2. I wonder what he means by "commercial data available in the public domain". Either it's commercial and you have to pay for it, or it's public domain. My long distance calling patterns are commercial data (and is sold by the phone company for marketing), but they're not "public domain" in the way that most of us would understand it. You have a point, but he is probably referring to information that is in the public domain and maybe even available free of charge, but that has been harvested and combined commercially. Even if you walk into whatever government office may have some piece of data that is in the public domain, there may be a service charge to cover clerical time, copying and so on.
Take Choicepoint; they purchase public records from just about every court in the country, from county clerk/assessor/, vehicle and driver records, headers from credit bureaus with SSNs, former addresses, aliases, etc. They then combine all this in different ways to create products that they sell to... the government and to insurance companies.
The article further quotes ChoicePoint spokesman Chuck Jones:
But ChoicePoint has no way of knowing whether anyone's personal information actually has been accessed.
Why the hell are they allowed to keep a dossier on me if they don't have any mechanism in place to allow them to track how it is used and by whom? This is insane!
Insane, yes; but I think it's also horsesh*t. I worked for them before the turn of the century, and they had a fairly thorough audit capability.
Slashdot Mirror
The Privacy Rights Clearinghouse keeps a list called "A Chronology of Data Breaches Reported Since the ChoicePoint Incident." That list shows over 200 incidents reported in the last 17 months, totalling over 88,000,000 breaches.