[funsec] Acxiom pitched feds on large-scale Web-surveillance
project in 2001
fergdawg at netzero.net
Tue Feb 7 12:29:01 CST 2006
In November 2001, Acxiom Corp. proposed to the U.S. Department of Justice that it conduct an Internetwide surveillance of Web sites touching on topics such as abortion, racial superiority, politics, religion, immigration, and foreign affairs, using technology designed to extract business contact information from dot-com sites.
Information about the proposed surveillance was included in documents released Thursday by the Electronic Privacy Information Center. The documents stated that information thus obtained could be used for both terrorism-related data analysis and an "Identity Verification System to be used by airlines, rental car agencies, and other business and government agencies."
My favorite part of this article, however, comes later in the text:
The data brokerage has been in the news several times over the past few years for security and privacy breaches. In 2003, it was revealed that Acxiom had given data on millions of passengers of JetBlue and other airlines to an Alabama firm preparing an antiterrorism study for the Department of Defense. While JetBlue apologized to passengers for violating its own customer-information policies, Acxiom drew fire from privacy advocates for not notifying those affected that private information -- including passenger names, addresses, gender, home-ownership status, income, number of children, Social Security number, occupation and vehicle information -- had been turned over to Torch Systems for use in development of its "Homeland Security: Airline Passenger Risk Assessment" study.
In 2004, six Floridians associated with defunct e-mail marketing firm Snipermail.com were charged with hacking Acxiom's FTP servers and stealing 8.2GB of information on 1.6 billion consumers. That data included names, e-mail and mailing addresses, and phone numbers, as well as banking and credit card data, including account numbers. A Snipermail executive, Scott Levine, was eventually convicted of 120 counts of unauthorized access to data in that case; a presentencing report released last month indicates that he could serve between 19-and-a-half and 24 years for those crimes.
On its Web site, Acxiom claims to work with nine of the top 10 credit card issuers, eight of the top nine automotive manufacturers, five of the top six magazine publishing companies, nine of the top 10 retail banks, seven of the top 10 retailers, eight of the top 10 telecommunications companies, and five of the top six media entertainment companies.
How comforting. :-/
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg at netzero.net or fergdawg at sbcglobal.net
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the funsec