Slashdot Mirror
Passport Files of Presidential Hopefuls Snooped
CNN is reporting on the widening brouhaha that began when Barack Obama's passport file was accessed illegally on three occasions beginning in January. Now it seems that John McCain's file was also snooped; and that last year Hillary Clinton's file suffered the same fate. Ars Technica nails the real importance of these breaches, saying that the Presidential hopefuls are "...currently providing the country with a very public lesson in why the 'privacy advocates' who oppose initiatives like Real ID and the executive branch's domestic surveillance programs should really be called 'democracy advocates.' In short..., the entire incident shows exactly why citizens' privacy is critical in a country where citizens compete with one another for control of the government."
I see it as a reason that all passport information should be freely accessible to anyone who wants it. After all, it's owned by the public already. Full transparency is a more effective solution than full opacity because it's both easier to achieve, and eliminates abuses by making them uses.
This was news a few days ago, and there are sites a lot better than AT that can cover this type of thing.
Government has unprecedented data gathering and search capabilities, and is seeking increases in those capabilities. These capabilities are hard to prevent; even if Real ID and similar programs get turned back increased capabilities are the inevitable result of easy to create networks, increasing computer performance and data storage capacity.
Along with that should go greatly increased penalties for the abuse of these capabilities. Firing a contractor seems hardly sufficient. Anyone performing this sort of act should serve significant jail time, financial penalties, and so on. If repeat offenses occur the company for whom the contractor works should be banned from future government related contracts.
Don't ask why or apply logic, just accept the fact that we got a blow in for whatever we are supposed to support this week. Haven't you noticed slashdot becoming more of a political "tool" then a place to discuss news for nerds.I guess maybe there wouldn't be enough discusion without the flame though, I don't know.
Anyways, the connection is merely someone's loose opinion.
.. is how terrible Hilary's passport photograph is.
...that the actual culprits (of the most recent "oopses") were an employees of a contractor run by an Obama adviser, John O. Brennan. The previous one was a trainee who was instructed to test the access with a family member's name. I'm neither for nor against Obama, but he crowed the loudest and it was people answering to someone in his camp, not from "the administration". ...interesting...
The government folks are snooping goverment records all the time anyway. Just ask Hillary about the FBI and IRS records for political foes the last time she lived at the White House.
And that is why you don't want any MORE info in the hands of the feds than the minimum needed. In my opinion the guvmint should be required to send you a letter every time it looks up your personal information. This would sure open some people's eyes I bet.
(I find it sad that in America, private property is often guarded with deadly force, but private property is replaceable, whereas privacy has no protection at all and privacy can never be replaced. Once privacy is lost, it is lost forever.)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
What's private about passport records? Passport records contain your name, your address, your social security number, your place of birth, and a photo of you. With a sufficiently-large selection of data from the passport records, you could find someone who looked similar to you and could genuinely steal their identity in a long-lasting fashion.
What galls me is that, apparently, the database has a flag that can be set for "famous people", which causes a supervisor alert whenever the file is accessed. Where is the special alert for the rest of us? We're the ones whose data could be abused to wreak havoc on our lives and finances.
It doesn't hurt to be nice.
that the program that caught them was one designed to track the access of the records of "high-profile Americans?" Because it doesn't matter if the rest of us have our passport files snooped? What do you need to do, exactly, to be "high-profile?"
Yeah, the rule used to be strictly at least one full week.
"When the atomic bomb goes off there's devastation...but when the atomic bong goes off there's celebraaaaation!"
According to the article, if they hadn't looked at famous people's records, they wouldn't have gotten caught. In other words it's common for these contractors to look at various people's passport records, only these few were stupid enough to choose to snoop after famous people besides their usual routine of checking on their neighbors, unfaithful spouses, the girl they're stalking, etc.
What you said and the Contractor was the "goat". Hey everybody, we fired someone over this! And I agree with everything else.
I prefer Flambe as apposed flamebait.
That's another thing, they used to dupe stories within 3 days of the original posting, sometimes on the same day. Sometimes you would see a front page consisting of nothing but the same story by the same contributor repeated over and over again. Ah, the good old days.
"When the atomic bomb goes off there's devastation...but when the atomic bong goes off there's celebraaaaation!"
Part of RealID is giving access to all state ID records to the Feds.
If they already can't keep a cap on the passport data they are responsible for now, why would they be trustable with more of our information?
Oh God Yes!!! I agree so much with that statement.
I don't know about you, but there's no way in hell I could walk into a bank and say that I'm Barak Obama; regardless of the documentation I have (I'm short and all white.) Or Hillary for that matter - I'm male. But, I could walk in with any one of other hundreds of thousands of identities and wreak havoc. My banker told me that she gets at least one person a week trying to steal someone's identity. Hence the endless questions when opening an account. It's also for the (non) PATRIOT Act bullshit - but that's another topic.
I prefer Flambe as apposed flamebait.
