Europe too? US acquires hundreds of millions of Latino citizens' data

Backdoor men

  • alert
  • submit to reddit

Top three mobile application threats

The President's favorite database company, Choicepoint Inc., has acquired personal data on hundreds of millions of citizens in ten Latin American countries without their knowledge or consent. Data includes Mexico's Federal Electoral Register, details of drivers in Mexico City and Colombia.

"This is a corporation that works hand in glove with, and is politically connected to the administration, and does things that the US dare not do," Greg Palast, who uncovered Choicepoint's role in the 2000 election, told The Register last week. Choicepoint had been given a $67 million contract for data gathering on September 25, 2001. The contract lasts until 2005.

"It's doing this everywhere," said Palast, "but in Mexico it was caught out."

The scandal broke three weeks ago after an investigation by Mexican newspaper Milenio, although it received scant attention Stateside. But a report in today's Guardian should give it fresh impetus.

From the Guadalajara Times we learn that the company has been active in Brazil, Colombia, Venezuela, Costa Rica, Guatemala, Honduras, El Salvador and Nicaragua. However, the Times reports that Choicepoint has discontinued its role in Argentina, "due to lack of demand and a strict new law relating to privacy".

But ChoicePoint isn't shy about boasting of its Latino assets.

"You know the value of ChoicePoint's domestic data," begins a 2001sales brochure for its 'AutoTrack XP' product uncovered by privacy group EPIC under the Freedom of Information Act. "Now you can locate and identify business assets in foreign countries with ChoicePoint's new International searches".

"ChoicePoint gives you the most comprehensive online International data available, with individual and business information from Mexico, Colombia, Argentina [oops? - ed.] Brazil and Costa Rica."

"ChoicePoint is the only vendor capable of providing online access to the following data sets and/or functionality:

a) complete listings of all Mexican, Colombian and Argentine citizens
b) inclusion of unlisted numbers in telephone files in Mexico, Brazil and Argentina
c) inclusion of Mexican vehicle and driver license data
d) complete listing of Columbian company data
e) inclusion of personal identification information for Brazilian business people
f) full usability in English language

(Go here [200kb PDF] and here [292kb PDF] for the documents.)

The second document records that the US Department of Justice paid $11m for "access to ChoicePoint databases."

Now, you might ask, doesn't the US have official agencies that are supposed to undertake a much more focused version of this intelligence gathering? Indeed, it does, and being conscientious government agencies, the staff (in our experience) take information integrity pretty seriously. The value that ChoicePoint's places on data integrity is quite germane, as we shall see.

Who is Choicepoint Inc.?
In a letter to SEC last year, ChoicePoint described itself as "a leading information company with a long history of developing products and services for federal and state government agencies to locate individuals, businesses, and assets and to authenticate individuals' identities."

That long history goes back less than six years to August 1997, when Choicepoint was spun off from Equifax, where it was Equifax's Insurance Services Group.

An early earning statement described how "in business and government markets" it provided services including "pre-employment and drug testing, public records information, UCC search and filing."

A more recent statement is both fuzzier and warmer:

"ChoicePoint (NYSE :CPS) is the leading provider of identification and credential verification services for making smarter decisions in today's fast-paced world, serving the information needs of business, government and individuals."

"ChoicePoint is committed to protecting personal privacy and promoting the responsible use of information to help create a safer world."

But ChoicePoint's credentials as a responsible user of information were tested in its role in Florida, in the 2000 Election - a story that's probably more familiar to readers outside the United States than in.

ChoicePoint was given a contract to maintain Florida's electoral rolls and conveniently managed to scrub as many as 91,000 voters most of whom were poor or black. A complex and determined effort to disenfranchise a small number of people.

Standards body

But ChoicePoint has another role to play in a quite unexpected way. It's the guardian of our commercial data integrity. The "Providing Appropriate Tools Required to Intercept and Obstruct Terrorism" (PATRIOT) Act 2001 blessed the company as a kind of standards setter. Banks have been instructed to issue data in a format ChoicePoint likes, which will come as a surprise to the IETF, or the W3C, or OASIS, next time a web standard has to be set. But there you go. And ChoicePoint was singled out by name.

The commercial potential of this new PATRIOT-compatible standard was illustrated here by Sybase which is suddenly falling over itself to help the Homeland. Over at Choicepoint there's a handy compliance brochure you can read advising you how to comply with the PATRIOT Act. And not to complicate the picture too much, Marv Bush, one of the aforementioned Bush family, channeled money to Sybase via his job as a VC at Winston Partners. So you can see how they gamble, these Bushes.

With an essential part of US intelligence gathering now privatized, which we didn't know before - what else does this tell us? Palast reminds us that the state can now demand and control information flows without a warrant. Which is one of those nice 'Thank You's' that we expect, and would appreciate.®

Build a business case: developing custom apps

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
Bose says today is F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Chips are down at Broadcom: Thousands of workers laid off
Cellphone baseband device biz shuttered
prev story


Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.