Acxiom pitched feds on large-scale Web-surveillance project in 2001

["Fergie" <fergdawg () netzero net>]

Via ComputerWorld.

[snip]

In November 2001, Acxiom Corp. proposed to the U.S. Department of Justice that it conduct an Internetwide surveillance 
of Web sites touching on topics such as “abortion, racial superiority, politics, religion, immigration, and foreign 
affairs,” using technology designed to extract business contact information from dot-com sites.

Information about the proposed surveillance was included in documents released Thursday by the Electronic Privacy 
Information Center. The documents stated that information thus obtained could be used for both terrorism-related data 
analysis and an "Identity Verification System to be used by airlines, rental car agencies, and other business and 
government agencies." 

[snip]

My favorite part of this article, however, comes later in the text:

[snip]

The data brokerage has been in the news several times over the past few years for security and privacy breaches. In 
2003, it was revealed that Acxiom had given data on millions of passengers of JetBlue and other airlines to an Alabama 
firm preparing an antiterrorism study for the Department of Defense. While JetBlue apologized to passengers for 
violating its own customer-information policies, Acxiom drew fire from privacy advocates for not notifying those 
affected that private information -- including passenger names, addresses, gender, home-ownership status, income, 
number of children, Social Security number, occupation and vehicle information -- had been turned over to Torch Systems 
for use in development of its "Homeland Security: Airline Passenger Risk Assessment" study.

In 2004, six Floridians associated with defunct e-mail marketing firm Snipermail.com were charged with hacking Acxiom's 
FTP servers and stealing 8.2GB of information on 1.6 billion consumers. That data included names, e-mail and mailing 
addresses, and phone numbers, as well as banking and credit card data, including account numbers. A Snipermail 
executive, Scott Levine, was eventually convicted of 120 counts of unauthorized access to data in that case; a 
presentencing report released last month indicates that he could serve between 19-and-a-half and 24 years for those 
crimes.

On its Web site, Acxiom claims to work with nine of the top 10 credit card issuers, eight of the top nine automotive 
manufacturers, five of the top six magazine publishing companies, nine of the top 10 retail banks, seven of the top 10 
retailers, eight of the top 10 telecommunications companies, and five of the top six media entertainment companies. 

[snip]

How comforting. :-/

http://www.computerworld.com/printthis/2006/0,4814,108348,00.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.