Forgot your password?
typodupeerror
Privacy Databases Education Programming Software IT

Student Financial Aid Database Being Misused 182

Posted by kdawson
from the six-solicitations-per-day dept.
pin_gween writes "The Washington Post reports on the probable abuse of the National Student Loan Data System. The database was created in 1993 to help determine which students are eligible for financial aid. Students' Social Security numbers, e-mail addresses, phone numbers, birth dates, and loan balances are in the database. It contains 60 million student records and is covered by federal privacy laws. Advocates worry that businesses are trolling for marketing data they can use to bombard students with mass mailings or other solicitations. The department has spent over $650,000 in the past four years protecting the data. However, some senior education officials are advocating a temporary shutdown of access to the database until tighter security measures can be put in place."
This discussion has been archived. No new comments can be posted.

Student Financial Aid Database Being Misused

Comments Filter:
  • by Anonymous Coward on Sunday April 15, 2007 @11:47PM (#18746851)
    Here's a thought- rather than worry about misuse of students addresses and social security numbers, why don't we address the two real problems:

    1. We need to reign in junk mail; and
    2. Financial institutions need to stop treating a social security number as some sort of password.
  • Only $650k? (Score:3, Insightful)

    by Anonymous Coward on Monday April 16, 2007 @12:09AM (#18746965)
    Only $650k over a few years to protect that much important data? That's about what the US spends on the Iraqi War _every_six_minutes_. What's wrong with this picture?
  • by VirusEqualsVeryYes (981719) on Monday April 16, 2007 @12:15AM (#18746993)

    In the worst case they would call ? .. Just hang up.
    So what you're saying is:

    Solution to telemarketers: just hang up!

    Solution to junk mail: just throw it away!

    Solution to spam: just delete it!

    Are you serious?? Are you mad??
  • by Anonymous Coward on Monday April 16, 2007 @12:37AM (#18747121)
    I work my butt off to pay for school, because my parents won't give me a dime. And yet, the "expected family contribution" as decided by my parents' tax documents still shows up, every year. The "expected student contribution" is generally a few hundred bucks, and the EFC is a little over half of my tuition...close to $5k.

    This all fails to address the very simple fact that my parents give me nothing, and the government seems to think they should be giving me $5k/yr. Misuse my data, who cares. Just pay for my education like a good .gov instead of wasting money fighting a war nobody wants.
  • by chaoticgeek (874438) on Monday April 16, 2007 @01:45AM (#18747417) Homepage Journal
    Except for the fact they have enough info then to apply for cards, and completely screw me over... If someone got their hands on a just part of the database everyone one of them would be completely screwed if the government did not say oops we messed up. At this way the current leader is going with general war affairs I'm gonna say we would not be too high on the list of telling the public that something wrong happened. I doubt that Bush really wants to add that to his list of mistakes. No it is not Bush that controls it but it is his branch that helps with it so he should take the blame... I for one would not like any of my info to fall into hands that will abuse the info, weather it be criminals or business (the same to me most of the time anyways it seems).

    Plus in the description it says it is not just emails, it is Social, email, and phone. But it has got to include your address and birth date, and other info because I know I get mail from the government about my loans from them.
  • by Emperor Tiberius (673354) on Monday April 16, 2007 @03:47AM (#18747905) Homepage
    I get consolidation offers every week. Like most physical spam, I toss it in my shred bag. When the bag gets sufficiently full, I shred it.

    Now these scum bags are sending offers in envelopes that say things like "final notice," and "government notice." Shouldn't this be illegal? Now I actually have to examine some of the more deceiving items to make sure they're not real.
  • more than $650,000 (Score:2, Insightful)

    by Paradise Pete (33184) on Monday April 16, 2007 @03:48AM (#18747907) Journal
    "Katherine McLane said the agency has spent more than $650,000 since 2003 to safeguard the database."

    Wow, a whopping $650k? What's that, two salaries plus expenses?
    I think that more accurately spun "the agency has spent less than $700,000 since 2003...."

