December 2, 2006

It’s all about connecting the dots

It’s all about full disclosure. I’m not really new to this blogging stuff.

The morning of Sept. 11, 2001, I was up early surfing the Web – with a dial-up connection, oh the agony! – in search of news items to update the Web site of The Privacy Foundation, where I was site administrator.

Today the Denver-based organization tracks and researches the legal implications of issues such as identity theft and homeland security, but back in the day, we were specifically all about private data collection, under the theory that corporations didn’t have the checks and balances that existed on the government. What do credit card companies do with all your personally identifiable information? Why do libraries need your social security number before they issue you a card? Fairly quaint stuff, now.

Through the end of 2001, I moderated a running dialog that started out debating the question of Security vs. Privacy but was soon all about Security and Privacy. Everything from the theory that the terrorists had used steganography — hiding secret messages in images on public Web sites — to plan their attack to the legislative stampede to pass the USA Patriot Act got thrashed out in postings and e-mails.

SPONSORED CONTENT

Common wisdom then was that finding the bad guys was all about connecting the dots. Like the prophesies of Nostradamus, which are crystal clear after the fact, it seemed that clues, markers, signposts, flashing neon billboards had all been pointing toward the events of that day – we just didn’t have enough information all in one place at one time to make the connections to reveal the pattern.

Here’s a modern dot-to-dot for you. See if you can detect a pattern – no steganography involved:

a.    The Automated Targeting System (ATS), a Department of Homeland Security data-mining program that creates terrorism-risk assessments for every traveler entering or leaving the United States, has evaluated millions of Americans without their knowledge. The program began as a means of screening cargo but quietly was expanded in recent years to screen travelers and create risk profiles that will be retained for 40 years. Travelers are not allowed to see or directly challenge these risk assessments, and some or all data in the system can be shared with state, local and foreign governments for use in hiring, contracting and licensing decisions. Courts and even private contractors can obtain data under certain circumstances.

b. Colorado, by federal law, collects name, address, social security number and date of birth on everyone hired for a job in the state, or by employers headquartered in the state. This information is stored in the State Directory of New Hires‘ “centralized, confidential, and secure repository” connected to the name and address of the employer as well as date of hire.

c.    A desktop computer stolen from the Denver offices of Affiliated Computer Services Inc., a private contractor, the weekend of Oct. 14 holds the SDNH database. The computer also holds information on 500,000 people from the state’s child-support enforcement division for a total of 1.4 million people with their personal information out there, somewhere. The only response to those whose data were compromised to date has been a one-page letter from ACS, signed with an unintelligible scrawl over “ACS Representative,” explaining briefly what happened, attached to three pages of things “you can do to protect yourself from identity theft.”

It is all about full disclosure, isn’t it?

It’s all about full disclosure. I’m not really new to this blogging stuff.

The morning of Sept. 11, 2001, I was up early surfing the Web – with a dial-up connection, oh the agony! – in search of news items to update the Web site of The Privacy Foundation, where I was site administrator.

Today the Denver-based organization tracks and researches the legal implications of issues such as identity theft and homeland security, but back in the day, we were specifically all about private data collection, under the theory…

Categories:
Sign up for BizWest Daily Alerts