Europe too? US acquires hundreds of millions of Latino citizens' data

Backdoor men

The President's favorite database company, Choicepoint Inc., has acquired personal data on hundreds of millions of citizens in ten Latin American countries without their knowledge or consent. Data includes Mexico's Federal Electoral Register, details of drivers in Mexico City and Colombia.

"This is a corporation that works hand in glove with, and is politically connected to the administration, and does things that the US dare not do," Greg Palast, who uncovered Choicepoint's role in the 2000 election, told The Register last week. Choicepoint had been given a $67 million contract for data gathering on September 25, 2001. The contract lasts until 2005.

"It's doing this everywhere," said Palast, "but in Mexico it was caught out."

The scandal broke three weeks ago after an investigation by Mexican newspaper Milenio, although it received scant attention Stateside. But a report in today's Guardian should give it fresh impetus.

From the Guadalajara Times we learn that the company has been active in Brazil, Colombia, Venezuela, Costa Rica, Guatemala, Honduras, El Salvador and Nicaragua. However, the Times reports that Choicepoint has discontinued its role in Argentina, "due to lack of demand and a strict new law relating to privacy".

But ChoicePoint isn't shy about boasting of its Latino assets.

"You know the value of ChoicePoint's domestic data," begins a 2001sales brochure for its 'AutoTrack XP' product uncovered by privacy group EPIC under the Freedom of Information Act. "Now you can locate and identify business assets in foreign countries with ChoicePoint's new International searches".

"ChoicePoint gives you the most comprehensive online International data available, with individual and business information from Mexico, Colombia, Argentina [oops? - ed.] Brazil and Costa Rica."

"ChoicePoint is the only vendor capable of providing online access to the following data sets and/or functionality:

a) complete listings of all Mexican, Colombian and Argentine citizens
b) inclusion of unlisted numbers in telephone files in Mexico, Brazil and Argentina
c) inclusion of Mexican vehicle and driver license data
d) complete listing of Columbian company data
e) inclusion of personal identification information for Brazilian business people
f) full usability in English language

(Go here [200kb PDF] and here [292kb PDF] for the documents.)

The second document records that the US Department of Justice paid $11m for "access to ChoicePoint databases."

Now, you might ask, doesn't the US have official agencies that are supposed to undertake a much more focused version of this intelligence gathering? Indeed, it does, and being conscientious government agencies, the staff (in our experience) take information integrity pretty seriously. The value that ChoicePoint's places on data integrity is quite germane, as we shall see.

Who is Choicepoint Inc.?
In a letter to SEC last year, ChoicePoint described itself as "a leading information company with a long history of developing products and services for federal and state government agencies to locate individuals, businesses, and assets and to authenticate individuals' identities."

That long history goes back less than six years to August 1997, when Choicepoint was spun off from Equifax, where it was Equifax's Insurance Services Group.

An early earning statement described how "in business and government markets" it provided services including "pre-employment and drug testing, public records information, UCC search and filing."

A more recent statement is both fuzzier and warmer:

"ChoicePoint (NYSE :CPS) is the leading provider of identification and credential verification services for making smarter decisions in today's fast-paced world, serving the information needs of business, government and individuals."

"ChoicePoint is committed to protecting personal privacy and promoting the responsible use of information to help create a safer world."

But ChoicePoint's credentials as a responsible user of information were tested in its role in Florida, in the 2000 Election - a story that's probably more familiar to readers outside the United States than in.

ChoicePoint was given a contract to maintain Florida's electoral rolls and conveniently managed to scrub as many as 91,000 voters most of whom were poor or black. A complex and determined effort to disenfranchise a small number of people.

Standards body

But ChoicePoint has another role to play in a quite unexpected way. It's the guardian of our commercial data integrity. The "Providing Appropriate Tools Required to Intercept and Obstruct Terrorism" (PATRIOT) Act 2001 blessed the company as a kind of standards setter. Banks have been instructed to issue data in a format ChoicePoint likes, which will come as a surprise to the IETF, or the W3C, or OASIS, next time a web standard has to be set. But there you go. And ChoicePoint was singled out by name.

The commercial potential of this new PATRIOT-compatible standard was illustrated here by Sybase which is suddenly falling over itself to help the Homeland. Over at Choicepoint there's a handy compliance brochure you can read advising you how to comply with the PATRIOT Act. And not to complicate the picture too much, Marv Bush, one of the aforementioned Bush family, channeled money to Sybase via his job as a VC at Winston Partners. So you can see how they gamble, these Bushes.

With an essential part of US intelligence gathering now privatized, which we didn't know before - what else does this tell us? Palast reminds us that the state can now demand and control information flows without a warrant. Which is one of those nice 'Thank You's' that we expect, and would appreciate.®

Other stories you might like

  • A peek into Gigabyte's GPU Arm for AI, HPC shops
    High-performance platform choices are going beyond the ubiquitous x86 standard

    Arm-based servers continue to gain momentum with Gigabyte Technology introducing a system based on Ampere's Altra processors paired with Nvidia A100 GPUs, aimed at demanding workloads such as AI training and high-performance compute (HPC) applications.

    The G492-PD0 runs either an Ampere Altra or Altra Max processor, the latter delivering 128 64-bit cores that are compatible with the Armv8.2 architecture.

    It supports 16 DDR4 DIMM slots, which would be enough space for up to 4TB of memory if all slots were filled with 256GB memory modules. The chassis also has space for no fewer than eight Nvidia A100 GPUs, which would make for a costly but very powerful system for those workloads that benefit from GPU acceleration.

    Continue reading
  • GitLab version 15 goes big on visibility and observability
    GitOps fans can take a spin on the free tier for pull-based deployment

    One-stop DevOps shop GitLab has announced version 15 of its platform, hot on the heels of pull-based GitOps turning up on the platform's free tier.

    Version 15.0 marks the arrival of GitLab's next major iteration and attention this time around has turned to visibility and observability – hardly surprising considering the acquisition of OpsTrace as 2021 drew to a close, as well as workflow automation, security and compliance.

    GitLab puts out monthly releases –  hitting 15.1 on June 22 –  and we spoke to the company's senior director of Product, Kenny Johnston, at the recent Kubecon EU event, about what will be added to version 15 as time goes by. During a chat with the company's senior director of Product, Kenny Johnston, at the recent Kubecon EU event, The Register was told that this was more where dollars were being invested into the product.

    Continue reading
  • To multicloud, or not: Former PayPal head engineer weighs in
    Not everyone needs it, but those who do need to consider 3 things, says Asim Razzaq

    The push is on to get every enterprise thinking they're missing out on the next big thing if they don't adopt a multicloud strategy.

    That shove in the multicloud direction appears to be working. More than 75 percent of businesses are now using multiple cloud providers, according to Gartner. That includes some big companies, like Boeing, which recently chose to spread its bets across AWS, Google Cloud and Azure as it continues to eliminate old legacy systems. 

    There are plenty of reasons to choose to go with multiple cloud providers, but Asim Razzaq, CEO and founder at cloud cost management company Yotascale, told The Register that choosing whether or not to invest in a multicloud architecture all comes down to three things: How many different compute needs a business has, budget, and the need for redundancy. 

    Continue reading

Biting the hand that feeds IT © 1998–2022