Would Obama be pushing as hard for an investigation if it had been Joe Shmoe's passport that had been compromised? It's nice to know that he's willing to spend the U.S. citizens' money for his own personal interests.
At the beginning of the week, Stanley, the outsourcing services providing who employed the contractors responsible for the snooping, was awarded a $600 million five year contract to continue providing services for the State Department.
Am I the only one who finds it a bit convenient that word of the snooping wasn't released until two days after the contract was awarded, over two months after the first snooping against Obama occurred? You'd almost think they had some friends in high places who made sure it didn't become public, since that's the kind of revelation that could have put a big roadblock on their contract award.
I wonder what those involved in suppressing the information will be receiving from Stanley? A cushy job or consulting contract? Campaign contributions for high ranking State Department staffers who might be thinking about a run for Congress in 2010 should the republicans lose the White House?
OK, one last time, democracy and freedom have no inherent connection to one another. What you want is a liberal, accountable government which would make you a "liberty advocate," not a "democracy advocate."
I could care less about the "state of democracy" in America. What I want is the state of the Constitution, something that often is sacrificed by public approval.
Guess some one is going to be regretting that little trip to Mistress Mandy's Island of Pain now aren't they.
"US passport files include data such as age and place of birth, foreign travel records, and a Social Security number."
http://news.bbc.co.uk/1/hi/world/americas/7309165.stm
I'd be interested to know if UK passport files include foreign travel records (since I have one).
How dare they NOT snoop Ron Paul's passport records? He's still running for president, you know. http://ronpaul2008.com/
Well, if nothing else its everything you need to commit identity theft.
I think we've pushed this "anyone can grow up to be president" thing too far.
Stronger privacy protections? Less intrusive government?
My, what an awful political tool
Step 2. Databse gets abused
Step 3. Reforms are 'enacted'
Step 4. Go back to step 2
The only reason this case of abuse was noticed is because high profile people have a tripwire attached to their records to alert a supervisor whenever those records are accessed. The people who pass laws have built in special privacy protections for themselves and anyone with money, fame, or notability. You think it would be front page news if a contractor was probing through the passport records of sumdumass (711423)?
If you can't see the relationship between a contractors snooping through a Passport database and the potential for contractors snooping through a Real ID database... you must be willfully blind.
[Fuck Beta]
o0t!
So we're concerned about the relatively innocuous data that is found in passport files? Thank god they don't keep track of our health records! Oh wait... that may be coming next.
--------========+++Dont Feed The Lab Techs+++========--------
In short, it's one-stop identity-theft. It's everything anyone would need to get a passport with your name on it.
And how does passport records (assuming it is just entry & exit times) relate to Real ID in any fashion?
The issue is not the records, it's who has access to them, and what they do with that access.
You certainly don't have access, but somebody with an axe to grind might. Nixon had his Enemies List. The TSA has the No-Fly List. According to Newsweek, 1.3 million Americans have their bank accounts under the same sort of "special scrutiny" that noticed Eliot Spitzer moving a few thousand dollars around. (Less than the $10,000 banks are required to report.) The bank account monitoring came about due to PATRIOT, by the way.
The government folks are snooping goverment records all the time anyway
Actually that's not as true as you might think, but regardless, it's irrelevant. As this case demonstrates, now the contractor folks are snooping government records too.
My guess is, as more and more data gets collected, we simply won't have privacy any more. The only fix I see is to simply stop collecting (and storing, and making more available, and organizing so intelligently) so much data.
In the Spitzer case, I don't see how his downfall benefits New York. Why are we collecting all this data about people? Whatever good comes of it (if any, can somebody think of any good that's come of it) seems to be completely outweighed by the bad.
Perhaps I'm okay with collecting the data, but it should be abstracted away from the person's identity. You should probably need to convince a judge to issue a search warrant on the basis that User_ID 136137134 is showing a pattern of suspicious activity.
As I recall this is more or less why we have a FISA court in the first place. To prevent exactly the sorts of abuses of surveillance that Nixon, Hoover, et. al. were so fond of.
What Realid also does, is force states to combine all of their records together where the federal government can access them, and allows the federal government to join that data with private and government data for whatever purpose it wants.
All of that data in one place is a really big prize for somebody wanting to mess with somebody's life -- especially when you consider that DHS has consistently failed security audits for it's computer networks.
Free Software: Like love, it grows best when given away.
The issue illustrated is that clerks can get anything stored. Governments and companies like to pretend they are better than others when they keep things they should not. Improper access proves the lie, not that passport records are inherently damaging.
The issue is really about what records should be kept and who owns them. The public does not own the record of my travel unless I'm doing public work. I'm the only person who should be able to make that kind of information available when I chose. The state should not waste money tracking things which can only be abused.
Transparency is not a a substitute for doing whats right in the first place. It's not an equalizer when there's a power difference because it only removes one tiny piece of the difference. Your boss can still fire you, your school can expel you and so on and so forth. When someone does not like you and they have information about you and they can make rules that harm you, they will.
Friends don't help friends install M$ junk.
