Personal Data for the Taking

David Scull for The New York Times A class at Johns Hopkins was able to build detailed dossiers on Baltimore citizens using only public databases.

ARTICLE TOOLS Printer-Friendly Format Most E-Mailed Articles Reprints & Permissions Single-Page Format In Plain Sight 1. A Critic Takes On the Logic of Female Orgasm 2. Adrift 500 Feet Under the Sea, a Minute Was an Eternity 3. Thomas L. Friedman: Outrage and Silence 4. Eating Well: Most Improved Pasta 5. Personal Data for the Taking Go to Complete List

enator Ted Stevens wanted to know just how much the Internet had turned private lives into open books. So the senator, a Republican from Alaska and the chairman of the Senate Commerce Committee, instructed his staff to steal his identity.

"I regret to say they were successful," the senator reported at a hearing he held last week on data theft.

His staff, Mr. Stevens reported, had come back not just with digital breadcrumbs on the senator, but also with insights on his daughter's rental property and some of the comings and goings of his son, a student in California. "For $65 they were told they could get my Social Security number," he said.

That would not surprise 41 graduate students in a computer security course at Johns Hopkins University. With less money than that, they became mini-data-brokers themselves over the last semester.

They proved what privacy advocates have been saying for years and what Senator Stevens recently learned: all it takes to obtain reams of personal data is Internet access, a few dollars and some spare time.

Working with a strict requirement to use only legal, public sources of information, groups of three to four students set out to vacuum up not just tidbits on citizens of Baltimore, but whole databases: death records, property tax information, campaign donations, occupational license registries. They then cleaned and linked the databases they had collected, making it possible to enter a single name and generate multiple layers of information on individuals. Each group could spend no more than $50.

Although big data brokers can buy the databases they crave - from local governments as well as credit agencies, retail outlets and other sources that students would not have access to - the exercise replicated, on a small scale, the methods of such companies.

They include ChoicePoint and LexisNexis, which have been called before Congress to explain, after thieves stole consumer data from their troves, just what it is they do and whether government oversight is in order. And as concerns over data security mount, inherent conflicts between convenient access to public records and a desire for personal privacy are beginning to show.

The Johns Hopkins project was conceived by Aviel D. Rubin, a professor of computer science and the technical director of the Information Security Institute at the university. He has used his graduate courses before to expose weaknesses in electronic voting technology and other aspects of a society that is increasingly dependent on - and at the mercy of - digital technology. "My expectations were that they would be able to find a lot of information, and in fact they did," he said.

Several groups managed to gather well over a million records, with hundreds of thousands of individuals represented in each database.

"Imagine what they could do if they had money and unlimited time," Dr. Rubin said.

In some instances, students visited local government offices and filed Freedom of Information Act requests for the data - or simply "asked nicely" - sometimes receiving whole databases on a compact disc. In other cases, they wrote special computer scripts, which they used to pick up whole databases from online sources like Maryland's registry of occupational licenses (barbers, architects, plumbers) or from free commercial address databases like Verizon's SuperPages, an online yellow pages directory.

Dr. Rubin said he was pleasantly surprised that his students turned up fewer Social Security numbers than he expected, although he wondered if even the benign tidbits - property details, occupations, political parties - when combined on a single individual, would be troubling to some.

David Albright is one such individual. In a single query, one student group's master database turned up his precise address, his phone number, his occupation (his architect's license expires in November), the name of his wife, their birth dates, the price he and his wife paid for their 2,200-square-foot brick home in 1990, his party registration and the elections he has voted in since 1978.

The query also highlighted the hazards of data aggregation: a gubernatorial campaign donation from 2002 was not made by him, Mr. Albright said, but apparently by another David Albright in Baltimore.

"It's hard to fully digest," Mr. Albright said when contacted by a reporter with these details. Mr. Albright thought that while the individual bits of information weren't that "creepy," their easy aggregation was troubling. "What would be disturbing is if by having all this information consolidated, it made stealing an identity easier," he said. "That would be a concern."

Subscribe Today: Home Delivery of The Times from $2.90/wk.

Continued 1 | 2 | Next>>