Employees Use Company Databases to Spy
While doing research for an employment case involving WE Energies, a Milwaukee-based energy company, the Associated Press found a larger story on the apparently widespread abuse of company databases by employees to spy on customers. It appears that such data is routinely accessed to snoop on people using massive national databases created and maintained by utilities. Such databases contain payment history, addresses, credit information, social security numbers – all information that can be used to steal an identity or destroy one. Such practices are against company policy. But they’re not necessarily illegal.
From the article:
“People were looking at an incredible number of accounts,” Joan Shafer, WE Energies’ vice president of customer service, said during a sworn deposition last year. “Politicians, community leaders, board members, officers, family, friends. All over the place.”
Her testimony came in a legal case involving an employee who was fired in 2006 for repeatedly accessing information about her ex-boyfriend and another friend. An arbitrator in November upheld the woman’s firing. The AP reviewed testimony and documents made public as part of the case.
The misuse came to light in 2004 when an employee helped leak information to the media during a heated race for Milwaukee mayor that a candidate, acting Mayor Marvin Pratt, was often behind in paying his heating bills. Pratt lost to the current mayor, Tom Barrett.
Pratt said he’s convinced the disclosure cost him votes and unfairly damaged his reputation. Pratt said he recently met with top company executives and was satisfied it has stopped the problem as much as possible. He said he has dropped earlier plans to explore a lawsuit.
Understand just three fundamental things here:
- Companies are free to create any information they want about you.
- You have little or no control over how long they store that information, its accuracy, or with whom they share it.
- Data storage is dirt cheap, and getting cheaper, so there are few practical limits on how much of information can be stored.
When information about you is linked from multiple sources, an extensive “digital picture” is available. Of course, extensive does not mean accurate. The Digital Self is emerging, and it arises from what commercial and governmental entities think of you (and the extent to which you blather about yourself on Facebook, MySpace and other searchable internet spaces). There exists online an online shadow of yourself, which will be increasingly used by the real world as it tries to find new ways to sell to you, or restrict you from certain consideration or activities, or steal your assets.
If snooping is this easy for schmoes at your local utility company, imagine what organized efforts can produce – legal or otherwise.
A patchwork of state laws on data privacy would be ineffective for a number of reasons, including inconsistencies that would confuse companies and the consumer. So a national set of data privacy laws need to be adopted.
However, I hold little hope that effective data privacy laws will be passed on behalf of consumers – largely because their voice and collective ability to wield their power have been too greatly eroded over the last few decades in favor of big business and big government.
However, this may represent a new area of law (Quixotic Privacy Law) that will seek to catch up to rapid technological growth, and afford consumers – citizens – the protection they deserve.