Balneus

Australian Lefty on Politics, Governance, Science and Info Management

When a government wants to commit ID theft

Posted by Dave Bath on 2009-06-23


From Ars Technica ("City to job applicants: Facebook, Myspace logins please" 2009-06-18) comes something deeply disturbing.

The city of Bozeman Montana, however, has decided that all of that is too much work—it’s now requesting that potential employees hand over the login credentials for any social networking sites they frequent.

It seems to me that this idea is just plain wrong on so many levels, not just an invasion of privacy of the individual with no equivalent disclosure by the city of Bozeman Montana (of all banking records, for example, or better still, give the applicant the city’s digital key to peruse and publish all contract details), but also an invasion of privacy of all third parties that have granted privileges to particular individuals.

It also opens up a huge opportunity for abuse by individuals, not limited merely to someone working for Bozeman given the credentials of their ex-spouse!  With the way government agencies squirrel away data, it would take about 10 seconds to blacklist someone forever with a simple status update on a social website ("Activities: burning cute kittens alive, eating babies, implementing my evil plan to destroy the world; Religious Views: Satanist; …. " – you get the idea).  From the details available to the "investigator", it would be trivial to answer questions over the phone from many utilities – and get power and/or phone disconnected.

Just imagine you had the social website login of someone you disliked (whether because you knew them, or just plain didn’t like an "ethnic" name) – how would you go about destroying the reputation of that person?  Yes, fun to contemplate, until you realize it can be done to you!

So, after reading this, who is thinking about creating a faux gmail and facebook/myspace account, with only "nice" friends, discussing only how wonderful potential employers are?

Meanwhile, I cannot wait for such abuse to be uncovered (it’s doubtless already happened), preferably with a very large damages bill.

Advertisements

3 Responses to “When a government wants to commit ID theft”

  1. Fabian said

    Apparently they reneged http://news.slashdot.org/story/09/06/20/0146252/Bozeman-MT-Drops-Password-Info-Requirement

    • Dave Bath said

      Thanks Fabian. I noted it just after flipping my draft post of a few days back to published.
      Mind you, I think we’ll have to be on the lookout for similar adventures.
      (And the episode says ooodles about the awareness about privacy issues by different levels of government…. and it ain’t just US town councils that have that problem!)

  2. Daniel said

    http://www.newsy.com/videos/public_privacy also ran a video about the city backing off. Not only is handing over your login details extremely dangerous, but it’s also against point 4.6 on the Facebook Terms of Service. They apparently wound up getting in touch with the city as well about the requirement.

    With the global backlash it sparked, I think anyone else trying to pull a similar deal will do their darnedest to hide it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: