[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fwd: YOUR personal information in Lexis database
it looks like demanding to have one's personal info. removed
from their database will only have a symbolic effect --
since it's unlikely that Lexix/Nexis is going to go back through
all of their records & the CD-ROMs they've already sold to delete
information. The whole idea is pretty disturbing -- shouldn't a
private company have to get permission to publish & distribute
personal information on private citizens??? (well, obviously they
DON'T have to). Even if you consider bounty hunters, collection
agents etc to be semi-official, what about individuals looking
getting access to this information for their own, less than
scrupulous purposes, such as stalkers, ex-husbands of battered
women, etc? There are plenty of people out there with "legitimate"
personal safety reasons for not wanting to be found! What
Lexis/Nexis needs is to get slapped with a good lawsuit once the
inevitable happens & someone gets hurt/killed because of
information the Company made available!
>Date: Thu, 19 Sep 1996 22:28:35 -0400 (EDT)
>From: Stanton McCandlish <email@example.com>
>To: Multiple recipients of list <firstname.lastname@example.org>
>Subject: Re: Fwd: YOUR personal information in Lexis database
>Re: Devlin's note...
>What's more, the SSN *is* still in there. I've done some checking.
>Lexis/Nexis admits this. P-Trak just doesn't give you SSNs when
you dig up
>name. However, it does let you input an SSN, and then will tell
>name that (supposedly) belongs to the SSN. Obviosly, the SSNs are
>there, and are still tied to name records.
>Now, about the CD-ROM version:
>What this also means is that anyone with rudimentary cracking
>like enough smarts to use a hex editor, if it's even that hard,
>at the SSNs in the database, unless there's some robust crypto
>Even assuming a proprietary format, it probably wouldn't be
>any database designer to figure out the spec of the records, and
>new interface to the database, designed to do nothing but give you
>in response to name input.
>What it also also means is that if a CD-ROM with the SSNs in full view
>was ever published by Lexis/Nexis, it is still out there, in the hands of
>whoever bought it, all discussion of hacking the versions with hidden
>Lexis/Nexis' reassurances ring very hollow the more one thinks about all
>And this doesn't even touch the question of the impropriety, the
>downright sleaze, of creating a database so that cops, without any kind
>of warrant or subpoena, not to mention the shifty and often rather
>dangerous types who infest the skip tracer, process server, bounty hunter
>and PI fields, can "look you up".
>L/N also completely avoids the issue of their repurposing of public
>records, which were intially created on paper in disparate govt. offices
>for purposes of ascertaining particular facts about a particular
>individual by going down to the office and looking it up in filing cabinet.
>Now it's all combined on a disk, for convenient searches and extraction
>for any purpose you have in mind, with blistering speed, and by the
>L/N furthermore neglects to mention the credit agency and other private
>sector alleged sources of much of this data, harping on the public-sector
><HTML><A HREF="http://www.eff.org/~mech/"> Stanton McCandlish
></A><HR><A HREF="mailto:email@example.com"> firstname.lastname@example.org
></A><P><A HREF="http://www.eff.org/"> Electronic Frontier
></A><P><A HREF="http://www.eff.org/A"> Online Activist