Passport Files of Presidential Hopefuls Snooped

CNN is reporting on the widening brouhaha that began when Barack Obama's passport file was accessed illegally on three occasions beginning in January. Now it seems that John McCain's file was also snooped; and that last year Hillary Clinton's file suffered the same fate. Ars Technica nails the real importance of these breaches, saying that the Presidential hopefuls are "...currently providing the country with a very public lesson in why the 'privacy advocates' who oppose initiatives like Real ID and the executive branch's domestic surveillance programs should really be called 'democracy advocates.' In short..., the entire incident shows exactly why citizens' privacy is critical in a country where citizens compete with one another for control of the government."

I guess you could spin this into anything

[The+End+Of+Days]

I see it as a reason that all passport information should be freely accessible to anyone who wants it. After all, it's owned by the public already. Full transparency is a more effective solution than full opacity because it's both easier to achieve, and eliminates abuses by making them uses.

Re:I guess you could spin this into anything

[StillNeedMoreCoffee]

"I wonder what the Ars Technica/privacy zealots who oppose RealID protection will say when the next hijacked airliner is crashed into a building."

I'm sorry, "RealID protection" I fail to see how having an ID is protection at all. The topic of course is about peoples private information being looked at. We currently don't know if it was given to anyone or what purpose the access was done. But I suspect that the passport information contains things like passport number and SSN and other identifying information. Well identity theft is a serious costly issue to all of us, now isn't it. I would imagine that the information in the passport file would contain some lovely information that could be used for identity theft. That of course would be rather dumb for the celebrities this article is about, but it seems that only some of the more important names were flagged for the type of alert that caused this to be exposed. Who knows how many others have had their information comprimised, illegally I might add.

Now lets all get a database of information on everyone. That will solve the problem, require everyone to have an ID that they will be required to carry, that solves the problem doesn't it. Wait a minute what was the problem, identity theft? If someone has a fake ID that looks good, well then they are that person, if they have the background information like the ssn, address, and those little numbers on the back of the card, well then they are that person. Substituting an external tag for a person, substituting a copyable, forgable, piece of identification for a living breathing person, does not solve a problem, it only says we trust and ID more than we do a person, we trust our information database more than a living breathing citizen. If someone wanted to blow up a building, they can forge the documents, and pictures and the building will be history. Better to find out why anyone would want to blow up a building and see to it that the reasons don't exist. In the case of 911, it was our presence in the Middle East that Bin Laden was pissed about. That presence cost us the trade towers. We (the country leaders) of course wanted to be there and had no fear, because we are the super power, so there, bring it on.

Re:I guess you could spin this into anything

[mikael]

The UK have solved this problem. All MP's (elected officials) get an extra digit added to their tax number (social security number). Consequently, they are not allowed to use online services.

Re:I guess you could spin this into anything

[spazmonkey]

One camp (Clinton) is already trying unfortunately.

Turns out, one of the contract companies who had one of the involved employees (and by definition was therefore on the payroll of that company) just happens to have a CEO that is an Obama campaign supporter. Thus, The Clinton camp is trying to desperately distort it into "someone associated with the Obama campaign "paid" the guy who snooped."

Turns out, the CEO of the OTHER contract company who had the remaining two employees that were involved in this happens to be a Clinton campaign supporter, a fact I guess they felt it more convenient not to mention. Oh well. politics as usual.

Re:What's private about passport records?

[sumdumass]

Don't ask why or apply logic, just accept the fact that we got a blow in for whatever we are supposed to support this week. Haven't you noticed slashdot becoming more of a political "tool" then a place to discuss news for nerds.I guess maybe there wouldn't be enough discusion without the flame though, I don't know.

Anyways, the connection is merely someone's loose opinion.

You are soooo right!

[iknownuttin]

What galls me is that, apparently, the database has a flag that can be set for "famous people", which causes a supervisor alert whenever the file is accessed. Where is the special alert for the rest of us? We're the ones whose data could be abused to wreak havoc on our lives and finances.

Oh God Yes!!! I agree so much with that statement.

