your life is very scary.

Re:Good thing databases are perfect!

[ratboy666]

But the information doesn't have to be scrubbed. All we need is a LOT of it. Don't assume that the people doing the correlations are stupid. For example, you left information in your post above.

From your post, I deduce that you have a college level (post-secondary) education [spelled anonymous correctly]. You are not a "professional" typist. [misstyped "their" as "thier". Confirms first point, you didn't use a spell checker]. Since you used "QA" and "DB", you have familiarity with, or work in the Information field. You used the expression "totally bogus". From this, I deduce you are between 22 and 37 year of age.

I could go on. But I won't. This type of information can be extracted from (say) 10 minutes of your life.

The point I am making (and one of the articles was making), is that it is possible to track EVERYTHING. ALL the minutes of your life.

Nothing by itself may be relevant, but it is possible to uniquely identify a person by 3 or 4 markers. These markers may vary, but they CAN be pulled together. TIA is GOING to pull them together. Indeed, private companies are doing it.

"They" are going to know us better than we know ourselves.

And, it seems that only reasons are to prevent a few people from blowing things up, and to sell us more razorblades.

Ah well, progress.

Ratboy.

Re:Good thing databases are perfect!

[stanwirth]

Actually, governments and corporations are very willing to spend tremendous amounts of money on:

• data cleansing and QA
• data warehousing
• surrogate key generation
• data correlation
• data mining
• geocoding (linking an address to a lat/lon, identifying the lat/lon with a neighborhood, municipality, county, state, country; linking a lat/lon to an address)
• database integration
• data migration
• legacy systems
• data audit trail generation
• dataset purchases

It's not "impossible" to reconcile different data on the same subjects, it's just a whole lot of work, much of it analysis and data discovery, and being able to do the work typically requires that you be familiar with a variety of RDBMS's, billing engines, debt engines, file formats and platforms. The combinations are almost endless.

Take heart. You'll start seeing the same kinds of problems over and over: middle initial vs. middle name, spacing and capitalisation issues, address data entered as a small number of big long strings that needs to be parsed out into attributes, date/time format inconsistencies, record doubling, data integrity issues (1 supposedly unique key identifying multiple distinct records), data accuracy issues (data way out of range, data incorrect), null values with meaning, attributes used to identify a range of different things, "smart keys" that are not so smart being used to code everything about a customer in 8 characters, and so on and so forth. And you'll know to look for these "usual suspects" first, and develop some standard ways of dealing with them.

Metadata management and ETL tools make the job easier, but as you say, data are imperfect. There are plenty of legitimate applications--every merger, acquisition and JV is yet another opportunity for some more mind-numbing, back-breaking, soul-destroying, spirit-crushing DB work. Oh goody. That's why they call it "work," I suppose. I'm surprised the work Neo was doing in The Matrix -- before he found his "calling" so to speak--was something as creative and interesting as software development. The real grind is the big databases. As you so aptly point out.

Many industries have, as their primary asset, data and data only . Banking and insurance are the classic examples. Companies in these industries are certainly willing to invest in their most important asset, because just about all the money in the world is in databases.

A database is like a gun. It can protect you, it can kill you. You can shoot yourself in the foot, somebody else can take you out in a 'hunting accident.'

The difference between a database and a gun is that a gun needs someone behind it pulling the trigger. A database, OTOH, has triggers that can fire based on whatever criteria's been set--like when a 'David Nelson' tries to fly to Peoria. Yah, it's scary, all right.

DMV

[RightInTheNeck]

It was just last year that myself and the other people of Missouri were shocked to find out that the local DMV was selling our personal information to the private sector. Unbelievable, a state goverment run institution that essential everyone who wants to drive and own a car has to deal with. Thats what I call being forced to opt-in.

Random Lies

[miu]

I only give good info to my bank, insurance company, employer and the government.

Anyone else? I Lie. Sometimes I'm a yak herder with a yearly income of ~$6000, other times I'm a "Decision Maker" with a yearly income of $800k+.

I used to get frustrated and angry when asked for personal info. Now I wind up happy because I'm stickin' it to the man, and the shlub collecting my info is happy because he didn't get called a nosy fuckhead by an irate stranger.

Re:Random Lies

[Cygnusx12]

Anyone else? I Lie. Sometimes I'm a yak herder with a yearly income of ~$6000, other times I'm a "Decision Maker" with a yearly income of $800k+.

As someone who used to work in database aggregation with this sort of data. I can tell you that we corrollated income as a function of your home value. (Which is freely available right down at your local county court house in most states).

You typically don't have 800k/yr decision makers living in 12k/yr apartments. There's a process in compilation here, they don't just enter this into a database and sell it.

Carnival Booth Attack

[smiff]

Once again, proof that passenger screening is counter-productive.

