Interesting People mailing list archives

Re: CA and celebrity med. record leaks...

From: David Farber <dave () farber net>
Date: Tue, 19 May 2009 10:04:11 -0400

Begin forwarded message:

From: "Edward Hasbrouck" <edward () hasbrouck org>
Date: May 19, 2009 12:48:06 AM EDT
To: David Farber <dave () farber net>
Cc: Peter Swire <peter () peterswire net>
Subject: Re: [IP] CA and celebrity med. record leaks...

On 18 May 2009 at 20:45, Peter Swire <peter () peterswire net> wrote:

Basically, we need better tech safeguards (role-based access, audit

logs). Then, as in California, we may need breach notificationlaws or

other measures so that people will trust that the file clerks  aren't
"peeping" at their records.


It's perhaps worth noting that among the records of interest to "peeping
toms" are travel records, and that none of the computerized reservation
systems (CRS's) in which they are stored include access logs:

http://hasbrouck.org/articles/PNR.html

This means, among other things, that the CRS's and the airlines andtravel

agencies that outsource their database hosting to them *couldn't* comply

with EU data protection law (which essentially requires access logs),even

if they wanted to.  This has come up when I have tried to request the

access logs of my PNR's from European airlines on which I havetravelled:


http://hasbrouck.org/blog/archives/001679.html

http://hasbrouck.org/blog/archives/001273.html

Travel agencies that handle celebrity clients value theitr reputationfor

discretion, and train their staff in respect for privacy.  But I don't

know whether that leads such staff not to *;look* at celebrityrecords, or

just not to tell others (outside the company) about what they see.

Certainly with airlines its routine for gate agents to pass otherwiseidletime waiting for a flight by looking at PNR's of people of interest.But

with the present travel IT infrastructure, they leave no traces.

Peace,

Edward Hasbrouck


----------------
Edward Hasbrouck
<edward () hasbrouck org>
<http://hasbrouck.org>
+1-415-824-0214






-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

Current thread:

CA and celebrity med. record leaks... David Farber (May 18)
- <Possible follow-ups>
- CA and celebrity med. record leaks... David Farber (May 18)
- Re: CA and celebrity med. record leaks... David Farber (May 19)
- Re: CA and celebrity med. record leaks... David Farber (May 23)