this post was submitted on 19 Dec 2023

321 points (98.5% liked)

Privacy

31814 readers

318 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

321

Verizon Gave Her Data to a Stalker. ‘This Has Completely Changed My Life’ (www.404media.co)

submitted 10 months ago by btp@kbin.social to c/privacy@lemmy.ml

23 comments fedilink hide all child comments

“Verizon royally fucked up,” Poppy told me in a phone call. “There’s no way around it.” Verizon, she added, was “100% at fault.”

Verizon handed Poppy’s personal data, including the address on file and phone logs, to a stalker who later directly threatened her and drove to an address armed with a knife. Police then arrested the suspect, Robert Michael Glauner, who is charged with fraud and stalking offenses, but not before he harassed Poppy, her family, friends, workplace, and daughter’s therapist, Poppy added. 404 Media has changed Poppy’s name to protect her identity.

Glauner’s alleged scheme was not sophisticated in the slightest: he used a ProtonMail account, not a government email, to make the request, and used the name of a police officer that didn’t actually work for the police department he impersonated, according to court records. Despite those red flags, Verizon still provided the sensitive data to Glauner.

Remarkably, in a text message to Poppy sent during the fallout of the data transfer, a Verizon representative told Poppy that the corporation was a victim too. “Whoever this is also victimized us,” the Verizon representative wrote, according to a copy of the message Poppy shared with 404 Media. “We are taking every step possible to work with the police so they can identify them.”

In the interview with 404 Media, Poppy pointed out that Verizon is a multi-billion dollar company and yet still made this mistake. “They need to get their shit together,” she said.

you are viewing a single comment's thread
view the rest of the comments

[–] plain_and_simply@feddit.uk 35 points 10 months ago (2 children)

Seriously? What a stupid mistake to make. There should always be internal processes right?

[–] ricecake@sh.itjust.works 25 points 10 months ago

Yup. I used to work for a much smaller tech company, and we had a perfectly reasonable process for dealing with cour orders and search warrants that involved crazy things like "get it in hard copy", and "verify the information contained in the order".
For some things, we would even just ask the officer to physically come in and that was weirdly never a problem.

[–] sqgl@beehaw.org 1 points 10 months ago (1 children)

And now they will probably overcompensate with frustrating security theatre beyond sensible precautions.

[–] admiralteal@kbin.social 8 points 10 months ago (1 children)

I see no problem whatsoever with having frustrating levels of obtuse security required before complying with a request from law enforcement.

There is no downside.

[+] sqgl@beehaw.org -6 points 10 months ago (1 children)

Maybe I am missing a joke, but why would a service provider need to jump through any security hoops to comply with a request from law enforcement?

[–] admiralteal@kbin.social 8 points 10 months ago* (last edited 10 months ago) (1 children)

You mean like... verifying it is a legitimate request from law enforcement? That kind of security hoop? Ensuring there is a warrant or subpoena? Ensuring proper security in transmitting the sensitive personal information?

Civil rights matter more than making cops' jobs easy.

[–] sqgl@beehaw.org 0 points 10 months ago (1 children)

OK but that would be entirely different security questions from the ones they ask clients.

I was talking about how frustrating it gets for clients, eg for social security I am a nominee for my Mother. I have to verify details of myself (since I am also on SS) then give them a password for my access to Mum, then (this is the stupid part) give them the details of Mum.

It is entirely redundant by the last stage and it may just be theatre or they may be doing it to piss people off so that they get angry and so the SS agent has an excuse to hang up. In Australia they are notorious for making things difficult and the subject of a Royal Commission which determined they are guilty of illegal shitfuckery (although I don't think the RC used that term).

[–] TheOakTree@beehaw.org 1 points 10 months ago (1 children)

Well the difference is, in this case it would be an increase in requirements in the situation that law enforcement requests information. I don't see how that, if implemented correctly, should affect the average person. Huge emphasis on that 'if.'

[–] sqgl@beehaw.org 2 points 10 months ago (1 children)

Oh dear, I forgot the point of the article, sorry. The guy was pretending to be a police officer. Thank you everyone for being tolerant of me. I don't know if I should delete my comment now or not.

[–] TheOakTree@beehaw.org 2 points 10 months ago (1 children)

We're mostly reasonable here, no problem. If anything, I agree with your sentiment that the red tape in front of many government services is weaponized to reject people service. It's definitely a problem and realistically, I could see a world where such failures of the system occur in most scenarios.

[–] sqgl@beehaw.org 2 points 10 months ago* (last edited 10 months ago) (1 children)

Just today: they asked for [verification of] ID number, name, DOB, address.

But for the address they asked further...

AGENT: "...and the postcode please?"

ME: "Google it"

The agent must have seen the absurdity of the question and did not insist on a postcode.

[–] TheOakTree@beehaw.org 1 points 10 months ago (1 children)

You would think a government system would be able to pull postcodes from addresses automatically, but...

[–] sqgl@beehaw.org 1 points 10 months ago

She knew the postcode. It was a security question. My response was cheeky.