Altherion Posted June 19, 2017 Share Posted June 19, 2017 This was briefly mentioned in the US Politics thread, but its main significance is not political. According to a firm called UpGuard, roughly 200 million records of American voters were made publicly available due to a misconfigured database (here's a BBC summary). The information was gathered from the 2012 and 2008 elections (some are from 2016, but only for Florida and Ohio). There's a whole lot of stuff there, but the most relevant to most people are probably the full names, addresses and telephone numbers. In addition, each record includes fields such as extrapolated ethnicity and religion, latitude and longitude (presumably derived from the address) and weirder stuff like info from Reddit discussions and other means of figuring out political biases (there's a long, long list of extrapolated political positions). The database belongs to a firm associated with the Republican National Committee, but the records aren't only of Republicans -- this appears to be nearly all potential American voters from the past decade (i.e. it's highly likely that the Democratic party has a similar database). The means by which UpGuard got their hands on it are one of the simplest forms of security inspection: they were looking for publicly accessible links on an Amazon server and this data was on one of them. That is, if you know the name of the link, you have access to it without any passwords or other security measures. And this wasn't one of those Google links which are in and of themselves a strong password; it was “dra-dw”. Link to comment Share on other sites More sharing options...
Lyanna Stark Posted June 20, 2017 Share Posted June 20, 2017 Ouch, and no shit is this bad, or "troubling" as this person puts it. Quote Although it is known that political parties routinely gather data on voters, this is the largest breach of electoral data in the US to date and privacy experts are concerned about the sheer scale of the data gathered. "This is deeply troubling. This is not just sensitive, it's intimate information, predictions about people's behaviour, opinions and beliefs that people have never decided to disclose to anyone," Privacy International's policy officer Frederike Kaltheuner told the BBC News website. Especially considering a. how easy it was to access (I mean, WTF?) and b. how big data analysis of this type is used to specifically target certain demographics to essentially dupe them. Link to comment Share on other sites More sharing options...
Castellan Posted June 20, 2017 Share Posted June 20, 2017 Ummm so I guess its legal for them to acquire the voter registration database and add records? Link to comment Share on other sites More sharing options...
Fez Posted June 20, 2017 Share Posted June 20, 2017 3 hours ago, Castellan said: Ummm so I guess its legal for them to acquire the voter registration database and add records? Its not so much the voter registration database (although, yes, I believe that is legal to acquire) its that they (and Democrats, this is standard practice) collect huge amounts of data on every potential voter to help determine their chances of voting, their voting preferences, and how to ensure they vote for their candidates. And this kind of data is available to large numbers of people working for various party committees and campaigns; right on down to the local level (so long as the state/local party apparatus is supporting them). But now its available to far more people. And with the amount of data in there, there's all sorts of things someone could get up to with it. Link to comment Share on other sites More sharing options...
Fragile Bird Posted June 20, 2017 Share Posted June 20, 2017 26 minutes ago, Fez said: Its not so much the voter registration database (although, yes, I believe that is legal to acquire) its that they (and Democrats, this is standard practice) collect huge amounts of data on every potential voter to help determine their chances of voting, their voting preferences, and how to ensure they vote for their candidates. And this kind of data is available to large numbers of people working for various party committees and campaigns; right on down to the local level (so long as the state/local party apparatus is supporting them). But now its available to far more people. And with the amount of data in there, there's all sorts of things someone could get up to with it. Fez, somewhere along the way (the US Politics thread???) I read the suggestion that this was in the cloud the way it was because of laws dealing with the reporting of donations, that the funding was from PACs but the information could be accessed by any Republican campaign. I have no idea how the campaign funding laws work, as far as I know your system has no rules. But could this have been done to circumvent rules? Link to comment Share on other sites More sharing options...
Fez Posted June 20, 2017 Share Posted June 20, 2017 16 minutes ago, Fragile Bird said: Fez, somewhere along the way (the US Politics thread???) I read the suggestion that this was in the cloud the way it was because of laws dealing with the reporting of donations, that the funding was from PACs but the information could be accessed by any Republican campaign. I have no idea how the campaign funding laws work, as far as I know your system has no rules. But could this have been done to circumvent rules? Maybe? But that seems like a roundabout and sloppy way of doing things. And while Republican governance is sloppy; their electoral apparatus is anything but these years. I suspect this is due to an isolated screwup by some database manager. Link to comment Share on other sites More sharing options...
Mlle. Zabzie Posted June 20, 2017 Share Posted June 20, 2017 I'm actually curious how this plays out and if anyone cares. I'm guessing that other scandals will far eclipse and that really no one really cares. Link to comment Share on other sites More sharing options...
Week Posted June 20, 2017 Share Posted June 20, 2017 Shouldn't this cost these firms beaucoup $$$ for failing to secure PII data or is that not the case because the data was not explicitly given to them by consumers/clients? Most googling seems to suggest that there may not be any recourse ... Link to comment Share on other sites More sharing options...
Mlle. Zabzie Posted June 20, 2017 Share Posted June 20, 2017 What this does do is to shine a spotlight (to the extent anyone cares) on the ethics of big data, its uses, and ultimately the use of AI to manage and utilize this big data. Link to comment Share on other sites More sharing options...
Lyanna Stark Posted June 20, 2017 Share Posted June 20, 2017 9 minutes ago, Mlle. Zabzie said: What this does do is to shine a spotlight (to the extent anyone cares) on the ethics of big data, its uses, and ultimately the use of AI to manage and utilize this big data. Yes indeed, and how this is not at all unproblematic. Not in the least because legislators are often woefully uninformed about how technology actually works, leaving them behind when technological solutions rush a head, unregulated. Link to comment Share on other sites More sharing options...
rocksniffer Posted June 21, 2017 Share Posted June 21, 2017 luckily i am an independent so i am guessing my info is safe but so help me this should get republicans on board to stop these kind of intrusions... but i ain't holding my breath.... Link to comment Share on other sites More sharing options...
all swedes are racist Posted June 21, 2017 Share Posted June 21, 2017 4 minutes ago, rocksniffer said: luckily i am an independent so i am guessing my info is safe but so help me this should get republicans on board to stop these kind of intrusions... but i ain't holding my breath.... i don't think party affiliation matters, this is supposedly info on like, 99% of all registered voters in the u.s. Link to comment Share on other sites More sharing options...
rocksniffer Posted June 21, 2017 Share Posted June 21, 2017 1 minute ago, commiedore said: i don't think party affiliation matters, this is supposedly info on like, 99% of all registered voters in the u.s. yes i heard it that way too, but i figure i am not on the party lists...my voter data is in my county only so they gotta hack richland county sc to get me...at least this is my hope Link to comment Share on other sites More sharing options...
karaddin Posted June 22, 2017 Share Posted June 22, 2017 Unfortunately I'm pretty sure that's not correct sniffer. A lot of it is info gleaned from other sources, and the baseline "is a registered voter" bit of info would still be in national databases. We're all in this sort of thing now, its just a matter of whether your profile fits what their algorithm decides is the profile of someone vulnerable to targeted advertising. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.