By Bill Gertz
The Washington Times
March 20, 2008
Two State Department employees were fired recently and a third
disciplined for improperly accessing electronic personal data on
Democratic presidential candidate Sen. Barack Obama, Bush administration
officials said today.
The officials, all contract workers, used their authorized computer
network access to look up files within the department's consular affairs
section, which processes and stores passport information, and read Mr.
Obama's passport application and other records, in violation of
department privacy rules, State Department spokesman Sean McCormack
Secretary of State Condoleezza Rice was notified of the security breach
today, and responded by saying security measures used to monitor records
of high-profile Americans worked properly in detecting the breaches.
Mr. McCormack said the officials did not appear to be seeking
information on behalf of any political candidate or party.
"As far as we can tell, in each of the three cases, it was imprudent
curiosity," Mr. McCormack told The Washington Times.
A similar data breach took place in 1992 when State Department officials
looked up data on presidential candidate Bill Clinton, in an attempt to
find out information from the late 1960s, amid unfounded political
campaign rumors that Mr. Clinton had sought to renounce his citizenship
to dodge the draft during the Vietnam War while a Rhodes Scholar at
That incident triggered a three-year investigation by a special
prosecutor, who found that no laws were violated but officials exercised
poor judgment. The 1992 search of Mr. Clinton's passport records was
part of an effort to speed up Freedom of Information Act requests.
The Obama campaign denounced the accessing as "an outrageous breach of
security and privacy, even from an Administration that has shown little
regard for either over the last eight years." Spokesman Bill Burton said
"our governments duty is to protect the private information of the
American people, not use it for political purposes. This is a serious
matter that merits a complete investigation, and we demand to know who
looked at Senator Obamas passport file, for what purpose, and why it
took so long for them to reveal this security breach."
One administration official said the FBI is conducting a preliminary
inquiry into the officials involved in the unauthorized access incidents
related to Mr. Obama, Illinois Democrat. An FBI spokesman could not be
reached for comment.
Government records of political candidates are tightly restricted
because of concerns they could be used against candidates or the data
could be altered as part of campaign dirty tricks.
In this case, it does not appear that records were copied or altered,
Mr. McCormack said.
Passport application data includes such details as date and place of
birth, e-mail address, mailing address, Social Security number, former
names and travel plans. Mr. Obama was born in Honolulu in 1961 to a
Kenyan father and American mother. He lived in Jakarta, Indonesia, from
age six to 10.
Computer-monitoring equipment detected the activities by the three
employees on Jan. 9, Feb. 21 and March 14, triggering alarms in each
case, Mr. McCormack said.
Mr. McCormack said the officials accessed Mr. Obama's records "without a
need to do so."
"In each case, we immediately contacted our contractors, their employer,
and two were fired and one was disciplined," he said.
"We have strict rules restricting access to passport records," Mr.
Each time an employee logs on to the passport-records network, they are
informed that the records are protected by the Privacy Act and are
"available only on a need-to-know basis," he said. But no technical bar
prevents a person, once he is in the system, from gaining access to
Privacy Act-protected records to which he has no "need-to-know" rights.
But the network has an electronic monitoring system that is tripped when
an employee accesses a record of a prominent person, like Mr. Obama. The
alarm then triggers an inquiry into the incident, and "when the answer
is not satisfactory, a supervisor is notified."
Such records can be accessed when it is part of an official inquiry, but
in the case of Mr. Obama, it was not, Mr. McCormack said.
Asked whether a political candidate or party is behind the incidents,
Mr. McCormack said: "None at this point in time that we have
Mr. McCormack declined to provide the names of the employees or the
contract, but he said they were hired by the contractor involved in
producing, processing and approving passports.
"This is supposed to be a transaction between an individual and the
government, and this is private information that we take a lot of steps
to protect, and we take that responsibility seriously, not only for high
profile individuals but for everybody," he said.
Mr. McCormack said the incidents took place at consular affairs
facilities in the Washington area.
Copyright 2007 The Washington Times, LLC.
Subscribe to InfoSec News