The real question to me is, what is actually in there that is so helpful, or harmful, to other people besides idle curiosity? Unless some candidate outright lied on their application, how useful really is this information in the first place?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
All three people who accessed the information were employees of contractors. Some were fired immediately by the contractor before the State Department learned about it. The others the State Department specifically asked that they NOT be fired so they had some leverage to get them to cooperate with the ensuing investigation. (If they were fired, they wouldn't have to do anything unless actually subpoenaed.) Apparently if the state department had not intervened, the contractor would have fired them already. (The exception being the trainee who looked up Hillary instead of a family member during the training exercise - that was (probably properly) viewed as a training error and that employee just had the error explained.)
Regardless, while this is private information, it's not exactly SENSITIVE private information. There's really nothing in these files that isn't a matter of public record (when you applied, where you lived when you applied, name, birthdate) or isn't going to be terribly interesting for any political reason (SS#).
It's pretty safe to assume these breaches were merely the result of idle curiosity, as there's really no other reason to even bother looking at these files with such uninteresting information. That would also explain the fairly wide access thousands of people have to these files.
And to the GP:
Yes, an Obama campaign supporter (donated $2,300) runs one of the contractors whose employees looked at the files. But a Clinton campaing supporter (donated $1,000) runs the other one. Pretty much a wash, unless you're McCain.
paintball
If that's your goal, then push for it to cover private contractors working on a government contract.
Otherwise the FBI, DHS, et. al. could just contract out and never provide any notification, since the government agency in question never accessed a citizens personal information (but their contractor did).
A Human Right
I miss the old Slashdot. You miss week old news?
I'm not saying this to be funny, but I've been around Slashdot since 2000, and this was ALWAYS a complaint.
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
The single most elementary premise upon which a free society is based is that the state has absolutely no right to interfere in any way whatsoever with a citizen who is going about his legal business. None. Any infringement on this standard is the beginning of the end, because it places the welfare of the state above the welfare of the people who are supposed to be its masters.
Yes, sometimes terrorists and common criminals will take advantage of this freedom to inflict damage. That's part of the price you pay. If you aren't willing to pay, or even have your children pay, then pack up and move to Communist China. You and your children will be safe there, as long as you keep your mouths shut.
I can go on for ages with reasons why people who are supposed to be your servants, like politicians, cops and bureaucrats, are always so anxious to persuade you that just a little tiny surrender will save the children and kittens and puppies. It won't, and they'll want more. And more. And more.
And never forget that this one of those cases where mutual accommodation is possible in only one direction. If I impose rigorous privacy laws, I can agree that you don't value privacy and leave you to whatever lifestyle pleases you. You aren't affected in any way, because you can still give as much information as you want to anybody you want to have it. On the other hand, when you impose your anti-privacy laws, there's no room for me to be left alone with my choice.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
I was following news coverage of passport records on Friday, and apparently they contain WAY more data than your passport, ID, and travel records. Criminal records, details about your interactions with other countries, attempts to change citizenship, etc.
I swear to God...I swear to God! That is NOT how you treat your human!
Indeed, it's been a complaint for a long time, even though Malda and his gang don't claim to publish the latest news in the fastest time possible. In fact, they would rather sit on a story and see how it unfolds so that the discussion can have some perspective.
In fact, there's even a FAQ entry addressing this topic. If you want the latest news as soon as it happens, there's other sites to visit. Like others have said, go to Digg for the links, and come to Slashdot for the discussion.
Yes, "In Soviet Russia, frist psot runs Natalie Portman's Linux" is more insightful than what you read on Digg.
:q!
Well, just looking at my passport, one might also extrapolate from my itinerary that I was selling secrets to the whole eastern Chinese seabord. Or, at least a political enemy might attempt to do so. Or, might just brute force demagogue me into answering media charged questions at the bare minimum.
End Transmission. Over?
I hope, when they die, cartoon characters have to answer for their sins.
And even if I didn't support the Real ID (which I don't), I do support the passport database. But this isn't a story about abuse, it is a story about tripwires and safeguards being in place that made it possible for you to know something happened. If anything it is something the government did right.
Why should anyone running for a public office (or holding one) have any assumption of privacy for a US passport?
I would think entry/exit data should be public information, as well as each country visited using that passport, which after all, was provided at public expense, backed by the tax payers, carries with it an expectation of the US government using its influence to secure the safe travel of these people who are de-facto targets of people who would harm the US.
I could make the same case for anyone, really, why should you expect your world travels to be a private matter? What could be more public than world travel?
At most these workers would seem to have violated an unauthorized use of computing resource rules. The fact that it was a political candidate LESSENS the infraction in my opinion.
The fact that they WERE ABLE TO access the information means heads should roll, but not their heads. Why aren't the IT folks being keel hauled instead of these drones? What kind of security does this agency have where the biggest impediment to access is a "thou shalt not"?
Sig Battery depleted. Reverting to safe mode.
This could give people more reason to want private information stored centrally.
We've got three candidates for Presidential candidates with, as far as opposing voters are concerned, questionable pasts. It's media-fueled. Barack may be a closet Muslim, Hillary has a role in Clinton administration conspiracy theory, and McCain could be fudging his military service ala Kerry and Bush. The more info, the better, right?
"Transparency" is a hot issue. People may welcome this, especially since it's not their information being mined. Why should Presidential candidates have anything to hide? I'd bet most people think they should be scrutinized more than regular citizens are. People will accept, then demand, that candidates should have less privacy than average folks.
Then they'll think that about anyone running for office. Then teachers and anyone working with children. Then doctors, power plant employees, stock brokers, garbage collectors, and finally all the way down to you and me.
Better to know who's living next door, right?
Haha, you just made his point by still having a step 4.
i.e. Even if there is a supposed protection in place, it will still be abused again and again.
To quote WOPR: "The only way to win is not to play."
I do not want some bloated, mis-managed, government agency to have all of my medical records, employment records, or business records. If anybody thinks some sub-contracted flunky at a keyboard will be happy snooping through the passport records of his fellow citizens after their medical records become available as part of some similarly unsecured, poorly engineered, unsupervised federal bureaucracy, you're kidding yourself. This stuff is rapidly spinning out of control and the only way to put the brakes on it is to head back toward what the country started with: a small, tightly focused federal government that keeps records on its citizens to the minimum degree practical.
This situation was bad enough when the idiots in government had our data. It gets worse now that government is outsourcing work to non-government people who will never be properly held to account; it opens the way for outside entities to gain access to the data by hiring people to do temporary data harvesting jobs, injecting those people into those outsourced government positions, then acting shocked and "firing" them when they get caught (with bonuses and options to be re-hired later by another division...) That may not be what happened here, but it will happen as the government gets more of our data and that data becomes more interesting/valuable to outsiders.
Your privacy, like your reputation, is not a physical thing; once you hand it over or damage it, you can never get it back.
One of the things that got my attention about this story (yesterday when it was actually still news) was the mention of "government officials". Even though the story had it right that it was contractors that did the peeking, they continued to refer to them as "government officials".
As a former government contractor I can say with a fair amount of confidence that we are safe from "government officials" looking up our records in Federal databases. Most of them are doing good to get through their morning e-mail without a call to the help desk. The really technical ones can manage simple spreadsheets (although in my experience this involved a fair amount of hand-holding too).
I'm not sure if the problem here is that the average citizen doesn't know the difference between a contractor and a "government official" or if the reporters involved just weren't sure which one it was. Chances are that if you call the IRS, Social Security Administration, or State Department you are going to be talking to a contractor, not a "government official" or even (if we want to consider a third category) a government employee. They don't do database updates, they don't do secretarial work, they don't write computer programs, they certainly don't make their own travel arrangements (Clinton/Gore's government re-invention program relieved them of this onerous responsibility) and they can sit right next to a ringing telephone for hours without being bothered by it.
So, now, the question remains for those who are in favor of the government doing more and more things for us, all of such things involving the collection of various bits of data about ourselves: Who would you rather have access to that data... (a) a contractor, who as we've seen might use idle time to sneak a peek at their neighbors info, or (b) a government employee (or official) who might also do such things, but in addition might accidentally delete or mangle your records because they don't have a clue how the data is organized.
By the way my answer is (c) none of the above. There is no technology fix for this. If you don't want your data looked at, then don't have it out there. That means you have to take a certain amount of responsibility for your own lives. Tough huh?
Everything I have read states that the names of the contractors who did the search and the companies they work for have been withheld. What evidence do you put forth that an Obama paid advisor was also a contractor at the State Department and was responsible for querying the records? Since you provided no evidence it would seem likely you do not have any.
Three words. Presidential Election Cycle. Most US based sites are going to be quite political.
--- Justin Dearing http://www.justaprogrammer.net/ We're just programmers.
I'm not paranoid because that really happened to me and forced me to change my phone number as they kept calling at 2am 3am at night every night and waking me up. Maybe you find that sort of thing as normal and if a person gets upset over it you call them paranoid. But what if it happened to you night after night? They spoofed caller ID using an Internet connection to make the calls, so the Police couldn't trace the harassing calls. I have evidence to back it up as well as police reports.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
And they will set of alarms and be caught again and again. You see, The protections worked. That's why we know the abuse happened. SO far we know who did it, what they accessed, and any connections to either candidate. There are already laws on the books if they use any of the information to damage anyone. And the government who knew about this before we did, knows nothing has been used so far.
I don't know how better it could have worked. I mean outside discarding the information and not keeping a record of who enters and leave the country, the protections worked quite well.
No, seriously, this just keeps coming up and it's retarded. Slashdot readers are anything but a representative sample of American (or any) society. Of course we don't reflect it, let alone the full range of the political (left-right) spectrum.
