Privacy

Over 750,000 Applications for US Birth Certificate Copies Exposed Online

This is a major security breach. An online company that allows users to obtain a copy of their birth and death certificates from U.S. state governments has exposed a massive cache of applications — including their personal information.

More than 752,000 applications for copies of birth certificates were found on an Amazon Web Services (AWS) storage bucket. The bucket, owned by a Barcelona-based company Onlinevitalus, wasn’t protected with a password, allowing anyone who knew the easy-to-guess web address access to the data.

The data exposed was for APPLICATIONS for birth certificate copies, not for copies of the birth certificates themselves. Even so, each application contained a lot of personal information that is not supposed to be exposed, including: the applicant’s name, date-of-birth, current home address, email address, phone number and historical personal information, including past addresses, names of family members and the reason for the application — such as applying for a passport or researching family history.

You can read more in an article by Zack Whittaker in the TechCrunch web site at: https://techcrunch.com/2019/12/09/birth-certificate-applications-exposed/.

How Your Privacy Will Be Protected in the 2020 Census

Every ten years the U.S. Census Bureau conducts a nationwide survey that sets the terms for the country’s democracy. The questionnaire yields rich data, including people’s names, street addresses, ages, races, ethnicities, and other details. People’s responses help determine dynamics of power, such as how seats are apportioned in the House of Representatives, where voting districts get divided, and which communities receive federal funds.

But the bureau, tasked with releasing summaries of the results while simultaneously protecting people’s privacy, faces a Catch-22. “Every time you publish a statistic you leak information about that confidential database,” as Simson Garfinkel, a computer scientist with the bureau, told a Census advisory committee in May.

You can learn all about the privacy procedures of the 2020 U.S. Census in an article by Robert Hackett and an accompanying video in the Fortune web site at: http://fortune.com/2019/05/25/census-security-privacy/.