News and information company Bloomberg LP is apologizing after admitting its reporters used their access to client account information from its trading terminals to collect information for stories.
Bloomberg News' editor-in-chief, Matthew Winkler, in an editorial early Monday morning, said that reporters have had access since the 1990s to certain client information including log-in history. The use of that information came to light after investment bank Goldman Sachs complained to Bloomberg that a reporter had inquired about a partner's employment status while pointing out the partner had not logged onto his Bloomberg terminal recently, as reported by the New York Times.
"It's remarkable that it could go on so long, that it would take so long for it to come to light and for them to recognize that it's not a good idea," said Al Tompkins, senior faculty with The Poynter Institute, the non-profit journalism school in St. Petersburg, Fla.
Bloomberg terminals are used by nearly every investment bank in the country for market data and news. There are over 315,000 Bloomberg subscribers worldwide who use the terminals. Customers pay $20,000 on average annually for terminal services.
Robert Siciliano, McAfee's online security expert, said that unlike medical data's protection under the Health Insurance Portability and Accountability Act of 1996, or "hippa" rules, reporters' use of Bloomberg's basic terminal history – outside of securities trading activity -- is not necessarily prohibited by law.
"In the database society that we live in, all of our information in some shape or form is contained in multiple databases," he said. "You never know how this is going to be used or in this case abused until someone sounds the alarm.
"It's not a problem until someone calls them out on it. In some way, shape or form they've been profiting from this, so it's not in their best interest to out themselves," he added.
Tompkins said a blow to Bloomberg's credibility also harms other media companies.
"No one in media benefits from one of us getting scarred. We sink and swim with each other," he said. "The public sees us as 'the media' and 'the media doing what they usually do'. That's not helpful to anyone. We have one thing to sell, and that's trust."
New York City Mayor Michael Bloomberg, now in his final term in the office, founded Bloomberg LP in the 1980s. Bloomberg, 71, is worth $27 billion and is the 7th richest person in the country, according to Forbes.
During the mayor's press conference on Monday about the city's upgraded water system, he declined to comment about the company's privacy matter.
Winkler, co-founder of Bloomberg News who wrote the company guide for reporters, "The Bloomberg Way," apologized to the public.
Related story: Top 7 Most Notable Company Apologies
"Our reporters should not have access to any data considered proprietary," Winkler wrote in the editorial. "I am sorry they did. The error is inexcusable. Last month, we immediately changed our policy so that reporters now have no greater access to information than our customers have. Removing this access will have no effect on Bloomberg news-gathering."
Goldman Sachs did not return a request for comment.
Winkler wrote that reporters had access to login history, high-level types of user functions and help desk inquiries. Reporters did not have access to trading activity or portfolio information, he said.
A former Bloomberg employee monitored the terminals used by former Treasury Secretary Timothy Geithner and Federal Reserve Chairman Ben Bernanke, according to CNBC.
The European Central Bank expressed concerns about its data privacy after the news broke over the weekend.
"The ECB takes the protection of privacy very seriously and our experts are in close contact with Bloomberg," according to a statement provided by an ECB spokesman.
A spokesperson for Bloomberg said it has not received formal complaints outside of Goldman Sachs.
Daniel L. Doctoroff, CEO and president of Bloomberg L.P., said in a statement that the company changed its policy last month. The New York-based company created the new position of Client Data Compliance Officer "to ensure that our news operations never have access to confidential customer data."