I don't know about you, but there's no way in hell I could walk into a bank and say that I'm Barak Obama; regardless of the documentation I have (I'm short and all white.) Or Hillary for that matter - I'm male. But, I could walk in with any one of other hundreds of thousands of identities and wreak havoc. My banker told me that she gets at least one person a week trying to steal someone's identity. Hence the endless questions when opening an account. It's also for the (non) PATRIOT Act bullshit - but that's another topic.

The biggest issue is being completely missed!

At the beginning of the week, Stanley, the outsourcing services providing who employed the contractors responsible for the snooping, was awarded a $600 million five year contract to continue providing services for the State Department.

Am I the only one who finds it a bit convenient that word of the snooping wasn't released until two days after the contract was awarded, over two months after the first snooping against Obama occurred? You'd almost think they had some friends in high places who made sure it didn't become public, since that's the kind of revelation that could have put a big roadblock on their contract award.

I wonder what those involved in suppressing the information will be receiving from Stanley? A cushy job or consulting contract? Campaign contributions for high ranking State Department staffers who might be thinking about a run for Congress in 2010 should the republicans lose the White House?

Re:Looking at the wrong records get you caught

[vrmlguy]

I hope that that statue of limitations in in effect now, but in case it isn't I'll fuzz a few of the facts. A few years back, I was working for a state office that had a disaster recovery aggreement with the department that handles driver's licenses. So, I was alone in their computer room, and there was a terminal logged into the driver's license database. I did a search of my name, and sure enough there were my records. Then I did searches of several other people, including the governor. At the time, the records included your SSN, but this was before anyone had heard of identity theft so I didn't think anything of it. I didn't take any notes of anything I saw, and cleared the screen before anyone got back. I don't think any investigation was done; at least no one contacted me wanting to know why my records might have been the first ones searched.

Re:What's private about passport records?

[Stephen+Samuel]

Real ID is an attempt to eliminate the cartoon-drawing Driver's Licenses that some states hand out. If that was all that realid did, it would simply have to mandate minimum standards for drivers licenses -- and if that was all it did, I doubt that California would mind joining in on it.

What Realid also does, is force states to combine all of their records together where the federal government can access them, and allows the federal government to join that data with private and government data for whatever purpose it wants.

All of that data in one place is a really big prize for somebody wanting to mess with somebody's life -- especially when you consider that DHS has consistently failed security audits for it's computer networks.

Re:Democracy advocates?

[cmacb]

I agree with the point you are trying to make regarding the two terms, but as a practical matter are there any governments with a significant amount of freedom for individuals that are not also democracies?

It certainly makes more sense to confound freedom and democracy than it does to confound liberty and liberal, certainly in modern use. I'm very much in favor of liberty, which is why I've never considered myself a liberal (in the modern sense). Federal government insertion into every aspect of our lives can't coexist with liberty and it doesn't matter which party is pushing it or what good excuse they have for it.

There are somewhere on the order of thousands of people with access to the data in question here, and some of them (DBAs for example) can probably access it without leaving a trace (since they are the ones coding the tracing mechanisms).

You can't have a universal passport system, or a universal drivers license, voter ID card, Social Security database or the ultimate health care system people seem to fantasize about without enormous potential for abuse and if anyone should realize this it should be the readers of /. (some of them anyway).

Re:What's private about passport records?

[cmacb]

One of the things that got my attention about this story (yesterday when it was actually still news) was the mention of "government officials". Even though the story had it right that it was contractors that did the peeking, they continued to refer to them as "government officials".

As a former government contractor I can say with a fair amount of confidence that we are safe from "government officials" looking up our records in Federal databases. Most of them are doing good to get through their morning e-mail without a call to the help desk. The really technical ones can manage simple spreadsheets (although in my experience this involved a fair amount of hand-holding too).

I'm not sure if the problem here is that the average citizen doesn't know the difference between a contractor and a "government official" or if the reporters involved just weren't sure which one it was. Chances are that if you call the IRS, Social Security Administration, or State Department you are going to be talking to a contractor, not a "government official" or even (if we want to consider a third category) a government employee. They don't do database updates, they don't do secretarial work, they don't write computer programs, they certainly don't make their own travel arrangements (Clinton/Gore's government re-invention program relieved them of this onerous responsibility) and they can sit right next to a ringing telephone for hours without being bothered by it.

