1. 9

The data, which was stored in a publicly accessible cloud server owned by Republican data firm Deep Root Analytics, included 1.1 terabytes of entirely unsecured personal information compiled by DRA and at least two other Republican contractors, TargetPoint Consulting, Inc. and Data Trust. In total, the personal information of potentially near all of America’s 200 million registered voters was exposed, including names, dates of birth, home addresses, phone numbers, and voter registration details, as well as data described as “modeled” voter ethnicities and religions.


  2. 5

    …modeled probabilities, for questions ranging from how likely it is the individual voted for Obama in 2012, to whether they agree with the Trump foreign policy of “America First,” to how likely they are to be concerned with auto manufacturing as an issue, among others.

    I’d like to look myself up and see if they modeled me properly. Did this data end up on a torrent somewhere?

    1. 4

      Do people not know that voter registration data is public? I also liked this bit:

      even whether they are on the federal “Do Not Call” list

      Yeah, being on the do not call list doesn’t help much if they people thinking of calling you don’t keep track of that fact. (Of course, there’s also some bullshit exception for political purposes.)

      1. 3

        I think you’re missing the concern that people have: aggregating data and cross-referencing it takes time and energy. There’s a lot of public records about me, but if someone wanted to compile a complete picture, they’d have to do a lot of work to put those pieces together. For most citizens, most of the time, it’s not worth putting that effort in.

        So, now we have a vendor who put the effort in, working on economies of scale. That already introduces some concerns, but once again, I’m not being specifically targeted, it’s a bulk thing, I remain essentially anonymous and uncorrelated. Then the data leaks. Now, if someone wants to target me specifically, the “work” is to find a pastebin or a torrent or a download of this data, search it for me, and they can assemble a pretty complete picture.

        1. 1

          Whether it’s all in one spreadsheet or requires driving around to 5000 courthouses, if it’s public information I think it’s a mistake to call it “sensitive personal information”. It dilutes the term.

          1. 1

            I agree it’s not wholly accurate, but I’m not aware of a better term to describe shift in economics.

            Lots of information has always been technically-public if you were willing to put in a few days work. Convenient aggregation means it’s now a few minutes work.

            This introduces new problems, because most people can be furious about something petty for a few minutes but not a few days.

        2. 3

          Yeah, there are even websites to conveniently (and freely) look it up: http://www.coloradovoters.info/

          I’m sure there are similar pages for other states.

          Whether or not a person can vote is public information. Who a person votes for is private information.

          1. 1

            Most states do have similar sites but doing lookups requires that you know someone’s​ date of birth and their house number. The Colorado one seems much more “open” than other states.