  • Re:Not that simple (Score:4, Insightful)

    by StarvingSE (875139) on Monday April 16, 2007 @07:10AM (#18748579)
    Not if you apply for something such as a credit card through the mail or online. All you need is name, address, phone, and social security number and you have a credit card in that person's name. In the US, the social security number is the only piece of info most companies need to extend you credit, and then link that account to your credit rating. If the US government really wanted to go after identity theft, they would require physical ID or even lessen the power of the social security number. However, [my speculation]credit card lobbyists [/my speculation] and a "don't care" attitude to really solve the problem from a government stand-point means that the problem will only get worse.
  • by XxtraLarGe (551297) on Monday April 16, 2007 @08:18AM (#18748965) Journal

    If you want to get into a technical argument, even an ounce of gas wasted makes your adventure a negative sum game. There's a reason why the post office has to charge 40 cents an envelope (and still loses money). in addition, the added cost to the company goes directly back to the consumer in higher costs.
    Suppose you recycle or throw out the letter as opposed to mailing it back. Isn't fuel going to be used in those endeavors as well? If the long term result is less junk mail, then that is a positive sum game.
  • Re:Duh... (Score:2, Insightful)

    by BrokenHalo (565198) on Monday April 16, 2007 @08:31AM (#18749039)
    Doesn't your junk mail come with pre-paid envelopes? Just put all the junk mail through a shredder, then stuff it all into the envelope and post it back to them at their expense. If enough people did this, the whole machine would grind to a halt...
  • by BrokenHalo (565198) on Monday April 16, 2007 @08:47AM (#18749167)
    Okay, so reform is needed. But what's the solution, though?

    Easy. In many countries, certainly in Europe and Australasia the SSN or equivalent has no value as identification. All loan applications, credit card applications, opening of bank accounts are completed only after valid ID has been seen. All the US has to do is bring in a similar requirement and you cut the legs from under the most widespread and obvious scams.

    I'm not saying this will solve all problems, but it at least closes the front door to the thieves. The fact that the US has been unwilling to introduce such a requirement sort of implies (to my suspicious mind, at least) a degree of collusion with the scammers.
  • It's time (Score:3, Insightful)

    by hey! (33014) on Monday April 16, 2007 @09:11AM (#18749349) Homepage Journal
    that we have a privacy bill of rights in the US.

    This would give individuals rights around information that government and third parties collect on them, the most important being informed consent. It should be a crime to divulge or acquire electronic records without informed consent of the subject, excepting national intelligence and criminal investigation. Furthermore the right of informed consent by manadatory opt-in should be inalienable. Right now the status of privacy rights in the US can be summed up, to a first approximation, as this: if you can get your hands on a piece of information about somebody without breaking a law, it's yours to do with as you please for whatever you please.

    If the government collects information about you, and it is divulged in a way that is not clearly illegal, then it becomes fair game. If you sue or are sued, the records of that suit, win, lose, or settled, can be harvested and put into commercial intelligence databases on you. If you sue your employer, you may find it hard to get a job afterwards. The records are made public to ensure the fair operation of the courts, but the same process exposes you to unfair judgment in an invisible (to you) commercial database.

    Civilization will not come to an end if people are participants in how their information is used and divulged. Such rights are guaranteed in Europe via the European Convention on Human Rights. Harmonizing our laws with Europe will be good in the long term for our industry. Right now we are operating under an exception that allows EU data to be processed by American companies that promise to follow EU guidelines. But information privacy is not valued at all by companies here and therefore they aren't any good at it. It's only a matter of time before some horrible mishandling of data puts this on the trade agenda again.

    Bringing ourselves up to scratch with the best international standards would be better for our citizens than digging in our heels. It would hurt some individual companies, but in the long run will allow American companies to compete better in a global services economy.
  • And why should the government be paying for your education?

    Because his future salary will repay them in taxes. There's a reason that countries that introduce free education go on to become wealthier a few years later.

If A = B and B = C, then A = C, except where void or prohibited by law. -- Roy Santoro

Working...