When the editors post a good story, we get between two and five hundred posts discussing how and why this is alarming, what the possible implications may be, etc. Once moderation is applied we end up with a very high signal to noise ratio. Dissenting views are pretty much always modded up, except when they're trolls or flamebait (and even then, people often take the time to read them and reply). Other sources are often quoted or linked to, and those posts get modded up too. In other words, we get a good, interesting (possibly insightful, or informative, sometimes even funny) discussion.
When the editors post something stupid, we get between two and five hundred posts pointing out the error and ripping on the editor that put it on the front page. Occasionally, a thread or two spawns discussing some tangentially related subject that ends up being interesting on its own merrits.
As far as I'm concerned, the system is working as intended. Seriously, who would you rather discuss politics with? The Digg crowd? The people that leave comments on Youtube? Seriously, answer that question and go there. Then come back and tell us what you find. Haven't you noticed slashdot becoming more of a political "tool" then a place to discuss news for nerds. No. Most of us are capable of independent thought. That's why we're all here, sharing our thoughts and adding the insights of others to our own. At the very least we're sharpening our ideas by arguing against those we disagree with.
The fact that we often agree in large numbers speaks more to the fact that we're a self-selected group than anything else. The fact that the editors pander to us says more about their lust for precious ad revenue than their political views. Not all herds are made of sheep. And even if they were, kdawson (it's him everyone bitches about, right? I honesty don't pay attention to the editors' names) sucks at playing sheep-dog.
Political is fine. A political took presents the stories in a favorable way to a certain side.
The difference would be a neutral story summery that might say something like, "federal employees and contract workers were caught looking at presidential candidate's pass port records." A tool story would be one that assigns opinion as if it was fact to the summery or story itself or attempts to coopt the story to press another agenda. One of these looks like the "currently providing the country with a very public lesson in why the 'privacy advocates' who oppose initiatives like Real ID and the executive branch's domestic surveillance programs should really be called 'democracy advocates.'" in the summery. The fact is that the story has nothing to do with the domestic spying program or RealID.
They essentially took a story about records being accessed inappropriately, the people doing it being caught and punished because of safeguards already in place and working, and turned it into a "remember us whining about something, we are going to do it again because we can skip the details of this unrelated story and use it to our advantage by introducing the shock value out of context". Then in two weeks time, there will be yet another story about why the public isn't as concerned as they are with a few posts moderated as "flame bait" or "trolls" because they essentially say that everyone thinks they are being scammed when shit like this story happens and it is blown out of portion in order to sneak another objective in. So in essence they don't trust what you say because of your tactics."
Now, turn this to anything else like Intel processors, linux or windows and anyone calling a spade a spade will be modded up not down. People will be fighting to make sure the truth is out not someone's marketing scheme. As a tool, the truth gets hidden and the marketing propaganda stays on top. It is totally contradictory to Slashdot's entire style.
Oh, you can do a lot of nasty things with passport records besides ID theft. For instance, you can have your HR department datamine it to keep out, er, undesirables. And their children too, to the (oh, I don't know, let's say) tenth generation, just 'cuz. What, you've never met anyone that has a thing against immigrants, legal or otherwise?
I'll stop having something to hide when the rest of humanity stops judging people on their birth place, race, gender, and anything else they have no control over. That and when theives stop favoring the homes of those who've gone on vacation.
Kind of a non-story for me. Reading articles on this it really seems like it was a curious employee who wasn't paying enough attention to the warnings given and or consequences about private data. Honestly I blame our celebrity lifestyle for this. Everyone is so wrapped up in famous people they forget about what they are authorized to do. I find it hard to judge someone for letting their curiosity get the better of them.
If you were given the power, how many of you would resist the urge to look up Natalie Portman's [insert your favorite opposite sex celebrity here] passport?
That's what most of the information is pointing to. (Unless of course this is what they want me to conclude.) Now if it's politically motivated such as Nixon era privacy breaching I'd probably feel differently about it.
That's the first I've heard of this. Can you supply a link?
Translation: Utterly and completely without cause I'll put in some unrelated hot-button stuff and then try to pretend I didn't.
Translation: Utterly and completely without cause I'll put in some unrelated hot-button stuff and invoke scary scenarios forwarding my own agenda.
Etc... Etc...
And really, that's the whole point of this [Ars Technica] 'news' story - not to tell the news, but to slant it and spin it until it is no longer recognizable and then to attach editorial comments unrelated to main story. If Faux News, CNN, or one of the other big networks did this, Slashdot and the rest of the blogosphere would be up in arms about such journalistic misbehavior.
Umm, you know when you you use your passport and some airport security drone stamps it when you go thru immigration?
Yep, that's a "foreign travel record"
"You can't fight in here, this is the war room!"
>What's private about passport records?
Passport records, not the passport itself, contain much more than you cited.
In some cases, where a passport was not routinely given, there may be far more information.
All of the passport records in question here, are for people who travel with diplomatic credentials,
and all of them have a reasonable apprehension of being targeted for assassination. A great deal of
information about the passport holder, and about his family members, can be found in these records,
as well as records of how much money they travel with, specific dates and times of travel, and other
information that may seem useless to you but could be extremely valuable to an assassin.
