Later On

A blog written for those whose interests more or less match mine.

Here’s what can go wrong when the government builds a huge database about Americans

leave a comment »

Timothy Lee is always good. Today, in the Washington Post, he points out some forthcoming problems:

When stated abstractly, the risk of the NSA violating your privacy may not seem so alarming. The Associated Press reports on an FBI database that provides some concrete examples of how a massive database about Americans can be abused.

The National Crime Information Center database, maintained by the FBI, provides law enforcement agencies across the country with information they need to do their job, including information about outstanding arrest warrants, gang memberships, firearms records, and much more. According to the AP, it serves 90,000 agencies and receives 9 million data points every day.The New York Police Department says one of its detectives was recently caught using the NCIC database to secretly obtain personal information about two other NYPD officers. Police officials have suggested that the man, who also hacked into several individuals’ e-mail accounts, was trying to figure out “who his ex-girlfriend, also a police officer, was chatting with.”

Another police officer, Gilbert Valle, was convicted in March for using the NCIC database to “help compile dossiers on women that listed their birthdates, addresses, heights and weights,” apparently as part of a “bizarre plot to kidnap, cook and cannibalize women.” Fortunately, the authorities stepped in before the women he had profiled were harmed.

The AP reports that “authorities have accused a Memphis police officer of using the NCIC database to leak information to a confidential informant about a watch dealer who the informant believed had stolen a Rolex; a reserve patrolman in Clarkston, Ga., of running names and license plates for marijuana dealers; a Montgomery County, Md., officer of running checks on cars belonging to a woman who later reported that the vehicles had been vandalized; and a Hartford, Conn., police sergeant of supplying database records to a woman who used them to harass her ex-boyfriend’s new girlfriend.”

These stories illustrate some of the kinds of misconduct that could occur with the NSA’sdatabase of the nation’s phone calls. A record of every American’s phone calls and cellphone locations could be even more attractive to unethical government employees than the NCIC database. Jilted NSA employees could use the database to stalk exes. Corrupt NSA officials could sell information from the database to criminal enterprises. Voyeuristic NSA employees could browse through the database to learn about the personal lives of celebrities.

Indeed, the threat of NSA voyeurism is not just hypothetical. In 2008, a former NSA employee admitted to ABC that he and others at the agency had listened in on the personal phone calls of soldiers stationed overseas.

“Hey, check this out, there’s good phone sex or there’s some pillow talk,” the man said he was told by other NSA employees. “Pull up this call, it’s really funny, go check it out. It would be some colonel making pillow talk and we would say, ‘Wow, this was crazy.’”

Of course, the NSA says it has safeguards in place to prevent this kind of abuse. According to the agency, just 22 officials have the authority to authorize queries against the phone records database.

But even if access is tightly controlled today, there’s no guarantee that it will stay that way. The more tightly access to the database is controlled, the more difficult it will be for NSA analysts to make effective use of it. There will be a natural pressure to expand access as new uses for the database are discovered and concerns about privacy recede.

And the fact that access to the database is officially limited to 22 people doesn’t mean that no one else has unofficial access. One reason the FBI has trouble preventing abuse of the NCIC database is that cops share passwords or forget to log themselves out after using the database, allowing others to gain access using their credentials.

And Edward Snowden appears to have gained access to documents that he wasn’t authorized to access. The call records database might have similar vulnerabilities. . .

Continue reading.

Written by Leisureguy

8 July 2013 at 10:07 am

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: