--- Allen <[EMAIL PROTECTED]> wrote: > Hi Bernard, > > Based on your posts I'm sure that you are an honorable person; > however, it concerns me when you say, "They don't care enough to be > torture-proof." > > To me this could result in events like are occurring at the US State > Department Passport office where people are pawing through files and > records they have no legitimate business reading. > > I'm not in favor of excessive secrecy as that is to the detriment of > society as a whole, I think. I do think that people will take and blow
> rumors up all out of proportion to the reality behind them and that > correcting the record can be real tough to almost impossible. > > My question to you is, are these agents ethical enough to prevent this > kind of disinformation from damaging the > citzenary> Interesting. The line in question was, essentially, tossed off as a humorous observation on our privacy priorities. I need to be careful about that considering how easily such statements can be misinterpreted. I don't know who said that analyzing humor was like dissecting a frog (no one enjoys it and the frog dies) but I guess it's time for me to break out the scalpel. Our Agents, Officers, Special Agents and others who do field work or are trusted with sensitive data are taught certain priorities within an ethical framework. The notion that someone would torture one of our people to get at the information on their laptop is mostly ridiculous but if it did happen, I would expect them to immediately reveal their passwords. Our Officers endure the highest level of day-to-day danger; when I did that job, I was attacked more than once. They are taught that their life is worth more than their "stuff." An Officers Commission (their ID), for example, is a powerful little thing in many circumstances. Yet if we get mugged while in the field, we are to give it up with no hesitation. Our ethics, as reinforced in extensive training, hold that the life or safety of an employee is worth far more than their ID, their equipment, or even the information on their computer. If it's a choice between being tortured or giving up their passwords, we expect them to start talking. Many resources will subsequently be devoted to finding and prosecuting the perpetrators. So, as a matter of policy, our employees are not *supposed* to care enough to be torture proof. Our employees are more important than our information. Now, moving from the nearly-unthinkably silly (I say "nearly" because we do have some on-point training and policies for employees who travel to certain parts of the world) to the day-to-day, I want to make it clear that the "not caring enough" attitude that is appropriate when faced with torture does not apply when it comes to day-to-day data security. In fact, our people are held to very high standards. The case you cite of pawing through passport records is a great example. That sort of thing is very unlikely at the IRS. We do ongoing data matching on our people and their accesses to computerized records. Any access to an IDRS (Integrated Data Retrieval System) record is run across the personal profile of the employee to find matches or patterns of unusual accesses. If an employee, for example, accesses the files of a neighbor (even someone they don't know in any way), an investigation is automatically triggered. Geographic data is part of the data matching used to make sure unauthorized accesses do not happen. Additional matching, against things like family members, assigned casework, etc., is also done. Employees just don't look at tax records unless they need them to do a job. As the prominence of customers goes up, so do the precautions. The files of famous people are flagged and accesses are not just screened but reviewed by a case worker. At the very top, if, pursuant to an audit, you have occasion to handle the tax returns of a President, past or present, you can expect to have a very intimidating Special Agent with the Secret Service standing next to you the whole time. There will also be a Special Agent with the IRS next to you (and probably a small squad of others somewhere nearby, drinking coffee and waiting to move on to the next processing point.) Literally, if you turn a page and read something you don't need to do your job, you'll be instantly arrested. Yes, I know this from first-hand experience. Our track record for ethical treatment of taxpayer records was, admittedly, forced on us. Without going into too much detail, President Nixon severely misused the agency for nefarious purposes. As a result, Congress passed a number of oversight measures. Our data security is certainly not perfect but considering our size and the sensitivity of our data, we are well out in front on these issues. We had about a 20-year head start compared to most organizations and are *far* more sensitive to privacy and security issues than most people realize. The way Congress beat up on us, post-Nixon, put us on a path toward the practical respect of private citizen data a very long time ago; today, we view being put on that path so early as a blessing. >From a technical perspective, a number of practical procedural and technical solutions are in place. All laptops (technically, all computers that leave IRS-controlled space) are encrypted unless they are going to a jurisdiction where importing encryption is illegal. All removable media (CDs, USB keys, even floppies) are encrypted for people in identified user groups; that will apply to everyone, by default, in the near future. All desktop workstations will be fully encrypted by this summer. Data on paper is kept very secure. There is a culture of data protection here that leads people to, for example, automatically turn documents face down when you walk up to their desk. Nobody makes a big deal about it; it's just the way we work. Of course we're not perfect. We've hired extensively over the last few years and some of the kids we've hired didn't "get it" quite quickly enough. Some unauthorized accesses have happened and there's been an uptick in people fired for that reason. That doesn't concern me; it actually means we're finding the people who screw up. Over the course of my career, I've seen about a person a decade perp-walked out of a building in handcuffs for selling data. It's rare enough that it sticks in the memory. It's certainly not common. So, to address your specific question (and I'm not perfectly sure I understood the question, so I apologize in advance if I've misinterpreted) - No, I don't think what I said is fodder for any rumors. I don't accept that it qualifies as disinformation because we certainly don't expect our people to hold their passwords secure in the face of torture. We do expect them to be ethical enough to protect sensitive data adequately and consistently in accordance with policy; that expectation is rarely wrong. When it is, harsh penalties are imposed and everything that contributed to the lapse (training, technology, procedures, everything) is examined under a microscope and changes, if needed, are made. Actually, I'm pretty proud of our record and our dedication to data security. Is the frog dead yet? Bernard Owens USTreas/IRS _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
