AOH :: ISNQ5387.HTM

Obama passport files violated; 2 workers at State fired; 1 rebuked




Obama passport files violated; 2 workers at State fired; 1 rebuked
Obama passport files violated; 2 workers at State fired; 1 rebuked



http://www.washingtontimes.com/apps/pbcs.dll/article?AID=/20080320/NATION/541139809/1001 

By Bill Gertz
The Washington Times
March 20, 2008

Two State Department employees were fired recently and a third 
disciplined for improperly accessing electronic personal data on 
Democratic presidential candidate Sen. Barack Obama, Bush administration 
officials said today.

The officials, all contract workers, used their authorized computer 
network access to look up files within the department's consular affairs 
section, which processes and stores passport information, and read Mr. 
Obama's passport application and other records, in violation of 
department privacy rules, State Department spokesman Sean McCormack 
said.

Secretary of State Condoleezza Rice was notified of the security breach 
today, and responded by saying security measures used to monitor records 
of high-profile Americans worked properly in detecting the breaches.

Mr. McCormack said the officials did not appear to be seeking 
information on behalf of any political candidate or party.

"As far as we can tell, in each of the three cases, it was imprudent 
curiosity," Mr. McCormack told The Washington Times.

A similar data breach took place in 1992 when State Department officials 
looked up data on presidential candidate Bill Clinton, in an attempt to 
find out information from the late 1960s, amid unfounded political 
campaign rumors that Mr. Clinton had sought to renounce his citizenship 
to dodge the draft during the Vietnam War while a Rhodes Scholar at 
Oxford.

That incident triggered a three-year investigation by a special 
prosecutor, who found that no laws were violated but officials exercised 
poor judgment. The 1992 search of Mr. Clinton's passport records was 
part of an effort to speed up Freedom of Information Act requests.

The Obama campaign denounced the accessing as "an outrageous breach of 
security and privacy, even from an Administration that has shown little 
regard for either over the last eight years." Spokesman Bill Burton said 
"our governments duty is to protect the private information of the 
American people, not use it for political purposes. This is a serious 
matter that merits a complete investigation, and we demand to know who 
looked at Senator Obamas passport file, for what purpose, and why it 
took so long for them to reveal this security breach."

One administration official said the FBI is conducting a preliminary 
inquiry into the officials involved in the unauthorized access incidents 
related to Mr. Obama, Illinois Democrat. An FBI spokesman could not be 
reached for comment.

Government records of political candidates are tightly restricted 
because of concerns they could be used against candidates or the data 
could be altered as part of campaign dirty tricks.

In this case, it does not appear that records were copied or altered, 
Mr. McCormack said.

Passport application data includes such details as date and place of 
birth, e-mail address, mailing address, Social Security number, former 
names and travel plans. Mr. Obama was born in Honolulu in 1961 to a 
Kenyan father and American mother. He lived in Jakarta, Indonesia, from 
age six to 10.

Computer-monitoring equipment detected the activities by the three 
employees on Jan. 9, Feb. 21 and March 14, triggering alarms in each 
case, Mr. McCormack said.

Mr. McCormack said the officials accessed Mr. Obama's records "without a 
need to do so."

"In each case, we immediately contacted our contractors, their employer, 
and two were fired and one was disciplined," he said.

"We have strict rules restricting access to passport records," Mr. 
McCormack said.

Each time an employee logs on to the passport-records network, they are 
informed that the records are protected by the Privacy Act and are 
"available only on a need-to-know basis," he said. But no technical bar 
prevents a person, once he is in the system, from gaining access to 
Privacy Act-protected records to which he has no "need-to-know" rights.

But the network has an electronic monitoring system that is tripped when 
an employee accesses a record of a prominent person, like Mr. Obama. The 
alarm then triggers an inquiry into the incident, and "when the answer 
is not satisfactory, a supervisor is notified."

Such records can be accessed when it is part of an official inquiry, but 
in the case of Mr. Obama, it was not, Mr. McCormack said.

Asked whether a political candidate or party is behind the incidents, 
Mr. McCormack said: "None at this point in time that we have 
determined."

Mr. McCormack declined to provide the names of the employees or the 
contract, but he said they were hired by the contractor involved in 
producing, processing and approving passports.

"This is supposed to be a transaction between an individual and the 
government, and this is private information that we take a lot of steps 
to protect, and we take that responsibility seriously, not only for high 
profile individuals but for everybody," he said.

Mr. McCormack said the incidents took place at consular affairs 
facilities in the Washington area.

Copyright 2007 The Washington Times, LLC.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 

Site design & layout copyright © 1986-2014 CodeGods