Password Prompt
|

Marriott Hack Shows The Risk of Our Surveillance Society

ByMike McBride Reading Time: 2 minutes

Mashable asked the question that many of you may have had when you learned one of the more recently reported details of the Marriott/Starwood hack. “Why do hotels collect and store passports?

The answer they came up with turned out to be something that some of us started talking about a few years ago, but it might surprise some of you:

Moussouris explained that hotels collect identity information so they can run background checks, as well as to serve as a reference for the government should anything criminal happen. That law enforcement element means that hotels may need to store, not just check, identification.

“It’s the fact that it might need to be checked against a criminal database, and different countries vary in their regulations about that,” Moussouris said.

The European Union requires hotels in member states to collect passport information. However, what they do with that information varies. For example, in Italy, hotels automatically give this to the authorities. But that’s not the case throughout Europe. Policy on ID collection varies between cities and states in the US.

In the rash of post 9/11 rule changes, not to mention the Las Vegas mass shooting, there have been calls for both private companies and public entities to gather up information about anyone and everyone who passes through their area. Passport information, motor vehicle license plate data, driver’s license information, credit card receipts, internet browsing, etc. have all become part and parcel of what is being tracked, collected and stored in the name of law enforcement. We can argue about the legality of that, or even the effectiveness of that, but the one thing that was never in question was the need for that information to be kept secure and not misused.

In this case, we now have the possibility that people have had their passport information, and therefore their travel movements tracked, by foreign intelligence services. That’s not good at all. But this is hardly the only situation where this kind of thing is likely happening. This is just the one that impacted millions of people worldwide and made headlines. How many other instances are there of someone either hacking, or misusing their access to this kind of information to stalk, harass, or illegally track innocent civilians? All made possible by the laws meant to keep us safer, because once you start collecting and keeping that much data, you create a target. A very inviting, almost intoxicating target.

All that personal information is just sitting there, waiting for someone to search it. Why would we expect that would only ever happen when officially sanctioned?

Human nature tells us otherwise.

Similar Posts

  • |

    Legal Tech Twitters?

    ByMike McBride Reading Time: 1 minute

    I saw a post by Jennifer Leggio today about locating network security folks on Twitter, and I wondered how many people who work in the legal technology field are using twitter or other social networking apps. In fact, following Jennifer on Twitter also helped me discover Twitterpaks, which is a wiki setup to encourage new…

  • | |

    Linked: Ongoing M365 Tenant Upgrades/Migrations

    ByMike McBride Reading Time: 2 minutes

    It’s not normal for us to be using a platform that works one way, then changes and works another way two weeks later, but that is absolutely the way the Agile development is going to happen. The decision to change will be pushed by the business case for making the change, eDiscovery will be a second thought, if a thought at all.

    That means two things in my mind in addition to the things Greg lays out in his post below.

    1. You have to test, test, test. Constantly. You have to stay on top of new features, old feature changes, undocumented changes, etc.

    2. The legal industry as a whole is going to have to get a lot more comfortable with “good faith efforts” being a little more of a gray area as these changes get made. What we could collect easily before, may require a lot more time and effort today, or it may not be possible today because of a bug in a recent update.

    It’s going to happen. Whether you want to talk about M365, Google, cloud document management, cloud review platforms, or even cloud backups. Things will happen beyond our ability to control them, and those things will impact eDiscovery. Are we going to be OK accepting that?

  • Shut Up and Encrypt

    ByMike McBride Reading Time: 1 minute

    While watching the Alex Winter film about the Panama Papers, this quote stood out to me, given all of the talk about the “dangers” of encryption.

    While working with the International Consortium of Investigative Journalists in the early days of investigating the data leaked from the Mossack Fonseca law firm, the importance of not letting anyone know that the data had leaked, or that it was all being investigated, was paramount, so they lived with this slogan:

    “Shut Up and Encrypt”

  • Do You Know What Will Prevent Your Best Performers From Hopping?

    ByMike McBride Reading Time: 2 minutes

    As I mentioned, I’ve left some jobs for reasons that had nothing to do with more money. Whether it was relocation, a desire to travel, a need to travel less, or the desire to work remotely, the one thing those changes had in common was that they were specific to my situation and preferences. 

    The other thing they had in common was that the place I was leaving did not have the flexibility to offer me what I wanted. Could the role have centered on doing more online training so I could travel less? Could a little remote work availability have kept me there longer? Could a fully remote position have allowed me to continue working and relocate? 

    We’ll never know because that wasn’t offered. Thus, I’ve switched jobs a few times. 

  • I knew this would happen

    ByMike McBride Reading Time: 2 minutes

    I knew someday that having the one person who works at the company that donates their internet connection to us and understood how it was setup, leave was going to cause problems. Turns out the reason we couldn’t connect to the email server is that they changed the internal IP address of the mail server…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)