What to Do When the Government Wants Your Data

By Ben Worthen
Tue, August 01, 2006

On the Friday before Memorial Day in 2002, FBI agents descended on a chain of scuba diving stores across the country called Dive Shops, trying to get data on everyone who had learned how to scuba dive since 1999. In order to help out panic-stricken shop owners, the Professional Association of Diving Instructors, the primary organization that oversees scuba certification, gave the FBI a zip drive containing names and other information on about 2 million Americans who had learned to dive over the previous three years.

It was one example of the private sector’s role in the war on terrorism. The U.S. government has over 30 data mining projects that use private-sector data. And while last year the departments of Justice and Homeland Security spent more than $25 million to purchase commercial records from data brokers such as ChoicePoint and LexisNexis, more often than not investigators get the data they want directly from companies, a tactic publicized by the recent National Security Agency project using telephone records. As the CIO, you are in charge of your company’s data. Therefore it is up to you to indemnify your company against legal liability by following the proper procedures when an investigator wants your data.

The first rule, says Behnam Dayanim, a partner with the law firm Paul, Hastings, Janofsky & Walker, is to take every request to the corporate counsel’s office. “You have to get a court order,” he says, or else you may be violating your company’s ¿privacy policy. Also, it is important to make sure that you comply with the request in the order and don’t give more than you are asked for.

Dayanim says that unless a company has a dedicated staffer to deal with requests from law enforcement (many telecommunications companies do, for example), investigators will most likely contact you through a letter addressed to a vague title like IT manager, or will call a junior-level database administrator directly. It is your responsibility to train your staff so they know that all requests must go through the legal department. “I think you have to hit people over the head with it,” says ¿Dayanim. “Most people’s response is to cooperate, but it exposes the company to a tremendous amount of legal liability. It puts the company at risk.”

You are here: Business/Management Topics » IT Organization » News Feature

Most Recent Privacy Stories

White Papers »

Converged Infrastructure for Dummies

As you know, everything is mobile, connected, interactive, and immediate. This is exactly why organizations need a highly agile IT infrastructure in order to keep pace with extreme fluctuations in business demand. This book will help you understand why infrastructure convergence has been widely accepted as the optimal approach for simplifying and accelerating your IT to deliver services at the speed of business while also shifting significantly more IT resources from operations to innovation.

Quantifying the Business Value of VMware View

For this white paper, IDC performed an in-depth analysis of the business value of VMware View, defined as the expected ROI associated with the use of the solution as a platform for the targeted deployment of a virtual desktop infrastructure.

Virtualization reduces costs and complexity for mid-sized businesses

This paper explains virtualization, its benefits for mid-sized business and how IBM's virtualization strategy can help these companies reduce costs, improve services and simplify management.

A Standard Branch Office IT Platform to Optimize and Consolidate

Forrester Research makes recommendations on best practices to optimize branch virtualization and consolidation initiatives. See how a "thin" branch architecture, with key servers, services and applications in the data center that relies on a high-performing WAN connection, can offer the greatest efficiencies.

Maintaining Continuous Compliance - a new best practice approach

When trying to achieve continuous compliance with internal policies and external regulations, organizations need to replace traditional processes with a new best practice approach and new innovative technology, such as that provided by IBM Tivoli Endpoint Manager.

Rewriting the rules of Patch Management

IBM Tivoli Endpoint Manager helps organizations automatically manage patches for multiple operating systems and applications across hundreds of thousands of endpoints regardless of location, connection type or status.

Webcasts »

Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere

Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as support considerations

Quantifying the Business Value of VMware View - Webcast

Many enterprises have discovered that the use of virtualization to support desktop workloads creates a range of significant benefits. These benefits include price efficiencies, improved IT management and greater agility and choice for end users.

This VMware sponsored webcast with IDC will provide both quantitative measurement of the business value -- defined as the expected ROI -- and qualitative analysis associated with the use of VMware View™. IDC will also provide an analysis of the View Composer and ThinApp™ features of VMware View, including the business value of these solutions and an overview of how they work.

Attend this webcast to learn about:
- Challenges and barriers that might impede the adoption of desktop virtualization
- Navigating roadblocks to facilitate a strategic implementation
- Optimizing qualitative and quantitative benefits to IT and your business

Architecting a Modern Approach to Data Management

Applications are changing - they're increasingly web-oriented, global in nature and run from multiple device types. Additionally, the volume of data is growing exponentially every year. How do you ensure your applications have fast, accurate, up-to-date information in this new world? Modern applications are data-intensive; delivering data the old way using monolithic databases isn't working. What's needed is a modern approach to data. One that scales-out as needed and delivers predictable high performance, but without sacrificing data consistency or integrity.

Introduction to VMware View 5

VMware View™ 5 simplifies IT management while increasing end user freedom by delivering desktop services from your cloud. Building upon VMware's leadership in desktop virtualization, VMware View 5 delivers a high-performance user experience while giving IT greater policy control.

View this webcast and find out how VMware View 5 can help you:
- Deliver the highest fidelity experience of desktop services across any device and any network
- Simplify and automate IT management, security and control of desktop services
- Reduce the costs associated with your desktop environment

The CIO's View: Time-to-Value Through Automation

IT professionals are being asked to deliver faster "time-to-value" than ever before. An IDG Research survey found that CIOs are eager to invest in technologies that will enable them to get new applications and services up quickly, achieving faster time-to-value.

5 Steps to Successful IT Consolidation

Learn how to reduce IT management overhead, ease revision control, guarantee data security, scale systems more quickly and reduce server and software costs.

Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter