By K.C. Jones
March 21, 2008
Access to personal passport information from presidential hopefuls Sens.
Barack Obama, Hillary Rodham Clinton, and John McCain may not have been
preventable, the U.S. State Department said this week.
The incident highlights the need for greater data access controls for
employees and contractors in the IT sector and the government.
Three State Department contractors had taken unauthorized looks at the
electronic files of each of the candidates, although each had clearance
to use the database, Undersecretary for Management Patrick F. Kennedy
said Thursday. Obama's file was accessed three times: Jan. 9, Feb. 12,
and March 14. It was disclosed later that the files of Clinton and
McCain were also reviewed by the contractors.
Two workers were fired. State Department leaders have said they believe
that the workers accessed the files out of curiosity. Secretary of State
Condoleezza Rice on Friday issued an apology to Obama and Clinton and
was scheduled to speak with McCain.
Kennedy said during a press briefing Thursday that all three people
suspected of viewing the candidates' passport information had access to
the database for one reason or another. He declined to state their job
titles or explain specific functions that required the access, except to
say that State Department workers must be able to look up information
when people call about their passports.
"They were in a variety of functions that required them, in order to do
their tasks, to have the access to the computer system," he said.
He also said it was impossible to provide that access and simultaneously
deny it to prevent people from snooping for no reason. Kennedy did say,
however, that the computer monitoring system (PDF) worked properly by
flagging the workers' activities after the fact. That's when supervisors
were notified and took action, he said.
The Security Technology Worked
"One thing I want to emphasize, in each of these three cases, the system
that was set up to detect any unauthorized access of these kinds of
records worked," Kennedy said. "These unauthorized accesses were
detected by the State Department and they were immediately acted upon.
In each of these cases, the unauthorized access was caught by a
monitoring system that was tripped when, in each of these cases, an
employee accessed the record of a high-profile individual. When the
monitoring system is tripped, we immediately seek an explanation for the
record access. If the explanation is not satisfactory, the supervisor is
notified. And that is the case in each of these three individual cases."
Kennedy has acknowledged, however, that the incidents should have been
reported higher up the chain of command by insiders. Reporters first
brought the data breach to the attention of senior members of the State
The Bureau of Consular Affairs is in charge of monitoring database
access, Kennedy said.
A department spokeswoman contacted Friday did not know immediately who
designed the database or the monitoring system, which, according to
Kennedy, has been in place for several years. It appears unlikely that
technology is to blame for the invasion of the candidates' privacy,
according to Kennedy's statements. Rather, it appears that the problem
stems from a breach of trust by three of more than 50,000 employees.
The State Department restricts access to passport records, performs
background checks on employees and contractors, and trains workers about
privacy policies. Each time a worker logs on to the system, the worker
acknowledges that the records are protected by the Privacy Act and that
they are only available on a need-to-know basis, Kennedy said.
Transaction logs provide a record of activity.
"They were supposed to use their access to -- for the purposes of the
task that they were assigned," Kennedy said during the briefing. "They
violated that trust, and that is, and they were caught in the monitoring
system that we have. When you produce, as I said earlier, when you
produce 18 million passports a year and there are numbers of passports
that are lost every year, people call in and ask, "Where is my passport
in the system?"
The Office of the Inspector General is investigating the incident, and
authorities have not ruled out involvement by the Department of Justice.
The logical areas of examination for both entities: e-mail folders, hard
drives, and servers, but Kennedy said he hasn't told investigators where
to look because he doesn't tell them how to do their job.
Kennedy said that the State Department will consider whether it's
possible to "lock out" access to high-profile individuals' records,
while still allowing workers to respond to inquiries. The information
contained in passport files comes from applications and may contain
additional information gleaned from research used to determine whether
issue the passport. It is shared with a variety of law enforcement and
other agencies for investigation.
One of the more sensitive pieces of information contained in the file is
a Social Security number, which can be used for identity theft or to
access more information from other sources.
Subscribe to InfoSec News