What Does Lexis Nexis Know About Me?

LexisNexis (which acquired ChoicePoint) is the largest data-broker in the world. They create vast profiles on people and use that information to create various reports that they sell to companies of all kinds. These reports are used to make decisions about renting, insurance and more. In the past these reports have been purchased by law enforcement and criminal organizations; all to find out more information about you.

It might be a good idea to find out what's in your report, but it turns out neither simple web searching or LexisNexis themselves do much for listing out all the types of data they know about you. Well here's the list of information they had (or could have had) from my personal LexisNexis dossier:

Auto/Property Insurance Records:

LexisNexis is tied into the "Current Carrier" insurance information system used by insurance companies and agencies when deciding to issue you a policy. Think of it like a "credit report for insurance".

This includes 7 years worth of:

  • Name of insurance company
  • Your policy number
  • Type of policy (auto, boat, fire, quake, tenant, home, etc).
  • Risk type (standard, preferred, facility, etc).
  • Policy start date
  • Policy termination date and reason for termination
  • Names of each subject found on the policy

For auto, this also includes:

  • Insured vehicle (including VIN, year, and make)
  • Type of vehicle
  • Coverage amounts

For property, this also includes:

  • Address of property
  • Eviction records

Personal information that may be included

  • Date of Birth (partially omitted; ex. like 06/##/1970)
  • Sex
  • Social Security Number (Minus the last four digits)
  • Driver's license number (partially omitted)

"C.L.U.E"® insurance loss information reports (apparently reports on whether you're a high risk person or not)

"Esteem" report

This report lists circumstances relating to theft while working at a retail company (admitted or convicted).

In my case, this was of course blank so I don't know specifically what data items would have been included. Most entertaining, there's a line in the report that reads "If you believe we should have information about you in our Esteem Database, let us know"…. Wow.

Background Investigation

If any company ever pays LexisNexis to perform a background check on you, LexisNexis will keep the information for future sales purposes. This may include your full date driving record and your personal credit file.

Screennow ® report

This report shows results of a national criminal records search.

Public Records

  • Professional licences held (Doctor, lawyer, pharmacist, barber, insurance agent, pilot, etc)
  • Address history
  • Deed transfer data
  • Aircraft registration
  • Loan information (where the loan was secured with collateral: i.e. a car)
  • Bankruptcies, liens, and judgements
  • Controlled substance license (in case you want to know who can legally get illegal drugs)
  • Business affiliations – When you're an officer or principal of an incorporated company
  • Significant shareholder records

Employment history

They claim they'll only have history of employers who previously asked LexisNexis to do a background check on you.

Does that make you uncomfortable?

Data brokers are just a business like any other, but as the credit report companies proved, buying and reselling data carelessly leads to disaster. Considering that these reports are FAR more detailed with a much wider variety of information, I can only imagine the consequences of allowing them to proceed as they have been.

Fortunately, you may not have to.

I was able to order my report using this webpage. I believe that doing so would be a good idea, but after that, make sure to also use their opt out procedures if you can.

It turns out that they'll only let your data go if you can prove that you're an identity theft victim or in imminent danger of bodily harm (police officer, public officials, etc). But it's easy to understand why they make it hard. After all, why would you set free one of your prize milk cows for no good reason?

In the end, I hope that strong regulation is introduced before we reach a problem like we did with identity theft.

Tags: , ,

Farmville Spys on You

This is not surprising.

"Apps" are pieces of software that let Facebook's 500 million users play games or share common interests with one another. The Journal found that all of the 10 most popular apps on Facebook were transmitting users' IDs to outside companies.

The apps, ranked by research company Inside Network Inc. (based on monthly users), include Zynga Game Network Inc.'s FarmVille, with 59 million users, and Texas HoldEm Poker and FrontierVille. Three of the top 10 apps, including FarmVille, also have been transmitting personal information about a user's friends to outside companies.

Once you install a 3rd party application, you no longer have control. Think twice before touching any "app" about how much you care if your information remains private or is sold on the information black market.

Tags: ,

Facebook Yanks Your Phone Contacts Out of Your iPhone with App

Rule number 1: don't trust Facebook or any other marketer with your information. Anything you provide should be carefully researched to see how safe it is then provided only after deciding what risk you face.

Rule number 2: don't use automated processes to share information without even MORE careful research.

Breaking both rules is a new app from Facebook which will allow you (or one of your friends) to violate the privacy of many people at once by uploading your phonebook.

