verizon archive security glitch?

[David Farber <dave () farber net>]

________________________________________
From: Rabkin, Eric [esrabkin () umich edu]
Sent: Saturday, June 07, 2008 3:36 PM
To: David Farber; ip
Subject: RE: [IP] verizon archive security glitch?

Dear Professor Farber,

When I accessed my home voicemail one day last week, I found about twenty messages for someone else.  Two were from a 
for-profit plasma bank trying to entice this individual to further donations with a $5 increase in fee and the rest 
were from assorted bill collectors.  No single message contained much identifying information but from the aggregate 
and a bit of online searching I was able to gather the person's full name and address, not to mention details of 
his/her economic life.  When I reported this mix-up to AT&T (my landline provider), they told me they already knew 
there was a "malfunction in your area" and technicians were working on it.  That's it.  No apology for my wasted time, 
the other person's exposed privacy, no acceptance of responsibility, nothing.  What they did do, though, was confirm 
that when I had deleted each message that I had mistakenly thought was in my own voice mailbox, I had truly deleted it 
from this other person's.  There was no apology for that, either, even though AT&T knew that their "malfunction" and my 
ignorance had now destroyed what may have been crucial information for this other person.  Judging by the number and 
consistent subjects of those recorded messages, clearly this individual has a difficult life.  I didn't want to make it 
more difficult.  I found his/her phone number and left a message indicating that s/he might want to contact creditors 
who otherwise might think s/he was being unresponsive to messages that s/he in actuality had never received.  Then I 
tried to let the creditors know what had happened.  All but one didn't care; they would just escalate hounding this 
person anyway until s/he paid.  But one collection agency did announce pleasantly that they would remove my phone 
number, which had been harvested automatically by their caller-ID from my good Samaritan call, from their call-back 
list.  That I never got a call back from the intended recipient of the original messages is, sadly, understandable.  
That solvent and legally incorporated institutions that are charged with protecting privacy and most of which are 
regulated by state and federal governments should be so indifferent in their responses to such errors is both frightful 
and infuriating.  It makes one even more certain that they assign a very low value to the lives and rights of mere 
human beings.  Perhaps we should all incorporate.  Apparently legal bodies are worth much, much more than the fleshly 
kind, unless, of course, they are needed as a source of plasma.

Eric Rabkin

-------------------------------------------------
Eric S. Rabkin              734-764-2553 (Office)
Dept of English             734-764-6330 (Dept)
Univ of Michigan            734-763-3128 (Fax)
Ann Arbor MI 48109-1003     esrabkin () umich edu
http://www-personal.umich.edu/~esrabkin/


> -----Original Message-----
> From: David Farber [mailto:dave () farber net]
> Sent: Saturday, June 07, 2008 12:02
> To: ip
> Subject: [IP] verizon archive security glitch?
>
>
> ________________________________________
> From: Deborah Alexander [dsalexan () optonline net]
> Sent: Saturday, June 07, 2008 10:53 AM
> To: David Farber
> Subject: verizon archive security glitch?
>
> Dave - for IP-ers, if you think of use...
> Scrolling blogs this a.m., I came across a posting that seems
> interesting in light of the presumptive Republican Presidential
> Candidate's views about telecoms, privacy and immunity:
>
> From
> http://www.explananda.com/
>
> "On Thursday morning, I was trying to access some old cell phone bills
> online at www.verizonwireless.com. As I clicked through the months, most
> of the time the correct bill came up (as a pdf). But twice for some
> reason verizonwireless.com served up someone else's bill. The first time
> I just absentmindedly clicked away and tried again. But the second time
> it occurred to me that there was something really squirrelly about the
> fact that I was able to access some other random dude's bill. I could
> see all the calls that this guy made in September, 2007, his account
> number, and the fact that his bill was past due that month. That's
> hardly the biggest security breach in history, but it's also a
> legitimate concern for people who care about their privacy, and rely on
> companies to take reasonable steps to secure personal information.
> I spent 30 minutes on the phone with Verizon trying to get someone to
> understand that there was clearly some technical glitch on their end,
> and that it raised a privacy issue (and a potential legal issue for
> them).
> <snip>
> "[Verizon] promised me that someone would call me back with an
> explanation. No one has called yet.
> "I also made them promise to call this guy and tell him that someone
> else had been able to view information that should have been kept
> private, but about 5 minutes after I got off the phone with them I
> realized that that was unlikely. So I called the guy up and left a
> message. He called back a few hours later. No one from Verizon had
> called him.
> <snip>
> [ADDED BY WAY OF FOLLOW UP COMMENT]:
> "I found it sort of interesting from an organizational perspective.
> Obviously Verizon gets a lot of calls from a lot of angry or strange
> people every day. So they need pretty robust filters, so that upper
> level managers don't have to talk to every crackpot who calls with some
> issue that the operators aren't in a position to properly assess. The
> result is that there was apparently no way at all for them to escalate
> the issue efficiently and effectively. According to them - and this may
> well be true - they just couldn't get a hold of a supervisor who would
> be high up and smart enough to grasp the legal implications of my point,
> let alone the privacy and public relations aspect.
> <snip>
>
> Deborah S. Alexander, Esq.
> Alexander Law Offices LLC
> 395 Springfield Avenue
> Berkeley Heights, NJ 07922
> Phone: (908) 898-1800
> Fax: (908) 898-1801
> Email: dsaLaw () Alexander-Legal com<mailto:dsaLaw () Alexander-Legal com>
> Web: www.Alexander-Legal.com<http://www.alexander-legal.com/>
>
>
>
>
>
> -------------------------------------------
> Archives: http://www.listbox.com/member/archive/247/=now
> RSS Feed: http://www.listbox.com/member/archive/rss/247/
> Powered by Listbox: http://www.listbox.com



-------------------------------------------
Archives: http://www.listbox.com/member/archive/247/=now
RSS Feed: http://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com