-fb Everything not expressly forbidden is now mandatory.
>In short, it's one-stop identity-theft. It's everything anyone would need to get a passport with your name on it.
You're thinking in terms of "Joe Blow's" passport. You're not thinking like an assassin, and you're not considering
the difference between travel records of Joe Blow and travel records of someone who has diplomatic credentials (and who
has a reasonable apprehension of being a target of assassinaion.)
All three of these individuals have 24 hour Secret Service protection for a reason.
Passport record is one of the things you don't want a potential assassin to have access to. And that, not the risk of identity theft,
is the problem in this State Department investigation. It potentially put these people at increased risk of assassination.
-fb Everything not expressly forbidden is now mandatory.
What galls me is that, apparently, the database has a flag that can be set for "famous people", which causes a supervisor alert whenever the file is accessed. Where is the special alert for the rest of us? We're the ones whose data could be abused to wreak havoc on our lives and finances.
Where exactly did you get this information? I'd like to see a source please.
> it was our presence in the Middle East that Bin Laden was pissed about.
Ur, last time i checked, he also doesn't believe in democracy. Let's stop that craziness and then we'll be perfectly safe, right?
The Wikipedia article on the McVeigh bombing states that the prosecution's hypothesis was that he was driven by hatred of the US because of various things including: tax increases, the Waco siege and Ruby Ridge. After that bombing, you immediately supported the elimination of tax increases and FBI raids on paramilitary organizations, so you would be safer, right?
Learn to stop cowering in fear. Life has risks and major terrorist attacks are not very high on that list.
These are people who are supposed to have access to the information. You can't remove their access or prevent their access much more then saying "Don't Do That" and expect them to do the job. This differs from reactive security in quite a significant way where the breach comes from someone who isn't allowed access.
So what you do is create a system where there is X amount of paperwork and/or procedures from more then one person or something similar then monitor file access by the people who are supposed to have access to the information. Then when someone accesses something inappropriately, a flag comes up, a follow up is done to determine the legitimacy and possible punishment which might include criminal charges.
And each of those is a reason, although certainly ridiculous, for some voter to believe they need that information.
It's still automatic too, the stamps are mostly for personal use, there are few security checkpoints that need them today. With EU as example, all personal data and travelinfo must be sent to the US preflight so they only need to match the id and add the current tripp to the database. Sure they might not cache what you did ten years ago but the paper and electronic trail of some people are long.
When I go through immigration to a different EU country from the UK my passport doesn't get stamped. It doesn't get stamped on the way back either. Currently, my passport is empty, even though I've left Britain several times recently.
They do scan the passport's OCR text though, I wondered if they kept a record of that.
I have nothing to hide ... but that IS completely beside the point.
... one day I will give a shit. One day. Today, I do not. I think it is funny and their information should be freakin' published. I personally want to know where each and everyone of them has been, when, and why.
I'll give a shit about this when I can pick up the phone and not think it is already bugged or being listened to.
I'll give a shit when I can see the records of the numbers that were bugged in this country WITHOUT A WARRANT.
I'll give a shit the day I can use my computer and not worry about the links I click on.
Trust me
From the article, the protections and alarms you are referring to apply only to high-profile persons. So unless I'm having this conversation with Barak Obama or the Olsen Twins, your record probably does not enjoy those same protections.
You obviously have NEVER gotton a pasport AC!
It holds quite abit about your lifes history, Not just Name, Address, Phone number, country of origin. But SSN, your mother and fathers information, copies of your BIRT HCERTIFICATE, copies of 2 forms of photo ID. So anyone wanting to oh say engage in identity theft, pasport files are a one stop shop!
The Truth is a Virus!!!
"I wonder what the Ars Technica/privacy zealots who oppose RealID protection will say when the next hijacked airliner is crashed into a building."
Probably not a lot since if everybody has a "RealID" it solves nothing since the "bad guys" will have a RealID as well.
Or did you think they were going to do screening just to make sure only the "good guys" have RealID?
You were mistaken. Which is odd, since memory shouldn't be a problem for you
" Chief of firm involved in breach is Obama adviser"
http://www.cnn.com/2008/POLITICS/03/22/passport.files/index.html
* Story Highlights
* Source: John Brennan advises Barack Obama on foreign policy, intelligence issues
* The passport files of three presidential contenders were improperly accessed
* A contractor for the Analysis Corp. has been disciplined
* Two contractors who worked for Stanley Inc. have been fired
From Kate Bolduan
CNN
WASHINGTON (CNN) -- The CEO of a company whose employee is accused of improperly looking at the passport files of presidential candidates is a consultant to the Barack Obama campaign, a source said Saturday.
John O. Brennan, president and CEO of the Analysis Corp., advises the Illinois Democrat on foreign policy and intelligence issues, the source said.
Brennan briefed the media on behalf of the campaign this month.
