[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fwd: YOUR personal information in Lexis database
Re: Devlin's note...
What's more, the SSN *is* still in there. I've done some checking. Even
Lexis/Nexis admits this. P-Trak just doesn't give you SSNs when you dig up a
name. However, it does let you input an SSN, and then will tell you the
name that (supposedly) belongs to the SSN. Obviosly, the SSNs are still
there, and are still tied to name records.
Now, about the CD-ROM version:
What this also means is that anyone with rudimentary cracking skills,
like enough smarts to use a hex editor, if it's even that hard, can get
at the SSNs in the database, unless there's some robust crypto involved.
Even assuming a proprietary format, it probably wouldn't be difficult for
any database designer to figure out the spec of the records, and write a
new interface to the database, designed to do nothing but give you SSNs
in response to name input.
What it also also means is that if a CD-ROM with the SSNs in full view
was ever published by Lexis/Nexis, it is still out there, in the hands of
whoever bought it, all discussion of hacking the versions with hidden SSNs.
Lexis/Nexis' reassurances ring very hollow the more one thinks about all
And this doesn't even touch the question of the impropriety, the
downright sleaze, of creating a database so that cops, without any kind
of warrant or subpoena, not to mention the shifty and often rather
dangerous types who infest the skip tracer, process server, bounty hunter
and PI fields, can "look you up".
L/N also completely avoids the issue of their repurposing of public
records, which were intially created on paper in disparate govt. offices
for purposes of ascertaining particular facts about a particular
individual by going down to the office and looking it up in filing cabinet.
Now it's all combined on a disk, for convenient searches and extraction
for any purpose you have in mind, with blistering speed, and by the thousand.
L/N furthermore neglects to mention the credit agency and other private
sector alleged sources of much of this data, harping on the public-sector
<HTML><A HREF="http://www.eff.org/~mech/"> Stanton McCandlish
</A><HR><A HREF="mailto:firstname.lastname@example.org"> email@example.com
</A><P><A HREF="http://www.eff.org/"> Electronic Frontier Foundation
</A><P><A HREF="http://www.eff.org/A"> Online Activist </A></HTML>