A "High Degree" of Suspicion
July 21st, 2006 § Leave a Comment
Last week, an associate of mine had the pleasure of visiting a State of California Employment Development office. This one of those places where state employees help out-of-work citizens create resumes, search online for jobs and prepare for an interview.
Not surprisingly, the place was somewhat of a joke — apparently the people who worked there didn’t even know how to format a resume for printing. But beyond the stories he told me about job-seekers who couldn’t land work if they had Bill Gates’ resume, the thing he found most interesting was this flyer the office was giving out to veterans:
Now we all remember the big story about the veterans data that was stolen from the home of an employee who had taken the information home without authorization. It was the first of what would be many stories about unsecure government computers and laptops having been stolen or compromised. Later, we found out that there was data on active duty personnel on the same computer. So concerned was the government about identity theft, the Veterans Affairs Department announced that they would provide a year of free credit monitoring services to those affected by the data loss. Of course, that type of large-scale program doesn’t come cheap.
First, they proposed taking using funds that was normally spent on veterans’ health and benefits. That didn’t fly in Congress. Next, the White House put forth a plan to use funds that would otherwise go to food stamp services, student loans and farmers to cover the costs of the monitoring. Congress wasn’t thrilled about that either, although I suspect that the anger over this plan was less bipartisan than the first.
Needless to say, the VA was in quite a pickle. But then, their funding problems were miraculously solved! The stolen laptop was recovered, the FBI determined with a “high degree of confidence” that the data had not been comprised and the free credit monitoring offer was withdrawn. Viola! No more funding problems.
Of course, the flyer in the EDD tells another story. One could easily write it off as the VA simply encouraging veterans to be cautious, since a “high degree of confidence” isn’t absolute certainty. But where would “phishers” get the email addresses of veterans, if not from the stolen data itself? I have to assume that it would be difficult to find a public database of veteran names and emails (although in light of all the data breaches, who knows), available for any Tom, Dick or Harry to utilize for personal or professional reasons. Maybe “phishers” are taking a shotgun approach, emailing every address they have on file, figuring they’ll hit some veterans eventually?
This wouldn’t be a new strategy for spammers, as is clear from my bulk mailbox full of Viagra ads and mortgage approvals. But a quick search of the 1700 spam emails in my account retuns zero speaking to me as a potential veteran. With the wide variety of content found in my bulk email folder, it seems that I would have received at least one message of that variety, if in fact the spammers are taking the shotgun approach. So what does all this mean?
Call me a conspiracy theorist, but the only conclusion I can draw from this sequence of events is that the data from the laptop was indeed compromised, but because the VA couldn’t find funds to pay for the free credit monitoring, the FBI said everything was hunky-dory so that no such monitoring would be needed. I know, it sounds crazy, but the miniscule amount of trust I once had in this administration has completely disappeared. Considering their “what’s the problem?” attitude after culling through our personal phone records, bank statements and political activities, I’m probably not the only one who wouldn’t put this type of stunt past them.
Technorati Tags: Veterans, Vets, Data Breach, Identity Theft, VA, FBI, Phishing, Credit Monitoring, Congress, Bush Administration, Bush, Conspiracy
Can We Trust the Government With Our Data?
July 9th, 2006 § Leave a Comment
With the New York Times’s new assertion that the U.S. government has been tracking financial information from international banks, American citizens are once again left wondering if our government knows best how to handle our most personal data.
Like the stories that broke a few months ago regarding international and possibly domestic NSA phone tapping and call record data mining, this revelation is probably not shocking to us closet conspiracy theorists. If you’re like me and inherently suspicious of the NSA’s activities, you probably already refrain from saying things on the phone that might trigger an alert from whoever is listening in.
Now, I can’t deny that one of the government’s main responsibilities is to protect its citizens from criminals, whether they come in the form of al Queda or identity thieves. But when taken with the Patriot Act’s flagrant lack of oversight, these programs require us to completely trust those that monitor our activities, whether physical, digital or otherwise.
Personally, I don’t think that the Bush administration has earned that kind of trust. Between the bad intelligence on Iraq’s WMD capabilities and the unbelievably incompetent response to Katrina, I don’t think I’d trust them to watch a pet fish while I was gone for a long weekend. But beyond that, we’ve seen story after story in recent months that detail how they’ve failed to safeguard the basic data they already have about us. From social security numbers to medical records, our information is apparently being taken home from government offices on laptops and left in personal cars for the common auto thief to steal way more often than we all probably throught (and would prefer).
It all comes down to the simple notion of credibility. If the Bush administration is going to ask us to trust them with not only our personal data, but our lives, they need to start earning that trust. Bush and Tony Snow’s responses to the most recent NY Times story implied that people’s lives were at risk now that terrorists know we’re tracking their finances. First, do Bush & Co. really expect us to believe that the people who carried out 9/11, an attack that was obviously well researched and meticulously planned, are too clueless to realize that major banking institutions might be looking at transactions and notifying government agencies of suspicious activities? Second, in the real world (not the Little Red Riding Hood realm of good vs. evil that’s often used as a scare tactic), what’s the more likely scenario — another 9/11 attack or a person’s identity being stolen from an unsecured government laptop? Bin Laden was living in a cave the last time I checked.
Technorati Tags: Data Breach, Identity Theft, New York Times, NY Times, Vets, Veterans, NSA, Phone Tapping, Wire Tapping, Financial Records, al Queda, Patriot Act, Security, Bin Laden, September 11, 9-11,