The executive is a former senior CIA official and former interim director of the National Counterterrorism Center.
He contributed $2,300 to the Obama campaign in January.
When asked about the contribution, a State Department official told CNN's Zain Verjee, "We ethically awarded contracts. Political affiliation is not one of the factors that we check."
On Friday, the department revealed that Obama's passport file was improperly accessed three times this year, and the security of passport files of the two other major presidential candidates -- Democrat Hillary Clinton and Republican John McCain -- had also been breached. VideoWatch the secretary of state apologize for the breach
Three contract emplyees are accused in the wrongdoing, including the one who works for Analysis Corp. and who was disciplined. That contract employee accessed McCain's file in addition to Obama's. None of the contract employees was identified. Learn more about the companies involved
The other two contract employees worked for Stanley Inc. They were fired.
The Washington Times, which broke the story Thursday night that Obama's records had been improperly accessed, reported Saturday that the State Department inquiry is focusing on the Analysis Corp. employee. Also, the investigation by the department's inspector general will include polygraph tests for supervisors in the passport section to find out whether there was any political motive.
The department spokesman said Saturday that he would not comment on whether the department was administering polygraphs to employees in connection with the investigation.
"While this is a rare occurrence, we regret the unauthorized access of any individual's private information," the company said Friday in a statement.
Stanley has had contracts with the department since 1992 and was recently awarded a $570 million contract to continue providing support for passport processing. Its CEO, Philip Nolan, contributed $1,000 to the Clinton campaign. VideoWatch how contractor execs are linked to campaigns
The department official said the three contract employees worked in three offices in the Washington area. One office does consular work and visas on evenings, holidays, weekends and overnights; another office issues passports; the third office scans and files materials.
The source said there has been no problem in the past with the Analysis Corp. employee, who has "extensive" experience. The worker has been with the company for years and has always worked under a State Department contract.
Explaining that the department had "complimented" this person for work in the past, the source said the individual is considered a "terrific" employee, except for this one instance, characterized as an "aberration."
The department asked the Analysis Corp. not to take any administrative action against the employee whi
The issue's not kdawson but slashdot in general. Here's two posts by him.
:/
White House Says Hard Drives Were Destroyed
Posted by kdawson on Sunday March 23, @07:58AM
151 comments
Developers: The P.G. Wodehouse Method of Refactoring
Posted by kdawson on Sunday March 23, @04:02AM
58 comments
Even though the more 'techy' one was posted 3-hours earlier, the more political one has about 3 times as many comments. Admit it, slashdotters are more drawn to sensation-ism than you'd like to admit.
Lack of planning on your part does not constitute an emergency on mine.
"Real ID is an attempt to eliminate the Mexican Government from "assisting" in getting Driver's Licenses to illegals"
You know that's a pretty serious thing to say. Do you have any corroborating evidence? If so, you should contact the the federal authorities as soon as possible.
http://www.dieblinkenlights.com
The US right wing is responsible for causing the deaths of hundreds of thousands of Iraqi civilians by enabling an incompetent and dishonest President to rule by fear. They have smeared and slimed their opponents with attacks on their patriotism. They have lied about WMD, why beleive Condi 'mushroom cloud' Rice on this issue? She has neither credibility nor integrity.
The fact we can't trust the administration is the central problem here. These things do happen by accident. But theis particular administration has long ago used up its stock of trust. They refuse to explain themselves and in fact reject even the idea that we have any right to hold them accountable.
Occam's razor suggests that the simplest explanation of this administration is that they are incompetent, dishonest and corrupt.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Full transparency is a more effective solution than full opacity because it's both easier to achieve, and eliminates abuses by making them uses.
In general, full transparency is not a solution to privacy problems, though, because not everyone has equal power given the information. If a public official knows my name and address, he can look me up on all kinds of databases and, more to the point, make entries on all kinds of databases that may ultimately cause harm to me. If I know his name and address, what am I going to do, go stand outside his house with a sign saying "Abuser of power!"?
I read a much better articulated version of this argument a little while ago, possibly written by someone like Ross Anderson, but I'm afraid I can't find it now. If anyone has it, please do post the link.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I think the big fuss is that accessing the passport was ILLEGAL, not the actual information accessed.
You see, The protections worked.
You seem to have an interesting idea of what it means for the protections to "work". It's a bit like saying, "Hi, I've just shot you dead."
I mean outside discarding the information and not keeping a record of who enters and leave the country, the protections worked quite well.
Gosh, there's a thought. Maybe there's a moral here about allowing governments to conduct systematic mass surveillance?
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Yes the US is a Constitutional Republic in which our representatives are democratically elected. We are not a democracy :-)
I wish more people understood that. Ignorance in this country is widespread and it's largely due to government schools.
Libertas in infinitum
First off, yes, snooping of this nature is wrong. However, the final summary sentence, "In short..., the entire incident shows exactly why citizens' privacy is critical in a country where citizens compete with one another for control of the government."
Who's perspective? As a candidate, you're damned right I don't want you to know everything about me. That makes me less likely to be able to compete and win the leadership post I seek.
But as a VOTER and CITIZEN... HELL YES I want to know what these people have been doing. These are the people whose inconsequential decision on what to have for dinner while meeting with foreign dignitaries could start a war. (Probably not; they pay the staff well to make sure that doesn't happen. But it's in the realm of possibility that the President serving pork chops to the Ayatollah could have some bad results.) So what about fair competition; these are people I expect to make good decisions for all of the people they are leading. If you choose to live your life in public service, your life is going to be public. Don't whine and moan that you lost your very public job because some enterprising report found out you had an office broken into and evidence destroyed. And don't complain that people are invading your privacy; if you choose to seek public office, expect it and know that it will happen.
Look at it from the prospective consumer model. I'm looking to buy a car, I expect the dealer to be forthcoming about things that may impact the performance of that car. (For example, it was picked out of a flood, and the interior was replaced. In fact, aren't there laws about that kind of information?) Likewise, I'm investing my vote in a product; the leadership qualities and policies of a politician whom I'm about to hand the power to wage war, tax, and regulate. I, as a "consumer", want to know EVERY detail I can about the person so that I can make a better choice.
Granted, most of the voting public isn't remotely that responsible with their vote. And this only applies to people I am ceding my autonomy to; I don't care to know who's having sex with Paris Hilton this week.
I don't doubt that you got the calls - what I doubt is the connection between your posts to Slashdot (or /most/ other forums) and those calls.
The point is, that it is proper for some information to be kept, especially when the document covered by the information is an Identification where the state or federal government is saying this person is who is written on this document. It is also proper for employees of various organizations to access this information durring the normal course of their jobs. Protections are used to stop and notify certain people when abuses happen and those protections came into play which cause an investigation and punitive actions against the employees.
I believe you're missing my point. Monitoring is good, but prevention is much better.
Governments (or any other organisation for that matter) should only be allowed to hold the very minimum personal information required to do their jobs. At present, they typically collect vastly more information about both their own population and those visiting their countries than they have any need or right to have. Personal information can't be abused if no-one has collected it and given it to a potential abuser.
Access to any personal information that does need to be held should be subject to strict controls. In particular, it should not be possible for a single worker to arbitrarily access anything sensitive, and where access is legitimately required as part of a job, not only should that access be recorded but the people given those jobs should be carefully checked first. At present, far too much access is available to individuals working in certain government departments, financial institutions and the like, and it is often abused. This suggests that insufficient safeguards are in place on either the people being hired or the access to the information. Sure, monitoring and deterrence matter (and I happen to think that deliberate invasion of privacy or abuse of access to personal information should be regarded as very serious crimes and punished accordingly) but these measures are only worth anything after the fact. There is a whole load of work you can do to make it less likely that abuses will happen in the first place.
And no, I don't think certain governments do need anything like as much information about people entering their countries as they currently collect. In fact, I know a significant number of people who now refuse to travel to places like the US for precisely that reason.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
This isn't a situation of carelessness. Well, maybe the trainee part was. But each and every breach was from a trusted source and by a trusted person who had a legitimate reason to access the data as part of their job if the situation required it.I think your wrong and we are better off without your friends coming in anyways. I have nothing against foreigners, I just have a deep belief that a sovereign nation should be able to monitor it's borders and who enters it's borders and that is an intricate part of it's sovereignty.
Now the candidates get to feel what it's really like to be an American in 2008- no privacy from the gov't!
Tibbon
tibbon.com
NOT GOVERNMENT EMPLOYEES Its pretty sad, but this is how it works. - State Dept hires a contractor for millions - Contractor does some hiring itself of local people - Contractor also uses temp agencies to find people By the time it hits the temp agencies the job is something like $10 an hour, no benefits offered, must pass credit and criminal check. The pool of candidates looking for a temporary job with no benefits and $10 is pretty crappy. These people have access to very sensitive information like passport data daily. In a nutshell, you can get a job at a passport center within weeks of applying, sit in training for a day, look up whatever you need to look up, and quit. All this in a matter of weeks. Yes, its pretty sad.
You still don't know the name of my favorite pet. If that ever gets out, I'm toast.
In those phone calls they mentioned the web sites by name.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
It doesn't hurt to be nice.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9070398
Quoting relevant paragraphs: Undersecretary Pat Kennedy said some records have "what computer people call flags -- we put flags on certain records that trigger a report to a supervisor that the record has been accessed," he said.
Not all 18 million passport records have flags, said Kennedy. The department's Bureau of Counsel Affairs determines what records to flag, he said. Here's another link:
http://www.nytimes.com/aponline/us/AP-Passports-Privacy.html
And the quote: Supervisors recorded each instance a file was viewed because the applications in question belonged to members of a select group of several hundred citizens whose passport files were ''flagged'' for extra protection due to their visibility, the officials said. Among these people are government leaders, movie stars and athletes, the officials said.
It doesn't hurt to be nice.