Access

Authorized Access/Database Sharing

The largest concerns people have about Internet privacy is the fear that their credit card information will be stolen by hackers breaking into their bank. This problem seems to be secondary to the problems with authorized access. Many people have "legitimate" access to databases with sensitive personal information. Oftentimes, there is a dichotomy between those people who we believe should have access, and those who do. Moreover, we are often not aware that people are accessing our information. An obvious example is unlisted phone numbers. People make their phone numbers unlisted to avoid unwanted callers and to protect their privacy. However, unlisted phone numbers have sometimes been released by phone companies. Such was the case with AT&T, who provided as a service the ability to look up the name of the person at a particular phone number, even if that phone number was unlisted. (P07.02) Another incident may have involved the selling of a phone companies database (including unlisted numbers) to telemarketers. Increasingly, databases of information are being sold to individuals to whom we did not give the information, and who are using the information in entirely different ways that we expected (see Information Collection). The entire drivers' license database of Ohio was sold by the State to database company TRW for $375,000. (R16.39) Drivers' records have been made available to car rental agencies (see also Accuracy). (P05.04) Other companies routinely share, swap, or sell their databases without customer notification. Hospitals will often sell their database of newborn babies to maternity catalogs. Credit card companies also sell databases of their clients buying habits to other retailers who might be interested. (R16.39) In addition, some databases of information we assume to be private are now generally accessible. For example, the State of Texas made its license plate database available for anyone to do searches. The database could easily be abused by stalkers and marketers, who would now be able to find the current address of anyone, given their license plate number. (P06.08) In Colorado, students entire records were provided to anyone claiming to be doing educational research. Student's records contain a great deal of sensitive information including problems in school, learning disabilities, and the current location of students family. (P05.04) The bottom line on authorized access is this: there is no protection of information. Today, your information may be freely distributed without your consent.

Unauthorized Access

Unauthorized access is certainly the problem most people think about regarding online databases. Online credit card number databases were compromised by Kevin Mitnick in one of the most publicized examples. Certainly it is an issue that is becoming more important as more databases are put online, where they are vulnerable to attack from the Internet. Security at some of these databases has been lacking. Nonetheless, the real impact of security problems has been negligible, as much database information is already available through "legitimate" means (or by means of "social engineering"). However, some past examples are troubling, such as the HMO whose patient's psychological records were being kept online in questionable security. (P05.12) Currently, some universities have the Social Security Numbers of their students inadvertently online and accessible to the rest of the world. (Full Disclosure) Also, some databases may require different levels of security, which has not been adequately addressed. An example of different security levels is the DMV's fingerprint database; some fingerprints, such as those of Witness Protection Program persons, may need higher level of security than others. (R11.16)

Sub-Contracting

Another problem we are likely to see more of is sub-contracting, in which a private company actually maintains a database for the government. The risk of abuse (authorized and unauthorized) is obvious. Yet, health care reform in California and elsewhere now contract their patient databases to private companies. (P05.06) It is also likely that other government agencies will do likewise. (R9.44) Who has ultimate control over the data? Even if we trust the government with such data, do we trust the third-party?

The following example demonstrates some of the problems that arise when access to information is not protected.