Google

[Hatta]

Speaking of corporations building databases, Google does this too. From GoogleWatch:

Google records everything they can:

For all searches they record the cookie ID, your Internet IP address, the time and date, your search terms, and your browser configuration. Increasingly, Google is customizing results based on your IP number. This is referred to in the industry as "IP delivery based on geolocation."

Seeing as Google provides as much as 75% of referrals, this is an enormous amount of very sensitive information. From the behavior of other internet companies, it's unlikely that google would fight a subpoena for this information, some companies even hand over data on simple request. The threat exists today that one may end up on a terrorist watch list simply because of their searching habits. You may not even even know you've been red flagged.

Forget it -This horse is long out of the barn

[rdewald]

I work in information privacy and security in health care. The situation is already beyond repair. The only thing giving anyone in the industrialized world any semblance of privacy is sheer numbers.

I can take your last name, gender, a guess about your age within five years, a guess about what region of the US in which you live, and right here, from the very terminal from which I type this message, probably determine where you have lived for the past seven years, your neighbor's names, your family members' names, your social security number, your driver's license numbers, any public records (criminal, civil, real estate) in less time than it takes to reload slashdot on a busy saturday afternoon.

The key is that the results I get back will be fuzzy, I'll have to try to make sense of them, and not all of the hits will be accurate. But anyone with a brain can sense a "theme" running through the hits and nail your ID beyond a reasonable doubt.

Think you're off the grid? Only if you have never applied for utilities or credit of any kind, never gotten a publicly issued license, and never graduated from any school. If all that's true, why would I be looking for you anyway? You can't buy anything.

We need to collectively grow up here. It's not about limiting our invasions of privacy, we need to be licensing and bonding people who can mine it, like we license doctors, attorneys and cops.

The information really is out there, and it really is indexed, and it really is being used. That's why these Internet cookie monsters are so bold and shameless. They're not doing anything new and they know it.

Liberty and Security

[Poeir]

From the article, "They [David Nelsons] realize there are trade-offs between liberty and security."

That trade-off would be, "We, the Government, take your liberty, and give ourselves security."

Subvert the system for fun and profit

[arikb]

It is obvious that privacy is an illusion. Once the information is out there and can be correlated, there is virtualy nothing you can do to keep it out of anybody's hands.

There is a way, however, to maintain your privacy where it matters. They want to collect information on you? Fine, let them. But insert some misleading data into those records. Here is just one way to do it:

Take two persons, of similar hight, eye color, skin color and hair color. They are good friends and developed a relationship of trust between them. They are not criminals and have no criminal intentions. These two persons can each have two copies of their identfications - say, two copies of a driver's license (say one is "lost"...). One copy they of course give to the other one. One of them must be the 'good person' and one must be the 'bad person'.

Now imagine one of these persons is stopped for a traffic violation. He hands over the 'bad person' ID, and the traffic violation is registered on his name. He doesn't own the car, though - because the car is registered to the 'good person'. When it's time to pay insurance, and the 'good person' record is being pulled, it's a clean slate.

The sample here is sketchy at best, won't work if the car history is checked as well (unless...), and I don't want to give any more ideas to anyone here, but it is possible to fake the records just such - have someone else buy your house, and have a contract with this person saying he has no claim in it, switch salaries with your neighbour, bank accounts... If it has a purpose.

Don't do it 'just to spite', because every such transaction has an inherent danger, but if done right and to an end, it can be beneficial to the people involved, despite the best efforts of those information correlators to the contrary.

Oh, yes, standard disclaimer apply, use this information at your own risk, don't come yelling to me, it's probably highly illegal, be warned.

Here's a scary database . . .

[jaske]

A database that appeals to Mom's, grandma's and any Hallmark-loving sucker with a modem:

http://www.anybirthday.com

It's got that great hook: birthdays (so sweet and innocuous)! And of course you can "remove" yourself from the database. The only question is what happens once you remove yourself, and confirm your birthday, identity, etc.

David Brin had it right

[A+nonymous+Coward]

In Transparent Society, he said we can't keep that privacy, like you say, it's long gone from the barn. But trying to restrict who gets to see it is also a long gone horse. The rich and powerful will always have access, legally and openly or otherwise.

Best to let EVERYBODY look at ALL info. Right now, the rich and powerful can look at everybody's info, but (1) we don't know it, and (2) we can't look at theirs.

I'd rather be able to look at everybody's info, including the rich and powerful, even at the tradeoff of knowing that my neighbors are looking at mine.

The problem isn't that the info is available. The problem is that it is only available to the rich and powerful.

I just called...

[Barkmullz]

But he does say that people who want to see if their name is on either list or who want to make a complaint, can call the agency's contact center at 866-289-9673 or send an e-mail to TellTSA@tsa.dot.gov.

- "Hi, my name is Rob Malda, am I on the list?"

- "You are now." [click]

I work for a "Risk Management" company..

[booms]

And honestly, you'd be surprised how many privacy laws we have to follow (which is a good thing). For instance, we only sell accounts to people who have a legitimate purpose for searching information (such as insurance companies when you apply for insurance, law enforcement agencies to track down criminals, collection agencies who are trying to track down people who skip payments, etc.). If I were to search for information about someone besides myself or others in the development team whom have agreed to let me search their names, even when testing, I'd be fired within the hour. We have a compliance department who keeps track of all searches, has to report them to various authorities, etc. If someone searches for someone marked as a celerbrity, their account is shut down within minutes and one of our compliance people is on the phone getting documentation about why they searched for that name. In fact, the applications to get to the data we sell are quite nasty, and we only have a very narrow scope of people that we can sell data to.

I think in general, personal data is protected more than you would think (at least public records, credit agency data, etc)-- I really have no idea how these 'unscruplous' companies get by with public data without having anyone come down on them. I'm a privacy & security advocate, and I don't feel what I do crosses my moral boundries (at least at this point).

Re:I work for a "Risk Management" company..

[TrackDaddy]

Not to offend, but... GIVE ME A FSCKING BREAK

Now, lets talk about how it works in the real world. I wanted a copy of my credit report, so I tried using www.freecreditreport.com (it's not really free, but hey, good marketing). When I submitted my request and tried to set up my account, I was given an error that my password was incorrect. Now, never having set up an account, I thought "hey, this is odd". So I called their 800 number and promptly found out that I did indeed have an account. After about 5 minutes of social engineering, I had the e-mail address that was associated with "my" account. Low and behold, it belonged to a guy that had received a copy of my rental application (yes it is legal for him to get a credit report, but not by impersonating me).

So, I said to the helpful young man on the phone "you've given my information to someone impersonating me". His response, and that of his supervisor was to tell me I should go file a police report. When I asked if they would take any action, the answer was a very resounding "NO".

So, I called back a few minutes later, with my new-found e-mail address and talked to another helpful gentleman whom I convinced to change the password and e-mail address on the account so that the previous dirt-bag would be locked out.

That is how things work in the real world. The companies who compile/manage/sell this information do not give a flying-frig about access control as long as money changes hands along with the data. If someone wants your info, and they have your name and a few other facts... they can get all the juicy stuff w/in about half an hour. Your only protection is the sheer volume of bio-mass that makes up the target group.

Re:I work for a "Risk Management" company..

[booms]

Like I said, I don't know how other companies get around all of the various laws. He also violated FCRA by getting information about you which was used in a decision to "allow or deny credit" without it being a place which is certified for that, which is a pretty nasty penalty as I understand it. I don't know the specifics, as IANAL.

I can see why the local police would probably not do much about it to be honest, but they are lazy for not pointing you in the right direction. If you want, I can ask around to see who the proper authorities would be to report this occurance to.

The ChoicePoint Way

[Valdrax]

I'm not sure which is scarier, the idea that these databases are being opened to anyone who has a credit card and a willingness to snoop on their neighbors, or the idea that they should be restricted so that only "legitimate" businesses like telemarketers can get it.

Considering the recent actions of ChoicePoint, I find the latter far more scary than the former. At least with the former, I can log into their site and see what they say about me. I can't do that with ChoicePoint. Imagine how different things might be in our country right now if all the banned voters in Florida had been able to see that they were incorrectly on the list before the last Presidential election.

Friends don't let friends pay with credit cards

[zakezuke]

I'm still a traditional fan of cash, rather then a credit card for most daily transations. It has the benifit of being remarkably easy to budget, as in alocate daily spending, impossible to go over your self imposed set limits. But importantly, it's none too traceable.

I may be slightly paranoid, but after buying electronic goods at a shop, I got a phone call within days asking me how i'm enjoying my thingie. It's like, "how did you get my number, I didn't give it to you".

I guess I have in the past given my personal info to radio shack to get free batteries, and actually they send me a christmas gift certificate every year... and actaully I enjoyed getting their catalogs back when they actually had them.

But the point i'm making is, cash is a remarkable means to provide some privacy. Not that you can't get away from things like morgages, cars, air line tickets, and other larger purcahces, but there is some info that random people don't have the right to know, like an employer checking to see if you buy alot of porn or booze.

privacy vs openess (free vs. totalitarian)

[Broadcatch]

The problem isn't that the info is available. The problem is that it is only available to the rich and powerful.

And it's only getting worse!

One of the fundamental contrasts between free democratic societies and totalitarian systems is that the totalitarian government [or other totalitarian organization] relies on secrecy for the regime but high surveillance and disclosure for all other groups, whereas in the civic culture of liberal democracy, the position is approximately the reverse. -- Professor Geoffrey de Q Walker, dean of law at Queensland, critiquing ID cards (1986)