So, now, the question remains for those who are in favor of the government doing more and more things for us, all of such things involving the collection of various bits of data about ourselves: Who would you rather have access to that data... (a) a contractor, who as we've seen might use idle time to sneak a peek at their neighbors info, or (b) a government employee (or official) who might also do such things, but in addition might accidentally delete or mangle your records because they don't have a clue how the data is organized.

By the way my answer is (c) none of the above. There is no technology fix for this. If you don't want your data looked at, then don't have it out there. That means you have to take a certain amount of responsibility for your own lives. Tough huh?

Re:In Soviet Slashdot, groupthink posts you!

[n+dot+l]

It wouldn't be so bad if the politics introduced where neutral in the stories and the users take it from there. But all the stories are Evil Republicans, Baby Eating Bush, and so on.

Powers-that-be-bashing is always going to be the order of the day among a largely libertarian crowd. The editors are just clumsily following along with the trends we set. I could be wrong, I guess we could test that by picking out opposed stories that made it to the firehose, and see how their chances of hitting the front page relates to their rating from before.

Now if you want to talk about the mainstream media (where many of these stories come from), well, that's something different entirely. I can't really talk about it though since the only US news I watch is largely editorial since, well, that's pretty much all the US networks air. I get actual news from sources like the BBC since I find they do a better job of separating the statements "X happened" and the obligatory "Y is upset about it". And even that's not 100% objective (despite being factual).

This story which was originally about government employees and contract workers inappropriately accessing passport records of presidential candidates and how safe guards in place alerted the proper people so no damage was done and those responsible are being punished.

Yes, that was originally the story. Then we found out that the data was first accessed months ago, and that low-level management silenced the alarms (which, as you say, worked) and "dealth with it" before anyone with the authority to properly investigate got wind of it. Basically, the State Department's employees are either complete idiots, or they fear their bosses more than betraying the public's trust. Either way, whoever's in charge and their subordinates are responsible for allowing (if not fostering) such an environment.

Stories change as they are told, and the concerns raised by the State Department's apparent incompetence are now part of this story.

Instead it got hijacked and is now being used as a reason for not doing RealID and to blast the president over domestic spying because someone could inappropriately access the information.

Nothing is ever as simple as "X happened". Related issues are always going to be brought up and discussed. Most Western media sucks at bringing those issues up (not much time left for that once you're done sensationalizing, I fear). I'm glad the Ars article did it, and I'm glad it happens here.

Now all this and the original article never made it to slashdot until someone could put a spin on it to blast Bush for "anything possible" or "breathing".

From TFA (read it again if you think I've snipped too much, and all emphasis is, of course, mine):

State Department officials insisted ... the contractors were motivated solely by "imprudent curiosity," ... Lawrence Eagleburger, who was George H. W. Bush's Secretary of State in 1992 ... told MSNBC, "It's pretty clear to me that this was not done for political purposes."

Regardless of whether the candidates' records were accessed with politics primarily in mind, the whole incident provides a vivid illustration of what's at stake in the current national debates over privacy and the limits of executive power.

... the major problem with Real ID is that local DMV and law enforcement officials will have access to an unprecedented amount of sensitive information on anyone with a Real ID ... imagine all of that data in the hands of a crooked sheriff who's fighting off a reformist challenger ...

The author isn't bashing Bush over RealID. He's pointing out that the RealID information will be even more accessible than the passport data, and arguing that if something as well-protected as a presidential candi

Beyond Fear

[Mathinker]

> it was our presence in the Middle East that Bin Laden was pissed about.

Ur, last time i checked, he also doesn't believe in democracy. Let's stop that craziness and then we'll be perfectly safe, right?

The Wikipedia article on the McVeigh bombing states that the prosecution's hypothesis was that he was driven by hatred of the US because of various things including: tax increases, the Waco siege and Ruby Ridge. After that bombing, you immediately supported the elimination of tax increases and FBI raids on paramilitary organizations, so you would be safer, right?

Learn to stop cowering in fear. Life has risks and major terrorist attacks are not very high on that list.