The greatest part is that you don't have to give up your phone number since one of your friends can instead! This is just like how Facebook let friends tell stalkers where to find you or add you to groups so someone who's mad at you can make you look like a pedophile.

Don't you love Facebook?

Tags: ,

Australian Government Getting Worse and Worse

Australia has so much Big Brother nastiness going on, sometimes they make even the UK look tame!

The newest development comes where the government is demanding service providers to store all e-mail and possibly web browsing history for all its subjects citizens.

According to the directive, where internet access is concerned, this means the ISPs must retain the user ID of users, email addresses of senders and recipients of email, the date and time that users logged on and off from a service, and their IP address — whether dynamic or static applied to their user ID.

Like most ideas of this nature, it's sold with a plausible premise of catching criminals, but if innocent people are to accept such an invasion, it must first be shown that:

  1. The data actually DOES help catch bad guys.
  2. The data won't be abused and misused by the government.

In the US, we fail most consistently on the second. I don't know, but I'm going to guess that Australia's track record isn't a lot better.

Tags: , ,

Finding a Name For Bully Data Practices Leads to Facebook

I found this pretty amusing:

The world needs a simple word or term that means "the act of creating deliberately confusing jargon and user-interfaces which trick your users into sharing more info about themselves than they really want to." Suggestions?

Although we didn't specifically mention Facebook in our question, … suggestions included "Zuckermining", "Infozuckering", "Zuckerpunch" and plenty of other variations on the name of Facebook's Founder and CEO, Mark Zuckerberg. Others suggested words like "Facebooking", "Facebaiting", and "Facebunk".

In the end, they went with a suggestion of "Evil Interfaces" which refers to any user interface that is designed to trick people out of their data or make them do something they don't want to do. Check out the source article for examples of the kind of "Evil Interfaces" they're talking about.

And one more thing before we go:

OK, perhaps the word "evil" is a little strong. There's no doubt that bad user-interfaces can come from good intentions. Design is difficult, and accidents do happen. But when an accident coincidentally bolsters a company's business model at the expense of its users' rights, it begins to look suspicious. And when similar accidents happen over and over again in the same company, around the same issues, it's more than just coincidence. It's a sign something's seriously wrong.

Beautifully worded.

Tags: , ,

Facebook Forces Users to Display Hometown, Work, Interests

Looks like they're doing it again. This time, they've made a change where even information you've set to private will be fully visible to strangers.

Today, Facebook removed its users' ability to control who can see their own interests and personal information. Certain parts of users' profiles, "including your current city, hometown, education and work, and likes and interests" will now be transformed into "connections," meaning that they will be shared publicly. If you don't want these parts of your profile to be made public, your only option is to delete them.

Of course, this doesn't affect me since my REAL friends already know all that stuff so I saw no reason to enter it into Facebook in the first place, but if you or someone you know has it, tell them to pull it down or put in fake data instead. Why broadcast information to strangers hoping that none of them will use it against you?


It looks like Lifehacker posted an article on how to restore your privacy after the change. Check it out

Tags: ,

Airport Worker Nude Scanned Co-Worker, Commented on Her “Attributes”

No more invasive than a pat down. Really?
No more invasive than a pat down. Really?

Privacy groups like The Electronic Privacy Information Center - EPIC have been warning us about these things for a long time and it seems like as much as the TSA would want us to believe otherwise, we were justified in raising the alarm.

In this case a male worker at Heathrow flipped the machine on as an attractive female co-worker walked near the machine. He apparently made some lewd comments and though I haven't been able to find any sources saying what those comments were, I think I can make some general guesses.

The British House of Commons said this of the machines when they were deployed:

"Having witnessed these full-body scanners working at first-hand, we are confident that the privacy concerns that have been expressed in relation to these devices are overstated and that full-body scanners are no more an invasion of privacy than manual "pat-downs" or searches of bags," the committee said.

Oh really? A pat down and a nudie scanner are the same thing? What do you think?

Tags: ,

What’s in Your Data Profile?

LexisNexis and ChoicePoint are two of the largest data-brokers in the world. They’re only product is information about you which they buy and sell with little to no regulation of any kind. I have always wondered what kind of information they keep about us, and now I know. In the profile I ordered from them, I found not only several pieces of my personal information, but descriptions of other kinds of information that they collect. Here is a summary:

Information they Had

  • Full first, middle, and last name
  • Wife first, middle, and last name
  • Address history with dates and locations
  • Social Security Number
  • Full date of birth
  • Driver’s License Number
  • Vehicle VIN
  • Insurance history including companies, policy details, dates of coverage, accidents, claims filed, etc.

Information they Collect, but Didn’t Have For Me

  • Auto and property insurance history
  • Pre-employment background report including “personal credit information” and state driving record.
  • An Esteem® report which lists admitted or convicted cases of theft while visiting or working at a retail company (used by retailers for hiring).
  • A ScreenNow® report which displays a ChoicePoint national criminal records search of your name and personal information (used for hiring and volunteer work).
  • A Resident Data® history that includes personal credit information and a criminal record search (used for rental applications).
  • A Resident Data® eviction report used for resident screening.
  • FAA Aircraft Registrations
  • Uniform Commercial Code filings (when securing a loan with collateral).
  • Bankruptcies, Liens, and Judgments
  • Professional Licenses
  • Pilot Licenses
  • Marine Radio Licenses
  • Controlled Substance Licenses (for physicians, dentists, pharmacies).
  • Firearms and Explosives Licenses
  • Business Affiliations (for officers or principals of an incorporated Company).
  • Significant Shareholders Search Results – If your name and address appear at the top of a corporation record.

And the most exciting part of all of this is that you never asked to be part of their profiles, they just take it. Neat huh?

Tags: , ,

Why You Shouldn’t Trust Facebook With Your Data

It looks like a Facebook employee decided to come clean about Facebook’s horrid data protection practices

Tags: ,

Facebook Founder Zuckerberg Tastes The Sting of His Own Bully Tactics

Betcha never meant for that to be public
Betcha never meant for that to be public

So Facebook is not exactly known for protecting people's privacy. Besides many grievous displays of poor security, they have only added decent privacy controls over time none of which matter because you can get to the pictures anyway and every installed Facebook app can get all your data too.

All that aside, assume that setting your privacy controls is still better than not setting them. Facebook pulled a real jerk move recently when it required all users when they first logged in for the day to make a decision about their privacy settings. You had to click to keep your current settings, but if you didn't, it would open your profile up using the new default settings.

Though it doesn't probably change anything in the long run, it's quite satisfying to know that Mark Zuckerberg, the founder and CEO of Facebook, fell prey to his own tactic.

In a bit of very interesting timing, Zuckerberg’s photos have been made public to the entire internet, mostly through a post from gossip blog Gawker, after Kashmir Hill at True/Slant discovered and reported that Zuckerberg was sharing photos with a wide circle — friends of friends — and his event calendar with everyone.

Serves him right.

Facebook did not immediately respond to a call seeking comment about whether Zuckerberg’s changes to his privacy settings were deliberate, leadership-by-example-style actions. But in a status update on his profile (pictured above), Zuckerberg says he sets most of his content open and “didn’t see a need to limit visibility of pics with my friends, family or my teddy bear :)”

Sure… He claims that he didn't mind that they were public and that he did it on purpose. Of course it wasn't proof positive that the settings changes are confusing and designed to nudge people out of their privacy into the public eye. Still, some would claim foul.

But why did Zuck suddenly decide to be less private than two months ago, when his settings were uber-private? You couldn’t even friend him before, and you certainly couldn’t see him shirtless..

The fact that Zuck drastically reduced his privacy settings makes me think the Facebook CEO did this accidentally, and now doesn’t want to change back for fear of the resulting PR disaster.

I wonder if Zuckerberg is regretting this move now. He can't go back towards privacy without making it seem that he's a hypocrite. Still, you have to wonder if he's going to start posting less information to his event calendar and photo albums than before since it's been forced for PR reasons to remain public.

Tags: , ,
How to Steal Identities - Why It's So Easy
Credit Freeze
Data Defense
Credit Monitoring
Id Theft Insurance
The Identity Theft Victim's Mini-Guide to Recovery
The Geek Privacy Principle
Nothing to Hide
Data Abuse
RFID - Radio Frequency IDentification
Privacy Alias/Persona
Data Defense
Online Addiction
The Consequences of Posting Online
Photo Safety
Tricks and Scams
Account Hijacking
Trusting Companies
Bad Passwords
Password Tips and Tricks
Password Protection
Password Mugging
Computer Security
E-mail Safety
Kids and Computers
Shopping Online
All About Warranties

Data Abuse

Learn how your data is taken from you and used against you by large companies for their own benefit.

[Click for full description]

How to Steal Identities - Why It's So Easy

Just why is it so easy to steal identities? Where is all this information coming from!?

[Click for full description]

Password Mugging

A disturbing new practice among websites and services is where they ask you for your user name and password to other sites. I call this "Password Mugging"

[Click for full description]