Privacy Debacle Hall of Fame
2006-08-21 - wired.com
By Annalee Newitz
Earlier this month AOL publicly released a data trove: 500,000 search queries culled from three months of user traffic on its search engine.
The company claimed it was trying to help researchers by providing "anonymized" search information, but experts and the public were shocked at how easy it was to figure out who had been searching on what. Apparently, AOL's anonymizing process didn't include removing names, addresses and Social Security numbers. Although the company has since apologized and taken the data down, there are at least half-a-dozen mirrors still out there for all to browse.
This may have been one of the dumbest privacy debacles of all time, but it certainly wasn't the first. Here are ten other privacy snafus that made the world an unsafer place. Despite the obvious flaws of rankings, we have attempted one as follows, in descending order:
10. ChoicePoint data spill: ChoicePoint, one of the largest data brokers in the world, in early 2005 admitted that it had released sensitive data on roughly 163,000 people to fraudsters who signed up as ChoicePoint customers starting in 2001. At least 800 cases of identity theft resulted. Sued by the FTC, the company paid $15 million in a settlement earlier this year -- at least $5 million of which goes to the consumers whose lives they ruined.
9. VA laptop theft: In May, two teenagers stole a laptop from the Department of Veterans Affairs that contained financial information on more than 25 million veterans, as well as people on active duty. Electronic Frontier Foundation staff attorney Kurt Opsahl said this is one of the worst data breaches in recent memory because of its sheer scale: "The database contained the names, Social Security numbers and dates of birth of as many as 26.5 million veterans and their families, though allegedly recovered without evidence of the thieves obtaining access." The case also raised awareness about how many unprotected, private databases are floating around on easily-stolen, mobile devices. When the laptop was recovered, it appeared that none of the data had been disturbed -- but only time will tell.
8. CardSystems hacked: In 2005 MasterCard revealed that one of its third-party processing partners, CardSystems, had lost data on over 40 million customers to online data thieves. Many of those customers were MasterCard holders. Worst of all, according to MasterCard reps, the data was stolen "by running a script." In other words, CardSystems had incredibly poor digital security and 40 million credit-card holders paid for it.
7. Discovery of data on used hard drives for sale: In 2003, security geek and MIT grad student Simson Garfinkel bought a batch of 20 used hard drives to test out some forensic data recovery techniques. He was dismayed to learn that many of these drives had not had their memories properly wiped: One still contained data from its days in an ATM machine, and two were packed with credit card numbers. He bought several dozen more used hard drives, and found that overall only about 10 percent had had their memories adequately wiped. In retrospect, Garfinkel is still shocked at what he found. "Most, if not all, of these cases would have been avoided if the laptops had been configured with cryptographic file systems," he said, adding that "any halfway-decent IT department" should be able to do that.
6. Philip Agee's revenge: The Judith Miller case may be fresh in our minds, but Miller's revelations about Valerie Plame pale in comparison with those of former CIA operative Philip Agee. After turning his back on a government agency he considered evil and corrupt, Agee fled to England and in 1975 published a book called Inside the Company. It revealed the identities of nearly 250 CIA agents, and the U.S. government claimed it led to the executions of two who had been working undercover in Eastern Europe. In 1978 and 1979, Agee published two volumes called Dirty Work, which contained details on over 2000 CIA agents. Today, Agee lives in Havana, and runs a website that helps U.S. citizens travel to Cuba.
5. Amy Boyer's murder: In 1999, a stalker named Liam Youens paid New Hampshire-based internet investigation firm Docusearch roughly $150 to get the Social Security number and workplace address of Amy Boyer. He'd been obsessed with Boyer since high school, and had created a website that detailed his plans to destroy her. With the data provided by Docusearch, Youens was able to hide outside Boyer's office and shoot her to death before killing himself. His terrible crime wound up creating a good law: In 2003, the New Hampshire Supreme Court held that investigation firms can be held liable for harms they cause by divulging personal information.
4. Testing CAPPS II: In late 2003, JetBlue and Northwest Airlines confessed that for the past two years they had been giving personal data from millions of airline passengers to NASA and the TSA. The two agencies were data mining the information as part of their research on a new passenger threat-assessment program called Computer Assisted Passenger Prescreening System, or CAPPS II. The data included addresses, phone numbers and credit card numbers. After public outcry over the TSA's use of private passenger data to "test" the beta version of CAPPS II, the program was terminated in 2004. It has been replaced by a similar program called Secure Flight.
3. COINTELPRO: From 1956 to 1971, the FBI's secret counterintelligence program COINTELPRO worked to undermine what the agency deemed "politically radical" groups, usually by infiltrating those groups and gathering sensitive information about their members. Among COINTELPRO's targets was Martin Luther King, who was placed under illegal surveillance and harassed. COINTELPRO was unmasked in 1971, when a group of leftists called The Citizens' Commission to Investigate the FBI broke into a field office and stole some documents detailing COINTELPRO's activities. Subsequent Congressional investigations into COINTELPRO's antics led to widespread condemnation of the program. Sen. Frank Church, who headed up the investigation, concluded: "The Bureau conducted a sophisticated vigilante operation aimed squarely at preventing the exercise of First Amendment rights of speech and association, on the theory that preventing the growth of dangerous groups and the propagation of dangerous ideas would protect the national security and deter violence." Many COINTELPRO documents remain classified to this day.
2. AT&T lets the NSA listen to all phone calls: Earlier this year, a whistle-blower at AT&T revealed that the telco giant had been routing all U.S. phone calls and internet traffic to the NSA as an antiterrorism measure. The agency had gotten similar data from other major telcos in the country -- only Qwest had refused. Investigations, mostly conducted by journalists, revealed that every single phone call made in the U.S. over the five years of the NSA domestic spying program had essentially been tapped. Internet traffic suffered the same fate. AT&T is currently being sued in numerous class action suits on behalf of its customers for illegally handing over private data to the government. The cases were recently consolidated in San Francisco federal court. (Disclosure: Wired News has intervened in one of these cases and is seeking to make public evidence filed under seal.)
1. The creation of the Social Security Number: Although security blogger Adam Shostack is known for his expertise on information-age data leaks, he considers the creation of the Social Security Number in 1936 to be the "largest privacy disaster in the history of the U.S." Referencing controversy over the card's creation at the time, he said, "Ironically, privacy advocates warned that the number would become a de facto national ID, and their concerns were belittled, then proven right, setting a pattern that still goes on today."