Politech mailing list archives

Previous By Date Next
Previous By Thread Next

FC: Feds' "safe harbor" site displayed private info about U.S. firms

From: Declan McCullagh <declan () well com>
Date: Fri, 6 Jul 2001 10:12:44 -0400


http://www.wired.com/news/privacy/0,1848,45031,00.html
   
   'Secure' U.S. Site Wasn't Very
   By Declan McCullagh (declan () wired com)
   2:00 a.m. July 6, 2001 PDT
   
   WASHINGTON -- A U.S. government website devoted to helping businesses
   keep sensitive information private instead revealed confidential
   information about American firms.
   
   A Commerce Department privacy website exposed proprietary information
   -- such as revenue, number of employees, and the European countries
   with which the firm does business -- that U.S. companies provided to
   the government in strict confidence.
   
   This information has been publicly accessible since the site went
   online last year.
   
   Casual visitors even could modify information stored in the agency's
   database, permitting anyone to delete, for instance, Microsoft, Intel,
   or Procter & Gamble from a government-certified list of companies that
   can freely exchange information with European firms.
   
   In response to queries from Wired News, the Commerce Department
   plugged the security hole at 5 p.m. EDT on Wednesday. "We are aware of
   the concerns, and are taking all necessary steps to identify and
   resolve the issue," a department official said.
   
   The irony of gaping security holes in a Commerce Department "Safe
   Harbor" site established to aid U.S. firms in offering adequate
   privacy protection wasn't lost on some privacy advocates.

   "If the government can't control its own information, why is it asking
   the private sector to do any better?" says Jim Harper, editor of
   Privacilla.org. "When it comes to information management, government
   is the gang that couldn't shoot straight."
   
   [...]



-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: