SelectQuote’s Lack of Data Awareness

Logically and there are two extremes which might describe SelectQuote’s awareness of risk involving customer data, before I reported on their data breach.  One, they were caught completely flat-footed. Two, they knew I had the data, but since I did not accept contract work with them, they took the chance that I would never uncover the data.  Reality could be somewhere in between, if they suspected, but weren’t sure.

Even though they seemed to spring into action quite quickly after my report, it is possible that they took everything I reported at face value and simply reacted.   This is problematic because it indicates that they really don’t know who has customer data.   SelectQuote has resources in other countries and especially after my departure they would have needed to supplement their staff with outside firms.

Not to say foreign developers can’t be trusted, but even in the best of times there are different protections in their area, and it is harder to bring someone to justice when there are multiple jurisdictions involved.  Their government might require them to hand data over, just like ours does.   Depending on the political situation,  personnel may not feel physically safe enough to say no if a local crime lord pressured them for the records.

Anarcho-syndicalism

As private-public surveillance cooperation increases, I see fascism as currently being a greater threat than Communism.  Although I last voted Libertarian, I do not see this philosophy as properly addressing the increasingly predatory nature of corporations.  However, anarchism is such a loaded word, and many people think they know what it means but do not.  So, I’d rather put my socialist thinking under a term that must be looked-up.

Libertarian socialism, collectivism, or anarchism separated from Communism after the 1872 Hague congress.  Bakunin believed that the dictatorship of the proletariat would be as bad as any capitalist society.  Indeed, since Communism trades many factory owners for only one, who doesn’t know how to run a factory, it is know as ‘state capitalism’ among some anarchists.  Anarchist societies since then have been short lived, always subjugated by Marxist or Fascist regimes.

Here are some important elements of anarcho-syndicalism as I see it:

  • Government at the union level, federations of unions freely associate for larger projects.
  • Workers own their factories or farms.
  • Unions exist to bring about the revolutionary general strike.  Labor negotiations are merely practice.
  • Spreads via contamination: no vanguard party organizes revolt in foreign lands, rather workers will spontaneously strike when they see the success of the free state.
  • The revolutionary lumpenproletariat includes not only skilled labor, but farmers and prisoners as well.  Because the United States has the highest per capita incarceration rate of any country ever, this is an important distinction.  Furthermore, jailhouse solidarity has increased to the point guards in San Francisco must instigate fights between races.  This indicates Marx’s critique of this class being unable to achieve class consciousness does not hold true here and now.
  • The reason any strain of anarchism is viewed with suspicion is the concept of propaganda of the deed.  Anarchists usually view war as illegitimate – it pits the working classes of two States against each other.  However, there is diversity of thought on the use of precisely targeted violence by the lumpenproletariat against their oppressors – assassination.  As the U. S. media (and therefore the populace) is entirely controlled by a handful of wealthy elites, you can see how they don’t want to give this view airtime.
  • As an alternative to propaganda of the deed, modern anarchists have advanced ideas such as the Temporary Autonomous Zone.  By basically throwing a big party near a direct action, anarchists invite members of the populace to get a first-hand view of police over-reaction in support of the elite.  By cutting out the media filter, the elite are silenced without assassination.

SelectQuote Wants It Both Ways

SelectQuote’s legal representation, Gibson, Dunn, and Crutcher LLP, are no scrubs.  They defended Chevron in a $27 billion Ecuadorian lawsuit, represent Mark Zuckerberg in a $17 million contract dispute, and got California’s ban on gay marriage overturned.  Cases like these led to the firm being listed as Top Litigation Department by American Lawyer in 2010 and 2012, the first firm to do so twice.  Why would SelectQuote resort to such overkill against SelectQuote Review?

It is a tricky bit of legal acrobatics which they are attempting.  In their request for SelectQuote property and information, it is made clear that they have been working with the Secret Service.  So it seems they reported personally identifiable information to be in unauthorized hands.  We can surmise that they knew the records were in fact true customer records, not realistic test data, because SelectQuote went straight to the Secret Service.

I received the records in 2011 from a company representative, after I no longer worked for SelectQuote.  I performed no work, and received no money from SelectQuote in 2011.  In fact, I didn’t even look at all the stuff they had given me in the hopes of luring me into some contract work. Because of the dirty way in which I was run out of the company, I didn’t wish to help tie up loose ends.

Once I saw what I had, I reported it on this blog, and made plans to notify customers of the lax controls on their data.  The whole point I was making is that SelectQuote was giving job candidates access to personally identifiable information, without any agreements in place.

California law requires companies to notify consumers when personally identifiable information falls into unauthorized hands.  But it appears SelectQuote would like to shirk on this duty, even though they already went to the Secret Service.  This could be why they waited until I no longer had these records to request them. 

Scrub Your Data

This latest incident, in which SelectQuote demonstrated its lack of controls on customer data, but skill at passing the buck, segues nicely into the utility of scrubbing data before handing it over to developers.  Especially one which you haven’t even hired yet.  When I was the one guy maintaining all web and telephony systems it might be excused, but every developer, and especially outside developers, need realistic but fake data.

Nor would I have wanted real data.  If you have ever fielded consumer complaints for a website, you are aware many end users have no idea why or who is sharing their data.  I’ve run in to cases which were obviously spyware on the user’s machine.

It’s very hard to prove to someone that you did not give their data away (“No, it could not possibly be my Antiguan Super-Porno browser extension”).  Now that the government collects insurance data, it’s even worse.  There’s a whole new set of people that could lose it.  Not to mention the shady characters at SelectQuote might sell penis pills on the side for all we know.

For the past four years SelectQuote has probably just pointed a finger in my direction when they can’t find an explanation that makes the customer go away.  While I have no incentive to screw SelectQuote’s customers, I’m still an easy target.  After all this time it’s obvious that I didn’t just make this up on a lark.  But most people a very reality-adverse, it’s easier to call people who live in the real world paranoid or drug user than look in the mirror.

SelectQuote Indirectly Shows Employee Negligence

Secret Service

They already have the drive…

When the Secret Service came over to collect SelectQuote customer data, I handed it over even though they did not have a warrant. As I consider SelectQuote’s careless handling of customer data to be a tangential issue, I wanted to cooperate fully.  While California law requires that consumers be notified when their personal information could have been accessed by an unauthorized person, I decided I didn’t need to be the one doing the notification.

I was given a hard drive with this data back in 2011, after I no longer worked for the company.  SelectQuote had wanted to hire me for some consulting work, but I never agreed to do any jobs for them.  I never signed any non-disclosure or any other agreements, but I had assumed this whole time the copy of the test database was scrubbed of real customer records.

Once I realized this was not the case earlier this year, I started planing to notify customers that their data had leaked.  The Secret Service spoke to me first, so I never did send out notifications, or even determine exactly how many people were affected.  After I handed over the data, the agents said they considered the manner closed so long as I had no more copies.

I have just received a letter from SelectQuote’s lawyers. While a lawyer for SelectQuote will not come right out and say it, when you take their claims with the facts in the case, they tend to demonstrate that a SelectQuote employee was negligent with customer data.

SFPD Opposed to Defense of My Little “Abomination”

Just wanted to quickly point out a breaking story on ex-SFPD Sergeant Ian Furminger’s band of criminals.  The weenies in this city may recommend taking drugs (comment below) to be a better course of action than standing up against cops framing people, or to a war against Christians.  It turns out that officer may have fund fault with me because they were offended by my prevention of the death of my ‘abomination’, Abby.

These cops became gluttonous while feeding on the many sins this city will overlook.  Just couldn’t prevent themselves from piling on one more.  Stating half-breeds should be killed, while trying to prevent a father from protecting his daughter, might finally ruffle some feathers:

You may have to kill the half-breeds too. Don’t worry. Their (sic) an abomination of nature anyway,” (text from the SFPD)

Although incredible to me, I suppose history has shown it possible for whole groups of children to be hated to this extent.  Many people need no supervision.  The devil might make them smarter or stronger, but not really change their direction.  I do note the worst examples tend to behave much like the Pharoah did, and do exalt their leaders to the point of being a godhead, but racism alone can kill plenty of people.

Devilry, Real and Synthetic

SelectQuote Review has been going on for so long that it might be easy for readers to forget that it all started with my daughter’s life being threatened.  Even if you don’t believe in the direct interference of evil, you must remember that brain research has given us synthetic possession for fifty years:

The following excerpt from an article on PsyOps gets to the heart of the matter:

MolochMoloch?:The farmers of ancient Canaan were dependent on the weather for their livelihood.  They did not have irrigation to help them make it through droughts.  Apparently during one of these dry years the Canaanites turned to each other and said “You know what might make it rain?  Killing children.”

So they erected idols and sacrificed children to Moloch and the Baalim.  Well, there all sorts of things that science can’t easily explain.  I wrote previously about how our government and others have researched the paranormal and recruited practitioners.  Some involved in U.S. remote viewing programs have successfully capitalized on their abilities in the private sector.  Maybe, like the Canaanites before them, some at SelectQuote wondered if the magic would work that much better if they killed some kids.

Separation of Church and State

I see same-sex marriage as a separation of church and state issue.  If the state must grant legitimacy to interpersonal relationships between consenting adults, then it should not discriminate.  However, the state has no authority to determine what constitutes marriage in the eyes of God, and therefore cannot dictate what definition the churches must accept.

St. Mary's

St. Mary’s Cathedral

The city of San Francisco may wish to cast its dispute with Archbishop Salvatore Cordileone as purely a labor matter, but it is not.  As the the Archbishop of San Francisco, he leads the archdiocese of San Francisco for the Roman Catholic Church.  This include the parochial schools within the city.  In this capacity, he’s attempting to enact morality clauses for teachers, with the stated intent of preventing teacher from undermining official Catholic doctrine.

Salvatore does himself no favors when you dig into the details.  By classifying masturbation and contraceptives as not just a sin but ‘gravely evil’, one has to wonder about his sense of perspective.  How high does his evil scale go?  He has given San Francisco lawmakers and lawyers an easy pitch with which to begin the process of giving them control over church doctrine.  However, whether or not he is right is irrelevant to the core issue of government intervention in church affairs.

Growing up in St. Louis, which has a strong Catholic presence, I feel Salvatore’s opponents are sharpening their knives for a larger battle than just this issue.  My mom is a lapsed Catholic, half my family is Catholic, many friends, and girl friends were Catholic.  All of them viewed the Catholic clergy’s pronouncements on sexuality with bemusement.  None of them would feel even the slightest bit guilty for being on the pill, and I can’t imagine any masturbation hang-ups.  These sorts of pronouncements were just something to laugh about.

SelectQuote Review Traffic

In my State of SelectQuote Review, I focused on qualitative, not quantitative, issues.  Of course, these don’t matter so much if no one is reading.  Being visited by both Bob Edwards and the Secret Service tells me my blog is getting read.  However, some actual measurements would help to determine what effect my migration to WordPress may be having.

Statistics vary across platforms, one cannot expect to compare Blogger built in stats to WordPress stats, and find anything meaningful.  Also, I am running my own analytics server on my domain, rather than running Google Analytics as a third party host.  However, CloudFlare provides a consistent frame of reference.

I’ve run CloudFlare since last June, so it has sat in front of both Google’s blogging platform and my self-hosted WordPress.  It shows much higher traffic overall than a Javascript solution, basically it is giving counts based on Nginx hit logs.