For those of us who care about privacy, these past seven days have truly disappointed.
With relatively little fanfare in the midst of a cacophonous (that means "noisy" Senator Santorum) parade of news, three significant events seriously undermined our constitutional right to privacy and highlighted (in a muted sort of way) the extent to which new business practices and perhaps the second oldest human inclination (criminality) have continued the relentless assault on our individual rights and liberties. The worst part is that it seems we're all becoming accustomed to it. Indeed, these affronts to our privacy seem to be becoming part of the country's genetic makeup… perhaps even as American as apple pie.
First, credit and debit card processor Global Payments, Inc. acknowledged it is the yet the latest flavor of the month in the data breach derby. It took the company three weeks to notify customers and law enforcement officials that there had been an "unauthorized access" to its systems, and that the card numbers and sensitive data of as many as 10 million consumers may have been compromised. MasterCard, Visa and American Express confirmed that they were affected, along with banks and other institutions that issue cards bearing their logos. But then something happened rather suddenly — almost magically: the impact of the breach was downgraded. Within hours of the initial release, the number of "exposed" consumers dropped from 10 million to "only" 1.5 million. It was pointed out that Global Payments has but a paltry 3.5% share of the market, servicing "only" 800,000 or so merchant accounts.
So, are you having a "here we go again," or a "who cares if it didn't happen to me" moment?
I realize that it feels like just another swell in an ocean of data breaches that have washed over (and drowned some of) us in the past few months. However, that this breach was minimized so quickly — and so quickly disappeared from the news cycle — is a matter of grave concern.
[Related: Read more columns by Adam Levin]
Breaches of this magnitude have become accepted as "oh well, just another day in paradise."
I'm afraid that the breach notification minstrels have so inundated us with countless tales of database compromises we have come to accept them as little more than white noise in the village square — the voice of the town crier droning on in the background. The media has become numb, perhaps not understanding the seriousness of the situation. But the parts of government tasked with law enforcement surely could take greater notice of instances where numbers are quickly and drastically altered (one could be forgiven for jumping to the conclusion that these things happen in order to assuage consumer anxiety in the interest of business as usual). The jury is still out as to this particular compromise.
Meanwhile, as the Global Payments media "perp" walk was picking up and then losing steam, an article appeared in the New York Times that was truly chilling. The Times report was based upon 5,500 pages of documents provided to it by the American Civil Liberties Union from over 200 police departments across the land. These internal records detailed a clandestine practice that state and local police departments seem to have adopted as standard operating procedure — cell phone tracking. So my friends, like the authorities did to the citizen-sheep in Orwell's 1984, it's time to erase your preconceptions. It's not just the CIA, the NSA, Apple, Google, or Murdoch's marauders that are following you around anymore.
Don't believe that stuff you see on "The Wire." By and large these intrusions are carried out without a search warrant or any kind of judicial or civil oversight. In fact, according to the Times, the practice has become so widespread and routine some wireless carriers are actually offering a catalog of "surveillance fees" to police departments to determine a suspect's location, trace phone calls and texts or provide other services.
And then, as icing on an ever growing constitutionally compromised cake, the Supreme Court ruled in yet another 5 to 4 decision that strip searches could be conducted by police prior to the incarceration of any person arrested, for any reason–including minor traffic violations. The specific case the court decided had to do with the arrest of a man who was a passenger in a car driven by his wife which was pulled over for speeding. Somehow the traffic cop determined that the gentleman in question was the subject of an arrest warrant based on his failure to pay a fine—indeed, a traffic fine–some years earlier. Get this — not only had the victim paid the fine, but he actually had proof of that payment in his possession in the car. However, while the New Jersey DMV in its infinite wisdom was figuring out what was going on, the innocent passenger spent a week in two jails, and he was–now legally–strip-searched in both.
"Every detainee who will be admitted to the general population may be required to undergo a close visual inspection while undressed," Justice Kennedy wrote for the majority. The Court seemed to be unperturbed by certain facts, such as: at least 10 states have laws preventing this kind of thing; federal policy precludes it; and according to an amicus brief filed by the American Bar Association, international human rights treaties also ban the procedure. Is this still United States of America, the land of the free?
I believe we are witnessing a remarkable conspiracy of the profane, accomplished with no communication among the co-conspirators, and perhaps without any evil intent whatsoever — and certainly without much thought. No matter how much it costs or how often it happens, the private sector seems to be unable to effectively protect our data, and thus our privacy. And many companies within that private sector have found a way to profit from that lack of privacy, by collecting information on us and selling it to advertisers, or even to our friendly local police department. And at the very moment when it is most needed to protect an absolutely essential element of our personal freedom, the Supreme Court seems quite willing to strip us of our privacy, and our dignity, quite literally, even if our arrest was false or the charge against us was trivial.
Maybe I made a mistake and took Soma last night instead of Sominex, and this morning I awoke in Aldous Huxley's dystopian "World State." It certainly feels like "everyone belongs to everyone else," doesn't it?
Adam Levin is chairman and cofounder of Credit.com and Identity Theft 911. His experience as former director of the New Jersey Division of Consumer Affairs gives him unique insight into consumer privacy, legislation and financial advocacy. He is a nationally recognized expert on identity theft and credit.