Government Employee Uses DHS Database to Track Ex-Girlfriend

When you build a surveillance system, you invite trusted insiders to abuse that system:

According to the indictment, Robinson, began a relationship with an unidentified woman in 2002 that ended acrimoniously seven months later. After the breakup, federal authorities allege Robinson accessed a government database known as the TECS (Treasury Enforcement Communications System) at least 163 times to track the travel patterns of the woman and her family.

What I want to know is how he got caught. It can be very hard to catch insiders like this; good audit systems are essential, but often overlooked in the design process.

Posted on October 3, 2007 at 3:02 PM • 14 Comments

Comments

RaffyOctober 4, 2007 5:00 AM

It'd be comforting to think that his activity tripped an alarm and attentive system administrators detected the unusual behavior, wouldn't it? However, since this is a government database such an outcome is unlikely.

No doubt he acted on the information he uncovered somehow - tipping off the ex-girlfriend. She may have been previously aware of the surveillance possibilities of his job (as mid-level insiders with his access often like to brag about it.) She figured it out based on his subsequent behavior, lawyered up, and they looked into allegation. Yay, the system works!

Dom De VittoOctober 4, 2007 6:50 AM

huh???

He got CAUGHT ?
You call after AT LEAST __ 163 __ violations "getting caught" ??

I think 'blabbing to his boss that he was tracking his ex-girlfriend using the 'puter' has been misconstrued as "getting caught".

Alternatively, what kind of system, process or procedure only catches people after ""AT LEAST"" 163 SUCCESSFUL abuses !!??

cassielOctober 4, 2007 7:42 AM

The (other) question which comes to my mind is: how much information did the TECS system deliver? What does it do, and how does it get its data?

One would infer that, if it can deliver tracking information on a random individual (albeit one associated with an insider), it can do so for any member of the population.

Nick LancasterOctober 4, 2007 8:17 AM


And what practices made it possible for the repeated abuse? Were the 'searches' for this woman's information logged to this employee's name, and found in a routine audit?

With the whole 'paperwork is such an inconvenience' meme that was sold to gut FISA, I'm afraid we're going to see even more of this kind of thing.

RealistOctober 4, 2007 8:29 AM

Here is a complete list of the possible ways to prevent dishonest government employees from abusing their access to private information about individuals:

1. Don't store private information about individuals in government databases.

paulOctober 4, 2007 8:48 AM

Do we really think that his ex-girlfriend is the only person this guy abued his power against? Or that he's the only one engaging in this kind of behavior?

Even the guidelines cited in the original news article -- "in the performance of their official duties" rather than "in conjunction with a specific investigation" or "after written judicial authorization" -- are way too loose to give any confidence that this system is anything other than a mechanism for random snooping.

Trichinosis USAOctober 4, 2007 9:40 AM

@ paul:

He's definitely not the only one. One of my (federally connected) exes has been harassing me since 1993. I have no way to get proof, so it continues. No one is watching the watchers anymore.

JojoOctober 4, 2007 1:23 PM

It's simple. If I were a manager or auditor, I'd like to know why someone was so interesting to generate 163 search requests. I'd assume they are a "person of interest" and want to be aware of them also. The guy was stupid thinking this activity wouldn't get caught.

Reader XOctober 4, 2007 1:26 PM

What Trichinosis said... abuse of these sort of databases, particularly by LE personnel, is quite common, because even if there are logs (which there usually aren't), no one is looking at them. I'm personally aware of several cases of abuse, as well as of threatened abuse, of such systems.

No doubt the people who are getting caught are the borderline nut jobs who make easily traceable threats, shoot their mouths off, etc.

Qui custodiat ipso custodiesOctober 4, 2007 3:01 PM

Abuse of access to privileged data is not a new problem.

Perhaps these agencies should look at the solutions deployed by Hospitals and related IT groups in response to HIPAA, where all access to patient data is logged and reported.

I know of multiple incidents where medical staff have been summarily terminated for viewing patient medical records that they had no business accessing. Why can't LE do the same?

JojoOctober 4, 2007 4:19 PM

"I know of multiple incidents where medical staff have been summarily terminated for viewing patient medical records that they had no business accessing. Why can't LE do the same?"

Because maybe they are Civil Service employees?

MarkOctober 5, 2007 8:11 AM

The basic problem is one of "who watches the watchers". Which is a problem which exists so long as you have anything other than a "web" of oversight. About the only practical way of doing this is to enable everyone to watch everyone.

Reader XOctober 5, 2007 9:45 AM

"Because maybe they are Civil Service employees?"

That shouldn't be a barrier. I have participated in such terminations.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..